[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"quiz:kjh-mock-kadai-2":3,"quiz-article-index":1175},{"quizId":4,"title":5,"titleEn":6,"topicPath":7,"questions":8},"kjh-mock-kadai-2","課題Ⅱ 模擬試験","Subject II Mock Exam — Security Measures","software\u002Fkojin-joho-hogo\u002Fkadai-2",[9,37,60,83,106,129,152,175,198,221,245,268,292,316,339,363,387,410,433,456,480,503,527,550,573,596,619,641,664,686,706,730,753,777,800,824,847,870,893,916,938,961,984,1008,1032,1056,1080,1104,1127,1151],{"id":10,"articleId":11,"question":12,"options":15,"correctLabel":25,"explanation":32,"tags":35},"kjh-mock-k2-q01","kjh-k2-h01-security-kiso",{"en":13,"jp":14},"Which property of information security guarantees that authorized users can access information when needed?","[情報]{じょうほう:information}セキュリティにおいて、[許可]{きょか:authorized}された[利用者]{りようしゃ:user}が[必要]{ひつよう:necessary}な[時]{とき:time}に[情報]{じょうほう:information}にアクセスできることを[保証]{ほしょう:guarantee}する[特性]{とくせい:property}はどれか。",[16,20,24,28],{"label":17,"jp":18,"en":19},"ア","[機密性]{きみつせい:confidentiality}","Confidentiality",{"label":21,"jp":22,"en":23},"イ","[完全性]{かんぜんせい:integrity}","Integrity",{"label":25,"jp":26,"en":27},"ウ","[可用性]{かようせい:availability}","Availability",{"label":29,"jp":30,"en":31},"エ","[真正性]{しんせいせい:authenticity}","Authenticity",{"en":33,"jp":34},"Availability means authorized users can access information when needed. Confidentiality prevents unauthorized access, integrity ensures information has not been altered. Authenticity is an additional property not part of the CIA triad.","[可用性]{かようせい:availability}は、[許可]{きょか:authorized}された[利用者]{りようしゃ:user}が[必要]{ひつよう:necessary}な[時]{とき:time}に[情報]{じょうほう:information}にアクセスできることを[意味]{いみ:mean}する。[機密性]{きみつせい:confidentiality}は[権限]{けんげん:authority}のない[者]{もの:person}にアクセスさせないこと、[完全性]{かんぜんせい:integrity}は[情報]{じょうほう:information}が[改]{かい:alter}ざんされていないこと。[真正性]{しんせいせい:authenticity}はCIAの3[要素]{ようそ:elements}には[含]{ふく:include}まれない[追加]{ついか:additional}[特性]{とくせい:property}。",[36],"CIA",{"id":38,"articleId":11,"question":39,"options":42,"correctLabel":21,"explanation":55,"tags":58},"kjh-mock-k2-q02",{"en":40,"jp":41},"Which malware self-propagates across networks without requiring a host file?","[自己]{じこ:self}[増殖]{ぞうしょく:propagation}[機能]{きのう:function}を[持]{も:possess}ち、ネットワークを[介]{かい:via}して[他]{た:other}のコンピュータに[感染]{かんせん:infect}を[広]{ひろ:spread}げるが、[宿主]{しゅくしゅ:host}ファイルを[必要]{ひつよう:require}としないマルウェアはどれか。",[43,46,49,52],{"label":17,"jp":44,"en":45},"コンピュータウイルス","Computer virus",{"label":21,"jp":47,"en":48},"ワーム","Worm",{"label":25,"jp":50,"en":51},"ボット","Bot",{"label":29,"jp":53,"en":54},"ルートキット","Rootkit",{"en":56,"jp":57},"Worms self-propagate without a host file. Viruses parasitize host files to propagate. Bots receive remote commands. Rootkits conceal intrusion traces.","ワームは[宿主]{しゅくしゅ:host}ファイルを[必要]{ひつよう:require}とせず[自己]{じこ:self}[増殖]{ぞうしょく:propagation}する。ウイルスは[宿主]{しゅくしゅ:host}ファイルに[寄生]{きせい:parasitize}して[増殖]{ぞうしょく:propagate}する。ボットは[遠隔]{えんかく:remote}[操作]{そうさ:control}を[受]{う:receive}けるマルウェア、ルートキットは[侵入]{しんにゅう:intrusion}の[痕跡]{こんせき:traces}を[隠蔽]{いんぺい:conceal}するツール[群]{ぐん:group}である。",[59],"malware",{"id":61,"articleId":11,"question":62,"options":65,"correctLabel":21,"explanation":78,"tags":81},"kjh-mock-k2-q03",{"en":63,"jp":64},"Which of the following best describes a phishing attack?","フィッシング[攻撃]{こうげき:attack}の[説明]{せつめい:description}として[最]{もっと:most}も[適切]{てきせつ:appropriate}なものはどれか。",[66,69,72,75],{"label":17,"jp":67,"en":68},"Webアプリケーションの[入力]{にゅうりょく:input}フォームにSQL[文]{ぶん:statement}を[挿入]{そうにゅう:insert}してデータベースを[操作]{そうさ:manipulate}する","Inserting SQL statements into web application input forms to manipulate a database",{"label":21,"jp":70,"en":71},"[正規]{せいき:legitimate}のWebサイトに[見]{み:appear}せかけた[偽]{にせ:fake}サイトに[誘導]{ゆうどう:lure}し、ID・パスワードを[窃取]{せっしゅ:steal}する","Luring victims to a fake site mimicking a legitimate one to steal IDs and passwords",{"label":25,"jp":73,"en":74},"[大量]{たいりょう:large volume}のパケットを[送]{おく:send}りつけてサービスを[停止]{ていし:stop}させる","Sending a large volume of packets to halt a service",{"label":29,"jp":76,"en":77},"[暗号化]{あんごうか:encrypt}された[通信]{つうしん:communication}を[傍受]{ぼうじゅ:intercept}して[解読]{かいどく:decode}する","Intercepting and decoding encrypted communications",{"en":79,"jp":80},"Phishing lures victims to a fake site impersonating a legitimate one to steal authentication information. Option A describes SQL injection, C describes DDoS, and D describes a cryptanalysis attack.","フィッシングは[正規]{せいき:legitimate}サイトを[装]{よそお:impersonate}った[偽]{にせ:fake}サイトに[誘導]{ゆうどう:lure}し[認証]{にんしょう:authentication}[情報]{じょうほう:information}を[窃取]{せっしゅ:steal}する[攻撃]{こうげき:attack}である。アはSQLインジェクション、ウはDDoS[攻撃]{こうげき:attack}、エは[暗号]{あんごう:cipher}[解読]{かいどく:decryption}[攻撃]{こうげき:attack}の[説明]{せつめい:description}。",[82],"phishing",{"id":84,"articleId":11,"question":85,"options":88,"correctLabel":17,"explanation":101,"tags":104},"kjh-mock-k2-q04",{"en":86,"jp":87},"Which countermeasure is most effective against Cross-Site Scripting (XSS) attacks?","クロスサイトスクリプティング（XSS）[攻撃]{こうげき:attack}への[対策]{たいさく:countermeasure}として[最]{もっと:most}も[有効]{ゆうこう:effective}なものはどれか。",[89,92,95,98],{"label":17,"jp":90,"en":91},"[入力値]{にゅうりょくち:input value}のサニタイジング（エスケープ[処理]{しょり:processing}）","Input sanitization (escape processing)",{"label":21,"jp":93,"en":94},"ファイアウォールによるポートフィルタリング","Port filtering with a firewall",{"label":25,"jp":96,"en":97},"ハードディスクの[暗号化]{あんごうか:encryption}","Hard disk encryption",{"label":29,"jp":99,"en":100},"[生体]{せいたい:biometric}[認証]{にんしょう:authentication}の[導入]{どうにゅう:introduction}","Introduction of biometric authentication",{"en":102,"jp":103},"XSS embeds malicious scripts into web pages; output escaping (sanitization) is the most effective countermeasure. Option B is a network-layer measure; C and D are unrelated to XSS.","XSSは[悪意]{あくい:malicious}あるスクリプトをWebページに[埋]{う:embed}め[込]{こ:insert}む[攻撃]{こうげき:attack}であり、[出力]{しゅつりょく:output}[時]{じ:time}のエスケープ[処理]{しょり:processing}（サニタイジング）が[最]{もっと:most}も[有効]{ゆうこう:effective}な[対策]{たいさく:countermeasure}である。イはネットワーク[層]{そう:layer}の[対策]{たいさく:countermeasure}、ウ・エはXSSとは[無関係]{むかんけい:unrelated}。",[105],"XSS",{"id":107,"articleId":11,"question":108,"options":111,"correctLabel":21,"explanation":124,"tags":127},"kjh-mock-k2-q05",{"en":109,"jp":110},"Which correctly describes a characteristic of a CSRF (Cross-Site Request Forgery) attack?","CSRF（クロスサイトリクエストフォージェリ）[攻撃]{こうげき:attack}の[特徴]{とくちょう:characteristic}として[正]{ただ:correct}しいものはどれか。",[112,115,118,121],{"label":17,"jp":113,"en":114},"[攻撃者]{こうげきしゃ:attacker}がサーバ[上]{じょう:on}のファイルを[直接]{ちょくせつ:directly}[改]{かい:alter}ざんする","The attacker directly alters files on the server",{"label":21,"jp":116,"en":117},"ログイン[済]{ず:completed}みの[利用者]{りようしゃ:user}のブラウザを[通]{つう:through}じて[意図]{いと:intended}しないリクエストを[送信]{そうしん:send}させる","Causes the logged-in user's browser to send unintended requests",{"label":25,"jp":119,"en":120},"サーバの[脆弱性]{ぜいじゃくせい:vulnerability}を[突]{つ:exploit}いてルート[権限]{けんげん:privileges}を[奪取]{だっしゅ:seize}する","Exploits a server vulnerability to seize root privileges",{"label":29,"jp":122,"en":123},"DNSサーバの[応答]{おうとう:response}を[偽装]{ぎそう:forge}して[偽]{にせ:fake}サイトに[誘導]{ゆうどう:redirect}する","Forges DNS server responses to redirect to a fake site",{"en":125,"jp":126},"CSRF tricks a logged-in user into sending unintended requests. Countermeasures include embedding tokens. Option A describes web defacement, C describes privilege escalation, and D describes DNS cache poisoning.","CSRFは、ログイン[状態]{じょうたい:state}の[利用者]{りようしゃ:user}に[意図]{いと:intended}しないリクエストを[送信]{そうしん:send}させる[攻撃]{こうげき:attack}である。[対策]{たいさく:countermeasure}にはトークンの[埋]{う:embed}め[込]{こ:insert}みなどがある。アはWeb[改]{かい:alter}ざん、ウは[権限]{けんげん:privilege}[昇格]{しょうかく:escalation}[攻撃]{こうげき:attack}、エはDNSキャッシュポイズニングの[説明]{せつめい:description}。",[128],"CSRF",{"id":130,"articleId":11,"question":131,"options":134,"correctLabel":25,"explanation":147,"tags":150},"kjh-mock-k2-q06",{"en":132,"jp":133},"Which of the following does NOT appropriately describe a targeted attack?","[標的型]{ひょうてきがた:targeted}[攻撃]{こうげき:attack}の[説明]{せつめい:description}として[適切]{てきせつ:appropriate}でないものはどれか。",[135,138,141,144],{"label":17,"jp":136,"en":137},"[特定]{とくてい:specific}の[組織]{そしき:organization}や[個人]{こじん:individual}を[狙]{ねら:target}って[行]{おこな:carry out}われる","It targets specific organizations or individuals",{"label":21,"jp":139,"en":140},"[業務]{ぎょうむ:business}[関連]{かんれん:related}のメールを[装]{よそお:disguise}った[添付]{てんぷ:attachment}ファイルで[感染]{かんせん:infect}させることがある","It can infect through attachments disguised as business-related emails",{"label":25,"jp":142,"en":143},"[不特定]{ふとくてい:unspecified}[多数]{たすう:many}に[同一]{どういつ:identical}のマルウェアを[無差別]{むさべつ:indiscriminately}に[送信]{そうしん:send}する","It indiscriminately sends identical malware to a large unspecified number of people",{"label":29,"jp":145,"en":146},"[長期間]{ちょうきかん:long period}にわたり[潜伏]{せんぷく:lurk}して[情報]{じょうほう:information}を[窃取]{せっしゅ:steal}することがある","It can lurk for extended periods to steal information",{"en":148,"jp":149},"Targeted attacks are aimed at specific targets. Indiscriminate mass sending is a characteristic of spam or spray-and-pray attacks, not targeted attacks.","[標的型]{ひょうてきがた:targeted}[攻撃]{こうげき:attack}は[特定]{とくてい:specific}の[対象]{たいしょう:target}を[狙]{ねら:target}う[攻撃]{こうげき:attack}であり、[不特定]{ふとくてい:unspecified}[多数]{たすう:many}への[無差別]{むさべつ:indiscriminate}[送信]{そうしん:sending}はスパムメールやばらまき[型]{がた:type}[攻撃]{こうげき:attack}の[特徴]{とくちょう:characteristic}である。",[151],"targeted-attack",{"id":153,"articleId":11,"question":154,"options":157,"correctLabel":17,"explanation":170,"tags":173},"kjh-mock-k2-q07",{"en":155,"jp":156},"Which correctly describes the technique used in a watering hole attack?","[水飲]{みずの:watering}み[場型]{ばがた:hole type}[攻撃]{こうげき:attack}の[手法]{しゅほう:technique}として[正]{ただ:correct}しいものはどれか。",[158,161,164,167],{"label":17,"jp":159,"en":160},"[攻撃]{こうげき:attack}[対象]{たいしょう:target}が[頻繁]{ひんぱん:frequently}に[閲覧]{えつらん:browse}するWebサイトを[改]{かい:alter}ざんしてマルウェアを[仕込]{しこ:plant}む","Compromising a website frequently visited by the target and planting malware",{"label":21,"jp":162,"en":163},"メールの[添付]{てんぷ:attachment}ファイルにマルウェアを[埋]{う:embed}め[込]{こ:insert}んで[送]{おく:send}る","Embedding malware in email attachments",{"label":25,"jp":165,"en":166},"USBメモリにマルウェアを[仕込]{しこ:plant}んで[放置]{ほうち:leave unattended}する","Planting malware on a USB stick and leaving it unattended",{"label":29,"jp":168,"en":169},"[電話]{でんわ:telephone}でパスワードを[聞]{き:ask}き[出]{だ:extract}す","Extracting a password over the phone",{"en":171,"jp":172},"A watering hole attack compromises websites routinely visited by the target to infect them with malware upon browsing. Option B is a targeted email attack, C is a USB drop attack, and D is social engineering.","[水飲]{みずの:watering}み[場型]{ばがた:hole type}[攻撃]{こうげき:attack}は、[標的]{ひょうてき:target}が[日常的]{にちじょうてき:routinely}に[利用]{りよう:use}するWebサイトを[改]{かい:alter}ざんし、[閲覧]{えつらん:browsing}[時]{じ:time}にマルウェアに[感染]{かんせん:infect}させる[手法]{しゅほう:technique}。イは[標的型]{ひょうてきがた:targeted}メール[攻撃]{こうげき:attack}、ウはUSBドロップ[攻撃]{こうげき:attack}、エはソーシャルエンジニアリング。",[174],"watering-hole",{"id":176,"articleId":11,"question":177,"options":180,"correctLabel":17,"explanation":193,"tags":196},"kjh-mock-k2-q08",{"en":178,"jp":179},"Which correctly describes a supply chain attack?","サプライチェーン[攻撃]{こうげき:attack}の[説明]{せつめい:description}として[正]{ただ:correct}しいものはどれか。",[181,184,187,190],{"label":17,"jp":182,"en":183},"[取引先]{とりひきさき:business partner}やソフトウェアの[開発]{かいはつ:development}・[配布]{はいふ:distribution}[過程]{かてい:process}を[悪用]{あくよう:exploit}して[標的]{ひょうてき:target}に[侵入]{しんにゅう:infiltrate}する","Exploiting business partners or software development\u002Fdistribution processes to infiltrate the target",{"label":21,"jp":185,"en":186},"サーバに[大量]{たいりょう:massive}のリクエストを[送]{おく:send}ってサービスを[妨害]{ぼうがい:disrupt}する","Sending massive requests to a server to disrupt service",{"label":25,"jp":188,"en":189},"[無線]{むせん:wireless}LANの[通信]{つうしん:communication}を[傍受]{ぼうじゅ:intercept}して[情報]{じょうほう:information}を[盗]{ぬす:steal}む","Intercepting wireless LAN communications to steal information",{"label":29,"jp":191,"en":192},"パスワードの[総]{そう:all}[当]{あ:match}たり[攻撃]{こうげき:attack}でアカウントを[乗]{の:take}っ[取]{と:over}る","Taking over an account through a brute-force password attack",{"en":194,"jp":195},"A supply chain attack infiltrates the target not directly but via business partners or software supply routes. Option B is DDoS, C is eavesdropping, and D is a brute-force attack.","サプライチェーン[攻撃]{こうげき:attack}は、[標的]{ひょうてき:target}[組織]{そしき:organization}に[直接]{ちょくせつ:directly}[侵入]{しんにゅう:infiltrate}するのではなく、[取引先]{とりひきさき:business partner}やソフトウェアの[供給]{きょうきゅう:supply}[経路]{けいろ:route}を[経由]{けいゆ:via}して[侵入]{しんにゅう:infiltrate}する[攻撃]{こうげき:attack}である。イはDDoS、ウは[盗聴]{とうちょう:eavesdropping}、エはブルートフォース[攻撃]{こうげき:attack}。",[197],"supply-chain",{"id":199,"articleId":11,"question":200,"options":203,"correctLabel":21,"explanation":216,"tags":219},"kjh-mock-k2-q09",{"en":201,"jp":202},"Which appropriately describes a characteristic of a DDoS attack?","DDoS[攻撃]{こうげき:attack}の[特徴]{とくちょう:characteristic}として[適切]{てきせつ:appropriate}なものはどれか。",[204,207,210,213],{"label":17,"jp":205,"en":206},"[単一]{たんいつ:single}のコンピュータから[攻撃]{こうげき:attack}を[行]{おこな:carry out}う","The attack is carried out from a single computer",{"label":21,"jp":208,"en":209},"[複数]{ふくすう:multiple}のコンピュータから[同時]{どうじ:simultaneously}に[大量]{たいりょう:massive}のリクエストを[送信]{そうしん:send}してサービスを[停止]{ていし:halt}させる","Simultaneously sending massive requests from multiple computers to halt a service",{"label":25,"jp":211,"en":212},"データベース[内]{ない:within}の[情報]{じょうほう:information}を[改]{かい:alter}ざんする","Altering information within a database",{"label":29,"jp":214,"en":215},"[特定]{とくてい:specific}の[個人]{こじん:individual}のPCにキーロガーを[仕込]{しこ:plant}む","Planting a keylogger on a specific individual's PC",{"en":217,"jp":218},"A DDoS (Distributed Denial of Service) attack uses botnets or multiple computers to simultaneously flood a service with massive traffic, halting it. Option A describes a simple DoS attack.","DDoS（[分散型]{ぶんさんがた:distributed}サービス[拒否]{きょひ:denial}）[攻撃]{こうげき:attack}は、ボットネットなど[複数]{ふくすう:multiple}のコンピュータから[同時]{どうじ:simultaneously}に[大量]{たいりょう:massive}のアクセスを[送]{おく:send}り、サービスを[停止]{ていし:halt}させる。アは[単純]{たんじゅん:simple}なDoS[攻撃]{こうげき:attack}の[説明]{せつめい:description}。",[220],"DDoS",{"id":222,"articleId":223,"question":224,"options":227,"correctLabel":21,"explanation":240,"tags":243},"kjh-mock-k2-q10","kjh-k2-h04-gijutsu-kiso",{"en":225,"jp":226},"Which is the most appropriate fundamental countermeasure against SQL injection attacks?","SQLインジェクション[攻撃]{こうげき:attack}に[対]{たい:against}する[根本的]{こんぽんてき:fundamental}な[対策]{たいさく:countermeasure}として[最]{もっと:most}も[適切]{てきせつ:appropriate}なものはどれか。",[228,231,234,237],{"label":17,"jp":229,"en":230},"WAF（Web Application Firewall）の[導入]{どうにゅう:introduction}","Introduction of a WAF (Web Application Firewall)",{"label":21,"jp":232,"en":233},"プレースホルダ（バインド[変数]{へんすう:variable}）を[用]{もち:use}いたSQL[文]{ぶん:statement}の[組]{く:construct}み[立]{た:build}て","Constructing SQL statements using placeholders (bind variables)",{"label":25,"jp":235,"en":236},"SSL\u002FTLSによる[通信]{つうしん:communication}の[暗号化]{あんごうか:encryption}","Encrypting communications with SSL\u002FTLS",{"label":29,"jp":238,"en":239},"IPアドレスによるアクセス[制限]{せいげん:restriction}","Access restriction by IP address",{"en":241,"jp":242},"The fundamental countermeasure against SQL injection is using placeholders (bind variables). WAF is a supplementary measure, not a fundamental fix. Options C and D are not direct countermeasures for SQL injection.","SQLインジェクションの[根本的]{こんぽんてき:fundamental}[対策]{たいさく:countermeasure}はプレースホルダ（バインド[変数]{へんすう:variable}）の[使用]{しよう:use}である。WAFは[補助的]{ほじょてき:supplementary}な[対策]{たいさく:countermeasure}であり[根本的]{こんぽんてき:fundamental}[解決]{かいけつ:solution}にはならない。ウ・エはSQLインジェクションへの[直接的]{ちょくせつてき:direct}な[対策]{たいさく:countermeasure}ではない。",[244],"SQLi",{"id":246,"articleId":11,"question":247,"options":250,"correctLabel":21,"explanation":263,"tags":266},"kjh-mock-k2-q11",{"en":248,"jp":249},"Which correctly describes \"shoulder hacking\" (shoulder surfing) as a social engineering technique?","ソーシャルエンジニアリングの[手法]{しゅほう:technique}である「ショルダーハッキング」の[説明]{せつめい:description}として[正]{ただ:correct}しいものはどれか。",[251,254,257,260],{"label":17,"jp":252,"en":253},"ごみ[箱]{ばこ:box}から[機密]{きみつ:confidential}[書類]{しょるい:documents}を[探]{さが:search for}し[出]{だ:find}す","Searching through trash for confidential documents",{"label":21,"jp":255,"en":256},"[背後]{はいご:behind}からパスワード[入力]{にゅうりょく:input}[画面]{がめん:screen}を[覗]{のぞ:peek}き[見]{み:look}る","Peeking at the password entry screen from behind",{"label":25,"jp":258,"en":259},"[偽]{にせ:fake}の[無線]{むせん:wireless}LANアクセスポイントを[設置]{せっち:set up}する","Setting up a fake wireless LAN access point",{"label":29,"jp":261,"en":262},"フィッシングメールでIDを[窃取]{せっしゅ:steal}する","Stealing IDs via phishing email",{"en":264,"jp":265},"Shoulder hacking (shoulder surfing) is peeking at password entry from behind. Option A is trashing (scavenging), C is an evil twin attack, and D is phishing.","ショルダーハッキング（ショルダーサーフィン）は、[背後]{はいご:behind}からパスワード[入力]{にゅうりょく:input}などを[覗]{のぞ:peek}き[見]{み:look}る[手法]{しゅほう:technique}。アはトラッシング（スカベンジング）、ウはイビルツイン[攻撃]{こうげき:attack}、エはフィッシングの[説明]{せつめい:description}。",[267],"social-engineering",{"id":269,"articleId":270,"question":271,"options":274,"correctLabel":29,"explanation":287,"tags":290},"kjh-mock-k2-q12","kjh-k1-h01-hotaikei",{"en":272,"jp":273},"Which act is NOT regulated under the Unauthorized Computer Access Law?","[不正]{ふせい:unauthorized}アクセス[禁止法]{きんしほう:prohibition law}が[規制]{きせい:regulate}する[行為]{こうい:act}に[該当]{がいとう:applicable}しないものはどれか。",[275,278,281,284],{"label":17,"jp":276,"en":277},"[他人]{たにん:another person}のID・パスワードを[第三者]{だいさんしゃ:third party}に[提供]{ていきょう:provide}する[行為]{こうい:act}","Providing another person's ID and password to a third party",{"label":21,"jp":279,"en":280},"セキュリティホールを[利用]{りよう:exploit}してアクセス[制御]{せいぎょ:control}を[回避]{かいひ:bypass}する[行為]{こうい:act}","Bypassing access controls by exploiting security holes",{"label":25,"jp":282,"en":283},"ID・パスワードの[入力]{にゅうりょく:input}を[不正]{ふせい:illegitimately}に[要求]{ようきゅう:demand}するフィッシングサイトを[設置]{せっち:set up}する[行為]{こうい:act}","Setting up a phishing site that illegitimately demands ID\u002Fpassword input",{"label":29,"jp":285,"en":286},"[自分]{じぶん:oneself}のアカウントに[正規]{せいき:authorized}の[方法]{ほうほう:method}でログインする[行為]{こうい:act}","Logging into one's own account through authorized methods",{"en":288,"jp":289},"The law regulates unauthorized use, acquisition\u002Fprovision of others' credentials, exploiting security holes, and phishing. Logging into one's own account through authorized methods is outside its scope.","[不正]{ふせい:unauthorized}アクセス[禁止法]{きんしほう:prohibition law}は、[他人]{たにん:another person}の[識別]{しきべつ:identification}[符号]{ふごう:code}の[不正]{ふせい:unauthorized}[使用]{しよう:use}、[不正]{ふせい:unauthorized}[取得]{しゅとく:acquisition}・[提供]{ていきょう:provision}、セキュリティホール[攻撃]{こうげき:attack}、フィッシング[行為]{こうい:act}を[規制]{きせい:regulate}する。[自分]{じぶん:oneself}のアカウントへの[正規]{せいき:authorized}ログインは[規制]{きせい:regulation}[対象外]{たいしょうがい:outside the scope}。",[291],"unauthorized-access-law",{"id":293,"articleId":294,"question":295,"options":298,"correctLabel":17,"explanation":311,"tags":314},"kjh-mock-k2-q13","kjh-k2-h01-guideline",{"en":296,"jp":297},"Which is stipulated as a national responsibility under the Basic Act on Cybersecurity?","サイバーセキュリティ[基本法]{きほんほう:basic act}における[国]{くに:nation}の[責務]{せきむ:responsibility}として[規定]{きてい:stipulate}されている[内容]{ないよう:content}はどれか。",[299,302,305,308],{"label":17,"jp":300,"en":301},"サイバーセキュリティに[関]{かん:related}する[施策]{しさく:measures}を[総合的]{そうごうてき:comprehensively}かつ[効果的]{こうかてき:effectively}に[推進]{すいしん:promote}する[責務]{せきむ:responsibility}","The responsibility to comprehensively and effectively promote cybersecurity measures",{"label":21,"jp":303,"en":304},"[全]{すべ:all}ての[企業]{きぎょう:companies}にISMS[認証]{にんしょう:certification}[取得]{しゅとく:acquisition}を[義務]{ぎむ:obligate}づける[責務]{せきむ:responsibility}","The responsibility to obligate all companies to obtain ISMS certification",{"label":25,"jp":306,"en":307},"[個人]{こじん:individual}のPCにウイルス[対策]{たいさく:countermeasure}ソフトの[導入]{どうにゅう:introduction}を[義務]{ぎむ:obligate}づける[責務]{せきむ:responsibility}","The responsibility to obligate individuals to install antivirus software on their PCs",{"label":29,"jp":309,"en":310},"[全]{すべ:all}ての[通信]{つうしん:communication}を[監視]{かんし:monitor}する[責務]{せきむ:responsibility}","The responsibility to monitor all communications",{"en":312,"jp":313},"The Basic Act on Cybersecurity stipulates the nation's responsibility to comprehensively and effectively promote cybersecurity measures. Mandatory ISMS certification, mandatory personal antivirus, and monitoring all communications are not stipulated.","サイバーセキュリティ[基本法]{きほんほう:basic act}は、[国]{くに:nation}がサイバーセキュリティに[関]{かん:related}する[施策]{しさく:measures}を[総合的]{そうごうてき:comprehensively}・[効果的]{こうかてき:effectively}に[推進]{すいしん:promote}する[責務]{せきむ:responsibility}を[定]{さだ:stipulate}めている。ISMS[義務化]{ぎむか:mandatory}や[個人]{こじん:individual}PCへの[義務]{ぎむ:obligation}、[全通信]{ぜんつうしん:all communication}[監視]{かんし:monitoring}は[規定]{きてい:stipulated}されていない。",[315],"cybersecurity-basic-act",{"id":317,"articleId":294,"question":318,"options":321,"correctLabel":29,"explanation":334,"tags":337},"kjh-mock-k2-q14",{"en":319,"jp":320},"Which is NOT included in the five core functions of the NIST Cybersecurity Framework (CSF)?","NIST サイバーセキュリティフレームワーク（CSF）の5つのコア[機能]{きのう:functions}に[含]{ふく:include}まれないものはどれか。",[322,325,328,331],{"label":17,"jp":323,"en":324},"[識別]{しきべつ:identify}（Identify）","Identify",{"label":21,"jp":326,"en":327},"[防御]{ぼうぎょ:protect}（Protect）","Protect",{"label":25,"jp":329,"en":330},"[復旧]{ふっきゅう:recover}（Recover）","Recover",{"label":29,"jp":332,"en":333},"[監査]{かんさ:audit}（Audit）","Audit",{"en":335,"jp":336},"The five core functions of NIST CSF are Identify, Protect, Detect, Respond, and Recover. Audit is not one of them.","NIST CSFの5つのコア[機能]{きのう:functions}は、[識別]{しきべつ:identify}（Identify）、[防御]{ぼうぎょ:protect}（Protect）、[検知]{けんち:detect}（Detect）、[対応]{たいおう:respond}（Respond）、[復旧]{ふっきゅう:recover}（Recover）である。[監査]{かんさ:audit}（Audit）は[含]{ふく:included}まれない。",[338],"NIST-CSF",{"id":340,"articleId":294,"question":341,"options":344,"correctLabel":21,"explanation":357,"tags":360},"kjh-mock-k2-q15",{"en":342,"jp":343},"Which correctly describes a characteristic of ISMS based on ISO\u002FIEC 27001?","ISO\u002FIEC 27001に[基]{もと:based}づくISMSの[特徴]{とくちょう:characteristic}として[正]{ただ:correct}しいものはどれか。",[345,348,351,354],{"label":17,"jp":346,"en":347},"[技術的]{ぎじゅつてき:technical}な[対策]{たいさく:measures}のみを[対象]{たいしょう:scope}とする","It covers only technical measures",{"label":21,"jp":349,"en":350},"PDCAサイクルによる[継続的]{けいぞくてき:continuous}[改善]{かいぜん:improvement}を[求]{もと:require}める","It requires continuous improvement through the PDCA cycle",{"label":25,"jp":352,"en":353},"[認証]{にんしょう:certification}は[一度]{いちど:once}[取得]{しゅとく:obtain}すれば[更新]{こうしん:renewal}[不要]{ふよう:unnecessary}である","Certification needs no renewal once obtained",{"label":29,"jp":355,"en":356},"[日本]{にほん:Japan}[国内]{こくない:domestic}でのみ[有効]{ゆうこう:valid}な[規格]{きかく:standard}である","It is a standard valid only within Japan",{"en":358,"jp":359},"ISMS employs the PDCA cycle for continuous improvement. It covers not only technical but also organizational, human, and physical measures. Certification requires periodic renewal audits, and ISO\u002FIEC 27001 is an international standard.","ISMSはPDCAサイクルにより[継続的]{けいぞくてき:continuous}に[改善]{かいぜん:improve}する[仕組]{しく:mechanism}みを[持]{も:have}つ。[技術的]{ぎじゅつてき:technical}[対策]{たいさく:measures}だけでなく[組織的]{そしきてき:organizational}・[人的]{じんてき:human}・[物理的]{ぶつりてき:physical}[対策]{たいさく:measures}も[含]{ふく:include}む。[認証]{にんしょう:certification}は[定期的]{ていきてき:periodic}な[更新]{こうしん:renewal}[審査]{しんさ:audit}が[必要]{ひつよう:necessary}であり、ISO\u002FIEC 27001は[国際]{こくさい:international}[規格]{きかく:standard}である。",[361,362],"ISMS","ISO-27001",{"id":364,"articleId":365,"question":366,"options":369,"correctLabel":29,"explanation":382,"tags":385},"kjh-mock-k2-q16","kjh-k2-h02-soshiki-kiso",{"en":367,"jp":368},"Which item is NOT appropriate to include in a basic policy on personal information protection?","[個人情報]{こじんじょうほう:personal information}[保護]{ほご:protection}に[関]{かん:related}する[基本方針]{きほんほうしん:basic policy}に[含]{ふく:include}めるべき[事項]{じこう:item}として[適切]{てきせつ:appropriate}でないものはどれか。",[370,373,376,379],{"label":17,"jp":371,"en":372},"[事業者]{じぎょうしゃ:business operator}の[名称]{めいしょう:name}","Name of the business operator",{"label":21,"jp":374,"en":375},"[個人情報]{こじんじょうほう:personal information}[保護]{ほご:protection}に[関]{かん:related}する[法令]{ほうれい:laws}の[遵守]{じゅんしゅ:compliance}","Compliance with laws related to personal information protection",{"label":25,"jp":377,"en":378},"[苦情]{くじょう:complaints}[処理]{しょり:handling}の[窓口]{まどぐち:contact point}","Contact point for complaint handling",{"label":29,"jp":380,"en":381},"[全]{すべ:all}ての[従業者]{じゅうぎょうしゃ:employees}の[給与]{きゅうよ:salary}[明細]{めいさい:details}","Salary details of all employees",{"en":383,"jp":384},"A basic policy should include the operator's name, legal compliance statements, and inquiry contact points. Salary details of all employees are not an item to include in the basic policy.","[基本方針]{きほんほうしん:basic policy}には、[事業者]{じぎょうしゃ:business operator}[名]{めい:name}、[法令]{ほうれい:laws}[遵守]{じゅんしゅ:compliance}、[問]{と:inquiry}い[合]{あ:together}わせ[窓口]{まどぐち:contact point}などを[含]{ふく:include}める。[給与]{きゅうよ:salary}[明細]{めいさい:details}は[基本方針]{きほんほうしん:basic policy}に[記載]{きさい:describe}する[事項]{じこう:item}ではない。",[386],"basic-policy",{"id":388,"articleId":365,"question":389,"options":392,"correctLabel":29,"explanation":405,"tags":408},"kjh-mock-k2-q17",{"en":390,"jp":391},"Which item is NOT appropriate to record in a personal information management register?","[個人情報]{こじんじょうほう:personal information}[管理]{かんり:management}[台帳]{だいちょう:register}に[記録]{きろく:record}すべき[項目]{こうもく:items}として[適切]{てきせつ:appropriate}でないものはどれか。",[393,396,399,402],{"label":17,"jp":394,"en":395},"[個人情報]{こじんじょうほう:personal information}の[利用]{りよう:use}[目的]{もくてき:purpose}","Purpose of use of personal information",{"label":21,"jp":397,"en":398},"[保管]{ほかん:storage}[場所]{ばしょ:location}と[保管]{ほかん:storage}[期間]{きかん:period}","Storage location and retention period",{"label":25,"jp":400,"en":401},"アクセス[権限]{けんげん:authority}を[有]{ゆう:have}する[者]{もの:person}","Persons with access authority",{"label":29,"jp":403,"en":404},"[従業者]{じゅうぎょうしゃ:employees}の[趣味]{しゅみ:hobbies}・[嗜好]{しこう:preferences}","Hobbies and preferences of employees",{"en":406,"jp":407},"The register should include purpose of use, storage location\u002Fperiod, authorized persons, and acquisition method. Employees' hobbies and preferences are not register items.","[管理]{かんり:management}[台帳]{だいちょう:register}には、[利用]{りよう:use}[目的]{もくてき:purpose}、[保管]{ほかん:storage}[場所]{ばしょ:location}・[期間]{きかん:period}、アクセス[権限]{けんげん:authority}[者]{もの:person}、[取得]{しゅとく:acquisition}[方法]{ほうほう:method}などを[記載]{きさい:record}する。[従業者]{じゅうぎょうしゃ:employees}の[趣味]{しゅみ:hobbies}・[嗜好]{しこう:preferences}は[管理]{かんり:management}[台帳]{だいちょう:register}の[項目]{こうもく:item}ではない。",[409],"management-register",{"id":411,"articleId":365,"question":412,"options":415,"correctLabel":25,"explanation":428,"tags":431},"kjh-mock-k2-q18",{"en":413,"jp":414},"Which risk analysis method quantitatively evaluates risk as \"probability of occurrence x impact\"?","リスク[分析]{ぶんせき:analysis}の[手法]{しゅほう:method}のうち、リスクを「[発生]{はっせい:occurrence}[確率]{かくりつ:probability}×[影響度]{えいきょうど:impact}」で[定量的]{ていりょうてき:quantitatively}に[評価]{ひょうか:evaluate}する[手法]{しゅほう:method}はどれか。",[416,419,422,425],{"label":17,"jp":417,"en":418},"ベースラインアプローチ","Baseline approach",{"label":21,"jp":420,"en":421},"[非]{ひ:in-}[形式的]{けいしきてき:formal}アプローチ","Informal approach",{"label":25,"jp":423,"en":424},"[詳細]{しょうさい:detailed}リスク[分析]{ぶんせき:analysis}","Detailed risk analysis",{"label":29,"jp":426,"en":427},"[組]{く:combination}み[合]{あ:together}わせアプローチ","Combined approach",{"en":429,"jp":430},"Detailed risk analysis individually evaluates asset value, threats, and vulnerabilities, then quantitatively calculates risk from probability and impact. Baseline compares against existing standards, informal relies on experience, and combined uses multiple methods.","[詳細]{しょうさい:detailed}リスク[分析]{ぶんせき:analysis}は、[資産]{しさん:assets}の[価値]{かち:value}、[脅威]{きょうい:threats}、[脆弱性]{ぜいじゃくせい:vulnerabilities}を[個別]{こべつ:individually}に[評価]{ひょうか:evaluate}し、[発生]{はっせい:occurrence}[確率]{かくりつ:probability}と[影響度]{えいきょうど:impact}からリスクを[定量的]{ていりょうてき:quantitatively}に[算出]{さんしゅつ:calculate}する。ベースラインは[既存]{きそん:existing}の[基準]{きじゅん:standard}に[照]{て:compare}らす[方法]{ほうほう:method}、[非]{ひ:in-}[形式的]{けいしきてき:formal}は[経験]{けいけん:experience}に[基]{もと:based}づく[判断]{はんだん:judgment}、[組]{く:combination}み[合]{あ:together}わせは[複数]{ふくすう:multiple}[手法]{しゅほう:methods}の[併用]{へいよう:combination}。",[432],"risk-analysis",{"id":434,"articleId":365,"question":435,"options":438,"correctLabel":17,"explanation":451,"tags":454},"kjh-mock-k2-q19",{"en":436,"jp":437},"In the regulation document hierarchy, which is positioned below the basic policy and establishes specific countermeasure standards?","[規程]{きてい:regulations}[文書]{ぶんしょ:documents}[体系]{たいけい:hierarchy}において、[基本方針]{きほんほうしん:basic policy}の[下位]{かい:subordinate}に[位置]{いち:positioned}し、[具体的]{ぐたいてき:specific}な[対策]{たいさく:measures}[基準]{きじゅん:standards}を[定]{さだ:establish}めるものはどれか。",[439,442,445,448],{"label":17,"jp":440,"en":441},"[対策]{たいさく:measures}[基準]{きじゅん:standards}","Countermeasure standards",{"label":21,"jp":443,"en":444},"[実施]{じっし:implementation}[手順書]{てじゅんしょ:procedures}","Implementation procedures",{"label":25,"jp":446,"en":447},"[記録]{きろく:records}[様式]{ようしき:forms}","Record forms",{"label":29,"jp":449,"en":450},"[事故]{じこ:incident}[報告書]{ほうこくしょ:report}","Incident report",{"en":452,"jp":453},"The regulation document hierarchy is structured as: basic policy → countermeasure standards → implementation procedures. Countermeasure standards are positioned directly below the basic policy.","[規程]{きてい:regulations}[文書]{ぶんしょ:documents}[体系]{たいけい:hierarchy}は、[基本方針]{きほんほうしん:basic policy}→[対策]{たいさく:measures}[基準]{きじゅん:standards}→[実施]{じっし:implementation}[手順書]{てじゅんしょ:procedures}の[順]{じゅん:order}で[構成]{こうせい:structured}される。[対策]{たいさく:measures}[基準]{きじゅん:standards}は[基本方針]{きほんほうしん:basic policy}の[直下]{ちょっか:directly below}に[位置]{いち:positioned}する。",[455],"document-hierarchy",{"id":457,"articleId":458,"question":459,"options":462,"correctLabel":29,"explanation":475,"tags":478},"kjh-mock-k2-q20","kjh-k1-h04-anzen-kanri",{"en":460,"jp":461},"Which does NOT fall under organizational safety management measures?","[組織的]{そしきてき:organizational}[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}に[該当]{がいとう:applicable}しないものはどれか。",[463,466,469,472],{"label":17,"jp":464,"en":465},"[組織]{そしき:organization}[体制]{たいせい:structure}の[整備]{せいび:establishment}","Establishment of organizational structure",{"label":21,"jp":467,"en":468},"[個人情報]{こじんじょうほう:personal information}の[取扱]{とりあつかい:handling}いに[関]{かん:related}する[規律]{きりつ:rules}の[整備]{せいび:establishment}","Establishment of rules on personal information handling",{"label":25,"jp":470,"en":471},"[取扱]{とりあつかい:handling}い[状況]{じょうきょう:status}を[確認]{かくにん:check}する[手段]{しゅだん:means}の[整備]{せいび:establishment}","Establishment of means to check handling status",{"label":29,"jp":473,"en":474},"[入退室]{にゅうたいしつ:entry\u002Fexit}[管理]{かんり:management}システムの[導入]{どうにゅう:introduction}","Introduction of an entry\u002Fexit management system",{"en":476,"jp":477},"Entry\u002Fexit management falls under physical safety management measures. Organizational safety management measures include the five items: organizational structure, rules, handling status checks, review of measures, and incident response structure.","[入退室]{にゅうたいしつ:entry\u002Fexit}[管理]{かんり:management}は[物理的]{ぶつりてき:physical}[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}に[該当]{がいとう:fall under}する。[組織的]{そしきてき:organizational}[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}は、[体制]{たいせい:structure}[整備]{せいび:establishment}、[規律]{きりつ:rules}[整備]{せいび:establishment}、[取扱]{とりあつかい:handling}い[状況]{じょうきょう:status}の[把握]{はあく:grasp}、[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}の[見直]{みなお:review}し、[事故]{じこ:incident}[対応]{たいおう:response}[体制]{たいせい:structure}の5[項目]{こうもく:items}である。",[479],"organizational-measures",{"id":481,"articleId":458,"question":482,"options":485,"correctLabel":21,"explanation":498,"tags":501},"kjh-mock-k2-q21",{"en":483,"jp":484},"Which is appropriate as a human safety management measure?","[人的]{じんてき:human}[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}として[適切]{てきせつ:appropriate}なものはどれか。",[486,489,492,495],{"label":17,"jp":487,"en":488},"サーバルームへの[施錠]{せじょう:locking}[管理]{かんり:management}","Lock management for the server room",{"label":21,"jp":490,"en":491},"[従業者]{じゅうぎょうしゃ:employees}への[定期的]{ていきてき:periodic}な[教育]{きょういく:education}・[研修]{けんしゅう:training}の[実施]{じっし:implementation}","Conducting periodic education and training for employees",{"label":25,"jp":493,"en":494},"ファイアウォールの[設定]{せってい:configuration}","Firewall configuration",{"label":29,"jp":496,"en":497},"[個人情報]{こじんじょうほう:personal information}[管理]{かんり:management}[台帳]{だいちょう:register}の[作成]{さくせい:creation}","Creating a personal information management register",{"en":499,"jp":500},"Human safety management measures include education\u002Ftraining for employees and concluding confidentiality agreements. Option A is a physical measure, C is a technical measure, and D is an organizational measure.","[人的]{じんてき:human}[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}は、[従業者]{じゅうぎょうしゃ:employees}への[教育]{きょういく:education}・[研修]{けんしゅう:training}、[秘密]{ひみつ:confidentiality}[保持]{ほじ:maintenance}[契約]{けいやく:agreement}の[締結]{ていけつ:conclusion}などが[含]{ふく:included}まれる。アは[物理的]{ぶつりてき:physical}[措置]{そち:measures}、ウは[技術的]{ぎじゅつてき:technical}[措置]{そち:measures}、エは[組織的]{そしきてき:organizational}[措置]{そち:measures}。",[502],"human-measures",{"id":504,"articleId":505,"question":506,"options":509,"correctLabel":29,"explanation":522,"tags":525},"kjh-mock-k2-q22","kjh-k2-h02-anzen-kanri-sochi",{"en":507,"jp":508},"Which correctly defines \"employees\" under the Personal Information Protection Act?","[個人情報]{こじんじょうほう:personal information}[保護法]{ほごほう:protection act}における「[従業者]{じゅうぎょうしゃ:employees}」の[定義]{ていぎ:definition}として[正]{ただ:correct}しいものはどれか。",[510,513,516,519],{"label":17,"jp":511,"en":512},"[正社員]{せいしゃいん:full-time employees}のみを[指]{さ:refer}す","Refers only to full-time employees",{"label":21,"jp":514,"en":515},"[正社員]{せいしゃいん:full-time employees}と[契約]{けいやく:contract}[社員]{しゃいん:employees}を[指]{さ:refer}す","Refers to full-time and contract employees",{"label":25,"jp":517,"en":518},"[事業者]{じぎょうしゃ:business operator}の[指揮]{しき:direction}[命令]{めいれい:command}の[下]{もと:under}に[業務]{ぎょうむ:work}に[従事]{じゅうじ:engage}する[者]{もの:person}で、[雇用]{こよう:employment}[関係]{かんけい:relationship}にある[者]{もの:person}に[限]{かぎ:limit}る","Persons engaged in work under the operator's direction, limited to those in an employment relationship",{"label":29,"jp":520,"en":521},"[雇用]{こよう:employment}[関係]{かんけい:relationship}の[有無]{うむ:presence\u002Fabsence}にかかわらず、[事業者]{じぎょうしゃ:business operator}の[指揮]{しき:direction}[監督]{かんとく:supervision}の[下]{もと:under}に[業務]{ぎょうむ:work}に[従事]{じゅうじ:engage}する[者]{もの:person}すべてを[含]{ふく:include}む","Includes all persons engaged in work under the operator's direction and supervision, regardless of employment relationship",{"en":523,"jp":524},"\"Employees\" includes all persons working under the operator's direction and supervision within the organization, regardless of employment relationship. This includes dispatched workers, part-timers, temporary workers, and directors.","「[従業者]{じゅうぎょうしゃ:employees}」は[雇用]{こよう:employment}[関係]{かんけい:relationship}の[有無]{うむ:presence\u002Fabsence}を[問]{と:regardless}わず、[事業者]{じぎょうしゃ:business operator}の[組織内]{そしきない:within organization}で[指揮]{しき:direction}[監督]{かんとく:supervision}を[受]{う:receive}けて[業務]{ぎょうむ:work}に[従事]{じゅうじ:engage}するすべての[者]{もの:persons}を[含]{ふく:include}む。[派遣]{はけん:dispatch}[社員]{しゃいん:employees}、パート、アルバイト、[取締役]{とりしまりやく:directors}なども[含]{ふく:included}まれる。",[526],"employee-definition",{"id":528,"articleId":458,"question":529,"options":532,"correctLabel":17,"explanation":545,"tags":548},"kjh-mock-k2-q23",{"en":530,"jp":531},"What should most appropriately be verified at the \"selection\" stage of subcontractor supervision?","[委託先]{いたくさき:subcontractor}の[監督]{かんとく:supervision}における「[選定]{せんてい:selection}」の[段階]{だんかい:stage}で[確認]{かくにん:verify}すべき[事項]{じこう:item}として[最]{もっと:most}も[適切]{てきせつ:appropriate}なものはどれか。",[533,536,539,542],{"label":17,"jp":534,"en":535},"[委託先]{いたくさき:subcontractor}の[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}の[水準]{すいじゅん:level}","The level of the subcontractor's safety management measures",{"label":21,"jp":537,"en":538},"[委託]{いたく:outsource}[料]{りょう:fee}の[金額]{きんがく:amount}のみ","Only the fee amount",{"label":25,"jp":540,"en":541},"[委託先]{いたくさき:subcontractor}[社員]{しゃいん:employees}の[年齢]{ねんれい:age}[構成]{こうせい:composition}","The age composition of the subcontractor's employees",{"label":29,"jp":543,"en":544},"[委託先]{いたくさき:subcontractor}の[社屋]{しゃおく:office building}のデザイン","The design of the subcontractor's office building",{"en":546,"jp":547},"When selecting a subcontractor, one should verify whether appropriate safety management measures are in place, including the establishment of structures and regulations. Checking fees alone is insufficient.","[委託先]{いたくさき:subcontractor}[選定]{せんてい:selection}[時]{じ:time}には、[個人情報]{こじんじょうほう:personal information}の[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}が[適切]{てきせつ:appropriate}に[講]{こう:take}じられているか、[体制]{たいせい:structure}・[規程]{きてい:regulations}の[整備]{せいび:establishment}[状況]{じょうきょう:status}などを[確認]{かくにん:verify}する。[料金]{りょうきん:fee}だけでは[不十分]{ふじゅうぶん:insufficient}。",[549],"subcontractor-supervision",{"id":551,"articleId":458,"question":552,"options":555,"correctLabel":29,"explanation":568,"tags":571},"kjh-mock-k2-q24",{"en":553,"jp":554},"Which item is NOT appropriate to include in a contract with a subcontractor?","[委託先]{いたくさき:subcontractor}との[契約]{けいやく:contract}に[含]{ふく:include}めるべき[事項]{じこう:item}として[適切]{てきせつ:appropriate}でないものはどれか。",[556,559,562,565],{"label":17,"jp":557,"en":558},"[秘密]{ひみつ:confidentiality}[保持]{ほじ:maintenance}[義務]{ぎむ:obligation}","Confidentiality obligations",{"label":21,"jp":560,"en":561},"[再委託]{さいいたく:subcontracting}の[制限]{せいげん:restriction}","Restrictions on sub-subcontracting",{"label":25,"jp":563,"en":564},"[事故]{じこ:incident}[発生]{はっせい:occurrence}[時]{じ:time}の[報告]{ほうこく:reporting}[義務]{ぎむ:obligation}","Reporting obligations upon incident occurrence",{"label":29,"jp":566,"en":567},"[委託]{いたく:outsourcing}[元]{もと:origin}[社長]{しゃちょう:CEO}の[経歴]{けいれき:career history}","Career history of the outsourcing party's CEO",{"en":569,"jp":570},"Outsourcing contracts should include confidentiality, sub-subcontracting restrictions, incident reporting obligations, and data return\u002Fdeletion at contract termination. The CEO's career history is not a contract item.","[委託]{いたく:outsourcing}[契約]{けいやく:contract}には、[秘密]{ひみつ:confidentiality}[保持]{ほじ:maintenance}、[再委託]{さいいたく:sub-subcontracting}の[制限]{せいげん:restriction}、[事故]{じこ:incident}[時]{じ:time}の[報告]{ほうこく:reporting}、[契約]{けいやく:contract}[終了]{しゅうりょう:termination}[時]{じ:time}のデータ[返却]{へんきゃく:return}・[消去]{しょうきょ:deletion}などを[含]{ふく:include}める。[社長]{しゃちょう:CEO}の[経歴]{けいれき:career history}は[契約]{けいやく:contract}[事項]{じこう:item}ではない。",[572],"subcontractor-contract",{"id":574,"articleId":458,"question":575,"options":578,"correctLabel":25,"explanation":591,"tags":594},"kjh-mock-k2-q25",{"en":576,"jp":577},"Which statement about sub-subcontracting is correct?","[再委託]{さいいたく:sub-subcontracting}に[関]{かん:related}する[記述]{きじゅつ:statement}として[正]{ただ:correct}しいものはどれか。",[579,582,585,588],{"label":17,"jp":580,"en":581},"[再委託]{さいいたく:sub-subcontracting}は[法律]{ほうりつ:law}で[一律]{いちりつ:uniformly}に[禁止]{きんし:prohibited}されている","Sub-subcontracting is uniformly prohibited by law",{"label":21,"jp":583,"en":584},"[再委託]{さいいたく:sub-subcontracting}を[行]{おこな:carry out}う[場合]{ばあい:case}、[委託元]{いたくもと:outsourcer}の[許諾]{きょだく:permission}を[得]{え:obtain}る[必要]{ひつよう:necessary}はない","Sub-subcontracting does not require the outsourcer's permission",{"label":25,"jp":586,"en":587},"[再委託先]{さいいたくさき:sub-subcontractor}に[対]{たい:towards}しても[委託元]{いたくもと:outsourcer}は[監督]{かんとく:supervision}[責任]{せきにん:responsibility}を[負]{お:bear}う","The outsourcer bears supervision responsibility for the sub-subcontractor as well",{"label":29,"jp":589,"en":590},"[再委託]{さいいたく:sub-subcontracting}は[自動的]{じどうてき:automatically}に[認]{みと:approve}められる","Sub-subcontracting is automatically approved",{"en":592,"jp":593},"Sub-subcontracting is not uniformly prohibited but requires the outsourcer's permission. The outsourcer bears ultimate supervision responsibility for the sub-subcontractor's safety management as well.","[再委託]{さいいたく:sub-subcontracting}は[一律]{いちりつ:uniformly}[禁止]{きんし:prohibited}ではないが、[委託元]{いたくもと:outsourcer}の[許諾]{きょだく:permission}が[必要]{ひつよう:necessary}であり、[再委託先]{さいいたくさき:sub-subcontractor}の[安全]{あんぜん:safety}[管理]{かんり:management}についても[委託元]{いたくもと:outsourcer}が[最終的]{さいしゅうてき:ultimately}な[監督]{かんとく:supervision}[責任]{せきにん:responsibility}を[負]{お:bear}う。",[595],"sub-subcontracting",{"id":597,"articleId":505,"question":598,"options":601,"correctLabel":21,"explanation":614,"tags":617},"kjh-mock-k2-q26",{"en":599,"jp":600},"What should be done first when a personal data leakage incident occurs?","[個人]{こじん:personal}データ[漏]{ろう:leak}えい[事故]{じこ:incident}が[発生]{はっせい:occur}した[場合]{ばあい:case}の[対応]{たいおう:response}[手順]{てじゅん:procedure}として[最初]{さいしょ:first}に[行]{おこな:carry out}うべきものはどれか。",[602,605,608,611],{"label":17,"jp":603,"en":604},"[再発]{さいはつ:recurrence}[防止策]{ぼうしさく:prevention measures}の[策定]{さくてい:formulation}","Formulating recurrence prevention measures",{"label":21,"jp":606,"en":607},"[事実]{じじつ:facts}[関係]{かんけい:related}の[調査]{ちょうさ:investigation}と[被害]{ひがい:damage}[拡大]{かくだい:expansion}の[防止]{ぼうし:prevention}","Investigating the facts and preventing damage expansion",{"label":25,"jp":609,"en":610},"マスコミへのプレスリリース","Press release to the media",{"label":29,"jp":612,"en":613},"[関係者]{かんけいしゃ:persons involved}の[処分]{しょぶん:disciplinary action}","Disciplinary action against persons involved",{"en":615,"jp":616},"When a leakage incident occurs, investigating the facts and preventing damage expansion comes first. Recurrence prevention and press releases are subsequent responses, and disciplinary action is the latest stage.","[漏]{ろう:leak}えい[事故]{じこ:incident}[発生]{はっせい:occurrence}[時]{じ:time}は、まず[事実]{じじつ:facts}[関係]{かんけい:related}の[調査]{ちょうさ:investigation}と[被害]{ひがい:damage}[拡大]{かくだい:expansion}の[防止]{ぼうし:prevention}を[行]{おこな:carry out}う。[再発]{さいはつ:recurrence}[防止]{ぼうし:prevention}やプレスリリースは[後続]{こうぞく:subsequent}の[対応]{たいおう:response}であり、[処分]{しょぶん:disciplinary action}は[最]{もっと:most}も[後]{あと:later}の[段階]{だんかい:stage}。",[618],"incident-response",{"id":620,"articleId":458,"question":621,"options":624,"correctLabel":17,"explanation":637,"tags":640},"kjh-mock-k2-q27",{"en":622,"jp":623},"Which is appropriately included in \"establishing a structure to respond to leakage cases\" as part of organizational safety management measures?","[組織的]{そしきてき:organizational}[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}における「[漏]{ろう:leak}えい[等]{とう:etc.}の[事案]{じあん:case}に[対応]{たいおう:respond}する[体制]{たいせい:structure}の[整備]{せいび:establishment}」に[含]{ふく:include}まれるものとして[適切]{てきせつ:appropriate}なものはどれか。",[625,628,631,634],{"label":17,"jp":626,"en":627},"[事故]{じこ:incident}[発生]{はっせい:occurrence}[時]{じ:time}の[報告]{ほうこく:reporting}[連絡]{れんらく:contact}[体制]{たいせい:structure}の[整備]{せいび:establishment}","Establishing a reporting and contact structure for when incidents occur",{"label":21,"jp":629,"en":630},"[社員]{しゃいん:employees}[食堂]{しょくどう:cafeteria}のメニュー[改善]{かいぜん:improvement}","Improving the employee cafeteria menu",{"label":25,"jp":632,"en":633},"[株主]{かぶぬし:shareholders}[総会]{そうかい:general meeting}の[開催]{かいさい:holding}","Holding a shareholders' general meeting",{"label":29,"jp":635,"en":636},"[新商品]{しんしょうひん:new product}の[開発]{かいはつ:development}[計画]{けいかく:plan}","New product development plan",{"en":638,"jp":639},"Establishing a response structure for leakage cases includes setting up reporting\u002Fcontact structures, initial response procedures, and notification procedures for related agencies.","[漏]{ろう:leak}えい[等]{とう:etc.}の[事案]{じあん:case}に[対応]{たいおう:respond}する[体制]{たいせい:structure}[整備]{せいび:establishment}には、[報告]{ほうこく:reporting}[連絡]{れんらく:contact}[体制]{たいせい:structure}、[初動]{しょどう:initial}[対応]{たいおう:response}[手順]{てじゅん:procedure}、[関係]{かんけい:related}[機関]{きかん:agencies}への[通報]{つうほう:notification}[手順]{てじゅん:procedure}などが[含]{ふく:included}まれる。",[618],{"id":642,"articleId":458,"question":643,"options":646,"correctLabel":17,"explanation":659,"tags":662},"kjh-mock-k2-q28",{"en":644,"jp":645},"Which statement about complaint handling is appropriate?","[苦情]{くじょう:complaint}[処理]{しょり:handling}に[関]{かん:related}する[記述]{きじゅつ:statement}として[適切]{てきせつ:appropriate}なものはどれか。",[647,650,653,656],{"label":17,"jp":648,"en":649},"[苦情]{くじょう:complaint}[処理]{しょり:handling}の[窓口]{まどぐち:contact point}を[設置]{せっち:set up}し、[適切]{てきせつ:appropriate}かつ[迅速]{じんそく:prompt}に[対応]{たいおう:respond}する[体制]{たいせい:structure}を[整備]{せいび:establish}する","Set up a complaint handling contact point and establish a structure for appropriate and prompt response",{"label":21,"jp":651,"en":652},"[苦情]{くじょう:complaint}は[全]{すべ:all}て[弁護士]{べんごし:lawyer}に[委任]{いにん:delegate}すればよい","All complaints can simply be delegated to lawyers",{"label":25,"jp":654,"en":655},"[苦情]{くじょう:complaint}の[内容]{ないよう:content}は[記録]{きろく:record}する[必要]{ひつよう:need}はない","Complaint content does not need to be recorded",{"label":29,"jp":657,"en":658},"[苦情]{くじょう:complaint}[対応]{たいおう:response}は[年]{ねん:year}に1[回]{かい:time}まとめて[行]{おこな:carry out}えばよい","Complaint responses can be handled collectively once a year",{"en":660,"jp":661},"Complaint handling should have a dedicated contact point with a structure for prompt and appropriate response. Complaints should be recorded and used for improvement. Wholesale delegation to lawyers or annual responses are inappropriate.","[苦情]{くじょう:complaint}[処理]{しょり:handling}は、[窓口]{まどぐち:contact point}を[設置]{せっち:set up}し、[迅速]{じんそく:prompt}・[適切]{てきせつ:appropriate}に[対応]{たいおう:respond}する[体制]{たいせい:structure}を[整備]{せいび:establish}すべきである。[苦情]{くじょう:complaint}の[内容]{ないよう:content}は[記録]{きろく:record}し[改善]{かいぜん:improvement}に[活]{い:utilize}かす。[弁護士]{べんごし:lawyer}への[丸投]{まるな:wholesale delegation}げや[年]{ねん:year}1[回]{かい:time}の[対応]{たいおう:response}は[不適切]{ふてきせつ:inappropriate}。",[663],"complaint-handling",{"id":665,"articleId":270,"question":666,"options":669,"correctLabel":17,"explanation":682,"tags":685},"kjh-mock-k2-q29",{"en":667,"jp":668},"Which correctly describes the \"baseline approach\" in risk analysis?","リスク[分析]{ぶんせき:analysis}における「ベースラインアプローチ」の[説明]{せつめい:description}として[正]{ただ:correct}しいものはどれか。",[670,673,676,679],{"label":17,"jp":671,"en":672},"[既存]{きそん:existing}の[基準]{きじゅん:standard}やガイドラインに[照]{て:compare}らしてセキュリティ[対策]{たいさく:measures}の[過不足]{かぶそく:surplus\u002Fdeficiency}を[判断]{はんだん:judge}する","Judging sufficiency of security measures against existing standards or guidelines",{"label":21,"jp":674,"en":675},"[経験]{けいけん:experience}[豊富]{ほうふ:rich}な[担当者]{たんとうしゃ:person in charge}の[直感]{ちょっかん:intuition}でリスクを[判断]{はんだん:judge}する","Judging risk by the intuition of experienced personnel",{"label":25,"jp":677,"en":678},"[全]{すべ:all}ての[資産]{しさん:assets}を[個別]{こべつ:individually}に[評価]{ひょうか:evaluate}し[定量的]{ていりょうてき:quantitatively}に[分析]{ぶんせき:analyze}する","Individually evaluating all assets and analyzing quantitatively",{"label":29,"jp":680,"en":681},"リスクを[無視]{むし:ignore}して[対策]{たいさく:measures}を[講]{こう:take}じない","Ignoring risk and not taking measures",{"en":683,"jp":684},"The baseline approach compares the current state against existing standards to judge the sufficiency of measures. Option B is the informal approach, C is detailed risk analysis, and D is close to the concept of risk acceptance.","ベースラインアプローチは、[既存]{きそん:existing}の[基準]{きじゅん:standard}（ガイドラインなど）と[現状]{げんじょう:current state}を[比較]{ひかく:compare}し、[対策]{たいさく:measures}の[過不足]{かぶそく:surplus\u002Fdeficiency}を[判断]{はんだん:judge}する[手法]{しゅほう:method}。イは[非]{ひ:in-}[形式的]{けいしきてき:formal}アプローチ、ウは[詳細]{しょうさい:detailed}リスク[分析]{ぶんせき:analysis}、エはリスク[受容]{じゅよう:acceptance}の[概念]{がいねん:concept}に[近]{ちか:close}い。",[432],{"id":687,"articleId":458,"question":688,"options":691,"correctLabel":29,"explanation":702,"tags":705},"kjh-mock-k2-q30",{"en":689,"jp":690},"Which is NOT included in the five items of organizational safety management measures?","[組織的]{そしきてき:organizational}[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}の5[項目]{こうもく:items}に[含]{ふく:include}まれないものはどれか。",[692,693,696,699],{"label":17,"jp":464,"en":465},{"label":21,"jp":694,"en":695},"[個人]{こじん:personal}データの[取扱]{とりあつかい:handling}いに[係]{かか:related}る[規律]{きりつ:rules}の[整備]{せいび:establishment}","Establishment of rules on personal data handling",{"label":25,"jp":697,"en":698},"[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}の[見直]{みなお:review}し","Review of safety management measures",{"label":29,"jp":700,"en":701},"ウイルス[対策]{たいさく:countermeasure}ソフトの[導入]{どうにゅう:introduction}","Introduction of antivirus software",{"en":703,"jp":704},"The five items are: (1) organizational structure, (2) rules, (3) handling status checks, (4) review of measures, (5) incident response structure. Antivirus software falls under technical safety management measures.","[組織的]{そしきてき:organizational}[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}の5[項目]{こうもく:items}は、①[体制]{たいせい:structure}[整備]{せいび:establishment}、②[規律]{きりつ:rules}[整備]{せいび:establishment}、③[取扱]{とりあつかい:handling}い[状況]{じょうきょう:status}の[把握]{はあく:grasp}、④[措置]{そち:measures}の[見直]{みなお:review}し、⑤[事案]{じあん:case}[対応]{たいおう:response}[体制]{たいせい:structure}。ウイルス[対策]{たいさく:countermeasure}ソフトは[技術的]{ぎじゅつてき:technical}[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}に[該当]{がいとう:fall under}する。",[479],{"id":707,"articleId":708,"question":709,"options":712,"correctLabel":25,"explanation":725,"tags":728},"kjh-mock-k2-q31","kjh-k2-h03-office",{"en":710,"jp":711},"In security zoning, which zone has the highest security level?","セキュリティゾーニングにおいて、[最]{もっと:most}もセキュリティレベルが[高]{たか:high}い[区域]{くいき:zone}はどれか。",[713,716,719,722],{"label":17,"jp":714,"en":715},"[受付]{うけつけ:reception}エリア","Reception area",{"label":21,"jp":717,"en":718},"[一般]{いっぱん:general}[執務]{しつむ:work}エリア","General work area",{"label":25,"jp":720,"en":721},"サーバルーム","Server room",{"label":29,"jp":723,"en":724},"[会議室]{かいぎしつ:meeting room}","Meeting room",{"en":726,"jp":727},"In security zoning, areas handling critical information like server rooms and vaults have the highest security level. Reception is a public zone; general work areas and meeting rooms are intermediate.","セキュリティゾーニングでは、サーバルームや[金庫室]{きんこしつ:vault room}など[重要]{じゅうよう:important}[情報]{じょうほう:information}を[扱]{あつか:handle}う[区域]{くいき:zone}が[最]{もっと:most}もセキュリティレベルが[高]{たか:high}い。[受付]{うけつけ:reception}は[公開]{こうかい:public}[区域]{くいき:zone}、[一般]{いっぱん:general}[執務]{しつむ:work}エリアや[会議室]{かいぎしつ:meeting room}は[中間]{ちゅうかん:intermediate}レベル。",[729],"security-zoning",{"id":731,"articleId":11,"question":732,"options":735,"correctLabel":17,"explanation":748,"tags":751},"kjh-mock-k2-q32",{"en":733,"jp":734},"Which correctly describes \"piggybacking\" in entry\u002Fexit management?","[入退室]{にゅうたいしつ:entry\u002Fexit}[管理]{かんり:management}における「[共連]{ともづ:piggybacking}れ」の[説明]{せつめい:description}として[正]{ただ:correct}しいものはどれか。",[736,739,742,745],{"label":17,"jp":737,"en":738},"[認証]{にんしょう:authenticated}された[人]{ひと:person}の[後]{あと:after}に[続]{つづ:follow}いて[認証]{にんしょう:authentication}なしで[入室]{にゅうしつ:enter}すること","Following an authenticated person to enter without authentication",{"label":21,"jp":740,"en":741},"[複数]{ふくすう:multiple}の[認証]{にんしょう:authentication}[手段]{しゅだん:means}を[組]{く:combine}み[合]{あ:together}わせること","Combining multiple authentication means",{"label":25,"jp":743,"en":744},"[入退室]{にゅうたいしつ:entry\u002Fexit}[記録]{きろく:record}をログに[記録]{きろく:record}すること","Recording entry\u002Fexit records in a log",{"label":29,"jp":746,"en":747},"ICカードを[他人]{たにん:another person}に[貸]{か:lend}すこと","Lending an IC card to another person",{"en":749,"jp":750},"Piggybacking is entering without authentication by following an authorized person. Countermeasures include anti-passback and flapper gates. Option D is unauthorized card lending, which is different from piggybacking.","[共連]{ともづ:piggybacking}れとは、[正規]{せいき:authorized}の[認証]{にんしょう:authentication}を[受]{う:receive}けた[人]{ひと:person}に[続]{つづ:follow}いて、[認証]{にんしょう:authentication}を[受]{う:receive}けずに[入室]{にゅうしつ:enter}する[行為]{こうい:act}である。アンチパスバックやフラッパーゲートなどで[対策]{たいさく:countermeasure}する。エはカードの[不正]{ふせい:unauthorized}[貸借]{たいしゃく:lending}であり[共連]{ともづ:piggybacking}れとは[異]{こと:different}なる。",[752],"entry-exit-management",{"id":754,"articleId":708,"question":755,"options":758,"correctLabel":17,"explanation":771,"tags":774},"kjh-mock-k2-q33",{"en":756,"jp":757},"Which correctly describes the difference between a \"managed zone\" and a \"handling zone\" in physical safety management measures?","[物理的]{ぶつりてき:physical}[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}における「[管理]{かんり:managed}[区域]{くいき:zone}」と「[取扱]{とりあつかい:handling}[区域]{くいき:zone}」の[違]{ちが:difference}いとして[正]{ただ:correct}しいものはどれか。",[759,762,765,768],{"label":17,"jp":760,"en":761},"[管理]{かんり:managed}[区域]{くいき:zone}は[入退室]{にゅうたいしつ:entry\u002Fexit}[管理]{かんり:management}を[行]{おこな:conduct}う[区域]{くいき:zone}、[取扱]{とりあつかい:handling}[区域]{くいき:zone}は[壁]{かべ:wall}や[間仕切]{まじき:partition}りなどの[物理的]{ぶつりてき:physical}な[措置]{そち:measures}が[不要]{ふよう:unnecessary}な[区域]{くいき:zone}","The managed zone requires entry\u002Fexit management, while the handling zone does not require physical measures like walls or partitions",{"label":21,"jp":763,"en":764},"[両者]{りょうしゃ:both}に[違]{ちが:difference}いはない","There is no difference between the two",{"label":25,"jp":766,"en":767},"[取扱]{とりあつかい:handling}[区域]{くいき:zone}の[方]{ほう:side}がセキュリティレベルが[高]{たか:high}い","The handling zone has a higher security level",{"label":29,"jp":769,"en":770},"[管理]{かんり:managed}[区域]{くいき:zone}は[個人情報]{こじんじょうほう:personal information}を[取]{と:handle}り[扱]{あつか:handle}わない[区域]{くいき:zone}である","The managed zone is a zone that does not handle personal information",{"en":772,"jp":773},"A managed zone is where information systems handling personal data are managed, requiring entry\u002Fexit management. A handling zone is where personal data processing work is conducted, and physical measures like walls\u002Fpartitions are not mandatory.","[管理]{かんり:managed}[区域]{くいき:zone}は[個人]{こじん:personal}データを[取]{と:handle}り[扱]{あつか:handle}う[情報]{じょうほう:information}システムを[管理]{かんり:manage}する[区域]{くいき:zone}で[入退室]{にゅうたいしつ:entry\u002Fexit}[管理]{かんり:management}が[必要]{ひつよう:necessary}。[取扱]{とりあつかい:handling}[区域]{くいき:zone}は[個人]{こじん:personal}データを[取]{と:handle}り[扱]{あつか:handle}う[事務]{じむ:office}を[実施]{じっし:conduct}する[区域]{くいき:zone}で、[壁]{かべ:wall}や[間仕切]{まじき:partition}りなどの[物理的]{ぶつりてき:physical}[措置]{そち:measures}は[必須]{ひっす:mandatory}ではない。",[775,776],"physical-measures","zoning",{"id":778,"articleId":708,"question":779,"options":782,"correctLabel":25,"explanation":795,"tags":798},"kjh-mock-k2-q34",{"en":780,"jp":781},"Which is the most reliable data erasure method when disposing of a hard disk?","ハードディスクの[廃棄]{はいき:disposal}[時]{じ:time}のデータ[消去]{しょうきょ:erasure}[方法]{ほうほう:method}として[最]{もっと:most}も[確実]{かくじつ:reliable}なものはどれか。",[783,786,789,792],{"label":17,"jp":784,"en":785},"ごみ[箱]{ばこ:box}に[入]{い:put}れてから「ごみ[箱]{ばこ:box}を[空]{から:empty}にする」を[実行]{じっこう:execute}","Putting files in the recycle bin and emptying it",{"label":21,"jp":787,"en":788},"ファイルを[削除]{さくじょ:delete}しフォーマットする","Deleting files and formatting the drive",{"label":25,"jp":790,"en":791},"[物理的]{ぶつりてき:physical}に[破壊]{はかい:destroy}（[穿孔]{せんこう:perforation}、[破砕]{はさい:shredding}）する","Physically destroying (perforation, shredding)",{"label":29,"jp":793,"en":794},"パスワードで[保護]{ほご:protect}する","Protecting with a password",{"en":796,"jp":797},"Physical destruction (perforation, shredding, melting) is the most reliable. Emptying the recycle bin still allows recovery. Even formatting may be recoverable with specialized tools. Password protection is not data erasure.","[物理的]{ぶつりてき:physical}[破壊]{はかい:destruction}（[穿孔]{せんこう:perforation}、[破砕]{はさい:shredding}、[溶解]{ようかい:melting}）が[最]{もっと:most}も[確実]{かくじつ:reliable}。ごみ[箱]{ばこ:box}を[空]{から:empty}にしただけでは[復元]{ふくげん:recovery}[可能]{かのう:possible}。フォーマットでも[専門]{せんもん:specialized}ツールで[復元]{ふくげん:recovery}[可能]{かのう:possible}な[場合]{ばあい:case}がある。パスワード[保護]{ほご:protection}はデータ[消去]{しょうきょ:erasure}ではない。",[799],"data-erasure",{"id":801,"articleId":708,"question":802,"options":805,"correctLabel":21,"explanation":818,"tags":821},"kjh-mock-k2-q35",{"en":803,"jp":804},"Which correctly describes RPO (Recovery Point Objective) in BCP (Business Continuity Plan)?","BCP（[事業]{じぎょう:business}[継続]{けいぞく:continuity}[計画]{けいかく:plan}）におけるRPO（Recovery Point Objective）の[説明]{せつめい:description}として[正]{ただ:correct}しいものはどれか。",[806,809,812,815],{"label":17,"jp":807,"en":808},"[災害]{さいがい:disaster}[発生]{はっせい:occurrence}からシステム[復旧]{ふっきゅう:recovery}までの[目標]{もくひょう:target}[時間]{じかん:time}","Target time from disaster occurrence to system recovery",{"label":21,"jp":810,"en":811},"データを[過去]{かこ:past}のどの[時点]{じてん:point in time}まで[復旧]{ふっきゅう:recover}させるかの[目標]{もくひょう:target}","The target for how far back in time data should be recovered to",{"label":25,"jp":813,"en":814},"[許容]{きょよう:tolerable}される[最大]{さいだい:maximum}のダウンタイム","Maximum tolerable downtime",{"label":29,"jp":816,"en":817},"バックアップの[保管]{ほかん:storage}[場所]{ばしょ:location}","Backup storage location",{"en":819,"jp":820},"RPO is the target for how far back in time data should be recovered to (recovery point objective). Options A and C are concepts closer to RTO (Recovery Time Objective).","RPOは、データを[過去]{かこ:past}のどの[時点]{じてん:point in time}まで[復旧]{ふっきゅう:recover}させるかの[目標]{もくひょう:target}（[復旧]{ふっきゅう:recovery}[時点]{じてん:point}[目標]{もくひょう:objective}）。アとウはRTO（Recovery Time Objective：[復旧]{ふっきゅう:recovery}[時間]{じかん:time}[目標]{もくひょう:objective}）に[近]{ちか:close}い[概念]{がいねん:concept}。",[822,823],"BCP","RPO",{"id":825,"articleId":708,"question":826,"options":829,"correctLabel":17,"explanation":842,"tags":845},"kjh-mock-k2-q36",{"en":827,"jp":828},"Which correctly describes RTO (Recovery Time Objective)?","RTO（Recovery Time Objective）の[説明]{せつめい:description}として[正]{ただ:correct}しいものはどれか。",[830,833,836,839],{"label":17,"jp":831,"en":832},"[災害]{さいがい:disaster}[発生]{はっせい:occurrence}からシステムを[復旧]{ふっきゅう:recover}させるまでの[目標]{もくひょう:target}[時間]{じかん:time}","Target time from disaster occurrence until system recovery",{"label":21,"jp":834,"en":835},"バックアップデータの[保存]{ほぞん:preservation}[期間]{きかん:period}","Backup data preservation period",{"label":25,"jp":837,"en":838},"データ[損失]{そんしつ:loss}の[許容]{きょよう:tolerable}[量]{りょう:amount}","Tolerable amount of data loss",{"label":29,"jp":840,"en":841},"DRサイトまでの[物理的]{ぶつりてき:physical}[距離]{きょり:distance}","Physical distance to the DR site",{"en":843,"jp":844},"RTO is the target time from disaster occurrence until system recovery (Recovery Time Objective). Option C is a concept related to RPO.","RTOは[災害]{さいがい:disaster}[発生]{はっせい:occurrence}からシステムを[復旧]{ふっきゅう:recover}させるまでの[目標]{もくひょう:target}[時間]{じかん:time}（[復旧]{ふっきゅう:recovery}[時間]{じかん:time}[目標]{もくひょう:objective}）である。ウはRPOに[関連]{かんれん:related}する[概念]{がいねん:concept}。",[822,846],"RTO",{"id":848,"articleId":708,"question":849,"options":852,"correctLabel":21,"explanation":865,"tags":868},"kjh-mock-k2-q37",{"en":850,"jp":851},"Which backup method backs up only the data that has changed since the last full backup?","バックアップの[方式]{ほうしき:method}のうち、[前回]{ぜんかい:previous}のフルバックアップ[以降]{いこう:since}に[変更]{へんこう:changed}されたデータのみをバックアップする[方式]{ほうしき:method}はどれか。",[853,856,859,862],{"label":17,"jp":854,"en":855},"フルバックアップ","Full backup",{"label":21,"jp":857,"en":858},"[差分]{さぶん:differential}バックアップ","Differential backup",{"label":25,"jp":860,"en":861},"[増分]{ぞうぶん:incremental}バックアップ","Incremental backup",{"label":29,"jp":863,"en":864},"ミラーリング","Mirroring",{"en":866,"jp":867},"Differential backup backs up all data changed since the last full backup. Incremental backup covers only changes since the last backup (full or incremental). Recovery requires full + differential (2 sets) or full + all incrementals.","[差分]{さぶん:differential}バックアップは[前回]{ぜんかい:previous}のフルバックアップ[以降]{いこう:since}に[変更]{へんこう:changed}された[全]{すべ:all}てのデータをバックアップする。[増分]{ぞうぶん:incremental}バックアップは[前回]{ぜんかい:previous}のバックアップ（フルまたは[増分]{ぞうぶん:incremental}）[以降]{いこう:since}の[変更]{へんこう:changes}のみ。[復旧]{ふっきゅう:recovery}[時]{じ:time}は、[差分]{さぶん:differential}はフル＋[差分]{さぶん:differential}の2つ、[増分]{ぞうぶん:incremental}はフル＋[全増分]{ぜんぞうぶん:all incremental}が[必要]{ひつよう:necessary}。",[869],"backup",{"id":871,"articleId":708,"question":872,"options":875,"correctLabel":25,"explanation":888,"tags":891},"kjh-mock-k2-q38",{"en":873,"jp":874},"Among DR (disaster recovery) site types, which one has equipment, data, and personnel on constant standby and allows immediate switchover?","DRサイト（[災害]{さいがい:disaster}[復旧]{ふっきゅう:recovery}サイト）の[種類]{しゅるい:types}のうち、[設備]{せつび:equipment}・データ・[要員]{よういん:personnel}が[常時]{じょうじ:constantly}[待機]{たいき:standby}し、[即時]{そくじ:immediate}[切]{き:switch}り[替]{か:over}えが[可能]{かのう:possible}なものはどれか。",[876,879,882,885],{"label":17,"jp":877,"en":878},"コールドサイト","Cold site",{"label":21,"jp":880,"en":881},"ウォームサイト","Warm site",{"label":25,"jp":883,"en":884},"ホットサイト","Hot site",{"label":29,"jp":886,"en":887},"モバイルサイト","Mobile site",{"en":889,"jp":890},"A hot site has equipment, data, and personnel on constant standby for immediate switchover. A cold site has only basic facilities and takes time to set up. A warm site is an intermediate form. Cost order: hot > warm > cold.","ホットサイトは[設備]{せつび:equipment}・データ・[要員]{よういん:personnel}が[常時]{じょうじ:constantly}[待機]{たいき:standby}し、[即時]{そくじ:immediate}[切]{き:switch}り[替]{か:over}え[可能]{かのう:possible}。コールドサイトは[設備]{せつび:equipment}のみで[構築]{こうちく:setup}に[時間]{じかん:time}がかかる。ウォームサイトは[中間]{ちゅうかん:intermediate}[形態]{けいたい:form}。コストはホット＞ウォーム＞コールドの[順]{じゅん:order}。",[892,822],"DR-site",{"id":894,"articleId":708,"question":895,"options":898,"correctLabel":17,"explanation":911,"tags":914},"kjh-mock-k2-q39",{"en":896,"jp":897},"Which correctly describes the clear desk \u002F clear screen policy?","クリアデスク・クリアスクリーンポリシーの[説明]{せつめい:description}として[正]{ただ:correct}しいものはどれか。",[899,902,905,908],{"label":17,"jp":900,"en":901},"[退社]{たいしゃ:leaving office}[時]{じ:time}に[机上]{きじょう:desktop}の[書類]{しょるい:documents}を[片付]{かたづ:tidy up}け、[離席]{りせき:leaving seat}[時]{じ:time}にPC[画面]{がめん:screen}をロックする","Tidying up desktop documents when leaving the office and locking the PC screen when leaving one's seat",{"label":21,"jp":903,"en":904},"デスクを[毎日]{まいにち:daily}[消毒]{しょうどく:disinfect}する","Disinfecting desks daily",{"label":25,"jp":906,"en":907},"モニターの[画面]{がめん:screen}を[毎日]{まいにち:daily}[清掃]{せいそう:clean}する","Cleaning the monitor screen daily",{"label":29,"jp":909,"en":910},"[不要]{ふよう:unnecessary}なアプリケーションを[削除]{さくじょ:delete}する","Deleting unnecessary applications",{"en":912,"jp":913},"Clear desk means not leaving confidential documents on desks; clear screen means locking the PC screen when away so information is not visible. These are different from physical cleaning or software management.","クリアデスクは[机上]{きじょう:desktop}に[機密]{きみつ:confidential}[書類]{しょるい:documents}を[放置]{ほうち:leave unattended}しないこと、クリアスクリーンは[離席]{りせき:leaving seat}[時]{じ:time}にPC[画面]{がめん:screen}をロックし[情報]{じょうほう:information}が[見]{み:see}えないようにすること。[物理的]{ぶつりてき:physical}な[清掃]{せいそう:cleaning}やソフトウェア[管理]{かんり:management}とは[異]{こと:different}なる[概念]{がいねん:concept}。",[915],"clear-desk-screen",{"id":917,"articleId":458,"question":918,"options":921,"correctLabel":29,"explanation":934,"tags":937},"kjh-mock-k2-q40",{"en":919,"jp":920},"Which is NOT included in the four items of physical safety management measures?","[物理的]{ぶつりてき:physical}[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}の4[項目]{こうもく:items}に[含]{ふく:include}まれないものはどれか。",[922,925,928,931],{"label":17,"jp":923,"en":924},"[管理]{かんり:managed}[区域]{くいき:zone}の[管理]{かんり:management}","Management of managed zones",{"label":21,"jp":926,"en":927},"[機器]{きき:equipment}・[電子]{でんし:electronic}[媒体]{ばいたい:media}の[盗難]{とうなん:theft}[防止]{ぼうし:prevention}","Theft prevention for equipment and electronic media",{"label":25,"jp":929,"en":930},"[電子]{でんし:electronic}[媒体]{ばいたい:media}の[廃棄]{はいき:disposal}","Disposal of electronic media",{"label":29,"jp":932,"en":933},"[従業者]{じゅうぎょうしゃ:employees}のSNS[利用]{りよう:usage}[制限]{せいげん:restriction}","Restricting employees' SNS usage",{"en":935,"jp":936},"The four items of physical safety management measures are: (1) management of managed zones, (2) management of handling zones, (3) theft prevention for equipment\u002Felectronic media, (4) measures for disposal of electronic media. SNS usage restriction falls under human or technical measures.","[物理的]{ぶつりてき:physical}[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}の4[項目]{こうもく:items}は、①[管理]{かんり:managed}[区域]{くいき:zone}の[管理]{かんり:management}、②[取扱]{とりあつかい:handling}[区域]{くいき:zone}の[管理]{かんり:management}、③[機器]{きき:equipment}・[電子]{でんし:electronic}[媒体]{ばいたい:media}等の[盗難]{とうなん:theft}[防止]{ぼうし:prevention}、④[電子]{でんし:electronic}[媒体]{ばいたい:media}等[廃棄]{はいき:disposal}[時]{じ:time}の[措置]{そち:measures}。SNS[利用]{りよう:usage}[制限]{せいげん:restriction}は[人的]{じんてき:human}または[技術的]{ぎじゅつてき:technical}[措置]{そち:measures}に[該当]{がいとう:fall under}する。",[775],{"id":939,"articleId":223,"question":940,"options":943,"correctLabel":25,"explanation":956,"tags":959},"kjh-mock-k2-q41",{"en":941,"jp":942},"Which correctly compares symmetric-key and public-key encryption?","[共通鍵]{きょうつうかぎ:symmetric key}[暗号]{あんごう:cipher}[方式]{ほうしき:method}と[公開鍵]{こうかいかぎ:public key}[暗号]{あんごう:cipher}[方式]{ほうしき:method}の[比較]{ひかく:comparison}として[正]{ただ:correct}しいものはどれか。",[944,947,950,953],{"label":17,"jp":945,"en":946},"[共通鍵]{きょうつうかぎ:symmetric key}[方式]{ほうしき:method}は[暗号化]{あんごうか:encryption}と[復号]{ふくごう:decryption}で[異]{こと:different}なる[鍵]{かぎ:key}を[使用]{しよう:use}する","The symmetric-key method uses different keys for encryption and decryption",{"label":21,"jp":948,"en":949},"[公開鍵]{こうかいかぎ:public key}[方式]{ほうしき:method}は[処理]{しょり:processing}[速度]{そくど:speed}が[共通鍵]{きょうつうかぎ:symmetric key}[方式]{ほうしき:method}より[速]{はや:fast}い","The public-key method processes faster than the symmetric-key method",{"label":25,"jp":951,"en":952},"[共通鍵]{きょうつうかぎ:symmetric key}[方式]{ほうしき:method}は[鍵]{かぎ:key}の[配送]{はいそう:distribution}[問題]{もんだい:problem}があり、[公開鍵]{こうかいかぎ:public key}[方式]{ほうしき:method}はその[問題]{もんだい:problem}を[解決]{かいけつ:solve}する","The symmetric-key method has a key distribution problem, which the public-key method solves",{"label":29,"jp":954,"en":955},"[両方式]{りょうほうしき:both methods}とも[鍵]{かぎ:key}の[管理]{かんり:management}は[同等]{どうとう:equal}に[容易]{ようい:easy}である","Key management is equally easy in both methods",{"en":957,"jp":958},"The symmetric-key method uses the same key for encryption\u002Fdecryption, making safe key distribution a challenge. The public-key method uses public\u002Fprivate key pairs, solving the distribution problem. However, symmetric-key processing is faster.","[共通鍵]{きょうつうかぎ:symmetric key}[方式]{ほうしき:method}は[同]{おな:same}じ[鍵]{かぎ:key}で[暗号化]{あんごうか:encrypt}・[復号]{ふくごう:decrypt}するため[鍵]{かぎ:key}の[安全]{あんぜん:safe}な[配送]{はいそう:distribution}が[課題]{かだい:challenge}。[公開鍵]{こうかいかぎ:public key}[方式]{ほうしき:method}は[公開鍵]{こうかいかぎ:public key}と[秘密鍵]{ひみつかぎ:private key}のペアを[使]{つか:use}い、[鍵]{かぎ:key}[配送]{はいそう:distribution}[問題]{もんだい:problem}を[解決]{かいけつ:solve}する。ただし[処理]{しょり:processing}[速度]{そくど:speed}は[共通鍵]{きょうつうかぎ:symmetric key}[方式]{ほうしき:method}の[方]{ほう:side}が[速]{はや:fast}い。",[960],"encryption",{"id":962,"articleId":223,"question":963,"options":966,"correctLabel":21,"explanation":979,"tags":982},"kjh-mock-k2-q42",{"en":964,"jp":965},"What can be verified through an electronic signature?","[電子]{でんし:electronic}[署名]{しょめい:signature}で[確認]{かくにん:verify}できることとして[正]{ただ:correct}しいものはどれか。",[967,970,973,976],{"label":17,"jp":968,"en":969},"[通信]{つうしん:communication}[内容]{ないよう:content}の[秘匿性]{ひとくせい:confidentiality}","Confidentiality of communication content",{"label":21,"jp":971,"en":972},"[送信者]{そうしんしゃ:sender}の[本人]{ほんにん:identity}[確認]{かくにん:verification}（[認証]{にんしょう:authentication}）とデータの[改]{かい:alter}ざん[検知]{けんち:detection}","Sender identity verification (authentication) and data tampering detection",{"label":25,"jp":974,"en":975},"データの[圧縮]{あっしゅく:compression}[率]{りつ:rate}","Data compression rate",{"label":29,"jp":977,"en":978},"[通信]{つうしん:communication}[速度]{そくど:speed}の[向上]{こうじょう:improvement}","Improvement of communication speed",{"en":980,"jp":981},"An electronic signature encrypts a hash value with the sender's private key, which the receiver verifies with the public key. This enables identity verification and tamper detection. Confidentiality is ensured through encryption, which is separate from signing.","[電子]{でんし:electronic}[署名]{しょめい:signature}は、[送信者]{そうしんしゃ:sender}の[秘密鍵]{ひみつかぎ:private key}でハッシュ[値]{ち:value}を[暗号化]{あんごうか:encrypt}し、[受信者]{じゅしんしゃ:receiver}が[公開鍵]{こうかいかぎ:public key}で[復号]{ふくごう:decrypt}して[検証]{けんしょう:verify}する。これにより[本人]{ほんにん:identity}[確認]{かくにん:verification}と[改]{かい:alter}ざん[検知]{けんち:detection}が[可能]{かのう:possible}。[秘匿性]{ひとくせい:confidentiality}は[暗号化]{あんごうか:encryption}で[確保]{かくほ:ensure}するもので[署名]{しょめい:signature}とは[別]{べつ:different}。",[983],"digital-signature",{"id":985,"articleId":986,"question":987,"options":990,"correctLabel":29,"explanation":1003,"tags":1006},"kjh-mock-k2-q43","kjh-k2-h04-gijutsu-jisshi",{"en":988,"jp":989},"Which does NOT correspond to one of the three factors of authentication?","[認証]{にんしょう:authentication}の3[要素]{ようそ:factors}に[該当]{がいとう:applicable}しないものはどれか。",[991,994,997,1000],{"label":17,"jp":992,"en":993},"[知識]{ちしき:knowledge}[情報]{じょうほう:information}（パスワードなど）","Knowledge information (e.g., password)",{"label":21,"jp":995,"en":996},"[所持]{しょじ:possession}[情報]{じょうほう:information}（ICカードなど）","Possession information (e.g., IC card)",{"label":25,"jp":998,"en":999},"[生体]{せいたい:biometric}[情報]{じょうほう:information}（[指紋]{しもん:fingerprint}など）","Biometric information (e.g., fingerprint)",{"label":29,"jp":1001,"en":1002},"[位置]{いち:location}[情報]{じょうほう:information}（GPS）","Location information (GPS)",{"en":1004,"jp":1005},"The three authentication factors are: knowledge (something you know), possession (something you have), and biometrics (something you are). Location information may be used supplementarily in risk-based authentication but is not one of the three factors.","[認証]{にんしょう:authentication}の3[要素]{ようそ:factors}は、[知識]{ちしき:knowledge}（Something you know）、[所持]{しょじ:possession}（Something you have）、[生体]{せいたい:biometric}（Something you are）である。[位置]{いち:location}[情報]{じょうほう:information}はリスクベース[認証]{にんしょう:authentication}で[補助的]{ほじょてき:supplementary}に[利用]{りよう:use}されることがあるが、3[要素]{ようそ:factors}には[含]{ふく:included}まれない。",[1007],"authentication",{"id":1009,"articleId":223,"question":1010,"options":1013,"correctLabel":21,"explanation":1026,"tags":1029},"kjh-mock-k2-q44",{"en":1011,"jp":1012},"Which correctly describes FRR (False Rejection Rate) in biometric authentication?","[生体]{せいたい:biometric}[認証]{にんしょう:authentication}における「FRR（[本人]{ほんにん:genuine person}[拒否率]{きょひりつ:rejection rate}）」の[説明]{せつめい:description}として[正]{ただ:correct}しいものはどれか。",[1014,1017,1020,1023],{"label":17,"jp":1015,"en":1016},"[他人]{たにん:another person}を[誤]{あやま:mistakenly}って[本人]{ほんにん:genuine person}と[認証]{にんしょう:authenticate}してしまう[割合]{わりあい:rate}","The rate at which another person is mistakenly authenticated as the genuine person",{"label":21,"jp":1018,"en":1019},"[本人]{ほんにん:genuine person}を[誤]{あやま:mistakenly}って[拒否]{きょひ:reject}してしまう[割合]{わりあい:rate}","The rate at which the genuine person is mistakenly rejected",{"label":25,"jp":1021,"en":1022},"[認証]{にんしょう:authentication}システムの[応答]{おうとう:response}[速度]{そくど:speed}","The response speed of the authentication system",{"label":29,"jp":1024,"en":1025},"[登録]{とうろく:registration}に[失敗]{しっぱい:failure}する[割合]{わりあい:rate}","The rate of registration failure",{"en":1027,"jp":1028},"FRR (False Rejection Rate) is the rate at which the genuine person is mistakenly rejected. Option A describes FAR (False Acceptance Rate). There is a trade-off: lowering FAR increases FRR.","FRR（False Rejection Rate：[本人]{ほんにん:genuine person}[拒否率]{きょひりつ:rejection rate}）は[本人]{ほんにん:genuine person}を[誤]{あやま:mistakenly}って[拒否]{きょひ:reject}する[割合]{わりあい:rate}。アはFAR（False Acceptance Rate：[他人]{たにん:another person}[受入率]{うけいれりつ:acceptance rate}）の[説明]{せつめい:description}。FARを[下]{さ:lower}げるとFRRが[上]{あ:rise}がるトレードオフの[関係]{かんけい:relationship}がある。",[1030,1031],"biometric-authentication","FAR-FRR",{"id":1033,"articleId":223,"question":1034,"options":1037,"correctLabel":25,"explanation":1050,"tags":1053},"kjh-mock-k2-q45",{"en":1035,"jp":1036},"Which access control method grants access authority based on roles?","アクセス[制御]{せいぎょ:control}[方式]{ほうしき:method}のうち、[役割]{やくわり:role}に[基]{もと:based}づいてアクセス[権限]{けんげん:authority}を[付与]{ふよ:grant}する[方式]{ほうしき:method}はどれか。",[1038,1041,1044,1047],{"label":17,"jp":1039,"en":1040},"DAC（[任意]{にんい:discretionary}アクセス[制御]{せいぎょ:control}）","DAC (Discretionary Access Control)",{"label":21,"jp":1042,"en":1043},"MAC（[強制]{きょうせい:mandatory}アクセス[制御]{せいぎょ:control}）","MAC (Mandatory Access Control)",{"label":25,"jp":1045,"en":1046},"RBAC（ロールベースアクセス[制御]{せいぎょ:control}）","RBAC (Role-Based Access Control)",{"label":29,"jp":1048,"en":1049},"ACL（アクセス[制御]{せいぎょ:control}リスト）","ACL (Access Control List)",{"en":1051,"jp":1052},"RBAC grants access authority based on user roles. DAC lets owners set permissions discretionarily, MAC is system-enforced mandatory control, and ACL controls via per-object permission lists.","RBACは[利用者]{りようしゃ:user}の[役割]{やくわり:role}（ロール）に[基]{もと:based}づいてアクセス[権限]{けんげん:authority}を[付与]{ふよ:grant}する[方式]{ほうしき:method}。DACは[所有者]{しょゆうしゃ:owner}が[任意]{にんい:discretionarily}に[権限]{けんげん:authority}を[設定]{せってい:set}、MACはシステムが[強制的]{きょうせいてき:mandatorily}に[制御]{せいぎょ:control}、ACLは[対象]{たいしょう:object}ごとの[許可]{きょか:permission}リストで[制御]{せいぎょ:control}する。",[1054,1055],"access-control","RBAC",{"id":1057,"articleId":223,"question":1058,"options":1061,"correctLabel":21,"explanation":1074,"tags":1077},"kjh-mock-k2-q46",{"en":1059,"jp":1060},"Which is most appropriate to place in a DMZ (Demilitarized Zone)?","DMZ（[非武装]{ひぶそう:demilitarized}[地帯]{ちたい:zone}）に[配置]{はいち:place}するのが[最]{もっと:most}も[適切]{てきせつ:appropriate}なものはどれか。",[1062,1065,1068,1071],{"label":17,"jp":1063,"en":1064},"[社内]{しゃない:internal}の[人事]{じんじ:HR}データベースサーバ","Internal HR database server",{"label":21,"jp":1066,"en":1067},"[公開]{こうかい:public}Webサーバ","Public web server",{"label":25,"jp":1069,"en":1070},"[経営]{けいえい:management}[陣]{じん:team}[専用]{せんよう:exclusive}のファイルサーバ","File server exclusively for the management team",{"label":29,"jp":1072,"en":1073},"[開発]{かいはつ:development}[用]{よう:for}のテストサーバ","Development test server",{"en":1075,"jp":1076},"A DMZ is a buffer zone between external and internal networks where servers needing external access (like public web servers and mail servers) are placed. Servers for internal use only should be on the internal network.","DMZは[外部]{がいぶ:external}ネットワークと[内部]{ないぶ:internal}ネットワークの[中間]{ちゅうかん:intermediate}に[設置]{せっち:set up}する[緩衝]{かんしょう:buffer}[地帯]{ちたい:zone}で、[公開]{こうかい:public}Webサーバやメールサーバなど[外部]{がいぶ:external}からのアクセスが[必要]{ひつよう:necessary}なサーバを[配置]{はいち:place}する。[社内]{しゃない:internal}[専用]{せんよう:exclusive}のサーバは[内部]{ないぶ:internal}ネットワークに[配置]{はいち:place}すべき。",[1078,1079],"DMZ","network",{"id":1081,"articleId":986,"question":1082,"options":1085,"correctLabel":17,"explanation":1098,"tags":1101},"kjh-mock-k2-q47",{"en":1083,"jp":1084},"Which correctly describes the difference between IDS and IPS?","IDS（[侵入]{しんにゅう:intrusion}[検知]{けんち:detection}システム）とIPS（[侵入]{しんにゅう:intrusion}[防止]{ぼうし:prevention}システム）の[違]{ちが:difference}いとして[正]{ただ:correct}しいものはどれか。",[1086,1089,1092,1095],{"label":17,"jp":1087,"en":1088},"IDSは[攻撃]{こうげき:attack}を[検知]{けんち:detect}して[通知]{つうち:notify}し、IPSは[検知]{けんち:detect}に[加]{くわ:in addition}え[自動的]{じどうてき:automatically}に[遮断]{しゃだん:block}する","IDS detects and notifies of attacks; IPS additionally blocks them automatically",{"label":21,"jp":1090,"en":1091},"IPSは[検知]{けんち:detection}のみでIDSが[遮断]{しゃだん:blocking}を[行]{おこな:carry out}う","IPS only detects while IDS blocks",{"label":25,"jp":1093,"en":1094},"[両者]{りょうしゃ:both}に[機能的]{きのうてき:functional}な[違]{ちが:difference}いはない","There is no functional difference between the two",{"label":29,"jp":1096,"en":1097},"IDSはファイアウォールの[一種]{いっしゅ:type}であり、IPSはウイルス[対策]{たいさく:countermeasure}ソフトの[一種]{いっしゅ:type}である","IDS is a type of firewall, and IPS is a type of antivirus software",{"en":1099,"jp":1100},"IDS (Intrusion Detection System) detects unauthorized access and notifies administrators. IPS (Intrusion Prevention System) additionally has the ability to automatically block communications.","IDS（Intrusion Detection System）は[不正]{ふせい:unauthorized}アクセスを[検知]{けんち:detect}して[管理者]{かんりしゃ:administrator}に[通知]{つうち:notify}する。IPS（Intrusion Prevention System）は[検知]{けんち:detect}に[加]{くわ:in addition}え、[自動的]{じどうてき:automatically}に[通信]{つうしん:communication}を[遮断]{しゃだん:block}する[機能]{きのう:function}を[持]{も:have}つ。",[1102,1103],"IDS","IPS",{"id":1105,"articleId":458,"question":1106,"options":1109,"correctLabel":29,"explanation":1122,"tags":1125},"kjh-mock-k2-q48",{"en":1107,"jp":1108},"Which does NOT fall under technical safety management measures?","[技術的]{ぎじゅつてき:technical}[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}に[該当]{がいとう:applicable}しないものはどれか。",[1110,1113,1116,1119],{"label":17,"jp":1111,"en":1112},"アクセス[制御]{せいぎょ:control}","Access control",{"label":21,"jp":1114,"en":1115},"[不正]{ふせい:unauthorized}ソフトウェア[対策]{たいさく:countermeasures}","Unauthorized software countermeasures",{"label":25,"jp":1117,"en":1118},"[情報]{じょうほう:information}システムの[使用]{しよう:use}に[伴]{ともな:accompany}う[漏]{ろう:leak}えい[防止]{ぼうし:prevention}","Leakage prevention accompanying information system use",{"label":29,"jp":1120,"en":1121},"[従業者]{じゅうぎょうしゃ:employees}との[秘密]{ひみつ:confidentiality}[保持]{ほじ:maintenance}[契約]{けいやく:agreement}の[締結]{ていけつ:conclusion}","Concluding confidentiality agreements with employees",{"en":1123,"jp":1124},"Confidentiality agreements fall under human safety management measures. Technical safety management measures include access control, access person identification\u002Fauthentication, unauthorized software countermeasures, and information system monitoring.","[秘密]{ひみつ:confidentiality}[保持]{ほじ:maintenance}[契約]{けいやく:agreement}は[人的]{じんてき:human}[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}に[該当]{がいとう:fall under}する。[技術的]{ぎじゅつてき:technical}[安全]{あんぜん:safety}[管理]{かんり:management}[措置]{そち:measures}は、アクセス[制御]{せいぎょ:control}、アクセス[者]{しゃ:person}の[識別]{しきべつ:identification}・[認証]{にんしょう:authentication}、[不正]{ふせい:unauthorized}ソフトウェア[対策]{たいさく:countermeasures}、[情報]{じょうほう:information}システムの[監視]{かんし:monitoring}などが[該当]{がいとう:fall under}する。",[1126],"technical-measures",{"id":1128,"articleId":986,"question":1129,"options":1132,"correctLabel":21,"explanation":1145,"tags":1148},"kjh-mock-k2-q49",{"en":1130,"jp":1131},"Which correctly describes the main function of SIEM (Security Information and Event Management)?","SIEM（Security Information and Event Management）の[主]{おも:main}な[機能]{きのう:function}として[正]{ただ:correct}しいものはどれか。",[1133,1136,1139,1142],{"label":17,"jp":1134,"en":1135},"マルウェアの[自動]{じどう:automatic}[駆除]{くじょ:removal}","Automatic malware removal",{"label":21,"jp":1137,"en":1138},"[複数]{ふくすう:multiple}のログを[統合的]{とうごうてき:comprehensively}に[収集]{しゅうしゅう:collect}・[分析]{ぶんせき:analyze}し、セキュリティ[脅威]{きょうい:threat}を[検知]{けんち:detect}する","Comprehensively collecting and analyzing multiple logs to detect security threats",{"label":25,"jp":1140,"en":1141},"[暗号鍵]{あんごうかぎ:encryption key}の[生成]{せいせい:generation}と[管理]{かんり:management}","Encryption key generation and management",{"label":29,"jp":1143,"en":1144},"[物理的]{ぶつりてき:physical}な[入退室]{にゅうたいしつ:entry\u002Fexit}[管理]{かんり:management}","Physical entry\u002Fexit management",{"en":1146,"jp":1147},"SIEM comprehensively collects and performs correlation analysis on logs from multiple devices (firewalls, IDS\u002FIPS, servers) to detect security threats. Malware removal is a function of EDR or antivirus software.","SIEMはファイアウォール、IDS\u002FIPS、サーバなど[複数]{ふくすう:multiple}の[機器]{きき:devices}から[出力]{しゅつりょく:output}されるログを[統合的]{とうごうてき:comprehensively}に[収集]{しゅうしゅう:collect}・[相関]{そうかん:correlation}[分析]{ぶんせき:analysis}し、セキュリティ[脅威]{きょうい:threat}を[検知]{けんち:detect}する。マルウェア[駆除]{くじょ:removal}はEDRやウイルス[対策]{たいさく:countermeasure}ソフトの[機能]{きのう:function}。",[1149,1150],"SIEM","log-management",{"id":1152,"articleId":986,"question":1153,"options":1156,"correctLabel":25,"explanation":1169,"tags":1172},"kjh-mock-k2-q50",{"en":1154,"jp":1155},"Which correctly describes the \"shared responsibility model\" in cloud services?","クラウドサービスにおける「[責任]{せきにん:responsibility}[共有]{きょうゆう:shared}モデル」の[説明]{せつめい:description}として[正]{ただ:correct}しいものはどれか。",[1157,1160,1163,1166],{"label":17,"jp":1158,"en":1159},"セキュリティ[対策]{たいさく:measures}は[全]{すべ:entirely}てクラウド[事業者]{じぎょうしゃ:provider}が[責任]{せきにん:responsibility}を[負]{お:bear}う","The cloud provider bears all responsibility for security measures",{"label":21,"jp":1161,"en":1162},"セキュリティ[対策]{たいさく:measures}は[全]{すべ:entirely}て[利用者]{りようしゃ:user}が[責任]{せきにん:responsibility}を[負]{お:bear}う","The user bears all responsibility for security measures",{"label":25,"jp":1164,"en":1165},"クラウド[事業者]{じぎょうしゃ:provider}と[利用者]{りようしゃ:user}がそれぞれの[範囲]{はんい:scope}でセキュリティ[責任]{せきにん:responsibility}を[分担]{ぶんたん:share}する","The cloud provider and user share security responsibilities within their respective scopes",{"label":29,"jp":1167,"en":1168},"[責任]{せきにん:responsibility}[範囲]{はんい:scope}はサービス[形態]{けいたい:type}（IaaS\u002FPaaS\u002FSaaS）に[関係]{かんけい:related}なく[一律]{いちりつ:uniform}である","The scope of responsibility is uniform regardless of service type (IaaS\u002FPaaS\u002FSaaS)",{"en":1170,"jp":1171},"The shared responsibility model means the cloud provider and user each bear security responsibilities within their respective scopes. In IaaS, the user's scope is wider; in SaaS, the provider's scope is wider. Responsibility scope varies by service type.","[責任]{せきにん:responsibility}[共有]{きょうゆう:shared}モデルは、クラウド[事業者]{じぎょうしゃ:provider}と[利用者]{りようしゃ:user}がそれぞれの[担当]{たんとう:charge}[範囲]{はんい:scope}でセキュリティ[責任]{せきにん:responsibility}を[負]{お:bear}う[考]{かんが:concept}え[方]{かた:way}。IaaSでは[利用者]{りようしゃ:user}の[責任]{せきにん:responsibility}[範囲]{はんい:scope}が[広]{ひろ:wide}く、SaaSでは[事業者]{じぎょうしゃ:provider}の[責任]{せきにん:responsibility}[範囲]{はんい:scope}が[広]{ひろ:wide}い。サービス[形態]{けいたい:type}によって[責任]{せきにん:responsibility}[範囲]{はんい:scope}は[異]{こと:differ}なる。",[1173,1174],"cloud","shared-responsibility",{"culture-anime-studio-ghibli":1176,"culture-bonsai-art":1180,"tech-cybozu-kintone-no-code":1184,"living-denki-gas-suidou":1188,"tech-gree-mobile-game-ops":1192,"culture-green-tea-types":1196,"living-gym-fitness":1200,"living-internet-hikari":1204,"living-jisha-de-kau":1208,"exam-jlpt-n3-grammar":1212,"exam-jlpt-n3-vocab":1216,"bj-job-gata-koyou":1220,"culture-kabuki-noh-bunraku":1224,"bj-karoushi-hatarakikata":1228,"living-keitai-mobile-plan":1232,"living-konbini-atm-banking":1236,"living-kosodate-hoiku":1240,"culture-nihon-teien":1244,"bj-nomikai-survival":1248,"tech-pixiv-image-cdn":1252,"culture-sake-shochu":1256,"bj-sankyu-ikukyu":1260,"tech-sansan-eight-platform":1264,"culture-shichi-go-san":1268,"bj-shukatsu-shinsotsu":1272,"tech-smartnews-recommendation":1276,"bj-taishoku-todoke":1280,"bj-telework-policy":1284,"bj-tenshoku-resume":1288,"tech-yahoo-japan-search":1292,"culture-anime-business":1296,"exam-ap":1300,"exam-aws-japan":1304,"law-chosakuken":1308,"tech-cookpad-recipe-search":1312,"tech-cybozu-kintone-api":1316,"tech-dena-observability":1320,"law-denshi-chouho":1324,"tech-digital-cho-cloud":1328,"exam-fe":1332,"tech-freee-accounting":1336,"law-furiransu-hou":1340,"law-harassment":1344,"tech-hatena-mackerel":1348,"bj-hourensou":1352,"bj-hyouka-mendan":1356,"law-invoice":1360,"exam-it-passport":1364,"culture-izakaya":1368,"culture-j-league":1372,"culture-jinja-tera":1376,"exam-jlpt-n1-dokkai":1380,"exam-jlpt-n2-business":1384,"bj-kaigi-manner":1388,"living-kakutei-shinkoku":1392,"bj-keigo-kihon":1396,"law-keihin-hyouji":1400,"living-kenkou-hoken":1404,"living-kosei-nenkin":1408,"tech-line-llmops":1412,"tech-line-streaming":1416,"living-chintai-keiyaku":1420,"living-eijuken":1424,"living-engineer-visa":1428,"living-ginkou-koza":1432,"living-hikkoshi-checklist":1436,"living-koudo-senmon":1440,"culture-matsuri":1444,"bj-meishi-koukan":1448,"tech-mercari-merpay-id":1452,"tech-mercari-microservices":1456,"tech-mf-multitenant":1460,"bj-nemawashi-ringi":1464,"living-nenmatsu-chousei":1468,"bj-1on1":1472,"bj-online-kaigi":1476,"culture-onsen":1480,"culture-pro-baseball":1484,"culture-ramen":1488,"tech-recruit-data-platform":1492,"law-roukikihou-kihon":1496,"culture-sado":1500,"culture-sandou":1504,"culture-seasonal-events":1508,"exam-sg":1512,"bj-shagai-mail":1516,"bj-shanai-mail":1520,"culture-sumo":1524,"culture-sushi":1528,"culture-washoku":1532,"law-yuukyuu-kyuuka":1536,"kjh-k1-h04-anzen-kanri":1540,"bill-one-auth":1543,"contract-one-vision":1547,"kjh-k1-h04-daisan-sha-teikyou":1551,"eight-web-renewal":1555,"kjh-k1-h04-gaikoku-kiroku":1559,"kjh-k2-h04-gijutsu-jisshi":1563,"kjh-k2-h04-gijutsu-kiso":1566,"kjh-k1-h01-hotaikei":1569,"kjh-k1-h06-hoyu-data":1572,"kjh-k1-h07-kamei-kakou":1576,"kjh-k1-h05-kanren-joho":1580,"kjh-k1-h02-kihon-rinen":1584,"kjh-k1-h09-jikkousei":1588,"kjh-k1-h10-gyousei":1592,"kjh-k1-h11-my-number-hogo":1596,"kjh-k1-h11-my-number-sousoku":1600,"kjh-k2-h01-guideline":1604,"kjh-k2-h01-security-kiso":1607,"kjh-k2-h02-anzen-kanri-sochi":1610,"kjh-k2-h02-soshiki-kiso":1613,"kjh-k2-h03-office":1616,"kjh-k1-h03-riyou-mokuteki":1619,"sansan-data-intelligence":1623,"sansan-engineer-team-infra":1627,"sansan-honne-15":1631,"sansan-interview-110":1635,"sansan-interview-126":1639,"sansan-interview-127":1643,"sansan-interview-130":1647,"sansan-interview-40":1651,"sansan-oyaco":1655,"kjh-k1-h03-tekisei-shutoku":1659,"kjh-k1-h08-tokumei-kakou":1663},{"articleId":1177,"path":1178,"title":1179},"culture-anime-studio-ghibli","\u002Farticles\u002Fculture\u002Fanime-studio-ghibli","スタジオジブリ作品史 — 宮崎駿・高畑勲・鈴木敏夫が築いた40年",{"articleId":1181,"path":1182,"title":1183},"culture-bonsai-art","\u002Farticles\u002Fculture\u002Fbonsai-art","盆栽の世界 — 小宇宙を育てる日本の芸術",{"articleId":1185,"path":1186,"title":1187},"tech-cybozu-kintone-no-code","\u002Farticles\u002Ftech\u002Fcybozu-kintone-no-code","kintoneのローコード戦略 — 業務アプリを誰でも作れる仕組み",{"articleId":1189,"path":1190,"title":1191},"living-denki-gas-suidou","\u002Farticles\u002Fliving-in-japan\u002Fdenki-gas-suidou","電気・ガス・水道の契約 — 引越し時のライフライン手続き",{"articleId":1193,"path":1194,"title":1195},"tech-gree-mobile-game-ops","\u002Farticles\u002Ftech\u002Fgree-mobile-game-ops","GREEのモバイルゲーム運用 — リアルタイム対戦と決済の裏側",{"articleId":1197,"path":1198,"title":1199},"culture-green-tea-types","\u002Farticles\u002Fculture\u002Fgreen-tea-types","日本茶の種類と淹れ方 — 煎茶・玉露・抹茶の違い",{"articleId":1201,"path":1202,"title":1203},"living-gym-fitness","\u002Farticles\u002Fliving-in-japan\u002Fgym-fitness","ジムとフィットネスクラブ — 入会から解約までの実務ガイド",{"articleId":1205,"path":1206,"title":1207},"living-internet-hikari","\u002Farticles\u002Fliving-in-japan\u002Finternet-hikari-keiyaku","光回線とネット契約 — フレッツ・NURO・auひかり比較",{"articleId":1209,"path":1210,"title":1211},"living-jisha-de-kau","\u002Farticles\u002Fliving-in-japan\u002Fjisha-de-kau","日本で不動産を買う — 外国人でも住宅ローンを組む方法",{"articleId":1213,"path":1214,"title":1215},"exam-jlpt-n3-grammar","\u002Farticles\u002Fexams\u002Fjlpt-n3-grammar","JLPT N3 文法 — 初級から中級への橋渡し",{"articleId":1217,"path":1218,"title":1219},"exam-jlpt-n3-vocab","\u002Farticles\u002Fexams\u002Fjlpt-n3-vocab","JLPT N3 語彙対策 — 1500語をどう攻略するか",{"articleId":1221,"path":1222,"title":1223},"bj-job-gata-koyou","\u002Farticles\u002Fbusiness-japanese\u002Fjob-gata-koyou","ジョブ型雇用への移行 — メンバーシップ型からの脱却",{"articleId":1225,"path":1226,"title":1227},"culture-kabuki-noh-bunraku","\u002Farticles\u002Fculture\u002Fkabuki-noh-bunraku","歌舞伎・能・文楽 — 日本三大伝統演劇の世界",{"articleId":1229,"path":1230,"title":1231},"bj-karoushi-hatarakikata","\u002Farticles\u002Fbusiness-japanese\u002Fkaroushi-hatarakikata","過労死と働き方改革 — 残業規制の歴史と現状",{"articleId":1233,"path":1234,"title":1235},"living-keitai-mobile-plan","\u002Farticles\u002Fliving-in-japan\u002Fkeitai-mobile-plan","携帯電話契約の選び方 — 大手キャリア・MVNO・eSIM完全ガイド",{"articleId":1237,"path":1238,"title":1239},"living-konbini-atm-banking","\u002Farticles\u002Fliving-in-japan\u002Fkonbini-atm-banking","コンビニATMと電子マネー — 現金とキャッシュレスのハイブリッド生活",{"articleId":1241,"path":1242,"title":1243},"living-kosodate-hoiku","\u002Farticles\u002Fliving-in-japan\u002Fkosodate-hoiku","子育て支援と保育園 — 児童手当・保活・無償化制度",{"articleId":1245,"path":1246,"title":1247},"culture-nihon-teien","\u002Farticles\u002Fculture\u002Fnihon-teien","日本庭園の世界 — 池泉・枯山水・露地の様式",{"articleId":1249,"path":1250,"title":1251},"bj-nomikai-survival","\u002Farticles\u002Fbusiness-japanese\u002Fnomikai-survival","飲み会・ノミニケーション完全攻略 — 新人エンジニアのサバイバルガイド",{"articleId":1253,"path":1254,"title":1255},"tech-pixiv-image-cdn","\u002Farticles\u002Ftech\u002Fpixiv-image-cdn","pixivの画像配信基盤 — 数億イラストを世界に届ける技術",{"articleId":1257,"path":1258,"title":1259},"culture-sake-shochu","\u002Farticles\u002Fculture\u002Fsake-shochu","日本酒と焼酎入門 — 製法・産地・飲み方の基礎",{"articleId":1261,"path":1262,"title":1263},"bj-sankyu-ikukyu","\u002Farticles\u002Fbusiness-japanese\u002Fsankyu-ikukyu","産休・育休制度の実務 — 取得スケジュールと給付金",{"articleId":1265,"path":1266,"title":1267},"tech-sansan-eight-platform","\u002Farticles\u002Ftech\u002Fsansan-eight-platform","Eight 名刺SaaSの基盤進化 — モバイルから法人向けプラットフォームへ",{"articleId":1269,"path":1270,"title":1271},"culture-shichi-go-san","\u002Farticles\u002Fculture\u002Fshichi-go-san","七五三 — 子供の成長を祝う伝統行事",{"articleId":1273,"path":1274,"title":1275},"bj-shukatsu-shinsotsu","\u002Farticles\u002Fbusiness-japanese\u002Fshukatsu-shinsotsu","新卒就活の流れ — エントリーシートから内定まで",{"articleId":1277,"path":1278,"title":1279},"tech-smartnews-recommendation","\u002Farticles\u002Ftech\u002Fsmartnews-recommendation","SmartNewsの推薦システム — ニュースを最適化する機械学習",{"articleId":1281,"path":1282,"title":1283},"bj-taishoku-todoke","\u002Farticles\u002Fbusiness-japanese\u002Ftaishoku-todoke","退職届と退職願 — 違いと書き方、円満退職への手順",{"articleId":1285,"path":1286,"title":1287},"bj-telework-policy","\u002Farticles\u002Fbusiness-japanese\u002Ftelework-policy","テレワーク制度の現状 — コロナ後の在宅勤務とハイブリッド",{"articleId":1289,"path":1290,"title":1291},"bj-tenshoku-resume","\u002Farticles\u002Fbusiness-japanese\u002Ftenshoku-resume","転職活動の進め方 — 履歴書と職務経歴書の書き方",{"articleId":1293,"path":1294,"title":1295},"tech-yahoo-japan-search","\u002Farticles\u002Ftech\u002Fyahoo-japan-search","Yahoo! JAPAN検索の基盤 — 日本語特化の大規模検索システム",{"articleId":1297,"path":1298,"title":1299},"culture-anime-business","\u002Farticles\u002Fculture\u002Fanime-business","アニメ・漫画文化と産業構造 — グローバル展開の現状",{"articleId":1301,"path":1302,"title":1303},"exam-ap","\u002Farticles\u002Fexams\u002Fap","応用情報技術者試験 — 重点出題分野",{"articleId":1305,"path":1306,"title":1307},"exam-aws-japan","\u002Farticles\u002Fexams\u002Faws-japan","AWS認定 — 日本語受験のコツ",{"articleId":1309,"path":1310,"title":1311},"law-chosakuken","\u002Farticles\u002Flaw\u002Fchosakuken","著作権法 — エンジニアが知っておくべき基礎",{"articleId":1313,"path":1314,"title":1315},"tech-cookpad-recipe-search","\u002Farticles\u002Ftech\u002Fcookpad-recipe-search-ranking","Cookpadのレシピ検索 — 学習to-rank実装",{"articleId":1317,"path":1318,"title":1319},"tech-cybozu-kintone-api","\u002Farticles\u002Ftech\u002Fcybozu-kintone-api-design","kintone API設計の十年 — 後方互換性との戦い",{"articleId":1321,"path":1322,"title":1323},"tech-dena-observability","\u002Farticles\u002Ftech\u002Fdena-mobile-game-observability","DeNAのモバイルゲーム監視基盤",{"articleId":1325,"path":1326,"title":1327},"law-denshi-chouho","\u002Farticles\u002Flaw\u002Fdenshi-chouho","電子帳簿保存法 — スキャナ保存と電子取引保存の対応",{"articleId":1329,"path":1330,"title":1331},"tech-digital-cho-cloud","\u002Farticles\u002Ftech\u002Fdigital-cho-government-cloud","デジタル庁ガバメントクラウド技術詳細",{"articleId":1333,"path":1334,"title":1335},"exam-fe","\u002Farticles\u002Fexams\u002Ffe","基本情報技術者試験 — シラバス全体像",{"articleId":1337,"path":1338,"title":1339},"tech-freee-accounting","\u002Farticles\u002Ftech\u002Ffreee-accounting-integrity","freeeの会計データ整合性 — 仕訳バランスの自動検証",{"articleId":1341,"path":1342,"title":1343},"law-furiransu-hou","\u002Farticles\u002Flaw\u002Ffuriransu-hou","フリーランス保護法（2024年施行）— 取引適正化のポイント",{"articleId":1345,"path":1346,"title":1347},"law-harassment","\u002Farticles\u002Flaw\u002Fharassment","ハラスメント関連法 — パワハラ・セクハラ・マタハラ防止義務",{"articleId":1349,"path":1350,"title":1351},"tech-hatena-mackerel","\u002Farticles\u002Ftech\u002Fhatena-mackerel-alert-design","MackerelのAlert設計思想",{"articleId":1353,"path":1354,"title":1355},"bj-hourensou","\u002Farticles\u002Fbusiness-japanese\u002Fhourensou","報・連・相 — 日本企業のコミュニケーションの基本",{"articleId":1357,"path":1358,"title":1359},"bj-hyouka-mendan","\u002Farticles\u002Fbusiness-japanese\u002Fhyouka-mendan","評価面談の準備と振り返り",{"articleId":1361,"path":1362,"title":1363},"law-invoice","\u002Farticles\u002Flaw\u002Finvoice-seido","インボイス制度の仕組みと実務 — 適格請求書発行事業者",{"articleId":1365,"path":1366,"title":1367},"exam-it-passport","\u002Farticles\u002Fexams\u002Fit-passport","ITパスポート試験 — 概要と学習法",{"articleId":1369,"path":1370,"title":1371},"culture-izakaya","\u002Farticles\u002Fculture\u002Fizakaya","居酒屋文化と乾杯のマナー — お通しから締めまで",{"articleId":1373,"path":1374,"title":1375},"culture-j-league","\u002Farticles\u002Fculture\u002Fj-league","Jリーグの歴史と地域密着 — 1993年開幕から30年",{"articleId":1377,"path":1378,"title":1379},"culture-jinja-tera","\u002Farticles\u002Fculture\u002Fjinja-tera","神社と寺の違い、参拝マナー",{"articleId":1381,"path":1382,"title":1383},"exam-jlpt-n1-dokkai","\u002Farticles\u002Fexams\u002Fjlpt-n1-dokkai","JLPT N1 — 読解問題のアプローチ",{"articleId":1385,"path":1386,"title":1387},"exam-jlpt-n2-business","\u002Farticles\u002Fexams\u002Fjlpt-n2-business","JLPT N2 — ビジネス語彙集中対策",{"articleId":1389,"path":1390,"title":1391},"bj-kaigi-manner","\u002Farticles\u002Fbusiness-japanese\u002Fkaigi-manner","会議のマナーと進め方 — 司会から議事録まで",{"articleId":1393,"path":1394,"title":1395},"living-kakutei-shinkoku","\u002Farticles\u002Fliving-in-japan\u002Fkakutei-shinkoku","確定申告の基本 — 給与所得・副業・控除",{"articleId":1397,"path":1398,"title":1399},"bj-keigo-kihon","\u002Farticles\u002Fbusiness-japanese\u002Fkeigo-kihon","ビジネス敬語の基本 — 尊敬語・謙譲語・丁寧語の使い分け",{"articleId":1401,"path":1402,"title":1403},"law-keihin-hyouji","\u002Farticles\u002Flaw\u002Fkeihin-hyouji","改正景品表示法とステマ規制 — マーケティングの法的注意点",{"articleId":1405,"path":1406,"title":1407},"living-kenkou-hoken","\u002Farticles\u002Fliving-in-japan\u002Fkenkou-hoken","健康保険の入門 — 国保と社保の違い",{"articleId":1409,"path":1410,"title":1411},"living-kosei-nenkin","\u002Farticles\u002Fliving-in-japan\u002Fkosei-nenkin","厚生年金と国民年金 — 老後の備えと現役の負担",{"articleId":1413,"path":1414,"title":1415},"tech-line-llmops","\u002Farticles\u002Ftech\u002Fline-llmops","LINEのLLMOps — 大規模言語モデル運用の取り組み",{"articleId":1417,"path":1418,"title":1419},"tech-line-streaming","\u002Farticles\u002Ftech\u002Fline-streaming","LINEの大規模リアルタイム配信基盤",{"articleId":1421,"path":1422,"title":1423},"living-chintai-keiyaku","\u002Farticles\u002Fliving-in-japan\u002Fliving-chintai-keiyaku","賃貸契約と保証会社 — 礼金・敷金から保証料まで",{"articleId":1425,"path":1426,"title":1427},"living-eijuken","\u002Farticles\u002Fliving-in-japan\u002Fliving-eijuken","永住権申請の最新基準 — 一般・高度専門職ルート比較",{"articleId":1429,"path":1430,"title":1431},"living-engineer-visa","\u002Farticles\u002Fliving-in-japan\u002Fliving-engineer-visa","エンジニアの在留資格 — 「技術・人文知識・国際業務」ビザの取得手順",{"articleId":1433,"path":1434,"title":1435},"living-ginkou-koza","\u002Farticles\u002Fliving-in-japan\u002Fliving-ginkou-koza","銀行口座開設とクレジットカード — 外国人エンジニアの実務",{"articleId":1437,"path":1438,"title":1439},"living-hikkoshi-checklist","\u002Farticles\u002Fliving-in-japan\u002Fliving-hikkoshi-checklist","引越し手続きチェックリスト — 役所・ライフライン・住所変更",{"articleId":1441,"path":1442,"title":1443},"living-koudo-senmon","\u002Farticles\u002Fliving-in-japan\u002Fliving-koudo-senmon","高度専門職ビザの実務 — ポイント制度と特権",{"articleId":1445,"path":1446,"title":1447},"culture-matsuri","\u002Farticles\u002Fculture\u002Fmatsuri","日本の祭り — 季節と地域の象徴",{"articleId":1449,"path":1450,"title":1451},"bj-meishi-koukan","\u002Farticles\u002Fbusiness-japanese\u002Fmeishi-koukan","名刺交換の作法 — 第一印象を決める数十秒",{"articleId":1453,"path":1454,"title":1455},"tech-mercari-merpay-id","\u002Farticles\u002Ftech\u002Fmercari-merpay-id","メルペイのID基盤 — eKYC・本人確認の技術",{"articleId":1457,"path":1458,"title":1459},"tech-mercari-microservices","\u002Farticles\u002Ftech\u002Fmercari-microservices-migration","Mercariのマイクロサービス移行 — モノリスから次世代へ",{"articleId":1461,"path":1462,"title":1463},"tech-mf-multitenant","\u002Farticles\u002Ftech\u002Fmoneyforward-multitenant-saas","Money Forwardのマルチテナント設計 — データ分離とセキュリティ",{"articleId":1465,"path":1466,"title":1467},"bj-nemawashi-ringi","\u002Farticles\u002Fbusiness-japanese\u002Fnemawashi-ringi","根回しと稟議 — 日本企業の意思決定の仕組み",{"articleId":1469,"path":1470,"title":1471},"living-nenmatsu-chousei","\u002Farticles\u002Fliving-in-japan\u002Fnenmatsu-chousei","年末調整の仕組み — 会社員のための税精算",{"articleId":1473,"path":1474,"title":1475},"bj-1on1","\u002Farticles\u002Fbusiness-japanese\u002Fone-on-one","1on1ミーティングの活用法 — 上司と部下の対話",{"articleId":1477,"path":1478,"title":1479},"bj-online-kaigi","\u002Farticles\u002Fbusiness-japanese\u002Fonline-kaigi","オンライン会議のエチケット — Zoom時代のビジネスマナー",{"articleId":1481,"path":1482,"title":1483},"culture-onsen","\u002Farticles\u002Fculture\u002Fonsen","温泉文化と入浴マナー — 名湯巡りの楽しみ方",{"articleId":1485,"path":1486,"title":1487},"culture-pro-baseball","\u002Farticles\u002Fculture\u002Fpro-baseball","プロ野球と高校野球 — 国民的スポーツの二つの顔",{"articleId":1489,"path":1490,"title":1491},"culture-ramen","\u002Farticles\u002Fculture\u002Framen","ラーメン地域ごとの違い — 札幌・博多・喜多方",{"articleId":1493,"path":1494,"title":1495},"tech-recruit-data-platform","\u002Farticles\u002Ftech\u002Frecruit-data-platform","Recruit データ基盤刷新事例 — 数十サービスの統合",{"articleId":1497,"path":1498,"title":1499},"law-roukikihou-kihon","\u002Farticles\u002Flaw\u002Froukikihou-kihon","労働基準法の基本 — 労働時間・休憩・残業規制",{"articleId":1501,"path":1502,"title":1503},"culture-sado","\u002Farticles\u002Fculture\u002Fsado","茶道入門 — 千利休と侘び寂びの精神",{"articleId":1505,"path":1506,"title":1507},"culture-sandou","\u002Farticles\u002Fculture\u002Fsandou","茶華書三道 — 日本の精神を体現する三つの道",{"articleId":1509,"path":1510,"title":1511},"culture-seasonal-events","\u002Farticles\u002Fculture\u002Fseasonal-events","季節の行事 — 正月から年末まで日本の年中行事",{"articleId":1513,"path":1514,"title":1515},"exam-sg","\u002Farticles\u002Fexams\u002Fsg","情報セキュリティマネジメント試験 — 管理者向けセキュリティ",{"articleId":1517,"path":1518,"title":1519},"bj-shagai-mail","\u002Farticles\u002Fbusiness-japanese\u002Fshagai-mail","社外メールの書き方 — お詫び・依頼・確認",{"articleId":1521,"path":1522,"title":1523},"bj-shanai-mail","\u002Farticles\u002Fbusiness-japanese\u002Fshanai-mail","社内メールの書き方 — 件名から結びまで",{"articleId":1525,"path":1526,"title":1527},"culture-sumo","\u002Farticles\u002Fculture\u002Fsumo","大相撲 — 番付と力士の生活",{"articleId":1529,"path":1530,"title":1531},"culture-sushi","\u002Farticles\u002Fculture\u002Fsushi","寿司の歴史と種類 — なれずしから江戸前まで",{"articleId":1533,"path":1534,"title":1535},"culture-washoku","\u002Farticles\u002Fculture\u002Fwashoku","和食 — ユネスコ無形文化遺産と一汁三菜",{"articleId":1537,"path":1538,"title":1539},"law-yuukyuu-kyuuka","\u002Farticles\u002Flaw\u002Fyuukyuu-kyuuka","有給休暇の取得ルールと最新改正",{"articleId":458,"path":1541,"title":1542},"\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-1\u002Fanzen-kanri","課題Ⅰ 第４編① 個人データに関する義務 ― 正確性の確保・安全管理措置・漏えい報告",{"articleId":1544,"path":1545,"title":1546},"bill-one-auth","\u002Farticles\u002Fsoftware%2Fcompanies%2Fsansan\u002Fbill-one-auth","インボイス管理サービスBill Oneの認証を内製認証基盤に置き換えて認証基盤のコストを削減した話",{"articleId":1548,"path":1549,"title":1550},"contract-one-vision","\u002Farticles\u002Fsoftware%2Fcompanies%2Fsansan\u002Fcontract-one-vision","契約書を\"意思決定のインフラ\"に──Contract Oneで挑む、新たな価値創造",{"articleId":1552,"path":1553,"title":1554},"kjh-k1-h04-daisan-sha-teikyou","\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-1\u002Fdaisan-sha-teikyou","課題Ⅰ 第４編② 第三者提供の制限 ― 同意・オプトアウト・非該当類型",{"articleId":1556,"path":1557,"title":1558},"eight-web-renewal","\u002Farticles\u002Fsoftware%2Fcompanies%2Fsansan\u002Feight-web-renewal","Web版Eightのリニューアルと、安全なリリースのための取り組み",{"articleId":1560,"path":1561,"title":1562},"kjh-k1-h04-gaikoku-kiroku","\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-1\u002Fgaikoku-kiroku","課題Ⅰ 第４編③ 外国にある第三者への提供の制限・記録義務・確認義務（法28条〜30条）",{"articleId":986,"path":1564,"title":1565},"\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-2\u002Fgijutsu-jisshi","課題Ⅱ 第４編② 技術的安全管理措置の実施項目",{"articleId":223,"path":1567,"title":1568},"\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-2\u002Fgijutsu-kiso","課題Ⅱ 第４編① 技術的セキュリティ対策の基礎知識",{"articleId":270,"path":1570,"title":1571},"\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-1\u002Fhotaikei","課題Ⅰ 第１編 個人情報保護の法体系と各種認定制度",{"articleId":1573,"path":1574,"title":1575},"kjh-k1-h06-hoyu-data","\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-1\u002Fhoyu-data","課題Ⅰ 第６編 保有個人データに関する義務",{"articleId":1577,"path":1578,"title":1579},"kjh-k1-h07-kamei-kakou","\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-1\u002Fkamei-kakou","課題Ⅰ 第７編 仮名加工情報（法41条・42条）",{"articleId":1581,"path":1582,"title":1583},"kjh-k1-h05-kanren-joho","\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-1\u002Fkanren-joho","課題Ⅰ 第５編 個人関連情報に関する義務（法31条）",{"articleId":1585,"path":1586,"title":1587},"kjh-k1-h02-kihon-rinen","\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-1\u002Fkihon-rinen","課題Ⅰ 第２編 個人情報保護法の目的・基本理念と用語の定義",{"articleId":1589,"path":1590,"title":1591},"kjh-k1-h09-jikkousei","\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-1\u002Fkjh-k1-h09-jikkousei","課題Ⅰ 第９編 実効性を担保する仕組み等",{"articleId":1593,"path":1594,"title":1595},"kjh-k1-h10-gyousei","\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-1\u002Fkjh-k1-h10-gyousei","課題Ⅰ 第10編 行政機関等における個人情報等の取扱い",{"articleId":1597,"path":1598,"title":1599},"kjh-k1-h11-my-number-hogo","\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-1\u002Fkjh-k1-h11-my-number-hogo","課題Ⅰ 第11編② マイナンバー法 ― 特定個人情報の提供制限・保護・監督・罰則（法19条〜57条）",{"articleId":1601,"path":1602,"title":1603},"kjh-k1-h11-my-number-sousoku","\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-1\u002Fkjh-k1-h11-my-number-sousoku","課題Ⅰ 第11編① マイナンバー法 ― 総則・個人番号・個人番号カード（法1条〜18条の5）",{"articleId":294,"path":1605,"title":1606},"\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-2\u002Fkjh-k2-h01-guideline","課題Ⅱ 第１編② セキュリティ対策基準とガイドライン",{"articleId":11,"path":1608,"title":1609},"\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-2\u002Fkjh-k2-h01-security-kiso","課題Ⅱ 第１編① 情報セキュリティの基礎と脅威",{"articleId":505,"path":1611,"title":1612},"\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-2\u002Fkjh-k2-h02-anzen-kanri-sochi","課題Ⅱ 第２編② 組織的・人的セキュリティ ― 安全管理措置・委託先監督・事故対応",{"articleId":365,"path":1614,"title":1615},"\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-2\u002Fkjh-k2-h02-soshiki-kiso","課題Ⅱ 第２編① 組織的・人的セキュリティ ― 基本方針の策定からリスク管理・規程整備まで",{"articleId":708,"path":1617,"title":1618},"\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-2\u002Foffice","課題Ⅱ 第３編 オフィスセキュリティ",{"articleId":1620,"path":1621,"title":1622},"kjh-k1-h03-riyou-mokuteki","\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-1\u002Friyou-mokuteki","課題Ⅰ 第３編① 利用目的の特定・変更と利用目的による制限、不適正な利用の禁止",{"articleId":1624,"path":1625,"title":1626},"sansan-data-intelligence","\u002Farticles\u002Fsoftware%2Fcompanies%2Fsansan\u002Fsansan-data-intelligence","Sansan Data Intelligenceリリースに寄せて",{"articleId":1628,"path":1629,"title":1630},"sansan-engineer-team-infra","\u002Farticles\u002Fsoftware%2Fcompanies%2Fsansan\u002Fsansan-engineer-team-infra","Sansan Engineer Team：インフラ戦略部",{"articleId":1632,"path":1633,"title":1634},"sansan-honne-15","\u002Farticles\u002Fsoftware%2Fcompanies%2Fsansan\u002Fsansan-honne-15","入社後のホンネ［技術本部 データ戦略部 Infrastructureグループ 渡邉 友］",{"articleId":1636,"path":1637,"title":1638},"sansan-interview-110","\u002Farticles\u002Fsoftware%2Fcompanies%2Fsansan\u002Fsansan-interview-110","SIer出身者が活躍する理由とは。Sansanを牽引するプロダクト開発に挑み続ける",{"articleId":1640,"path":1641,"title":1642},"sansan-interview-126","\u002Farticles\u002Fsoftware%2Fcompanies%2Fsansan\u002Fsansan-interview-126","AIと協働する開発組織、そして技術の深化。Sansan 新CTO笹川が語るビジョン",{"articleId":1644,"path":1645,"title":1646},"sansan-interview-127","\u002Farticles\u002Fsoftware%2Fcompanies%2Fsansan\u002Fsansan-interview-127","Sansanの技術基盤を関西から築く。新設組織で未来を創る、エンジニアの挑戦",{"articleId":1648,"path":1649,"title":1650},"sansan-interview-130","\u002Farticles\u002Fsoftware%2Fcompanies%2Fsansan\u002Fsansan-interview-130","Sansanの全社基盤を支えるPlatform Engineering Unitの挑戦",{"articleId":1652,"path":1653,"title":1654},"sansan-interview-40","\u002Farticles\u002Fsoftware%2Fcompanies%2Fsansan\u002Fsansan-interview-40","膨大な量のデータを平然と処理する。Sansanのインフラのすごさが、そこに表れている。",{"articleId":1656,"path":1657,"title":1658},"sansan-oyaco","\u002Farticles\u002Fsoftware%2Fcompanies%2Fsansan\u002Fsansan-oyaco","仕事と子育ての両立を支援する制度「OYACO」",{"articleId":1660,"path":1661,"title":1662},"kjh-k1-h03-tekisei-shutoku","\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-1\u002Ftekisei-shutoku","課題Ⅰ 第３編② 適正な取得・要配慮個人情報・利用目的の通知",{"articleId":1664,"path":1665,"title":1666},"kjh-k1-h08-tokumei-kakou","\u002Farticles\u002Fkojin-joho-hogo%2Fkadai-1\u002Ftokumei-kakou","課題Ⅰ 第８編 匿名加工情報に関する義務等（法43条〜46条）"]