EXIN EX0-105 問題集

質問 1：
You apply for a position in another company and get the job. Along with your contract, you are asked to sign a code of conduct. What is a code of conduct?
A. A code of conduct specifies how employees are expected to conduct themselves and is the same for all companies.
B. A code of conduct is a standard part of a labor contract.
C. A code of conduct differs from company to company and specifies, among other things, the rules of behavior with regard to the usage of information systems.
正解：C

質問 2：
My user profile specifies which network drives I can read and write to. What is the name of the type of logical access management wherein my access and rights are determined centrally?
A. Mandatory Access Control (MAC)
B. Public Key Infrastructure (PKI)
C. Discretionary Access Control (DAC)
正解：A

質問 3：
A couple of years ago you started your company which has now grown from 1 to 20 employees.
Your company's information is worth more and more and gone are the days when you could keep it all in hand yourself. You are aware that you have to take measures, but what should they be?
You hire a consultant who advises you to start with a qualitative risk analysis. What is a qualitative risk analysis?
A. This analysis follows a precise statistical probability calculation in order to calculate exact loss caused by damage.
B. This analysis is based on scenarios and situations and produces a subjective view of the possible threats.
正解：B

質問 4：
There is a network printer in the hallway of the company where you work. Many employees don't pick up their printouts immediately and leave them in the printer. What are the consequences of this to the reliability of the information?
A. The integrity of the information is no longer guaranteed.
B. The confidentiality of the information is no longer guaranteed.
C. The availability of the information is no longer guaranteed.
正解：B

質問 5：
A hacker gains access to a webserver and deletes a file on the server containing credit card numbers.
Which of the Confidentiality, Integrity, Availability (CIA) principles of the credit card file are violated?
A. Integrity
B. Availability
C. Confidentiality
正解：B

質問 6：
You are a consultant and are regularly hired by the Ministry of Defense to perform analyses.
Since the assignments are irregular, you outsource the administration of your business to temporary workers. You don't want the temporary workers to have access to your reports. Which reliability aspect of the information in your reports must you protect?
A. Integrity
B. Availability
C. Confidentiality
正解：C

質問 7：
Why is sensitive information graded?
A. To permit the recipient to archive received information
B. To improve awareness of employees
C. To determine the applicable back-up scheme
D. To determine how the information should be processed
正解：D