1. Which of the following is the threat that can be prevented by encrypting data?

a) Deletion of data because of an operational error

b) Social engineering
c) Tapping of communication content
d) DoS attack on the server in which data is stored

2. Which of the following is the most appropriate as a set of documents that

comprehensively define the approach to information security of a company or an
organization, sometimes including information security standards?
a) Information security policy
b) Information security management system
c) Social engineering
d) Risk assessment

3. Among the following lists consisting of the information security terms availability,
integrity, confidentiality, and vulnerability, which is a complete list of characteristics
that are required by ISMS to be maintained for an organization’s information assets?
a) Availability, Integrity b) Availability, Integrity, Confidentiality
c) Integrity, Confidentiality d) Integrity, Confidentiality, Vulnerability

4. Which of the following is the most appropriate explanation of the operation that
spyware is meant to perform?
a) To destabilize the operation of the OS and software
b) To delete files from the file system without user consent
c) To hijack the browser and forcefully execute a particular operation
d) To collect personal information without being noticed by users

5. Which of the following is an appropriate explanation of symmetric key cryptography?

a) In addition to encryption, it is also used in digital signatures.
b) The decoding speed is generally slower than that of public key cryptography.
c) The RSA algorithm is a typical algorithm.
d) A different key is required for each communication partner.

6. Which of the following is an appropriate operation example of a server room where

security should be maintained?
a) In order to simplify management, an ID card for entry and exit is issued to each
department, not to individuals.
b) In order to make it possible for all employees and visitors to see where the server
room is, a room name sign is posted at the entrance.
c) In order to prevent leakage of entry and exit information, entry and exit records are
not collected.
d) In order to prevent unauthorized activities, working in a server room is not allowed
when a supervisor is absent.
7. In the description concerning transmitting confidential data by using public key
cryptography, which of the following is an appropriate combination of words to be
inserted into blanks A and B?
A data receiver X prepares its own key A and B key and delivers the A
key to a data sender Y. The data sender Y uses the A key that is
delivered from the receiver X to encrypt data, and sends the encrypted data to the
receiver X. The receiver X uses its own B key to decrypt the encrypted data that is
received from the sender Y.

8. Concerning information security, which of the following is an event where

availability
is compromised?
a) A USB memory that stores a copy of confidential information was stolen.
b) A customer information management system has been operated with incorrect
customer information.
c) An in-house server was hacked and confidential information was leaked.
d) An electronic payment system for business partners suffered a DoS attack and
became unable to perform processing.

9. Which of the following is the name given to a file that is provided to fix a software
problem?

a) Pattern file b) Backup file

c) Batch file d) Patch file

10. Which of the following is an appropriate explanation of phishing?

a) An attacker’s act of sending a command via network to a virus-infected PC and
having it execute an illegal program

b) Sending an e-mail that pretends to be from a financial institution, directing a user to

a false web site, and illegally acquiring a PIN, a credit card number, or other
information*

c) Identifying a password by using a dictionary data that enumerates strings that are
likely to be used as a password

d) Sending a large number of packets from multiple computers to a target server and
disabling the function of the server
11. . The communication protocol between a browser and a web server was changed from
HTTP to HTTPS. Which of the following does this achieve?
a) Improvement of transfer rate between a client PC and a web server
b) Prevention of computer virus infection
c) Protection of confidentiality in communication
d) Improvement of browser display speed

12. Which of the following is an explanation of spyware?

a) It is a scam where money is demanded just by viewing a web site or clicking an

image on it.
b) It is a mechanism where an attacker packages attack tools such as log removal or a
back door and hides them in a PC so that the attacker can use them after intrusion.
c) It is a program that infects a large number of PCs and performs actions such as
simultaneous attacks by illegitimately operating the PCs as instructed over a
network.
d) It is a program that is installed without the user knowing and collects information
such as the user’s personal information and access history.

13. During the use of a PC in workplace, a message was displayed stating that antivirus
software had detected a virus. Which of the following is an appropriate action that
should be taken immediately?
a) Reboot of the PC
b) Notification to the workplace by e-mail from the PC
c) Disconnection of the PC from networks
d) Backup of files on the PC

14. Among the threats and vulnerabilities in information security, which of the following
is a vulnerability?
a) Computer virus b) Social engineering
c) Tapping of communications data d) Inappropriate password management

15. Which of the following is the most appropriate combination of the measures against
password theft and brute force attack respectively on websites having a login
function?
16. When the evaluation values of asset value, threat, and vulnerability of assets A
through D are as shown in the table, which of the following assets will be evaluated as
the asset where risk measures should be taken at the highest priority? Here, the risk
value is calculated by multiplying each three evaluation values together in the table
without weighting.

a
17. An administrator captures network packets and discovers that hundreds of ICMP
packets have been sent to the host. However, it is not a particularly busy time of the
day. Which of the following is the most likely the attack executed against the
computer in this situation?
a) Denial of service b) Man-in-the-middle
c) Spoofing d) Worm

18. Which of the following can be made possible by using a digital signature in
e-commerce?
a) Preventing an unintended third party from accessing any confidential file
b) Checking that a file is not infected with a virus or other malicious software
c) Protecting the content of a transaction from being leaked through wiretapping
d) Confirming the identity of a partner and the correctness of the details of a
transaction

19. Which of the following is an appropriate description concerning cryptography?

a) The process of transforming the encrypted text back into its original plain text is
called reset.
b) In common key cryptography, the encrypted text is transmitted together with the
common key.
c) Public key cryptography uses two types of keys: a key for encryption and a key for
recovering the plain text
d) Common key cryptography that is also known as secret key cryptography is used
for digital signature.
20. Which of the following is an appropriate description concerning antivirus software?
a) A virus signature file for antivirus software is a database that contains the first 16
bytes or 32 bytes of the code for each virus.
b) Virus detection with antivirus software using signature files is effective for
detecting known viruses and identifying virus names.
c) If the size of a file infected by a virus is the same as before the infection, the file
can be restored to the state before the infection by removing the virus.
d) The method of detecting a virus by monitoring suspicious behavior identifies the
virus name based on the behavioral characteristics of the virus.

21. Which of the following is the name of a malicious program that infects multiple
computers and simultaneously makes an attack, such as a DDoS attack, when a
command is received from an attacker who is in a remote location?
a) Bot b) Honey pot
c) Macro virus d) Worm

22. . Which of the following is the most appropriate description concerning risk
management in information security?
a) The person with ultimate responsibility is appointed from among the staff members
in charge of information security management at the workplace.
b) Risk management is performed as an independent activity that is separated from
the activities of the organization.
c) All staff members of an organization divide up their roles, and perform the
activities of risk management across the organization.
d) An individual information security policy is developed for each department under a
single management system, and each department implements the policy
independently.

23. Which of the following is an appropriate description concerning the characteristics of

cross site scripting?
a) It is an attack by which data being considered too long is sent to an application on a
Web site where the length of input data is not checked.
b) It is an attack that illegally uses the function of recording, invoking, and executing
the operating procedures of word processing software or spreadsheet software.
c) It is an attack that intrudes into a computer under the disguise of a useful program
so that a user installs it unsuspectingly.
d) It is an attack that uses a vulnerability, whereby a malicious script included in the
data entered on a Web site is sent to a Web browser as it is
24. Items A through C below are explanations about information security incidents.
Which of the following is an appropriate combination of the three major elements of
information security that is directly related to items A through C?
A: The necessary information cannot be accessed because of a system failure.
B: The important customer information is leaked to competitors.
C: The design information of a new product is falsified.

25. Which of the following is an appropriate explanation of a DoS attack?

a) It refers to interrupting a network service by sending a large number of requests.
b) It refers to spying on the data of other people on a communication path.
c) It refers to trying various combinations of letters or numbers to unlock an account.
d) It refers to using a service illegally on a network by pretending to be another person

26. Which of the following is an appropriate purpose of using HTTPS for accessing a
Web page?
a) To receive all data of one screen effectively through a single connection
b) To secure communications by authenticating the server and encrypting data
c) To shorten the communication time by compressing data
d) To use a dynamically generated Web page in communications

27. Which of the following is the term that is used for the drawbacks and defects that may
exist in computer systems or networks and can be exploited for unauthorized
accesses?
a) Incidents b) Security holes
c) Hacking d) Forensics

28. Mr. A sent an e-mail to Mr. B that was encrypted with Mr. B’s key by using the public
key cryptosystem, and this e-mail contains details that Mr. A wants to send only to Mr.
B. Which of the following keys is needed to decrypt this e-mail?
A. Public key of Mr. A
B. Private key of Mr. A
C. Public key of Mr. B
D. Private key of Mr. B
29. Which of the following is the appropriate description concerning virus infection?
A. Infection may affect not only the OS and applications, but also the firmware
embedded in a device.
B. If only an external storage medium is used for exchanging data with other
computers without connecting a computer to the network, the computer will not
be infected.
C. The computer where infection is detected should be kept connected to the
network, and the OS and the security software should be immediately updated.
D. If e-mail attachments are not opened, the computer will not be infected.

30. Which security control role does encryption meet?

A. Preventative
B. Detective
C. Offensive
D. Defensive

31. Which type of scan measures a person's external features through a digital video
camera?

A. Iris scan
B. Retinal scan
C. Facial recognition scan
D. Signature kinetics scan

32. A newly discovered flaw in a software application would be considered which kind of
security vulnerability?
A. Input validation flaw
B. HTTP header injection vulnerability
C. 0-day vulnerability
D. Time-to-check to time-to-use flaw

33. Which of the following items of a computer system will an anti-virus program scan
for viruses?
A. Boot Sector
B. Deleted Files
C. Windows Process List
D. Password Protected Files

34. Which of the following programming languages is most vulnerable to buffer overflow
attacks?
A. Perl
B. C++
C. Python
D. Java
35. Certificate Authority (CA) generates a key pair that will be used for encryption and
decryption of email. The integrity of the encrypted email is dependent on the security
of which of the following?

A. Public key
B. Private key
C. Modulus length
D. Email server certificate

36. Which of the following is an example of IP spoofing?

A. SQL injections
B. Man-in-the-middle
C. Cross-site scripting
D. ARP poisoning

37. For messages sent through an insecure channel, a properly implemented digital
signature gives the receiver reason to believe the message was sent by the claimed
sender. While using a digital signature, the message digest is encrypted with which
key?
A. Sender's public key
B. Receiver's private key
C. Receiver's public key
D. Sender's private key

38. Which of the following is used to confirm that there is no falsification of the content
of an e-mail?
A. IMAP
B. SMTP
C. Information security policy
D. Digital signature

39. Mr. A sent an e-mail to Mr. B that was encrypted with Mr. B’s key by using the public
key cryptosystem, and this e-mail contains details that Mr. A wants to send only to Mr.
B. Which of the following keys is needed to decrypt this e-mail?
A. Public key of Mr. A
B. Private key of Mr. A
C. Public key of Mr. B
D. Private key of Mr. B

40. Which of the following is an authentication method where a user uses information
that differs each time and is generated with a device called a token or other such
device?
A. Digital signature
B. Password cracking
C. Password policy
D. One time password