Realistic of ISFS practice test materials and testing material for EXIN,Inc certification for customers, Real Success Guaranteed with Updated ISFS pdf dumps vce Materials. 100% PASS Information Security Foundation based on ISO/IEC 27002 exam Today!
2021 Sep ISFS exam guide
Q31. You are the owner of the SpeeDelivery courier service. Last year you had a firewall installed. You now discover that no maintenance has been performed since the installation. What is the biggest risk because of this?
A. The risk that hackers can do as they wish on the network without detection
B. The risk that fire may break out in the server room
C. The risk of a virus outbreak
D. The risk of undesired e-mails
Answer: A
Q32. What is the goal of an organization's security policy?
A. To provide direction and support to information security
B. To define all threats to and measures for ensuring information security
C. To document all incidents that threaten the reliability of information
D. To document all procedures required to maintain information security
Answer: A
Q33. The act of taking organizational security measures is inextricably linked with all other measures that have to be taken. What is the name of the system that guarantees the coherence of information security in the organization?
A. Information Security Management System (ISMS)
B. Rootkit
C. Security regulations for special information for the government
Answer: A
Q34. When we are at our desk, we want the information system and the necessary information to be available. We want to be able to work with the computer and access the network and our files.
What is the correct definition of availability?
A. The degree to which the system capacity is enough to allow all users to work with it
B. The degree to which the continuity of an organization is guaranteed
C. The degree to which an information system is available for the users
D. The total amount of time that an information system is accessible to the users
Answer: C
Q35. Midwest Insurance controls access to its offices with a passkey system. We call this a preventive measure. What are some other measures?
A. Detective, repressive and corrective measures
B. Partial, adaptive and corrective measures
C. Repressive, adaptive and corrective measures
Answer: A
Latest ISFS download:
Q36. You work for a large organization. You notice that you have access to confidential information that you should not be able to access in your position. You report this security
incident to the helpdesk. The incident cycle isinitiated. What are the stages of the security incident cycle?
A. Threat, Damage, Incident, Recovery
B. Threat, Damage, Recovery, Incident
C. Threat, Incident, Damage, Recovery
D. Threat, Recovery, Incident, Damage
Answer: C
Q37. You have an office that designs corporate logos. You have been working on a draft for a large
client. Just as you are going to press the <save> button, the screen goes blank. The hard disk is
damaged and cannot be repaired. You find an early version of the design in your mail folder and
you reproduce the draft for the customer. What is such a measure called?
A. Corrective measure
B. Preventive measure
C. Reductive measure
Answer: A
Q38. Why is compliance important for the reliability of the information?
A. Compliance is another word for reliability. So, if a company indicates that it is compliant, it
means that the information is managed properly.
B. By meeting the legislative requirements and the regulations of both the government and internal management, an organization shows that it manages its information in a sound manner.
C. When an organization employs a standard such as the ISO/IEC 27002 and uses it everywhere, it is compliant and therefore it guarantees the reliability of its information.
D. When an organization is compliant, it meets the requirements of privacy legislation and, in
doing so, protects the reliability of its information.
Answer: B
Q39. A couple of years ago you started your company which has now grown from 1 to 20 employees.
Your companys information is worth more and more and gone are the days when you could keep
it all in hand yourself. You are aware that you have to take measures, but what should they be?
You hire a consultant who advises you to start with a qualitative risk analysis. What is a qualitative risk analysis?
A. This analysis follows a precise statistical probability calculation in order to calculate exact loss
caused by damage.
B. This analysis is based on scenarios and situations and produces a subjective view of the possible threats.
Answer: B
Q40. What is a human threat to the reliability of the information on your company website?
A. One of your employees commits an error in the price of a product on your website.
B. The computer hosting your website is overloaded and crashes. Your website is offline.
C. Because of a lack of maintenance, a fire hydrant springs a leak and floods the premises.
Your employees cannot come into the office and therefore can not keep the information on the website up to date.
Answer: A