思科 微軟 IBM HP認證考古題PDF下載

免費EX0-106考古庫Demo賞析

　
　
Exam : EXIN EX0-106
Title : SCNS Tactical Perimeter Defense

1. You are working on your companys IPTables Firewall; you wish to create a rule to address traffic using ports 1024 through 2048. Which of the following would you use during the creation of your rule?
A. p:1024 P:2048
B. P:1024 p2048
C. p=1024-2048
D. 1024-2048
E. 1024:2048
Answer: E

2. During your review of the logs of your Cisco router, you see the following line. What is the meaning of this line?
%SYS-5-CONFIG_I: Configured from console by vty1 (172.16.10.1)
A. A normal, but noteworthy event
B. An informative message
C. A warning condition has occurred
D. A debugging message
E. An error condition has occurred
Answer: A

3. For the new Snort rules you are building, it will be required to have Snort examine inside the content of the packet. Which keyword is used to tell Snort to ignore a defined number of bytes before looking inside the packet for a content match?
A. Depth
B. Offset
C. Nocase
D. Flow_Control
E. Classtype
Answer: B

4. You have just installed a new Intrusion Detection System in your network. You are concerned that there are functions this system will not be able to perform. What is a reason an IDS cannot manage hardware failures?
A. The IDS can only manage RAID 5 failures.
B. The IDS cannot be programmed to receive SNMP alert messages.
C. The IDS cannot be programmed to receive SNMP trap messages.
D. The IDS cannot be programmed to respond to hardware failures.
E. The IDS can only inform you that an event happened.
Answer: E

5. You are configuring the rules on your firewall, and need to take into consideration that some clients in the network are using automatic addressing. What is the IP address range reserved for internal use for APIPA in Microsoft networks?
A. 169.254.0.0 /4
B. 169.254.0.0 /16
C. 169.254.0.0 /8
D. 169.254.0.0 /0
E. 168.255.0.0 /16
Answer: B

6. If you capture an 802.11 frame, and the ToDS bit is set to zero and the FromDS bit is set to zero, what type of WLAN is this frame a part of?
A. Mesh
B. Broadcast
C. Infrastructure
D. Hierarchical
E. Ad Hoc
Answer: E

7. In order to perform promiscuous mode captures using the Wireshark capture tool on a Windows Server 2003 machine, what must first be installed?
A. IPv4 stack
B. IPv6 stack
C. WinPcap
D. Nothing, it will capture by default
E. At least two network adapters
Answer: C

8. At a policy meeting you have been given the task of creating the firewall policy. What are the two basic positions you can take when creating the policy?
A. To deny all traffic and permit only that which is required.
B. To permit only IP traffic and filter TCP traffic
C. To permit only TCP traffic and filter IP traffic
D. To permit all traffic and deny that which is required.
E. To include your internal IP address as blocked from incoming to prevent spoofing.
Answer: AD

9. You are monitoring the network traffic on your Frame-Relay Internet connection. You notice a large amount of unauthorized traffic on port 21. You examine the packets, and notice there are no files being transferred. Traffic on what other port must be examined to view any file contents?
A. 20
B. 119
C. 23
D. 80
E. 2021
Answer: A

10. You are introducing a co-worker to the security systems in place in your organization. During the discussion you begin talking about the network, and how it is implemented. You mention something in RFC 791, and are asked what that is. What does RFC 791 specify the standards for?
A. IP
B. TCP
C. UDP
D. ICMP
E. Ethernet
Answer: A

11. You have been given the task of building the new wireless networks for your office, and you need to verify that your equipment will not interfere with other wireless equipment frequencies. What wireless standard allows for up to 11 Mbps transmission rates and operates in the 2.4GHz range?
A. 802.11b
B. 802.11e
C. 802.11a
D. 802.11i
E. 802.11g
Answer: A

12. The exhibit represents a simple routed network. Node 7 is a Windows 2000 Professional machine that establishes a TCP communication with Node 10, a Windows 2003 Server. The routers are Cisco 2500 series running IOS 12.
While working at Node 10, you run a packet capture. Packets received by Node 10, and sent from Node 7 will reveal which of the following combination of source IP and source Physical addresses:
A. Source IP address 10.0.10.115, Source Physical address for Node 7
B. Source IP address 50.0.50.1, Source Physical address for Node 7
C. Source IP address for Router D’s Int E0, Source Physical address for Node 7
D. Source IP address 10.0.10.115, Source Physical address Router D’s Int E0
E. Source IP addresses for both Nodes 7 and Router D’s Int E0, Source Physical address for both Nodes 7 and Router D’s Int E0.
Answer: D

13. You are planning on implementing a token-based authentication system in your network. The network currently is spread out over four floors of your building. There are plans to add three branch offices. During your research you are analyzing the different types of systems. Which of the following are the two common systems token-based authentication uses?
A. Challenge/Response
B. Random-code
C. Time-based
D. Challenge/Handshake
E. Password-Synch
Answer: AC

14. There are several options available to you for your new wireless networking technologies, and you are examining how different systems function. What transmission system uses short bursts combined together as a channel?
A. Frequency Hopping Spread Spectrum (FHSS)
B. Direct Sequence Spread Spectrum (DSSS)
C. Lamar Anthell Transmission (LAT)
D. Digital Band Hopping (DBH)
E. Digital Channel Hopping (DCH)
Answer: A

15. You have recently taken over the security of a mid-sized network. You are reviewing the current configuration of the IPTables firewall, and notice the following rule:
ipchains -A input -p TCP -d 0.0.0.0/0 12345 -j DENY
What is the function of this rule?
A. This rule for the output chain states that all incoming packets from any host to port 12345 are to be denied.
B. This rule for the input chain states that all incoming packets from any host to port 12345 are to be denied.
C. This rule for the input chain states that any TCP traffic from any address destined for any IP address and to port 12345 is to be denied.
D. This rule for the output chain states that any TCP traffic from any address destined for any IP address and to port 12345 is to be denied.
E. This rule for the input chain states that all TCP packets inbound from any network destined to any network is to be denied for ports 1, 2, 3, 4, and 5.
Answer: C

16. You have implemented an IPSec policy, using only AH. You are analyzing your network traffic in Network Monitor, which of the following statements are true about your network traffic?
A. You will not be able to view the data in the packets, as it is encrypted.
B. You will not be able to identify the upper layer protocol.
C. You will be able to view the unencrypted data in the packets.
D. You will be able to identify the encryption algorithm in use.
E. You will not be able to view the packet header.
Answer: C

免費下載EX0-106考古庫Demo

Pass4Side提供最新的EXIN Inc Certification認證 EX0-106考古庫，其全名為：(SCNS Tactical Perimeter Defense). 在您決定是否購買之前 可以先下載EX0-106考古庫的部分演示. Pass4side是全球唯一提供所有IT認證考試考古庫demo免費下載的廠商 ，以下為免費EX0-106模擬測試題的下載鏈接

免費的EX0-106考古庫PDF下載鏈接

免費EX0-107考古庫Demo賞析

　
　
Exam : Exin EX0-107
Title : SCNP Strategic Infrastructure Security

1. You have become the lead security professional for a mid-sized organization. You are currently studying DNS issues, and configuration options. You come across the concepts of DNS Spoofing, and investigate more. What is DNS Spoofing?
A. DNS Spoofing is when the DNS client submits a false DNS request to the DNS server, and the DNS server responds with correct data.
B. DNS Spoofing is the DNS client submits a DNS request to the DNS server using a bogus IP address, and the DNS server responds to the incorrect host.
C. DNS Spoofing is when a DNS Server responds to an unauthorized DNS client, providing that client with name resolution.
D. DNS Spoofing is when a DNS client is forced to make a DNS query to an imposter DNS server, which send the client to an imposter resource.
E. DNS spoofing is when a DNS server provides name resolution to clients that are located in a different IP subnet than the server itself.
Answer: D

2. To maintain the security of your network you routinely run several checks of the network and computers. Often you use the built-in tools, such as netstat. If you run the following command: netstat -e
which of the following will be the result?
A. Displays all connections and listening ports
B. Displays Ethernet statistics
C. Displays addresses and port numbers in numerical form
D. Shows connections for the protocol specified
E. Displays per-protocol statistics
Answer: B

3. To increase the security of your network and systems, it has been decided that EFS will be implemented in the appropriate situations. Two users are working on a common file, and often email this file back and forth between each other. Is this a situation where the use of EFS will create effective security, and why (or why not)?
A. No, the security will remain the same since both users will share the same key for encryption.
B. Yes, since the file will be using two keys for encryption the security will increase.
C. No, the security will remain the same since both users will share the same key for decryption.
D. Yes, since the file will be using two keys for decryption the security will increase.
E. No, EFS cannot be used for files that are shared between users.
Answer: E

4. What is a problem with symmetric key cryptography?
A. It is slower than asymmetric key cryptography
B. Secure distribution of the public key
C. There is a lack of encryption protocols that can use symmetric key cryptography
D. Secure distribution of a secret key
E. Symmetric key cryptography is reserved for the NSA
Answer: D

5. You have just downloaded a new file, called scnpfile.tar.gz. You are going to verify the file prior to un-archiving the file. Which command do you need to type to un-compress the file, prior to un-archiving?
A. tar xvf scnpfile.tar.gz
B. tar -zxvf scnpfile.tar.gz
C. gunzip scnpfile.tar.gz
D. gunzip -xvf scnpfile.tar.gz
E. gunzip -zxvf scnpfile.tar.gz
Answer: C

6. You have just become the senior security professional in your office. After you have taken a complete inventory of the network and resources, you begin to work on planning for a successful security implementation in the network. You are aware of the many tools provided for securing Windows 2003 machines in your network. What is the function of Secedit.exe?
A. This tool is used to set the NTFS security permissions on objects in the domain.
B. This tool is used to create an initial security database for the domain.
C. This tool is used to analyze a large number of computers in a domain-based infrastructure.
D. This tool provides an analysis of the local system NTFS security.
E. This tool provides a single point of management where security options can be applied to a local computer or can be imported to a GPO.
Answer: C

7. In order for your newly written security policy to have any weight, it must be implemented. Which of the following are the three components of a successful Security Policy Implementation in an organization?
A. Policy Monitoring
B. Policy Design
C. Policy Committee
D. Policy Enforcement
E. Policy Documentation
Answer: ABD

8. Attackers have the ability to use programs that are able to reveal local passwords by placing some kind of a pointer/cursor over the asterisks in a program’s password field. The reason that such tools can uncover passwords in some Operating Systems is because:
A. the passwords are simply masked with asterisks
B. the etc/passwd file is on a FAT32 partition
C. the passwords are decrypted on screen
D. the password text is stored in ASCII format
E. the etc/passwd file is on a FAT16 partition
Answer: A

9. What type of cipher is used by an algorithm that encrypts data one bit at a time?
A. 64-bit encryption Cipher
B. Block Cipher
C. Stream Cipher
D. Diffuse Cipher
E. Split Cipher
Answer: C

10. During the review of the security logs you notice some unusual traffic. It seems that a user has connected to your Web site ten times in the last week, and each time has visited every single page on the site. You are concerned this may be leading up to some sort of attack. What is this user most likely getting ready to do?
A. Mirror the entire web site.
B. Download entire DNS entries.
C. Scan all ports on a web server.
D. Perform a Distributed Denial of Service attack through the Web server.
E. Allow users to log on to the Internet without an ISP.
Answer: A

11. During a one week investigation into the security of your network you work on identifying the information that is leaked to the Internet, either directly or indirectly. One thing you decide to evaluate is the information stored in the Whois lookup of your organizational website. Of the following, what pieces of information can be identified via this method?
A. Registrar
B. Mailing Address
C. Contact Name
D. Record Update
E. Network Addresses (Private)
Answer: ABCD

12. What is the name of the informational page that is relevant to a particular command in Linux?
A. Readme Page
B. Lnx_nfo Page
C. Man Page
D. X_Win Page
E. Cmd_Doc Page
Answer: C

13. Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?
A. Windows 2000 Ping Request
B. Windows NT 4.0 Ping Request
C. Linux Ping Request
D. Linux Ping Response
E. Windows NT 4.0 Ping Response
Answer: B

14. As per the guidelines in the ISO Security Policy standard, what is the purpose of the section on Physical and Environmental Security?
A. The objectives of this section are to avoid breaches of any criminal or civil law, statutory, regulatory or contractual obligations and of any security requirements, and to ensure compliance of systems with organizational security policies and standards.
B. The objectives of this section are to prevent unauthorized access, damage and interference to business premises and information; to prevent loss, damage or compromise of assets and interruption to business activities; to prevent compromise or theft of information and information processing facilities.
C. The objectives of this section are to provide management direction and support for information security.
D. The objectives of this section are to maintain appropriate protection of corporate assets and to ensure that information assets receive an appropriate level of protection.
E. The objectives of this section are to control access to information, to prevent unauthorized access to information systems, to ensure the protection of networked services, and to prevent unauthorized computer access.
Answer: B

15. You are aware of the significance and security risk that Social Engineering plays on your company. Of the following Scenarios, select those that, just as described, represent potentially dangerous Social Engineering:
A. A writer from a local college newspapers calls and speaks to a network administrator. On the call the writer requests an interview about the current trends in technology and offers to invite the administrator to speak at a seminar.
B. An anonymous caller calls and wishes to speak with the receptionist. On the call the caller asks the receptionist the normal business hours that the organization is open to the public.
C. An anonymous caller calls and wishes to speak with the purchaser of IT hardware and software. On the call the caller lists several new products that the purchaser may be interested in evaluating. The caller asks for a time to come and visit to demonstrate the new products.
D. An email, sent by the Vice President of Sales and Marketing, is received by the Help Desk asking to reset the password of the VP of Sales and Marketing.
E. An email is received by the Chief Security Officer (CSO) about a possible upgrade coming from the ISP to a different brand of router. The CSO is asked for the current network’s configuration data and the emailer discusses the method, plan, and expected dates for the rollover to the new equipment.
Answer: DE

16. In the process of public key cryptography, which of the following is true?
A. Only the public key is used to encrypt and decrypt
B. Only the private key can encrypt and only the public key can decrypt
C. Only the public key can encrypt and only the private key can decrypt
D. The private key is used to encrypt and decrypt
E. If the public key encrypts, then only the private key can decrypt
Answer: E

免費下載EX0-107考古庫Demo

Pass4Side提供最新的EXIN Inc Certification認證 EX0-107考古庫，其全名為：(SCNP Strategic Infrastructure Security). 在您決定是否購買之前 可以先下載EX0-107考古庫的部分演示. Pass4side是全球唯一提供所有IT認證考試考古庫demo免費下載的廠商 ，以下為免費EX0-107模擬測試題的下載鏈接

免費的EX0-107考古庫PDF下載鏈接

免費EX0-100考古庫Demo賞析

　
　
Exam : EXIN EX0-100
Title : ITIL Foundation Certificate In It Service Management(Exin)

1. Which Change Management activity indicates the priority and category of an accepted Request for Change (RFC)?
A. classification
B. coordination
C. registration
D. scheduling
Answer: A

2. Which information does Financial Management for IT Services extract from the Configuration Management Database (CMDB)?
A. which equipment is being used by whom
B. where the equipment has been set up
C. which software version is being used
D. which equipment is causing incidents
Answer: A

3. What does the term "Serviceability" refer to?
A. contracts between external suppliers and the customer
B. contracts between external suppliers of services and the IT department
C. contracts between internal IT departments
D. contracts between IT management and the customer
Answer: B

4. How does Problem Management differ from Incident Management?
A. Incident Management focuses on registration and Problem Management does not.
B. Problem Management focuses on restoration of service and Incident Management focuses on finding the cause.
C. Incident Management focuses on restoration of service and Problem Management focuses on finding the cause.
D. Problem Management generates reports and Incident Management does not.
Answer: C

5. Managing risk is an essential part of which processes?
A. Problem Management and Capacity Management
B. Availability Management and Service Level Management
C. IT Service Continuity Management and Financial Management for IT Services
D. IT Service Continuity Management and Availability Management
Answer: D

6. What is produced when Problem Management identifies the cause of a Problem and a workaround?
A. a Request for Change
B. a resolved Problem
C. a Known Error
D. one or more resolved incidents
Answer: C

7. Certain data is needed to describe an ITIL?process. This includes the objectives and the output. What else is required?
A. activities
B. authorisations
C. environment
D. Configuration Management Database (CMDB)
Answer: A

8. Which of the following tasks is assigned to each process manager?
A. ensuring the smooth running of the process
B. setting up Service Level Agreements with the users
C. channeling data to Problem Management
D. following up on Incidents
Answer: A

9. Which of the following processes provides Problem Management with reports about the IT infrastructure?
A. Financial Management for IT Services
B. Change Management
C. Configuration Management
D. Incident Management
Answer: C

10. Which item is required in the Post Implementation Review (PIR) of a Change?
A. whether the Change has achieved the intended goal
B. whether the CI registration in the Configuration Management Database (CMDB) is up-to-date
C. whether the Management of the IT department is satisfied with the implementation of the Change
D. to which Configuration Items (CIs) the Change relates
Answer: A

11. Which of the following is Availability Management responsible for?
A. ensuring the reliability of components will carry out a required function under certain conditions over a certain period
B. managing the negotiations with the customer with regard to availability
C. Demand Management
D. delivering information on Service Levels to clients to determine the availability percentage
Answer: A

12. When an IT service provider adopts and adapts ITIL?best practices, which of the following is the greatest benefit?
A. Work is carried out using a project-oriented approach.
B. There is a central Service Desk.
C. The organization is more customer-oriented.
D. Work is carried out using a process-oriented approach.
Answer: D

13. Which of the following is not regarded as an incident?
A. a complaint about the service of the Service Desk
B. a standard request for change
C. a report of a breakdown
D. a question about how an application works
Answer: B

14. Which aspect is important when registering security incidents?
A. the person who reported the incident
B. the applicable disciplinary measures
C. qualified Service Desk employees
D. recognizing the event as a security incident
Answer: D

15. Which process includes developing a recovery plan?
A. IT Service Continuity Management
B. Problem Management
C. Capacity Management
D. Availability Management
Answer: A

16. Where can you find an overview of all IT services?
A. Operational Level Agreement (OLA)
B. Service Catalog
C. Service Level Agreement (SLA)
D. Service Window
Answer: B

免費下載EX0-100考古庫Demo

Pass4Side提供最新的EXIN Inc Certification認證 EX0-100考古庫，其全名為：(ITIL Foundation Certificate In It Service Management(Exin)). 在您決定是否購買之前 可以先下載EX0-100考古庫的部分演示. Pass4side是全球唯一提供所有IT認證考試考古庫demo免費下載的廠商 ，以下為免費EX0-100模擬測試題的下載鏈接

免費的EX0-100考古庫PDF下載鏈接

免費EX0-105考古庫Demo賞析

　
　
Exam : EXIN EX0-105
Title : Information Security Foundation based on ISO/IEC 27002

1. You are the owner of the courier company SpeeDelivery. You have carried out a risk analysis and now want to determine your risk strategy. You decide to take measures for the large risks but not for the small risks.
What is this risk strategy called?
A. Risk bearing
B. Risk avoiding
C. Risk neutral
Answer: C

2. When we are at our desk, we want the information system and the necessary information to be available. We want to be able to work with the computer and access the network and our files.
What is the correct definition of availability?
A. The degree to which the system capacity is enough to allow all users to work with it
B. The degree to which the continuity of an organization is guaranteed
C. The degree to which an information system is available for the users
D. The total amount of time that an information system is accessible to the users
Answer: C

3. You work in the office of a large company. You receive a call from a person claiming to be from the Helpdesk. He asks you for your password.
What kind of threat is this?
A. Natural threat
B. Organizational threat
C. Social Engineering
Answer: C

4. What is a risk analysis used for?
A. A risk analysis is used to express the value of information for an organization in monetary terms.
B. A risk analysis is used to clarify to management their responsibilities.
C. A risk analysis is used in conjunction with security measures to reduce risks to an acceptable level.
D. A risk analysis is used to ensure that security measures are deployed in a cost-effective and timely fashion.
Answer: D

5. You are the owner of a growing company, SpeeDelivery, which provides courier services. You decide that it is time to draw up a risk analysis for your information system. This includes an inventory of the threats and risks.
What is the relation between a threat, risk and risk analysis?
A. A risk analysis identifies threats from the known risks.
B. A risk analysis is used to clarify which threats are relevant and what risks they involve.
C. A risk analysis is used to remove the risk of a threat.
D. Risk analyses help to find a balance between threats and risks.
Answer: B

6. Some threats are caused directly by people, others have a natural cause.
What is an example of an intentional human threat?
A. Lightning strike
B. Arson
C. Flood
D. Loss of a USB stick
Answer: B

7. A well executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives.
What is not one of the four main objectives of a risk analysis?
A. Identifying assets and their value
B. Determining the costs of threats
C. Establishing a balance between the costs of an incident and the costs of a security measure
D. Determining relevant vulnerabilities and threats
Answer: B

8. What action is an unintentional human threat?
A. Arson
B. Theft of a laptop
C. Social engineering
D. Incorrect use of fire extinguishing equipment
Answer: D

9. You are a consultant and are regularly hired by the Ministry of Defense to perform analyses. Since the assignments are irregular, you outsource the administration of your business to temporary workers. You don’t want the temporary workers to have access to your reports.
Which reliability aspect of the information in your reports must you protect?
A. Availability
B. Integrity
C. Confidentiality
Answer: C

10. What is an example of a non-human threat to the physical environment?
A. Fraudulent transaction
B. Corrupted file
C. Storm
D. Virus
Answer: C

11. What is the greatest risk for an organization if no information security policy has been defined?
A. If everyone works with the same account, it is impossible to find out who worked on what.
B. Information security activities are carried out by only a few people.
C. Too many measures are implemented.
D. It is not possible for an organization to implement information security in a consistent manner.
Answer: D

12. We can acquire and supply information in various ways. The value of the information depends on whether it is reliable.
What are the reliability aspects of information?
A. Availability, Information Value and Confidentiality
B. Availability, Integrity and Confidentiality
C. Availability, Integrity and Completeness
D. Timeliness, Accuracy and Completeness
Answer: B

13. Peter works at the company Midwest Insurance. His manager, Linda, asks him to send the terms and conditions for a life insurance policy to Rachel, a client.
Who determines the value of the information in the insurance terms and conditions document?
A. The recipient, Rachel
B. The person who drafted the insurance terms and conditions
C. The manager, Linda
D. The sender, Peter
Answer: A

14. What is the definition of the Annual Loss Expectancy?
A. The Annual Loss Expectancy is the amount of damage that can occur as a result of an incident during the year.
B. The Annual Loss Expectancy is the size of the damage claims resulting from not having carried out risk analyses effectively.
C. The Annual Loss Expectancy is the average damage calculated by insurance companies for businesses in a country.
D. The Annual Loss Expectancy is the minimum amount for which an organization must insure itself.
Answer: A

15. Why do organizations have an information security policy?
A. In order to demonstrate the operation of the Plan-Do-Check-Act cycle within an organization.
B. In order to ensure that staff do not break any laws.
C. In order to give direction to how information security is set up within an organization.
D. In order to ensure that everyone knows who is responsible for carrying out the backup procedures.
Answer: C

免費下載EX0-105考古庫Demo

Pass4Side提供最新的EXIN Inc Certification認證 EX0-105考古庫，其全名為：(Information Security Foundation based on ISO/IEC 27002). 在您決定是否購買之前 可以先下載EX0-105考古庫的部分演示. Pass4side是全球唯一提供所有IT認證考試考古庫demo免費下載的廠商 ，以下為免費EX0-105模擬測試題的下載鏈接

免費的EX0-105考古庫PDF下載鏈接

免費EX0-101考古庫Demo賞析

　
　
Exam : EXIN EX0-101
Title : ITIL Foundation v.3 Certification

1. What is the BEST description of the purpose of Service Operation?
A. To decide how IT will engage with suppliers during the Service Management Lifecycle
B. To proactively prevent all outages to IT Services
C. To design and build processes that will meet business needs
D. To deliver and manage IT Services at agreed levels to business users and customers
Answer: D

2. Why are public frameworks, such as ITIL, attractive when compared to proprietary knowledge?
A. Proprietary Knowledge may be difficult to adopt, replicate or transfer since it is often undocumented
B. Public standards are always cheaper to adopt
C. Public frameworks are prescriptive and tell you exactly what to do
D. Proprietary knowledge has been tested in a wide range of environments
Answer: A

3. Which of the following is the BEST definition of the term Service Management?
A. A set of specialized organizational capabilities for providing value to customers in the form of services
B. A group of interacting, interrelated, or independent components that form a unified whole, operating together for a common purpose
C. The management of functions within an organization to perform certain activities
D. Units of organizations with roles to perform certain activities
Answer: A

4. Which of the following is NOT a characteristic of a process?
A. It is measurable
B. Delivers specific results
C. Responds to specific events
D. A method of structuring an organization
Answer: D

5. Reliability is a measure of:
A. The availability of a service or component
B. The level of risk that could impact a service or process
C. How long a service or component can perform its function without failing
D. A measure of how quickly a service or component can be restored to normal working
Answer: C

6. Event Management, Problem Management, Access Management and Request Fulfilment are part of which stage of the Service Lifecycle?
A. Service Strategy
B. Service Transition
C. Service Operation
D. Continual Service Improvement
Answer: C

7. "Service Management is a set of specialized organizational capabilities for providing value to customers in the form of services".
These specialized organizational capabilities include which of the following?
A. Applications and Infrastructure
B. Functions and Processes
C. Service Pipeline and Service Catalogue
D. Markets and Customers
Answer: B

8. Which of the following statements is CORRECT for every process?
1. It delivers its primary results to a customer or stakeholder
2. It defines activities that are executed by a single function
A. Both of the above
B. 1 only
C. Neither of the above
D. 2 only
Answer: B

9. Which of the following is NOT a purpose of Service Transition?
A. To ensure that a service can be managed, operated and supported
B. To provide training and certification in project management
C. To provide quality knowledge of Change, Release and Deployment Management
D. To plan and manage the capacity and resource requirements to manage a release
Answer: B

10. What is a RACI model used for?
A. Performance analysis
B. Recording Configuration Items
C. Monitoring services
D. Defining roles and responsibilities
Answer: D

11. What are the three types of metrics that an organization should collect to support Continual Service Improvement (CSI)?
A. Return On Investment (ROI), Value On Investment (VOI), quality
B. Strategic, tactical and operational
C. Critical Success Factors (CSFs), Key Performance Indicators (KPIs), activities
D. Technology, process and service
Answer: D

12. When can a Known Error record be raised?
1. At any time it would be useful to do so
2. After the permanent solution has been implemented
A. 2 only
B. 1 only
C. Neither of the above
D. Both of the above
Answer: B

13. In which document would you expect to see an overview of actual service achievements against targets?
A. Operational Level Agreement (OLA)
B. Capacity Plan
C. Service Level Agreement (SLA)
D. SLA Monitoring Chart (SLAM)
Answer: D

14. A single Release unit, or a structured set of Release units can be defined within:
A. The RACI Model
B. A Release Package
C. A Request Model
D. The Plan, Do, Check, Act (PDCA) cycle
Answer: B

15. Which of the following is an objective of Release and Deployment Management?
A. To standardize methods and procedures used for efficient and prompt handling of all changes
B. To ensure all changes to Service Assets and Configuration Items (CIs) are recorded in the Configuration Management System (CMS)
C. To ensure that overall business risk of change is optimized
D. To define and agree release and deployment plans with customers and stakeholders
Answer: D

免費下載EX0-101考古庫Demo

Pass4Side提供最新的EXIN Inc Certification認證 EX0-101考古庫，其全名為：(ITIL Foundation v.3). 在您決定是否購買之前 可以先下載EX0-101考古庫的部分演示. Pass4side是全球唯一提供所有IT認證考試考古庫demo免費下載的廠商 ，以下為免費EX0-101模擬測試題的下載鏈接

免費的EX0-101考古庫PDF下載鏈接

免費ex0-102考古庫Demo賞析

　
　
Exam : EXIN EX0-102
Title : Microsoft Operations Framework,MOFF

1. Which Service Management Function deals with the day-to-day activities and tasks related to maintaining and adjusting the IT security infrastructure?
A. Availability Management
B. Security Administration
C. Security Management
D. System Administration
Answer: B

2. Which of the following is one of the main inputs and outputs of the steps in the Risk Management Discipline?
A. Availability Plan
B. Capacity Plan
C. Retired Risks List
D. Security Risks List
Answer: C

3. What ITIL process maps to the optimizing quadrant?
A. Change Management
B. Incident Management
C. Security Administration
D. Service Level Management
Answer: D

4. Which of the following describes the concept of Service Management Functions (SMFs)?
A. a model for measuring the performance of the process
B. a model for organizing IT staff
C. organizational units that support IT operations
D. processes, procedures and policies to deliver and support IT service solutions
Answer: D

5. Which Service Management Function (SMF) needs to ensure that efficient incident detection and recovery tools and processes are in place to handle any service outages that do occur?
A. Availability Management
B. Release Management
C. Service Desk
D. System Administration
Answer: A

6. In what way does Capacity Management contribute to improving IT Service Management?
A. By identifying the major technology components, infrastructure, people and processes that underpin the end-to-end delivery of service
B. By preventing interruptions to IT services as well as recovering services after an interruption occurs
C. By planning and monitoring the job scheduling process according to the requirements in the Operational Level Agreements (OLAs)
D. By planning the implementation of business requirements for IT Services so they are in place when the business needs them
Answer: D

7. Which Service Management Function (SMF) has Network hardware configuration as a key concept?
A. Configuration Management
B. Infrastructure Management
C. Network Administration
D. Security Management
Answer: C

8. What is the relationship between releases and changes?
A. A change includes both changed hardware and software components and components that were not changed. A release only includes changed hardware and software components.
B. Changes are incorporated into the IT environment by releases.
C. Releases and changes are incorporated into the IT environment independently of each other.
D. Releases are incorporated into the IT environment by changes.
Answer: B

9. Which of the following is a key element of the Job Scheduling Service Management Function?
A. Batch architecture
B. Directory types
C. Fault Management
D. Infrastructure optimization
Answer: A

10. Which of the following is a key requirement for planning service solutions?
A. a managed IT environment
B. a milestone-driven implementation process
C. take the perspective of end-to-end services
D. understanding of the business and the operational requirements
Answer: D

11. Which of the following is a responsibility of the Operations Role Cluster?
A. detecting intrusions and protecting against viruses
B. managing business-to-business trading interfaces
C. managing IT-procurement and purchasing functions
D. prioritizing service improvement requests and identifying gaps for future functionality
Answer: B

12. Within the operations life cycle, which Operations Management Review follows the Changing Quadrant?
A. Change Initiation Review
B. Operations Review
C. Release Readiness Review
D. Service Level Agreement (SLA) Review
Answer: C

13. Which steps in the MOF Risk Management Process follow each other immediately?
A. Analyzing and Prioritizing Risks – Planning and Scheduling Risk Actions
B. Analyzing and Prioritizing Risks – Tracking and Reporting Risks
C. Identifying Risks in Operations – Planning and Scheduling Risk Actions
D. Identifying Risks in Operations – Tracking and Reporting Risks
Answer: A

14. Which Role Cluster has a portfolio of business-aligned IT services as a quality goal?
A. Operations
B. Partner
C. Service
D. Support
Answer: C

15. What is a goal of Security Administration?
A. accessibility
B. confidentiality
C. connectivity
D. interconnectivity
Answer: B

免費下載ex0-102考古庫Demo

Pass4Side提供最新的EXIN Inc Certification認證 ex0-102考古庫，其全名為：(Microsoft Operations Framework,MOFF). 在您決定是否購買之前 可以先下載ex0-102考古庫的部分演示. Pass4side是全球唯一提供所有IT認證考試考古庫demo免費下載的廠商 ，以下為免費ex0-102模擬測試題的下載鏈接

免費的ex0-102考古庫PDF下載鏈接