無料ISC CCテスト練習問題試験問題集 [Q38-Q56]

Share

無料ISC CCテスト練習問題試験問題集

試験準備には欠かさない!トップクラスのISC CC試験最新版アプリ学習ガイドで練習

質問 # 38
Proper alignment of security policy and business goals within the organization is important because:

  • A. Security policy that conflicts with business goals can inhibit productivity
  • B. Security should always be as strict as possible
  • C. Security is more important than business
  • D. Bad security policy can be illegal

正解:A


質問 # 39
Inbound traffic from an external source seems to indicate much higher rates of communication than normal, to the point where the internal systems might be overwhelmed. Which security solution can often identify and potentially counter this risk?

  • A. Badge system
  • B. Firewall
  • C. Turnstile
  • D. Anti-malware

正解:B


質問 # 40
A bollard is a post set securely in the ground in order to prevent a vehicle from entering an area or driving past a certain point. Bollards are an example of ______ controls.

  • A. Technical
  • B. Drastic
  • C. Administrative
  • D. Physical

正解:D


質問 # 41
The senior leadership of Triffid Corporation decides that the best way to minimize liability for the company is to demonstrate the company's commitment to adopting best practices recognized throughout the industry. Triffid management issues a document that explains that Triffid will follow the best practices published by SANS, an industry body that addresses computer and information security.
The Triffid document is a ______, and the SANS documents are ________.

  • A. Policy, standard
  • B. Procedure, procedure
  • C. Policy, law
  • D. Law, policy

正解:A


質問 # 42
Triffid Corporation has a policy that all employees must receive security awareness instruction before using email; the company wants to make employees aware of potential phishing attempts that the employees might receive via email. What kind of control is this instruction?

  • A. Finite
  • B. Physical
  • C. Technical
  • D. Administrative

正解:D


質問 # 43
All of the following are typically perceived as drawbacks to biometric systems, except:

  • A. Potential privacy concerns
  • B. Legality
  • C. Lack of accuracy
  • D. Retention of physiological data past the point of employment

正解:C


質問 # 44
______ is used to ensure that configuration management activities are effective and enforced.

  • A. Inventory
  • B. Identification
  • C. Baseline
  • D. Verification and audit

正解:D


質問 # 45
Which of the following would be best placed in the DMZ of an IT environment?

  • A. Mail server
  • B. SIEM log storage
  • C. Database engine
  • D. User's workplace laptop

正解:A


質問 # 46
Which of the following statements is true?

  • A. It is best to use a blend of controls in order to provide optimum security.
  • B. Physical access controls can protect the IT environment perfectly; there is no reason to deploy any other controls.
  • C. Administrative access controls can protect the IT environment perfectly; there is no reason to deploy any other controls.
  • D. Logical access controls can protect the IT environment perfectly; there is no reason to deploy any other controls.

正解:A


質問 # 47
The common term for systems that ensure proper temperature and humidity in the data center.

  • A. HVAC
  • B. MAC
  • C. RBAC

正解:A


質問 # 48
When should a business continuity plan (BCP) be activated?

  • A. At the very beginning of a disaster
  • B. As soon as possible
  • C. When instructed to do so by regulators
  • D. When senior management decides

正解:D


質問 # 49
Which of these is an example of a physical access control mechanism?

  • A. Software-based firewall at the perimeter of the network
  • B. A lock on a door
  • C. Network switches that filter according to MAC addresses
  • D. A process that requires two people to act at the same time to perform a function

正解:B


質問 # 50
One of the benefits of computer-based training (CBT):

  • A. Interacting with other participants
  • B. Personal interaction with instructor
  • C. Expensive
  • D. Scalable

正解:D


質問 # 51
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has.
In this situation, what is the database?

  • A. The site
  • B. The rule
  • C. The object
  • D. The subject

正解:C


質問 # 52
Suvid works at Triffid, Inc. When Suvid attempts to log in to the production environment, a message appears stating that Suvid has to reset the password. What may have occurred to cause this

  • A. Suvid's password has expired
  • B. Suvid broke the law
  • C. Suvid made the manager angry
  • D. Someone hacked Suvid's machine

正解:A


質問 # 53
A device that is commonly useful to have on the perimeter between two networks.

  • A. Firewall
  • B. Camera
  • C. User laptop
  • D. IoT

正解:A


質問 # 54
Siobhan is an (ISC)² member who works for Triffid Corporation as a security analyst. Yesterday, Siobhan got a parking ticket while shopping after work. What should Siobhan do?

  • A. Inform supervisors at Triffid
  • B. Resign employment from Triffid
  • C. Pay the parking ticket
  • D. Inform (ISC)2

正解:C


質問 # 55
In risk management concepts, a(n) ___________ is something or someone that poses risk to an organization or asset.

  • A. Control
  • B. Threat
  • C. Fear
  • D. Asset

正解:B


質問 # 56
......

今すぐCC問題を使おうCC問題集PDF:https://www.goshiken.com/ISC/CC-mondaishu.html

問題集練習試験問題学習ガイドはCC試験にはこれ:https://drive.google.com/open?id=1WRjszfRKjDrpNKsyKX91ykE5FB9BgdvU

関するブログ

もっと
CC無料問題集