EXIN EX0-105 問題集

質問 1：
You are the first to arrive at work in the morning and notice that the CD ROM on which you saved contracts yesterday has disappeared. You were the last to leave yesterday. When should you report this information security incident?
A. You should wait a few days before reporting this incident. The CD ROM can still reappear and, in that case, you will have made a fuss for nothing.
B. You should first investigate this incident yourself and try to limit the damage.
C. This incident should be reported immediately.
正解：C

質問 2：
You are the owner of SpeeDelivery courier service. Because of your companys growth you have to think about information security. You know that you have to start creating a policy. Why is it so important to have an information security policy as a starting point?
A. The information security policy establishes who is responsible for which area of information security.
B. The information security policy establishes which devices will be protected.
C. The information security policy gives direction to the information security efforts.
D. The information security policy supplies instructions for the daily practice of information security.
正解：C

質問 3：
Which legislation makes it easier to deal with offences perpetrated through advanced information technology?
A. The Computer Criminality legislation
B. The Public Records legislation
C. The Personal Data Protection legislation
D. The Government Information (Public Access) legislation
正解：A

質問 4：
Your organization has an office with space for twenty five (25) workstations. These workstations are all fully equipped and in use. Due to a reorganization ten (10) extra workstations are added, five (5) of which are used for a call center 24 hours per day. Five (5) workstations must always be available.
What physical security measures must be taken in order to ensure this?
A. Obtain an extra office and provide a UPS (Uninterruptible Power Supply) for the five most important workstations.
B. Obtain an extra office and set up ten (10) workstations. Ensure that there are security personnel both in the evenings and at night, so that staff can work there safely and securely.
C. Obtain an extra office and set up ten (10) workstations. You would therefore have spare equipment that can be used to replace any non-functioning equipment.
D. Obtain an extra office and connect all ten (10) new workstations to an emergency power supply and UPS (Uninterruptible Power Supply). Adjust the access control system to the working hours of the new staff. Inform the building security personnel that work will also be carried out in the evenings and at night.
正解：D

質問 5：
You read in the newspapers that the ex-employee of a large company systematically deleted files out of revenge on his manager. Recovering these files caused great losses in time and money.
What is this kind of threat called?
A. Social Engineering
B. Natural threat
C. Human threat
正解：C

質問 6：
The consultants at Smith Consultants Inc. work on laptops that are protected by asymmetrical cryptography. To keep the management of the keys cheap, all consultants use the same key pair.
What is the company's risk if they operate in this manner?
A. If the public key becomes known all laptops must be supplied with new keys.
B. If the private key becomes known all laptops must be supplied with new keys.
C. If the Public Key Infrastructure (PKI) becomes known all laptops must be supplied with new keys.
正解：B

質問 7：
You work for a large organization. You notice that you have access to confidential information that you should not be able to access in your position. You report this security incident to the helpdesk. The incident cycle is initiated. What are the stages of the security incident cycle?
A. Threat, Damage, Recovery, Incident
B. Threat, Incident, Damage, Recovery
C. Threat, Recovery, Incident, Damage
D. Threat, Damage, Incident, Recovery
正解：B