최신 CISMP-V9 무료덤프 - BCS Foundation Certificate in Information Security Management Principles V9.0

문제1

What Is the PRIMARY difference between DevOps and DevSecOps?

A. DevOps mandates that security is integrated at the beginning of the development lifecycle.

B. Within DevSecOps security is introduced at the end of development immediately prior to deployment.

C. DevSecOps focuses solely on iterative development cycles.

D. DevSecOps includes security on the same level as continuous integration and delivery.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제2

In a security governance framework, which of the following publications would be at the HIGHEST level?

A. Standards

B. Guidelines

C. Policy.

D. Procedures.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제3

A security analyst has been asked to provide a triple A service (AAA) for both wireless and remote access network services in an organization and must avoid using proprietary solutions.
What technology SHOULD they adapt?

A. RADIUS.

B. Oauth.

C. MS Access Database.

D. TACACS+

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제4

Which of the following subjects is UNLIKELY to form part of a cloud service provision laaS contract?

A. Intellectual Property Rights.

B. End-of-service.

C. Liability

D. User security education.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제5

What form of training SHOULD developers be undertaking to understand the security of the code they have written and how it can improve security defence whilst being attacked?

A. Black Hat Training.

B. Awareness Training.

C. Blue Team Training.

D. Red Team Training.

정답: B

문제6

When calculating the risk associated with a vulnerability being exploited, how is this risk calculated?

A. Risk = Likelihood * Impact.

B. Risk = Threat * Likelihood.

C. Risk = Vulnerability / Threat.

D. Risk = Likelihood / Impact.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제7

The policies, processes, practices, and tools used to align the business value of information with the most appropriate and cost-effective infrastructure from the time information is conceived through its final disposition.
Which of the below business practices does this statement define?

A. Information Lifecycle Management.

B. Information Quality Management.

C. Business Continuity Management.

D. Total Quality Management.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제8

Which of the following statutory requirements are likely to be of relevance to all organisations no matter which sector nor geographical location they operate in?

A. Sarbanes-Oxley.

B. FSA.

C. GDPR.

D. HIPAA.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제9

Which of the following is NOT an information security specific vulnerability?

A. Unpatched Windows operating system.

B. Use of HTTP based Apache web server.

C. Confidential data stored in a fire safe.

D. Use of an unlocked filing cabinet.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제10

When a digital forensics investigator is conducting art investigation and handling the original data, what KEY principle must they adhere to?

A. Ensure they do not handle the evidence as that must be done by law enforcement officers.

B. Ensure they are being observed by a senior investigator in all actions.

C. Ensure they are competent to be able to do so and be able to justify their actions.

D. Ensure the data has been adjusted to meet the investigation requirements.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

최신 CISMP-V9 무료덤프 - BCS Foundation Certificate in Information Security Management Principles V9.0

우리와 연락하기

유용한 링크

최신 업데이트