100%更新されたのはISC CC限定版PDF問題集 [Q65-Q82]

Share

100%更新されたのはISC CC限定版PDF問題集

有効な試験問題を試そうCCには無料サイトで限定お試しチャンス

質問 # 65
You are talking to a new manager of our helpdesk. You are explaining how we do risk analysis. They ask you: "How do you define a vulnerability?" Response:

  • A. The total risk after we have implemented our countermeasures.
  • B. A weakness that can possibly be exploited.
  • C. How bad is it if we are compromised?
  • D. A potential harmful incident.

正解:B


質問 # 66
In risk management concepts, a(n) _________ is something a security practitioner might need to protect.

  • A. Threat
  • B. Vulnerability
  • C. Asset
  • D. Likelihood

正解:C


質問 # 67
Gelbi is a Technical Support analyst for Triffid, Inc. Gelbi sometimes is required to install or remove software. Which of the following could be used to describe Gelbi's account?

  • A. External
  • B. Internal
  • C. Privileged
  • D. User

正解:C


質問 # 68
Which common cloud service model only offers the customer access to a given application?

  • A. Platform as a service (PaaS)
  • B. Lunch as a service (LaaS)
  • C. Infrastructure as a service (IaaS)
  • D. Software as a service (SaaS)

正解:D


質問 # 69
One of the benefits of computer-based training (CBT):

  • A. Scalable
  • B. Expensive
  • C. Personal interaction with instructor
  • D. Interacting with other participants

正解:A


質問 # 70
Which of the following would be best placed in the DMZ of an IT environment?

  • A. Database engine
  • B. SIEM log storage
  • C. Mail server
  • D. User's workplace laptop

正解:C


質問 # 71
The Payment Card Industry (PCI) Council is a committee made up of representatives from major credit card providers (Visa, Mastercard, American Express) in the United States. The PCI Council issues rules that merchants must follow if the merchants choose to accept payment via credit card. These rules describe best practices for securing credit card processing technology, activities for securing credit card information, and how to protect customers' personal dat a. This set of rules is a _____.

  • A. Policy
  • B. Standard
  • C. Procedure
  • D. Law

正解:B


質問 # 72
A bollard is a post set securely in the ground in order to prevent a vehicle from entering an area or driving past a certain point. Bollards are an example of ______ controls.

  • A. Administrative
  • B. Physical
  • C. Technical
  • D. Drastic

正解:B


質問 # 73
A software firewall is an application that runs on a device and prevents specific types of traffic from entering that device. This is a type of ________ control.

  • A. Administrative
  • B. Technical
  • C. Passive
  • D. Physical

正解:B


質問 # 74
Prina is a database manager. Prina is allowed to add new users to the database, remove current users and create new usage functions for the users. Prina is not allowed to read the data in the fields of the database itself. This is an example of:

  • A. Role-based access controls (RBAC)
  • B. Discretionary access controls (DAC)
  • C. Mandatory access controls (MAC)
  • D. Alleviating threat access controls (ATAC)

正解:A


質問 # 75
For our authentication, we are looking at knowledge factors. Which is the MOST common knowledge factor in use today?
Response:

  • A. One-time passwords.
  • B. PINs.
  • C. Pass phrase.
  • D. Passwords.

正解:D


質問 # 76
All of the following are typically perceived as drawbacks to biometric systems, except:

  • A. Retention of physiological data past the point of employment
  • B. Lack of accuracy
  • C. Potential privacy concerns
  • D. Legality

正解:B


質問 # 77
Security controls on log data should reflect ________.

  • A. The sensitivity of the source device
  • B. The price of the storage device
  • C. The organization's commitment to customer service
  • D. The local culture where the log data is stored

正解:A


質問 # 78
In order for a biometric security to function properly, an authorized person's physiological data must be ______.

  • A. Broadcast
  • B. Deleted
  • C. Stored
  • D. Modified

正解:C


質問 # 79
All of the following are important ways to practice an organization disaster recovery (DR) effort; which one is the most important?

  • A. Facility evacuation drills
  • B. Desktop/tabletop testing of the plan
  • C. Running the alternate operating site to determine if it could handle critical function in time of emergency
  • D. Practice restoring data from backups

正解:A


質問 # 80
Triffid, Inc., has deployed anti-malware solutions across its internal IT environment. What is an additional task necessary to ensure this control will function properly?

  • A. Install a monitoring solution to check the anti-malware solution
  • B. Alert the public that this protective measure has been taken
  • C. Pay all employees a bonus for allowing anti-malware solutions to be run on their systems
  • D. Update the anti-malware solution regularly

正解:D


質問 # 81
A means to allow remote users to have secure access to the internal IT environment.

  • A. Internet
  • B. VPN
  • C. MAC
  • D. VLAN

正解:B


質問 # 82
......

ISC CC公式認定ガイドPDF:https://www.goshiken.com/ISC/CC-mondaishu.html

無料ISC Certification CC公式認定ガイドPDFダウンロード:https://drive.google.com/open?id=1r-YQYB3P13P5f7mBHev_t_IgzQL00miU

関するブログ

もっと
CC無料問題集