You are the owner of the courier company SpeeDelivery. You employ a few people who, while waiting to make a delivery, can carry out other tasks. You notice, however, that they use this time to send and read their private mail and surf the Internet. In legal terms, in which way can the use of the Internet and e-mail facilities be best regulated?
A. Installing an application that makes certain websites no longer accessible and that filters attachments in e-mails
B. Implementing privacy regulations
C. Drafting a code of conduct for the use of the Internet and e-mail in which the rights and obligations of both the employer and staff are set down
D. Installing a virus scanner
正解:C
質問 2:
Your organization has an office with space for 25 workstations. These workstations are all fully equipped and in use. Due to a reorganization 10 extra workstations are added, 5 of which are used for a call centre 24 hours per day. Five workstations must always be available. What physical security measures must be taken in order to ensure this?
A. Obtain an extra office and set up 10 workstations. Ensure that there are security personnel both in the evenings and at night, so that staff can work there safely and securely.
B. Obtain an extra office and connect all 10 new workstations to an emergency power supply and UPS (Uninterruptible Power Supply). Adjust the access control system to the working hours of the new staff. Inform the building security personnel that work will also be carried out in the evenings and at night.
C. Obtain an extra office and provide a UPS (Uninterruptible Power Supply) for the five most important workstations.
D. Obtain an extra office and set up 10 workstations. You would therefore have spare equipment that can be used to replace any non-functioning equipment.
正解:B
質問 3:
What action is an unintentional human threat?
A. Theft of a laptop
B. Arson
C. Incorrect use of fire extinguishing equipment
D. Social engineering
正解:C
質問 4:
A Dutch company requests to be listed on the American Stock Exchange. Which legislation within the scope of information security is relevant in this case?
A. Security regulations for the Dutch government
B. Dutch Tax Law
C. Public Records Act
D. Sarbanes-Oxley Act
正解:D
質問 5:
You work in the IT department of a medium-sized company. Confidential information has got into the wrong hands several times. This has hurt the image of the company. You have been asked to propose organizational security measures for laptops at your company. What is the first step that you should take?
A. Set up an access control policy
B. Formulate a policy regarding mobile media (PDAs, laptops, smartphones, USB sticks)
C. Encrypt the hard drives of laptops and USB sticks
D. Appoint security personnel
正解:B
Okada -
このISFS問題集のみの勉強、ひと月半ほどの勉強で一発合格できました。私はアルゴリズムという言葉の意味すらわからない初心者でしたが、この本のみ、勉強時間は会社の往復の電車の中、アプリバージョンで、平日1時間ちょいでした。