Master the ISFS Information Security Foundation based on ISO/IEC 27002 content and be ready for exam day success quickly with this Ucertify ISFS exam question. We guarantee it!We make it a reality and give you real ISFS questions in our EXIN,Inc ISFS braindumps.Latest 100% VALID EXIN,Inc ISFS Exam Questions Dumps at below page. You can use our EXIN,Inc ISFS braindumps and pass your exam.
New EXIN,Inc ISFS Exam Dumps Collection (Question 3 - Question 12)
Question No: 3
You apply for a position in another company and get the job. Along with your contract, you are asked to sign a code of conduct. What is a code of conduct?
A. A code of conduct specifies how employees are expected to conduct themselves and is the same for all companies.
B. A code of conduct is a standard part of a labor contract.
C. A code of conduct differs from company to company and specifies, among other things, the
rules of behavior with regard to the usage of information systems.
Answer:
Question No: 4
You work in the IT department of a medium-sized company. Confidential information has got into
the wrong hands several times. This has hurt the image of the company. You have been asked to
propose organizational security measures for laptops at your company. What is the first step that
you should take?
A. Formulate a policy regarding mobile media (PDAs, laptops, smartphones, USB sticks)
B. Appoint security personnel
C. Encrypt the hard drives of laptops and USB sticks
D. Set up an access control policy
Answer: A
Question No: 5
You are the owner of the SpeeDelivery courier service. Last year you had a firewall installed. You now discover that no maintenance has been performed since the installation. What is the biggest risk because of this?
A. The risk that hackers can do as they wish on the network without detection
B. The risk that fire may break out in the server room
C. The risk of a virus outbreak
D. The risk of undesired e-mails
Answer: A
Question No: 6
Why is compliance important for the reliability of the information?
A. Compliance is another word for reliability. So, if a company indicates that it is compliant, it
means that the information is managed properly.
B. By meeting the legislative requirements and the regulations of both the government and internal management, an organization shows that it manages its information in a sound manner.
C. When an organization employs a standard such as the ISO/IEC 27002 and uses it everywhere, it is compliant and therefore it guarantees the reliability of its information.
D. When an organization is compliant, it meets the requirements of privacy legislation and, in
doing so, protects the reliability of its information.
Answer: B
Question No: 7
There is a network printer in the hallway of the company where you work. Many employees dont
pick up their printouts immediately and leave them in the printer. What are the consequences of
this to the reliability of the information?
A. The integrity of the information is no longer guaranteed.
B. The availability of the information is no longer guaranteed.
C. The confidentiality of the information is no longer guaranteed.
Answer: C
Question No: 8
The consultants at Smith Consultants Inc. work on laptops that are protected by asymmetrical cryptography. To keep the management of the keys cheap, all consultants use the same key pair.
What is the companys risk if they operate in this manner?
A. If the private key becomes known all laptops must be supplied with new keys.
B. If the Public Key Infrastructure (PKI) becomes known all laptops must be supplied with new keys.
C. If the public key becomes known all laptops must be supplied with new keys.
Answer: A
Question No: 9
A well executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives. What is not one of the four main objectives of a risk analysis?
A. Identifying assets and their value
B. Determining the costs of threats
C. Establishing a balance between the costs of an incident and the costs of a security measure
D. Determining relevant vulnerabilities and threats
Answer: B
Question No: 10
Susan sends an email to Paul. Who determines the meaning and the value of information in this email?
A. Paul, the recipient of the information.
B. Paul and Susan, the sender and the recipient of the information.
C. Susan, the sender of the information.
Answer: A
Question No: 11
What sort of security does a Public Key Infrastructure (PKI) offer?
A. It provides digital certificates which can be used to digitally sign documents. Such signatures
irrefutably determine from whom a document was sent.
B. Having a PKI shows customers that a web-based business is secure.
C. By providing agreements, procedures and an organization structure, a PKI defines which
person or which system belongs to which specific public key.
D. A PKI ensures that backups of company data are made on a regular basis.
Answer: C
Question No: 12
The act of taking organizational security measures is inextricably linked with all other measures that have to be taken. What is the name of the system that guarantees the coherence of information security in the organization?
A. Information Security Management System (ISMS)
B. Rootkit
C. Security regulations for special information for the government
Answer: A
100% Up to the immediate present EXIN,Inc ISFS Questions & Answers shared by Examcollectionplus, Get HERE: https://www.examcollectionplus.net/vce-ISFS/ (New Q&As)