CSP-Assessor無料問題集「Swift Customer Security Programme Assessor Certification」

質問 1

The SwiftNet Link (SNL) software is always required for the Swift Alliance Gateway to operate.
SIL Connectivity
*Generic
*Products Cloud
*Products OnPrem
*Security

（A）FALSE

（B）TRUE

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

Can an assessor re-use an ISAE 3000 report dating back 2 years to support an independent assessment?

（A）No, the SAE 3000 report is no validsurrogateas a rule

（B）Yes, there is no time limit for an iSAE 3000 report

（C）Yes, provided there is no change to the Swift user's infrastructure

（D）No, that is too old, the maximum is 18 months

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

How can PKI certificate requests be submitted to SWIFT? (Select the correct answer)
*Connectivity
*Generic
*Products Cloud
*Products OnPrem
*Security

（A）Using an offline method

（B）None of the above

（C）Using an online method

（D）Using both online and offline methods

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

The Alliance Web Platform Administrator uses both the GUI and command line to perform configuration and monitoring tasks on AWP SE.

（A）FALSE

（B）TRUE

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

The SWIFT user has installed its own Communication Interface on a dedicated virtual machine offered by a public cloud provider. Under which provider category does the public cloud provider fit, and what is the CSP impact? (Select the correct answer)
*Swift Customer Security Controls Policy
*Swift Customer Security Controls Framework v2025
*Independent Assessment Framework
*Independent Assessment Process for Assessors Guidelines
*Independent Assessment Framework - High-Level Test Plan Guidelines
*Outsourcing Agents - Security Requirements Baseline v2025
*CSP Architecture Type - Decision tree
*CSP_controls_matrix_and_high_test_plan_2025
*Assessment template for Mandatory controls
*Assessment template for Advisory controls

（A）The public cloud provider is considered a SWIFT connectivity provider, and therefore not in scope of the CSP

（B）The public cloud provider is considered a L2BA provider, and therefore not in scope of the CSP

（C）This type of implementation is not allowed by the CSP

（D）The public cloud provider is considered an outsourcing agent, and therefore in scope of the CSP

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

The SWIFT VPN boxes are located between the Messaging and Communication interface.
*Connectivity
*Generic
*Products Cloud
*Products OnPrem
*Security

（A）FALSE

（B）TRUE

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

Which operator session flows are expected to be protected in terms of confidentiality and integrity? (Select the correct answer)
*Swift Customer Security Controls Policy
*Swift Customer Security Controls Framework v2025
*Independent Assessment Framework
*Independent Assessment Process for Assessors Guidelines
*Independent Assessment Framework - High-Level Test Plan Guidelines
*Outsourcing Agents - Security Requirements Baseline v2025
*CSP Architecture Type - Decision tree
*CSP_controls_matrix_and_high_test_plan_2025
*Assessment template for Mandatory controls
*Assessment template for Advisory controls
*CSCF Assessment Completion Letter
*Swift_CSP_Assessment_Report_Template

（A）All of the other answers are valid

（B）All sessions towards a SWIFT-related application run by an Outsourcing Agent, a Service Bureau, or an L2BA Provider

（C）All sessions to and from a jump server used to access a component in a secure zone

（D）System administrator sessions towards a host running a SWIFT-related component (on-premises or remote)

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

What does the CSCF expect in terms of Database Integrity? (Choose all that apply.)

（A）Nothing is needed when the messaging or connector integrates/embeds an integrity check functionality at each Swift transaction record level.

（B）Alerts generated from performed integrity checks are captured and analysed for appropriate treatment

（C）When a database is used by a messaging interface or connector, the related hosted database and its supporting system must be protected as a Swift-related component and exceptions alerted

正解：B、C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

A Swift user can only exchange FIN messages via the Swift network.

（A）FALSE

（B）TRUE

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

The SWIFT HSM Box must be hardened at the system level by the SWIFT user owning the equipment.
*Swift Customer Security Controls Policy
*Swift Customer Security Controls Framework v2025
*Independent Assessment Framework
*Independent Assessment Process for Assessors Guidelines
*Independent Assessment Framework - High-Level Test Plan Guidelines
*Outsourcing Agents - Security Requirements Baseline v2025
*CSP Architecture Type - Decision tree
*CSP_controls_matrix_and_high_test_plan_2025
*Assessment template for Mandatory controls
*Assessment template for Advisory controls
*CSCF Assessment Completion Letter
*Swift_CSP_Assessment_Report_Template

（A）FALSE

（B）TRUE

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

CSP-Assessor 無料問題集「Swift Customer Security Programme Assessor Certification」

弊社を連絡する

関連リンク

トップ試験