CSP-Assessor無料問題集「Swift Customer Security Programme Assessor Certification」

質問 1

Intrusion Detection Control can be met through the following technology. (Select the correct answer)
*Swift Customer Security Controls Policy
*Swift Customer Security Controls Framework v2025
*Independent Assessment Framework
*Independent Assessment Process for Assessors Guidelines
*Independent Assessment Framework - High-Level Test Plan Guidelines
*Outsourcing Agents - Security Requirements Baseline v2025
*CSP Architecture Type - Decision tree
*CSP_controls_matrix_and_high_test_plan_2025
*Assessment template for Mandatory controls
*Assessment template for Advisory controls

（A）EDR and XDR

（B）HIDS

（C）A combination of all of the above

（D）NIDS

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

Select the environment that is not in scope in a SWIFT user CSP assessment (assuming the environments are separated).
*Swift Customer Security Controls Policy
*Swift Customer Security Controls Framework v2025
*Independent Assessment Framework
*Independent Assessment Process for Assessors Guidelines
*Independent Assessment Framework - High-Level Test Plan Guidelines
*Outsourcing Agents - Security Requirements Baseline v2025
*CSP Architecture Type - Decision tree
*CSP_controls_matrix_and_high_test_plan_2025
*Assessment template for Mandatory controls
*Assessment template for Advisory controls
*CSCF Assessment Completion Letter
*Swift_CSP_Assessment_Report_Template

（A）SWIFT infrastructure (sometimes known as Live)

（B）Development

（C）Disaster Recovery

（D）Cold backup systems

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

Penetration testing must be performed at application level against the Swift-related components, such as the interfaces, Swift and customer connectors?

（A）False, only the components as defined in Swift Testing Policy

（B）True, those are key components

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

The Swift user would like to perform their CSP assessment in May for the CSCF version that will only be active as from July the same year. Is it allowed?

（A）No, an assessment can only be done on the active version of the CSCF

（B）Yes, the assessment on a particular version can start before the actual activation date

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

What is the purpose of the High-Level Test Plan (HLTP) provided by SWIFT? (Select the correct answer)
*Swift Customer Security Controls Policy
*Swift Customer Security Controls Framework v2025
*Independent Assessment Framework
*Independent Assessment Process for Assessors Guidelines
*Independent Assessment Framework - High-Level Test Plan Guidelines
*Outsourcing Agents - Security Requirements Baseline v2025
*CSP Architecture Type - Decision tree
*CSP_controls_matrix_and_high_test_plan_2025
*Assessment template for Mandatory controls
*Assessment template for Advisory controls
*CSCF Assessment Completion Letter
*Swift_CSP_Assessment_Report_Template

（A）The HLTP provides the rules to define the sample for testing

（B）The HLTP provides a way of testing and the typical evidence for each control (based on implementation guidelines) and must be strictly followed

（C）The HLTP provides a way of testing and the typical evidence for each control (based on implementation guidelines), testing should be ideally based on it

（D）The HLTP provides a detailed way of control testing

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

How many Swift Security Officers does an organization need at minimum?

（A）3

（B）1

（C）4

（D）2

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

The internet connectivity restriction control prevents having internet access on any CSCE m-scope components.

（A）FALSE

（B）TRUE

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

The Internal Audit and an external assessment company are both involved in a SWIFT user's assessment.
Both have shared control assessments to cover the full scope (meaning two separate assessment teams). Who needs to provide a completion letter? (Select the correct answer)
*Swift Customer Security Controls Policy
*Swift Customer Security Controls Framework v2025
*Independent Assessment Framework
*Independent Assessment Process for Assessors Guidelines
*Independent Assessment Framework - High-Level Test Plan Guidelines
*Outsourcing Agents - Security Requirements Baseline v2025
*CSP Architecture Type - Decision tree
*CSP_controls_matrix_and_high_test_plan_2025
*Assessment template for Mandatory controls
*Assessment template for Advisory controls
*CSCF Assessment Completion Letter
*Swift_CSP_Assessment_Report_Template

（A）None of them, it is not required when an internal department was involved in the assessment

（B）The Internal audit lead assessor and the external company lead assessor

（C）The Internal audit lead assessor only

（D）The External company lead assessor only

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

Which operator session flows are expected to be protected in terms of confidentiality and integrity? (Select the correct answer)
*Swift Customer Security Controls Policy
*Swift Customer Security Controls Framework v2025
*Independent Assessment Framework
*Independent Assessment Process for Assessors Guidelines
*Independent Assessment Framework - High-Level Test Plan Guidelines
*Outsourcing Agents - Security Requirements Baseline v2025
*CSP Architecture Type - Decision tree
*CSP_controls_matrix_and_high_test_plan_2025
*Assessment template for Mandatory controls
*Assessment template for Advisory controls
*CSCF Assessment Completion Letter
*Swift_CSP_Assessment_Report_Template

（A）All of the other answers are valid

（B）All sessions towards a SWIFT-related application run by an Outsourcing Agent, a Service Bureau, or an L2BA Provider

（C）All sessions to and from a jump server used to access a component in a secure zone

（D）System administrator sessions towards a host running a SWIFT-related component (on-premises or remote)

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

Must Swift users submit a copy of their final assessment report to Swift?

（A）Yes, a copy of (only) the assessment report must be provided to Swift, no other documents

（B）Yes, all documents produced from the assessment must be provided proactively to Swift

（C）Yes, in cases where a customer performs an Independent assessment rather than an audit then a copy of the assessment report must be provided. However, it is not required for the Swift user to provide any forms when an Internal/External Audit is performed

（D）No, it is not required to provide Swift with any documents by default. However, Swift can request a copy of the Assessment completion letter

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

CSP-Assessor 無料問題集「Swift Customer Security Programme Assessor Certification」

弊社を連絡する

関連リンク

トップ試験