[{"data":1,"prerenderedAt":44},["ShallowReactive",2],{"q-fintech-21-034":3},{"exam":4,"examName":5,"chapterSlug":6,"question":7,"related":22},"fintech","金融科技力知識檢定","c14",{"id":8,"exam":4,"session":9,"qno":10,"question":11,"options":12,"answer":17,"chapter":18,"freq":19,"explanation":20,"difficulty":21},"fintech-21-034","21",34,"金融機構在導入大型語言模型處理內部文本時，受金管會指引與個資法約束，首先應落實下列哪類基本控管以降低資料外洩風險？",[13,14,15,16],"無限制外呼 API","隨意上傳個資到第三方","敏感資料遮蔽、權限控管與存取稽核","將資料寄到私人信箱",2,"資訊安全與風險管理",1,"導入大型語言模型處理內部文本，首要控管是防堵個資與機敏資訊外流：先做敏感資料遮蔽（去識別化），再依最小權限原則控管存取並留存稽核軌跡，符合金管會指引與個資法要求，故(C)正確。(A)(B)(D)都是擴大外洩風險的違規行為。","easy",[23,27,31,35,38,41],{"id":24,"question":25,"qno":26},"fintech-19-028","下列何者非 Gartner(2014)對資安防護作法的正確敘述？",28,{"id":28,"question":29,"qno":30},"fintech-19-029","2017 年襲捲全球一百多個國家的「想哭(Wanna Cry)」勒索病毒，台灣金融業損失輕微，下列何者不是主要原因？",29,{"id":32,"question":33,"qno":34},"fintech-19-058","依據「金融機構使用物聯網設備安全控管規範」之規定，金融機構應建立物聯網設備管理清冊並至少多久時間更新一次，以識別設備用途、設備 IP、存放位置與管理人員，評估適當之實體環境控管措施及存取權限管制？",58,{"id":36,"question":37,"qno":26},"fintech-20-028","為加強資安犯罪之偵辦工作，減少因證據力不足而導致在法庭上爭議不斷，台灣高檢署自 2018 年起在 8 個地檢署成立何種機構？",{"id":39,"question":40,"qno":30},"fintech-20-029","對於透過資訊工具的金融犯罪，下列敘述何者錯誤？",{"id":42,"question":43,"qno":26},"fintech-21-028","下列何者最常被用來發動 DDoS？",1783326487223]