EXIN EX0-105 問題集

質問 1：
Your organization has an office with space for twenty five (25) workstations. These workstations are all fully equipped and in use. Due to a reorganization ten (10) extra workstations are added, five (5) of which are used for a call center 24 hours per day. Five (5) workstations must always be available.
What physical security measures must be taken in order to ensure this?
A. Obtain an extra office and provide a UPS (Uninterruptible Power Supply) for the five most important workstations.
B. Obtain an extra office and set up ten (10) workstations. Ensure that there are security personnel both in the evenings and at night, so that staff can work there safely and securely.
C. Obtain an extra office and set up ten (10) workstations. You would therefore have spare equipment that can be used to replace any non-functioning equipment.
D. Obtain an extra office and connect all ten (10) new workstations to an emergency power supply and UPS (Uninterruptible Power Supply). Adjust the access control system to the working hours of the new staff. Inform the building security personnel that work will also be carried out in the evenings and at night.
正解：D

質問 2：
What is the physical equivalent of the logical information security measure Intrusion Detection System (IDS)?
A. Cooling
B. Cameras
C. Fire extinguishers
D. UPS
正解：B

質問 3：
What is the most important reason for applying segregation of duties?
A. Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.
B. Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.
C. Segregation of duties makes it easier for a person who is ready with his or her part of the work to take time off or to take over the work of another person.
D. Segregation of duties makes it clear who is responsible for what.
正解：B

質問 4：
Logging in to a computer system is an access-granting process consisting of three steps: identification, authentication and authorization. What occurs during the first step of this process: identification?
A. The first step consists of checking if the user appears on the list of authorized users.
B. The first step consists of checking if the user is using the correct certificate.
C. The first step consists of comparing the password with the registered password.
D. The first step consists of granting access to the information to which the user is authorized.
正解：A

質問 5：
You are the owner of SpeeDelivery courier service. Because of your companys growth you have to think about information security. You know that you have to start creating a policy. Why is it so important to have an information security policy as a starting point?
A. The information security policy establishes who is responsible for which area of information security.
B. The information security policy establishes which devices will be protected.
C. The information security policy gives direction to the information security efforts.
D. The information security policy supplies instructions for the daily practice of information security.
正解：C

質問 6：
Which legislation regulates the storage and destruction of archive documents?
A. The Computer Criminality legislation
B. The Public Records legislation
C. The Personal Data Protection legislation
D. The Government Information (Public Access) legislation
正解：B

質問 7：
What is a risk analysis used for?
A. A risk analysis is used to clarify to management their responsibilities.
B. A risk analysis is used in conjunction with security measures to reduce risks to an acceptable level.
C. A risk analysis is used to express the value of information for an organization in monetary terms.
D. A risk analysis is used to ensure that security measures are deployed in a cost-effective and timely fashion.
正解：D