Fundamental IT Engineer Examination (Morning) Oct 2014

Fundamental IT Engineer Examination (Morning) Oct 2014

情報処理技術者試験 / ITPEC アジア共通統一試験

Fundamental IT Engineer Examination (Morning) Oct 2014

http://itpec.org/pastexamqa/fe.html


October 2014

(1)

Fundamental IT Engineer Examination (Morning)

Questions must be answered in accordance with the following:

Question Nos. Q1 - Q80

Question Selection All questions are compulsory.

Examination Time 9:30 - 12:00 (150 minutes)

Instructions:

1. Use a pencil. If you need to change an answer, erase your previous answer completely

and neatly. Wipe away any eraser debris.

2. Mark your examinee information and your answers in accordance with the instructions

below. Your answer will not be graded if you do not mark properly. Do not mark nor

write on the answer sheet outside of the prescribed places.

(1) Examinee Number

Write your examinee number in the space provided, and mark the appropriate space

below each digit.

(2) Date of Birth

Write your date of birth (in numbers) exactly as it is printed on your examination

admission card, and mark the appropriate space below each digit.

(3) Answers

Select one answer (a through d) for each question.

Mark your answers as shown in the following sample question.

[Sample Question]

Q1. In which month is the autumn Fundamental IT Engineer Examination

conducted?

a) September b) October c) November d) December

Since the correct answer is “b)” (October), mark your answer sheet as follows:

[Sample Answer]

Q1

Do not open the exam booklet until instructed to do so.

Inquiries about the exam questions will not be answered.

– 1 –

Symbols commonly used in questions

Unless otherwise noted in each question, the following notational conventions are applied as

shown in the tables.

I. Standards

Notation

in the exam questions Name of the standard

ISO 9001 ISO 9001:2008

ISO 14001 ISO 14001:2004

ISO/IEC 20000-1 ISO/IEC 20000-1:2011

ISO/IEC 20000-2 ISO/IEC 20000-2:2012

ISO/IEC 25010 ISO/IEC25010:2013

ISO/IEC 27001 ISO/IEC 27001:2005

ISO/IEC 27002 ISO/IEC 27002:2013

ISO/IEC 12207 ISO/IEC 12207:2008

ISO 21500 ISO 21500:2012

ITIL ITIL 2011 edition

PMBOK PMBOK Guide – Fifth Edition

– 2 –

II. Logic Circuit

Graphic symbol Explanation

AND gate

NAND gate

OR gate

NOR gate

Exclusive OR (XOR) gate

Exclusive NOR gate

Buffer

NOT gate

Three-state buffer (or tri-state buffer)

Note: The small circle or “bubble” on either the input or output

terminal shows inversion or negation of the logic state.

Company names and product names appearing in the examination questions are trademarks or registered

trademarks of their respective companies. Note that the ® and ™ symbols are not used within.

– 3 –


When a total of 400 data records are stored in contiguous memory starting

from the address 02748, which of the following is the address where the

last data record is stored? Here, each data record occupies one address

location, and each address is represented in radix notation.

a) 06738

b) 06748

c) 11138

d) 11148

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q1.


------------------------------------------------------------------------

Q2. (表あり

As shown in the table below, 100 out of 100,000 patients have a cancer. When a cancer

screening test has an accuracy of 99% for patients with a cancer and an accuracy of 96%

for patients without a cancer, the equations below hold for A, B, C, and D.

×100 = 99

A + B

A ×100 = 96

C + D

D

Which of the following is the probability (in percentage) that a patient with a positive test

result has a cancer?

Number of patients

with a positive test

result

Number of patients

with a negative test

result

Total

Patients with a cancer A B 100

Patients without a cancer C D 99,900

Total A + C B + D 100,000

a) 0.001 b) 2.418 c) 97.582 d) 99.999

------------------------------------------------------------------------

When the word list of a dictionary is searched for an exact matching

word, which of the following is the most appropriate data structure in

terms of runtime computational complexity?

a) Array

b) Binary search tree

c) Hash table

d) Linked list

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q3.


------------------------------------------------------------------------



Q4.

For the post-order traversal of a binary search tree where the left

and right subtrees of the root node contain 1000 and 100 nodes

respectively, which of the following is the number of nodes that are

processed before the root node is visited?

a) 0

b) 100

c) 1000

d) 1100

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q5.


------------------------------------------------------------------------

下記の手順を列挙した順序で実行すると、変数yには何が格納されますか? ここでは、スタック構造とキュー構造は最初は空であり、以下に示すように4種類の操作が定義されています。

When the procedure shown below is executed in listed order, what is

stored in variable y? Here, the stack and queue structures are initially

empty, and four types of operations are defined as shown below.

[Operations]

push (x): Put value x in the stack.

pop ( ): Retrieve the value from the stack.

enq (x): Put value x in the queue.

deq ( ): Retrieve the value from the queue.

[Procedure]

enq (1)

enq (2)

push (3)

push (deq ( ))

enq (4)

push (deq ( ))

y ← pop ( )


a) 1

b) 2

c) 3

d) 4

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q6.


------------------------------------------------------------------------


When the selection sort algorithm is used for sorting the dataset

“2, 4, 6, 8, 10, 12, 14,14” in descending order, how many data exchanges

occur during the sorting process?

a) 4

b) 5

c) 6

d) 7

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q7.


------------------------------------------------------------------------

Q8.

There is a circular queue implemented with a one-dimensional array of n elements.

Insertion and removal of data are performed by using an array index as a pointer. Two

pointers F and R are respectively used for removal and insertion. Each of the two

pointers is initially zero (i.e., F=R=0). When the queue is empty or full, which of the

following is the appropriate combination of the relations between the two pointers?

Here, “x mod y ” represents the remainder of x divided by y.

Full queue Empty queue

a) F = R F = (R+1) mod n

b) F = (R+1) mod n F = R

c) F = (R+1) mod n R = (F+1) mod n

d) R = (F+1) mod n F = R


Which of the following is a computer architecture that enables the

processor to execute instructions in parallel by using hardware to

dynamically allocate the arithmetic units that execute multiple

instructions at the same time?

a) Pipeline

b) Super-pipeline

c) Superscalar

d) VLIW

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q9.


------------------------------------------------------------------------


In a paged virtual storage system, when a TLB (Translation Lookaside Buffer) is used to translate a virtual address to a physical address under the conditions shown below, how many clock cycles on average are required to translate an address through the TLB?

[Conditions]

1. It takes 1 clock cycle to translate an address at the time of a TLB hit.

2. It takes 40 clock cycles to translate an address at the time of a TLB miss hit.

3. The TLB miss rate is 0.5%.

a) 1.039

b) 1.040

c) 1.195

d) 1.200


ページングされた仮想ストレージシステムでは、TLB(Translation Lookaside Buffer)を使用して、以下の条件で仮想アドレスを物理アドレスに変換すると、アドレスをTLBに変換するために平均何クロックサイクルが必要ですか?

[条件]

   1. TLBヒット時にアドレスを変換するのに1クロックサイクルかかる。

   2. TLBミスヒット時にアドレスを変換するのに40クロックサイクルかかる。

   3. TLBミス率は0.5%です。

a)1.039

b)1.040

  c)1.195

  d)1.200


In a paged virtual storage system, when a TLB (Translation Lookaside Buffer)

is used to translate a virtual address to a physical address under the

conditions shown below, how many clock cycles on average are required to

translate an address through the TLB?

[Conditions]

1. It takes 1 clock cycle to translate an address at the time of a TLB

hit.

2. It takes 40 clock cycles to translate an address at the time of a TLB

miss hit.

3. The TLB miss rate is 0.5%.


a) 1.039

b) 1.040

c) 1.195

d) 1.200

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q10.


------------------------------------------------------------------------


Which of the following is the addressing mode where the operand of an

instruction is used to point to the memory address that contains the

address of the data to be operated upon?

a) Direct addressing

b) Immediate addressing

c) Indirect addressing

d) Register addressing

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q11.

------------------------------------------------------------------------

Which of the following is an appropriate characteristic of Bluetooth?

a) A maximum of 127 devices can be connected to a single host.

b) The communication ports must be positioned in a straight line facing

each other.

c) The short range (up to about 100 m) of wireless voice/data communication

is defined.

d) The standard allows communication to be performed at a distance of

1,000 m or more.

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q12.

------------------------------------------------------------------------

Among the RAID systems, which of the following should be used in cases

where maximum storage capacity is required but data redundancy or fault

tolerance is not a requirement?

a) RAID 0

b) RAID 1

c) RAID 5

d) RAID 6

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q13.

------------------------------------------------------------------------

Which of the following is an appropriate explanation concerning a fault tolerant system?

a) A system that consists of multiple processors connected through a network and shares resources located in the network

b) A system that has a backup system at a remote location in preparation for the occurrence of a local disaster or other accident

c) A system that is designed so that the functions required for the overall system can continue to operate even in the event of a partial failure

d) A system that processes a single transaction in parallel by using multiple processors and verifies the results by cross-checking


フォールトトレラントシステムに関する適切な説明はどれですか?

a)ネットワークを介して接続された複数のプロセッサから構成され、ネットワーク内のリソースを共有するシステム

b)地元の災害やその他の事故の発生に備えて遠隔地にバックアップシステムを備えたシステム

c)全体的なシステムに必要な機能が部分的な障害の発生時にも引き続き動作できるように設計されたシステム

d)複数のプロセッサを使用して1つのトランザクションを並列処理し、クロスチェックによって結果を検証するシステム


Which of the following is an appropriate explanation concerning a fault

tolerant system?

a) A system that consists of multiple processors connected through a

network and shares resources located in the network

b) A system that has a backup system at a remote location in preparation

for the occurrence of a local disaster or other accident

c) A system that is designed so that the functions required for the

overall system can continue to operate even in the event of a partial failure

d) A system that processes a single transaction in parallel by using

multiple processors and verifies the results by cross-checking

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q14.


------------------------------------------------------------------------



Q15. The response speed of a database server is slowed down, even though no application is

changed. As shown in the table below, the possible causes and the investigation items

are considered to identify the cause. Which of the following is an appropriate

investigation item that should be inserted in blank C?

Possible cause Investigation item

• An increase in load because of the coexistence of

another system on the same machine

• An increase in the amount of communication

because of an increase in the number of connected

clients

A

• The generation of SQL statements that require a

large processing time because of atypical searches B

• An increase in disk I/O because of fragmentation C

• A lack of buffer capacity in the database D

a) Confirmation of changes in external factors

b) Identification of slow processes

c) Investigation of the hit ratio of cache memory

d) Verification of the status of data storage

Q16. The table below shows the priorities of three tasks together with the operation sequence

and processing time of the CPU and I/O device when each task is executed in a

stand-alone mode. What is the idle time (in milliseconds) of the CPU from the moment

when all three tasks become ready to execute simultaneously until the execution of the

three tasks is completed? Here, there is no I/O contention, and the overhead of the OS

can be ignored. In the table, the number enclosed in parentheses shows the processing

time for each operation.

Priority Operation sequence and processing time (in milliseconds)

when each task is executed in a stand-alone mode

High CPU (3) → I /O (5) → CPU (2)

Medium CPU (2) → I /O (6) → CPU (2)

Low CPU (1) → I /O (5) → CPU (1)

a) 1 b) 2 c) 3 d) 4



Among the combinations of the storage management and the multiplicity

of programs in a multiprogramming environment, which of the following is

the combination where“thrashingis most likely to occur?

Storage management Multiplicity of programs

---------------------------------------------------------

a) Real storage system Large

b) Real storage system Small

c) Virtual storage system Large

d) Virtual storage system Small

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q17.

------------------------------------------------------------------------

Which of the following is an appropriate explanation concerning a memory leak?

a) An increase in the number of applications executed concurrently causes excessive paging, and results in an extreme reduction of throughput.

b) In the system with a restriction on the size of memory allocated to the running programs, each program module is loaded into main memory only when needed.

c) Part of main memory occupied during application execution is not released because of a bug of the application or OS, and the usable space of main memory decreases.

d) The total amount of free space available in main memory is sufficient, but no space can be used for loading a large program because of noncontiguous memory blocks.



メモリリークに関する適切な説明はどれですか?

a)同時に実行されるアプリケーションの数が増加すると、ページングが過剰になり、スループットが極端に低下します。

b)実行中のプログラムに割り当てられたメモリのサイズに制限があるシステムでは、必要に応じて各プログラムモジュールがメインメモリにロードされます。

c)アプリケーションやOSバグにより、アプリケーションの実行中に占有されていたメインメモリの一部が解放されず、メインメモリの使用可能領域が減少する。

d)メイン・メモリで使用可能な空き領域の合計量は十分ですが、連続していないメモリブロックのために大きなプログラムをロードするための領域は使用できません。


Which of the following is an appropriate explanation concerning a memory

leak?

a) An increase in the number of applications executed concurrently causes

excessive paging, and results in an extreme reduction of throughput.

b) In the system with a restriction on the size of memory allocated to

the running programs, each program module is loaded into main memory

only when needed.

c) Part of main memory occupied during application execution is not

released because of a bug of the application or OS, and the usable

space of main memory decreases.

d) The total amount of free space available in main memory is sufficient,

but no space can be used for loading a large program because of

noncontiguous memory blocks.

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q18.


------------------------------------------------------------------------


In a white box test, which of the following is used to evaluate the

proportion of lines of code that are executed?

a) Assertion checker

b) Simulator

c) Static code analysis

d) Test coverage analysis

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q19.

------------------------------------------------------------------------


GPLの下でライセンスされたOSSに基づくソースコードが公開されていない場合、以下のうちどれがライセンスの違反とみなされますか?

a)企業は、OSSと他のアプリケーションソフトウェアとの間のインタフェースキットを開発し、販売している。

b)会社は、自社の業務または活動を通じてOSSを取得、変更、販売します。

c)企業は、内部使用目的でOSSの変更を他社に委託する。

d)OSSを使用して性能テストを実施した自社ソフトウェアを販売する会社。

When the source code based on OSS licensed under GPL is not released to the public, which of the following is regarded as a violation of the license?

a) A company develops and sells an interface kit between OSS and other application software.

b) A company obtains, modifies, and sells OSS through the company’s own operations or activities.

c) A company outsources the modification of OSS to another company for the purpose of internal use.

d) A company sells its own software whose performance test has been performed by using OSS.

When the source code based on OSS licensed under GPL is not released

to the public, which of the following is regarded as a violation of

the license?

a) A company develops and sells an interface kit between OSS and

other application software.

b) A company obtains, modifies, and sells OSS through the company's

own operations or activities.

c) A company outsources the modification of OSS to another company

for the purpose of internal use.

d) A company sells its own software whose performance test has been

performed by using OSS.

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q20.

------------------------------------------------------------------------


Q21.図アリ

The logic circuit shown below has four input signals (C1, C2, C3, and C4) and two selector

signals (S1 and S2). The two selectors are used to control the four input signals so that

only one input signal can pass to the output port. Which of the following is an

appropriate combination of the selector signals S1 and S2 that allows C3 to pass to the

output port?

Output

C1

C2

C3

C4

S1 S2

S1 S2

a) 0 0

b) 0 1

c) 1 0

d) 1 1

A power supply unit has a rated output power of 500 watts and an

efficiency of 80%. In order to obtain an output power of 500 watts from

this power supply unit, how many watts is the minimum input power?

a) 100

b) 400

c) 625

d) 900

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q22.

------------------------------------------------------------------------

Which of the following is an appropriate description concerning flash

memory?

a) It can write data electrically and erase it all at once with

ultraviolet light.

b) It can write data electrically and erase it electrically in units of

blocks.

c) It is often used as cache memory because of the high-speed rewritable

capability.

d) It needs to rewrite (i.e., refresh) data within a given period of

time.

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q23.


------------------------------------------------------------------------



Q24. 表アリ

A shop sells approximately 200 types of products. Among the input items for a new

product on the registration screen, which of the following is the input item that is suitable

for using a pull-down menu as an input method?

Input item Format and rules

a) Product number Each product number consists of five numeric characters.

b) Product name Each product name consists of 40 or fewer alphanumeric

characters.

c) Product category There are five categories, and each category consists of 10 or

fewer alphanumeric characters.

d) Price Each price has a 3- or 4-digit numeric value with a range

from 100 to 1,000 dollars.



@@

コンピュータアニメーションのモーフィング技術に関する説明は次のうちどれですか?

a)手で描かれた輪郭がスキャナで読み取られ、単一の特定の色がその囲まれた領域に適用される。

b)視聴者からの距離の大きい順に移動する部分を含む複数の画像を作成して重ね合わせることにより、背景とは独立に、奥行き感のある2次元アニメーションを生成する。

c)画像から他の画像への外観の滑らかな変換を表現するために、複数の中間画像が作成される。

d)身体の実際の動きは、デジタルデータとして収集され、そのデータに基づいて、現実的な動きを有する複数の画像が生成される。


Which of the following is an explanation concerning the morphing technique in computer animation?

a) A hand-drawn outline is read with a scanner, and a single particular color is applied to its enclosed area.

b) A two-dimensional animation with a sense of depth is generated, independently of the background, by creating and superimposing multiple images with parts involving movement in descending order of distance from the viewer.

c) In order to represent the smooth transformation in appearance from an image to another image, multiple intermediate images are created.

d) The actual movement of a body is collected as digital data, and on the basis of such data, multiple images with realistic movement are created.


Which of the following is an explanation concerning the morphing technique

in computer animation?

a) A hand-drawn outline is read with a scanner, and a single particular

color is applied to its enclosed area.

b) A two-dimensional animation with a sense of depth is generated,

independently of the background, by creating and superimposing multiple

images with parts involving movement in descending order of distance

from the viewer.

c) In order to represent the smooth transformation in appearance from an

image to another image, multiple intermediate images are created.

d) The actual movement of a body is collected as digital data, and on the

basis of such data, multiple images with realistic movement are created.

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q25.

------------------------------------------------------------------------


Which of the following is an appropriate explanation concerning the

data structure in a relational database?

a) Data and methods are unified (i.e., encapsulated) and stored.

b) Data is represented with one or more two-dimensional tables.

c) Parent records and child records are linked with a pointer.

d) Tags are used to represent data structure and meaning.

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q26.


------------------------------------------------------------------------

リレーショナルデータベースでは、主キー制約として満たす必要がある2つの条件があります。 1つの条件は、重複するキー値がないことです。 次のうちどれが別の状態ですか?

a)主キーは1つの列のみで構成する必要があります。

b)主キーは、表の最初の列として定義する必要があります。

c)プライマリキーの値は、別のテーブルの候補キーと一致する必要があります。

d)主キーの値はnullであってはなりません。

In a relational database, there are two conditions that must be met as a primary key constraint. One condition is that there are no duplicate key values. Which of the following is another condition?

a) The primary key must be composed of only one column.

b) The primary key must be defined as the first column of a table.

c) The primary key value must match the candidate key of another table.

d) The primary key value must not be null.



タイトルに "UNIX"が含まれている "Books"テーブルのすべての行を検索するには、次のようにSQL文を使用します。 ブランクAで指定されている適切な文字列はどれですか? ここで、タイトルは「書籍」テーブルの「タイトル」列に格納されます。

In order to find all rows from the “Books” table that includeUNIX” in

the title, the SQL statement is used as shown below. Which of the following

is an appropriate character string that is specified in blank A? Here,

the title is stored in the “Title” column of the “Books” table.

SELECT * FROM Books WHERE Title LIKE ' A '

a) %UNIX

b) %UNIX%

c) UNIX

d) UNIX%

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q28.

------------------------------------------------------------------------

Q29. Which of the following is the relational operation that corresponds to the manipulation of

the SQL statement for Table R shown below?

R

A1 A2 A3 A4 A5

[SQL statement]

SELECT A1, A3, A5 FROM R

a) Difference b) Join

c) Projection d) Selection

– 14 –

Q30. When the SQL statement below is executed under the given conditions, what is the

maximum number of rows that are created?

SELECT P.ProductID, P.ProductName, S.SalesAmount

FROM Product P LEFT JOIN Sales S

ON S.ProductID = P.ProductID

[Conditions]

1. There are two relational database tables “Product” and “Sales” as shown below.

Product: ProductID, ProductName, UnitPrice

Sales: ProductID, SalesQuantity, SalesAmount

The relationship betweenProduct” and “Sales” is illustrated by using a

UML class diagram as shown below.

1..1 0..* Product Sales

2. There are 2,000 rows in the “Product” table and 100,000 rows in the “Sales” table.

a) 2,000 b) 100,000 c) 101,999 d) 200,000,000


In computer networking, which of the following is the most appropriate

technical term that means the variation in packet delay that causes the

degradation of the QoS (Quality of Service) of real-time audio or video

streaming service such as VoIP?

a) Crosstalk

b) Glitch

c) Jitter

d) Ripple

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q31.


------------------------------------------------------------------------

Which of the following is the network device that enables LANs to be

interconnected at the physical layer of the OSI basic reference model?

a) Bridge

b) Gateway

c) Repeater

d) Router

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q32.


------------------------------------------------------------------------

Which of the following is a mechanism that enables a variety of

information, such as still images, movies, and audio, to be sent via

e-mail?

a) FTP

b) MIME

c) POP3

d) TELNET

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q33.

b) MIME

------------------------------------------------------------------------

In a TCP/IP network using IPv4 addresses, which of the following is a

valid network address? Here, the number following a slash (/) is the

number (in decimal) of bits allocated to represent the network number.

a) 123.0.0.30/27

b) 150.60.0.130/25

c) 196.74.38.20/28

d) 210.11.190.192/26

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q.34

------------------------------------------------------------------------

Q35. Which of the following is the effect that is expected by duplexing a server configuration,

as shown in the figure below?

Even when server 1 stops, the service

continues by switching to server 2.

Original

configuration

Duplex

configuration

The Internet The Internet

Server

(running) Alive

monitoring

Data Data

Server 1

(running)

Server 2

(standby)

a) Improvement in accountability b) Improvement in availability

c) Improvement in confidentiality d) Improvement in integrity

Q36. When Mr. A sends Mr. B an e-mail with a digital signature created by using public key

cryptography, which of the following is the appropriate combination of the keys that are

used by Mr. A and Mr. B?

Key that Mr. A uses to

create digital signature

Key that Mr. B uses to

verify digital signature

a) Mr. A’s private Key Mr. A’s public Key

b) Mr. A’s public Key Mr. A’s private Key

c) Mr. B’s private Key Mr. B’s public Key

d) Mr. B’s public Key Mr. B’s private Key


When security attacks to a computer system are classified into three

categories (i.e., reconnaissance attack, access attack, and DoS attack),

which of the following is classified as a reconnaissance attack?

a) Attempting to discover and map out systems, services, or vulnerabilities

b) Compromising the availability of a network, host, or application

c) Exploiting known vulnerabilities in authentication services or other

Web services37

d) Sending an extremely large number of requests over a network or

the Internet

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q.37

------------------------------------------------------------------------

DNSキャッシュポイズニングに分類されるセキュリティ攻撃に関する適切な説明はどれですか?

a)攻撃対象となるサービスをブロックするために、攻撃者はDNSサーバを踏み台として多数の再帰的なクエリを送信します。

b)内部情報を得るために、DNSサーバに格納されているゾーン情報を一度に転送する。

c)誤ったドメイン情報が、PCによって参照されるDNSサーバに注入され、PCユーザを偽のウェブサーバに導く。

d)DNSサーバが使用するソフトウェアのバージョン情報を取得し、DNSサーバのセキュリティホールを識別する。

Which of the following is an appropriate explanation concerning the security attack that is classified as DNS cache poisoning?

a) In order to block the service that is an attack target, an attacker sends a large number of recursive queries by using the DNS server as a stepping stone.

b) In order to obtain internal information, the zone information stored in the DNS server is transferred all at once.

c) Incorrect domain information is injected into the DNS server referenced by a PC, which leads the PC user to a fake Web server.

d) The version information of the software used by a DNS server is obtained to identify a security hole in the DNS server.


Which of the following is an appropriate explanation concerning the

security attack that is classified as DNS cache poisoning?

a) In order to block the service that is an attack target, an attacker

sends a large number of recursive queries by using the DNS server as

a stepping stone.

b) In order to obtain internal information, the zone information stored

in the DNS server is transferred all at once.

c) Incorrect domain information is injected into the DNS server referenced

by a PC, which leads the PC user to a fake Web server.

d) The version information of the software used by a DNS server is obtained

to identify a security hole in the DNS server.

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q38.

------------------------------------------------------------------------


Q39。 次のうちSQLインジェクション攻撃を防止する方法はどれですか?

a)入力文字が、データベースへの照会または操作において特別な意味を持つ文字として解釈されないようにする

b)入力テキストの全長が適用可能な最大サイズ制限を超えた場合、入力テキストを拒否する

c)上位レベルのディレクトリを指定する文字列(。/)を含む入力テキストを拒否する

d)入力テキストHTMLタグを、HTMLタグとして解釈されない他の文字列に置き換える


Q39. Which of the following is a method for preventing an SQL injection attack?

a) Ensuring that the input characters are not interpreted as characters that have a special meaning in an inquiry or operation to the database

b) Rejecting an input text if the overall length of the input text exceeds the applicable maximum size limit

c) Rejecting an input text that contains the character string ( . . / ) that specifies a higher level directory

d) Replacing the HTML tags of an input text with other character strings that are not interpreted as HTML tags


------------------------------------------------------------------------


Which of the following is a method for preventing an SQL injection

attack?

a) Ensuring that the input characters are not interpreted as characters

that have a special meaning in an inquiry or operation to the database

b) Rejecting an input text if the overall length of the input text exceeds

the applicable maximum size limit

c) Rejecting an input text that contains the character string ( . . / )

that specifies a higher level directory

d) Replacing the HTML tags of an input text with other character

strings that are not interpreted as HTML tags

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q39.

------------------------------------------------------------------------



Q40. When the procedure below is performed in terms of security, which of the following can

be done by recipient B, in addition to the detection of message falsification?

[Procedure]

Process of sender A

(1) A hash function is used to generate a digest from a message.

(2) The sender’s secret signature generation key is used to generate a signature for

the message from the digest generated in (1).

(3) The message and the data generated in (2) are sent to recipient B.

Process of recipient B

(4) A hash function is used to generate a digest from the received message.

(5) The received data, the digest generated in (4), and sender A’s signature

verification key are used to verify the signature.

a) Confirming that the message is from sender A

b) Detecting wiretapping on the message

c) Identifying the areas of falsification

d) Preventing leakage of the message

Q41. Which of the following is the security attack that is shown in the procedure below?

[Procedure]

(1) An attacker creates a bogus Web site under the disguise of a financial institution.

(2) The attacker pretends to be an employee of the financial institution and sends an

e-mail that describes a URL leading to the bogus Web site.

(3) The recipient of the e-mail trusts the e-mail and clicks on the URL. The recipient

is then led to the bogus Web site.

(4) The recipient does not notice that the Web site is bogus, and the entered

authentication information is passed to the attacker.

a) Bot b) DDoS attack

c) Mail header injection d) Phishing



Which of the following is regarded as risk sharing or risk transfer?

a) Breaking down or aggregating risks into manageable units

b) Distributing risk to other parties by purchasing insurance

c) Eliminating the source of a risk

d) Reducing the rate of occurrence of loss or damage

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q42.

------------------------------------------------------------------------


Q43. When a packet filtering firewall controls packets in accordance with a list of rules as

shown below, which of the following is the appropriate control for packet A defined

below? Here, the firewall checks the rules in listed order. If any one of the rules is

applied, the remaining rules are not checked.

[List of rules]

Number Source

Address

Destination

Address Protocol

Source

Port

number

Destination

Port number Action

1 10.1.2.3 * * * * Blocked

2 * 10.2.3.* TCP * 25 Permitted

3 * 10.1.* TCP * 25 Permitted

4 * * * * * Blocked

Note: “*” represents an arbitrary value or pattern.

[Packet A]

Source

Address

Destination

Address Protocol Source

Port number

Destination

Port number

10.1.2.3 10.2.3.4 TCP 2100 25

a) Blocked by number 1 b) Blocked by number 4

c) Permitted by number 2 d) Permitted by number 3

------------------------------------------------------------------------

Which of the following is a method that is used for encrypting e-mail?

a) BASE64

b) GZIP

c) PNG

d) S/MIME

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q44.

------------------------------------------------------------------------


Which of the following is the function that can be implemented with

HTTPS?

a) Detection of the falsification of a file on a Web server

b) Intrusion detection for a client

c) Server authentication with an electronic certificate

d) Virus check on a client

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q45.

------------------------------------------------------------------------


Q46. The diagrams used in UML 2.x (including 2.0 and later versions) are categorized into two

types of diagrams: structure diagrams and behavior diagrams. Structure diagrams show

the static structure of the objects in a system. Behavior diagrams show the dynamic

behavior of the objects in a system. Which of the following is an appropriate

combination of diagrams that belong to each category?

Structure diagram Behavior diagram

a) Class diagram

Component diagram

Sequence diagram

Use case diagram

b) Component diagram

Object diagram

Communication diagram

Deployment diagram

c) Deployment diagram

Object diagram

Activity diagram

Component diagram

d) Object diagram

Use case diagram

Sequence diagram

State machine diagram


ISO / IEC 25010規格によれば、ソフトウェア製品またはシステムの品質特性は、機能的適合性、性能効率、互換性、ユーザビリティ、信頼性、セキュリティ、保守性、および可搬性の8つの特性に分類される。

次のうち「パフォーマンス効率」の適切な説明はどれですか?

a)指定された使用者が特定の目的を達成するために使用する製品またはシステムの程度

b)製品またはシステムが、規定の条件下で使用されるリソースの量に対して能力を提供する程度

c)製品またはシステムが、指定された条件下で使用された場合に、明示的および黙示的なニーズを満たす機能を提供する程度

d)指定された期間、システム、製品、またはコンポーネントが指定された機能を実行する度合い

According to the ISO/IEC 25010 standard, the quality properties of a software product or system are categorized into eight characteristics: functional suitability, performance efficiency, compatibility, usability, reliability, security, maintainability, and portability.

Which of the following is the appropriate explanation of “performance efficiency”?

a) Degree to which a product or system can be used by specified users to achieve specified goals in a specified context of use

b) Degree to which a product or system provides capabilities relative to the amount of resources used under stated conditions

c) Degree to which a product or system provides functions that meet stated and implied needs when used under specified conditions

d) Degree to which a system, product, or component performs specified functions under specified conditions for a specified period of time

According to the ISO/IEC 25010 standard, the quality properties of a

software product or system are categorized into eight characteristics:

functional suitability, performance efficiency, compatibility, usability,

reliability, security, maintainability, and portability.

Which of the following is the appropriate explanation of

“performance efficiency”?

a) Degree to which a product or system can be used by specified users to

achieve specified goals in a specified context of use

b) Degree to which a product or system provides capabilities relative to

the amount of resources used under stated conditions

c) Degree to which a product or system provides functions that meet stated

and implied needs when used under specified conditions

d) Degree to which a system, product, or component performs specified functions

under specified conditions for a specified period of time

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q47.


------------------------------------------------------------------------

Which of the following is an appropriate deliverable that must be approved

when the external design of a system is completed?

a) Physical database specification

b) Program flowchart plan

c) Screen layout

d) System development

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2015 Q48.

------------------------------------------------------------------------

In terms of the test coverage of a program module, which of the following

is an appropriate explanation of the relationship between path coverage,

branch coverage, and statement coverage?

a) 100% branch coverage implies 100% path coverage but not statement

coverage.

b) 100% path coverage implies 100% statement coverage but not branch

coverage.

c) 100% path coverage implies both 100% branch coverage and statement

coverage.

d) 100% statement coverage implies 100% branch coverage but not path

coverage.

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2015 Q49.

------------------------------------------------------------------------

When an integration test is performed by using the top-down approach,

which of the following is particularly necessary?

a) Debugger

b) Driver

c) Emulator

d) Stub

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2015 Q50.


------------------------------------------------------------------------

Which of the following is a characteristic of a project?

a) A project is both unique and temporary.

b) A project is neither unique nor temporary.

c) A project is not unique but is temporary.

d) A project is unique but not temporary.

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2015 Q51.


------------------------------------------------------------------------

Q52. There are four activities A through D shown in the table below. Activities A and B can

be performed in parallel. However, the other activities cannot be done until their

preceding activities are completed. For example, C cannot begin until B is completed.

Which of the following is the appropriate arrow diagram that corresponds to this table?

Here, a dotted line shows a dummy activity.

Activity Preceding activity

A —

B —

C B

D A, B

a)

A D

B C

b)

A D

B C

c)

A

D

B C

d)

A D

C

B


WBS(Work Breakdown Structure)をソフトウェア開発に使用するのに適切な目的はどれですか?

a)活動の時系列を明確にし、集中的に管理すべき臨界経路を理解する

b)すべての開発活動を管理可能なサイズの小さなステップに分解し、それらを階層構造に整理する

c)開発に必要な日数とコストの間にトレードオフの関係がある場合は、トータルコストを最適化する

d)横棒を使って各活動のスケジュールを表示し、各活動の開始点と終了点だけでなく、現在のポイントでの進捗状況を明らかにする

Which of the following is an appropriate purpose of using a WBS

(Work Breakdown Structure) in software development?

a) To clarify the time sequence of activities, and understand the

critical path that should be intensively managed

b) To decompose all development activities into smaller steps with a

manageable size, and organize them into a hierarchical structure

c) To optimize the total cost when there is a trade-off relationship

between the number of days and cost that are required for development

d) To show the schedule of each activity by using a horizontal bar,

and clarify not only the start and end points of each activity but also

the progress at the current point

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q53.


Which of the following is an appropriate purpose of using a WBS (Work Breakdown Structure) in software development?

a) To clarify the time sequence of activities, and understand the critical path that should be intensively managed

b) To decompose all development activities into smaller steps with a manageable size, and organize them into a hierarchical structure

c) To optimize the total cost when there is a trade-off relationship between the number of days and cost that are required for development

d) To show the schedule of each activity by using a horizontal bar, and clarify not only the start and end points of each activity but also the progress at the current point



Q54. The figure below shows part of a so-called fishbone diagram. Which of the following is

the relationship between A and B?

B

A

a) B is a cause of A. b) B is a means of A.

c) B is a purpose of A. d) B is an attribute of A.



Which of the following is an explanation concerning a Pareto chart?

a) It is used to identify problems by sorting the classified items in descending order of

frequency of occurrence and illustrating a bar chart with a cumulative line chart.

b) It is used to objectively manage the variation in the data occurring in time series by

expressing it as a line graph and using control limit lines.

c) It is used to systematically arrange the relationships between cause and effect in a

fishbone format, and clarify which causes are related to a particular result.

d) It is used to understand the variation in quality by classifying the collected data into

several sections and plotting the number of data belonging to each section as a bar graph.



a) It is used to identify problems by sorting the classified items in

descending order of frequency of occurrence and illustrating a bar

chart with a cumulative line chart.

b) It is used to objectively manage the variation in the data occurring

in time series by expressing it as a line graph and using control limit

lines.

c) It is used to systematically arrange the relationships between cause

and effect in a fishbone format, and clarify which causes are related

to a particular result.

d) It is used to understand the variation in quality by classifying the

collected data into several sections and plotting the number of data

belonging to each section as a bar graph.

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q55.


パレート図に関する説明は次のうちどれですか?

a)分類項目を発生頻度の高い順にソートし、累積折れ線グラフを用いて棒グラフを示すことにより、問題を特定する。

b)時系列で発生するデータの変化を線グラフとして表現し、制御限界線を用いて客観的に管理する。

c)原因と効果の関係をフィッシュボーン形式で系統的に整理し、どの原因が特定の結果に関連しているかを明確にするために使用される。

d)収集されたデータをいくつかのセクションに分類し、各セクションに属するデータの数を棒グラフとしてプロットすることによって、品質の変化を理解するために使用されます。

------------------------------------------------------------------------


Q56. The table below shows seven activities, their relationships, and the number of days

required to complete each activity in a software development project. When the

activities A and B begin simultaneously and are performed in parallel, which of the

following is an appropriate Gantt chart that corresponds to this table?

Activity Preceding activity Number of days required

A – 3

B – 4

C A 6

D A 4

E B 4

F D 3

G C, E 5

a) A

B

C

D

E

F

G

.

b) A

B

C

D

E

F

G

c) A

B

C

D

E

F

G

.

d) A

B

C

D

E

F

G

– 24 –


Which of the following is an appropriate policy for creating an SLA?

a) Setting a compensation as a penalty for every item that has a service

level

b) Setting a service level for every item that can be taken into

consideration

c) Setting a service level that is maintained into the future without

any changes

d) Setting a service level under the cost and needs of a service

provider and its customers

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2015 Q57.

------------------------------------------------------------------------

Among the management functions for service support, which of the following

has the objective that aims to restore agreed service to the business as

soon as possible or to respond to service requests?

a) Business relation management

b) Change management

c) Incident management

d) Problem management

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2015 Q58.


------------------------------------------------------------------------

When software asset management is audited, which of the following is an

appropriate point to be checked?

a) Checking to see if compatibility with existing systems is evaluated

at the time of installation

b) Checking to see if evidence, such as a software license certificate,

is properly filed and retained

c) Checking to see if failures are properly localized through database

partitioning or other methods

d) Checking to see if the organizational and functional structure of

the software provider is taken into consideration

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q60.


ソフトウェア資産管理が監査される場合、以下のうち適切な点がチェックされますか?

a)インストール時に既存のシステムとの互換性が評価されているかどうかを確認する

b)ソフトウェアライセンス証書などの証拠が適切に提出され、保持されているかどうかを確認する

c)データベースのパーティション分割またはその他の方法で障害が適切にローカライズされているかどうかを確認する

d)ソフトウェアプロバイダの組織的および機能的構造が考慮されているかどうかを確認する



------------------------------------------------------------------------


Among the situations that are checked during an audit of the methods

of transmitting highly confidential information to a business partner

by e-mail, which of the following is an appropriate situation from the

viewpoint of preventing information leakage?

a) A password is set for an attached file containing confidential

information prior to being sent to the partner by e-mail, and

the password is transferred in another way.

b) A password is set for an attached file containing confidential

information, and the password is described in the body text of

the same e-mail that is sent to the partner.

c) Confidential information is directly described in the body text

of an e-mail that is sent to the partner.

d) Confidential information is uploaded to the public Web site of

the company, and the URL of the corresponding page is sent to the

partner by e-mail.

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q61.

------------------------------------------------------------------------


機密性の高い情報を電子メールでビジネスパートナに送信する方法の監査の際にチェックされる状況のうち、情報漏洩防止の観点から、以下のうち適切なものはどれですか?

a)機密情報を含む添付ファイルにパスワード設定する。

電子メールでパートナーに送信され、パスワードは別の方法で転送されます。

b)機密情報を含む添付ファイルに対してパスワード設定し、

パスワードは、パートナーに送信される同じ電子メールの本文に記述されます。

c)機密情報は、送信される電子メールの本文に直接記述される

パートナーに

d)機密情報は会社の公開ウェブサイトにアップロードされ、

対応するページのURLが電子メールで相手に送信されます。

Which of the following is an appropriate activity that is undertaken by

a system auditor who makes an audit of access control?

a) Creation and storage of management records for access control concerning

software

b) Establishment of a management policy for access control concerning

network

c) Implementation of operations management for access control concerning

hardware

d) Verification of the management status of access control concerning

data

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q62.

------------------------------------------------------------------------





Among the architectures included in the “four domains” of the enterprise

architecture, which of the following is the architecture other than business

architecture, technology architecture, and application architecture?

a) Bus architecture

b) Data architecture

c) Software architecture

d) System architecture

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2015 Q63.


------------------------------------------------------------------------


IT投資評価は、個々のプロジェクトの計画、実行、完了の各段階に応じて、事前評価、中間評価、または後評価として実行されます。次のうち「事前評価」に関する説明はどれですか?

a)実行計画と実際の結果の違いだけでなく、その原因も詳細に分析し、投資額とパフォーマンス目標を変更する必要があるかどうかを判断する

b)本来の目標を達成するための改善計画を考慮して、事前に設定されたパフォーマンス目標の達成状況を、必要に応じて評価する

c)業績目標の達成期間及び評価に必要なデータの収集方法を事前に計画し、その期間に応じた評価を行う

d)投資の目的に基づいて業績目標を設定し、経営陣の実現可能性を決定するために必要な情報をトップマネジメントに提供する

IT investment evaluation is performed as prior evaluation, interim evaluation, or post evaluation according to each stage of the planning, execution, and completion for an individual project. Which of the following is an explanation concerning “prior evaluation”?

a) Analyzing in detail not only the differences between the execution plan and the actual results but also their causes, and determining whether the investment amount and performance objectives need to be changed

b) Evaluating the status of achievement of the performance objectives that are set beforehand, and on an as-required basis, considering the improvement plan for achieving the original objectives

c) Planning beforehand the period of achieving the performance objectives and the method of collecting the data necessary for evaluation, and then performing evaluation according to that period

d) Setting the performance objectives based on the purpose of investment, and providing the top management with information necessary for determining the feasibility of implementation

IT investment evaluation is performed as prior evaluation, interim

evaluation, or post evaluation according to each stage of the planning,

execution, and completion for an individual project. Which of the following

is an explanation concerning “prior evaluation”?

a) Analyzing in detail not only the differences between the execution

plan and the actual results but also their causes, and determining

whether the investment amount and performance objectives need to be

changed

b) Evaluating the status of achievement of the performance objectives

that are set beforehand, and on an as-required basis, considering the

improvement plan for achieving the original objectives

c) Planning beforehand the period of achieving the performance objectives

and the method of collecting the data necessary for evaluation, and

then performing evaluation according to that period

d) Setting the performance objectives based on the purpose of investment,

and providing the top management with information necessary for

determining the feasibility of implementation

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q64.


------------------------------------------------------------------------


情報戦略における全体最適化の計画段階でビジネスモデルを定義する目的は次のうちどれですか?

a)情報システムの実際の運用に必要な利用者マニュアル及び運用マニュアルを作成するための運用手順の確認

b)情報システムを構築するために必要なハードウェアソフトウェア、ネットワークなどのコンポーネントを識別する

c)企業全体の業務と利用される情報との関係を整理し、情報システムの明確なビジョンを確立する

d)コンピュータ化の範囲と開発規模を理解し、システム開発に必要な時間、人時間、コストを見積もる

Which of the following is the purpose of defining a business model at the planning stage of total optimization in an information strategy?

a) To confirm operational procedures in order to create user manuals and operations manuals required for the actual operations of the information system

b) To identify the components, such as hardware, software, and networks, which are required to build the information system

c) To organize the relationships between a company’s entire business operations and their utilized information, and establish a clear vision for the information system

d) To understand the scope and development scale of computerization, and estimate the required time, person-hours, and costs for system development

Which of the following is the purpose of defining a business model at

the planning stage of total optimization in an information strategy?

a) To confirm operational procedures in order to create user manuals and

operations manuals required for the actual operations of the information

system

b) To identify the components, such as hardware, software, and networks,

which are required to build the information system

c) To organize the relationships between a company’s entire business

operations and their utilized information, and establish a clear vision

for the information system

d) To understand the scope and development scale of computerization, and

estimate the required time, person-hours, and costs for system development

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q65.


------------------------------------------------------------------------


コンピュータ化計画が立てられたとき、次のうちどれがアイテムになるか

考慮される?

a)システムの開発、保守、運用のコストと投資効果の明確化

b)具体的かつ明確な方法で、テスト計画、運用マニュアル、失敗対策を記述する

c)同じ業界の他の企業が使用する同等のシステムを順番にインストールする

失敗を避けるために

d)システム運用の観点から、自社スタッフがシステムを開発することを前提とした計画を進める



When a computerization plan is made, which of the following is an item to be

considered?

a) Clarifying the cost and investment effect of the development, maintenance, and operations of the system

b) Describing the test plan, operation manuals, and measures against failures in a specific and clear way

c) Installing an equivalent system used by other companies in the same industry in order

to avoid failures

d) Proceeding with the plan on the premise that the system is developed by a company’s own staff in view of system operations


When a computerization plan is made, which of the following is an item

to be considered?

a) Clarifying the cost and investment effect of the development,

maintenance, and operations of the system

b) Describing the test plan, operation manuals, and measures against

failures in a specific and clear way

c) Installing an equivalent system used by other companies in the same

industry in order to avoid failures

d) Proceeding with the plan on the premise that the system is developed

by a company’s own staff in view of system operations

キーワード

■解答■

Fundamental IT Engineer Examination (Morning) Oct 2014 Q66.


------------------------------------------------------------------------


Q67. Which of the following is an explanation concerning non-functional requirements

definition?

a) It clearly defines the business functions that are performed by manual operations rather

than automated systems, from among the business requirements.

b) It clearly defines the conformity of the new package to be installed, in order to

implement business requirements.

c) It clearly defines the functions that are not supported in the current system, in order to

determine the business requirements.

d) It clearly defines the quality requirements, technical requirements, and operational

requirements necessary to implement business requirements.


次のうち、非機能要件定義に関する説明はどれですか?

a)ビジネス要件の中から、自動システムではなく手動操作によって実行されるビジネス機能を明確に定義す