Labour Day Sale Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 713PS592

  1. Home
  2. Exin
  3. Privacy & Data Protection
  4. ISFS
  5. Information Security Foundation based on ISO/IEC 27002 Questions and Answers
Note! The ISFS Exam is no longer available.

ISFS Information Security Foundation based on ISO/IEC 27002 Questions and Answers

Questions 4

Which measure assures that valuable information is not left out available for the taking?

Options:

A.

Clear desk policy

B.

Infra-red detection

C.

Access passes

Buy Now
Questions 5

My user profile specifies which network drives I can read and write to. What is the name of the

type of logical access management wherein my access and rights are determined centrally?

Options:

A.

Discretionary Access Control (DAC)

B.

Mandatory Access Control (MAC)

C.

Public Key Infrastructure (PKI)

Buy Now
Questions 6

You work in the IT department of a medium-sized company. Confidential information has got into

the wrong hands several times. This has hurt the image of the company. You have been asked to

propose organizational security measures for laptops at your company. What is the first step that

you should take?

Options:

A.

Formulate a policy regarding mobile media (PDAs, laptops, smartphones, USB sticks)

B.

Appoint security personnel

C.

Encrypt the hard drives of laptops and USB sticks

D.

Set up an access control policy

Buy Now
Questions 7

The company Midwest Insurance has taken many measures to protect its information. It uses an

Information Security Management System, the input and output of data in applications is validated, confidential documents are sent in encrypted form and staff use tokens to access information systems. Which of these is not a technical measure?

Options:

A.

Information Security Management System

B.

The use of tokens to gain access to information systems

C.

Validation of input and output data in applications

D.

Encryption of information

Buy Now
Questions 8

The consultants at Smith Consultants Inc. work on laptops that are protected by asymmetrical

cryptography. To keep the management of the keys cheap, all consultants use the same key pair.

What is the companys risk if they operate in this manner?

Options:

A.

If the private key becomes known all laptops must be supplied with new keys.

B.

If the Public Key Infrastructure (PKI) becomes known all laptops must be supplied with new

keys.

C.

If the public key becomes known all laptops must be supplied with new keys.

Buy Now
Questions 9

Peter works at the company Midwest Insurance. His manager, Linda, asks him to send the terms

and conditions for a life insurance policy to Rachel, a client. Who determines the value of the

information in the insurance terms and conditions document?

Options:

A.

The recipient, Rachel

B.

The person who drafted the insurance terms and conditions

C.

The manager, Linda

D.

The sender, Peter

Buy Now
Questions 10

What is the best description of a risk analysis?

Options:

A.

A risk analysis is a method of mapping risks without looking at company processes.

B.

A risk analysis helps to estimate the risks and develop the appropriate security measures.

C.

A risk analysis calculates the exact financial consequences of damages.

Buy Now
Questions 11

You are a consultant and are regularly hired by the Ministry of Defense to perform analysis.

Since the assignments are irregular, you outsource the administration of your business to

temporary workers. You don’t want the temporary workers to have access to your reports. Which reliability aspect of the information in your reports must you protect?

Options:

A.

Availability

B.

Integrity

C.

Confidentiality

Buy Now
Questions 12

You have a small office in an industrial areA. You would like to analyze the risks your company

faces. The office is in a pretty remote location; therefore, the possibility of arson is not entirely out

of the question. What is the relationship between the threat of fire and the risk of fire?

Options:

A.

The risk of fire is the threat of fire multiplied by the chance that the fire may occur and the

consequences thereof.

B.

The threat of fire is the risk of fire multiplied by the chance that the fire may occur and the

consequences thereof.

Buy Now
Exam Code: ISFS
Exam Name: Information Security Foundation based on ISO/IEC 27002
Last Update: Dec 11, 2023
Questions: 80