ISMP 試験問題を無料オンラインアクセス

In a company the IT strategy is migrating towards a Service Oriented Architecture (SOA) so that migrating to the cloud is better feasible in the future. The security architect is asked to make a first draft of the security architecture.
Which elements should the security architect draft?

• A.Which security services are provided and in which supporting architectures are they defined
• B.Management and control of the security services
• C.The information security policy, the risk assessment and the controls in the security services

An experienced security manager is well aware of the risks related to communication over the internet. She also knows that Public Key Infrastructure (PKI) can be used to keep e-mails between employees confidential.
Which is the main risk of PKI?

• A.The users lose their public keys.
• B.The certificate is invalid because it is on a Certificate Revocation List.
• C.The HR department wants to be a Registration Authority (RA).
• D.The Certificate Authority (CA) is hacked.

Zoning is a security control to separate physical areas with different security levels. Zones with higher security levels can be secured by more controls. The facility manager of a conference center is responsible for security.
What combination of business functions should be combined into one security zone?

• A.Meeting rooms and Human Resource rooms
• B.Boardroom and general office space
• C.Lobby and public restaurant
• D.Computer room and storage facility

Recovery Time Objective (RTO) and Recovery Point Objective (RPO) are key terms in business continuity management (BCM). Reducing loss of data is one of the focus areas of a BCM policy.
What requirement is in the data recovery policy to realize minimal data loss?

• A.Reduce the time between RTO and RPO
• B.Maximize RPO
• C.Reduce RPO
• D.Reduce RTO

Which security item is designed to take collections of data from multiple computers?

• A.Virtual Private Network (VPN)
• B.Network-Based Intrusion Detection and Prevention System (Network-Based IDPS)
• C.Firewall
• D.Host-Based Intrusion Detection and Prevention System (Host-Based IDPS)