CertsTopics Logo

New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Exin ISFS Dumps Questions Answers

Page: 1 / 3
Total 80 questions
Get ISFS Full Access Download ISFS PDF

Information Security Foundation based on ISO/IEC 27002 Questions and Answers

Question 1

An airline company employee notices that she has access to one of the company’s applications

that she has not used before. Is this an information security incident?

Options:

A.

Yes

B.

No

Buy Now
Question 2

An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry

date of a contract with one of the clients is earlier than the start date. What type of measure could

prevent this error?

Options:

A.

Availability measure

B.

Integrity measure

C.

Organizational measure

D.

Technical measure

Question 3

In the organization where you work, information of a very sensitive nature is processed.

Management is legally obliged to implement the highest-level security measures. What is this

kind of risk strategy called?

Options:

A.

Risk bearing

B.

Risk avoiding

C.

Risk neutral

Question 4

The act of taking organizational security measures is inextricably linked with all other measures

that have to be taken. What is the name of the system that guarantees the coherence of

information security in the organization?

Options:

A.

Information Security Management System (ISMS)

B.

Rootkit

C.

Security regulations for special information for the government

Question 5

You are the owner of a growing company, SpeeDelivery, which provides courier services. You

decide that it is time to draw up a risk analysis for your information system. This includes an

inventory of the threats and risks. What is the relation between a threat, risk and risk analysis?

Options:

A.

A risk analysis identifies threats from the known risks.

B.

A risk analysis is used to clarify which threats are relevant and what risks they involve.

C.

A risk analysis is used to remove the risk of a threat.

D.

Risk analyses help to find a balance between threats and risks.

Question 6

A Dutch company requests to be listed on the American Stock Exchange. Which legislation within

the scope of information security is relevant in this case?

Options:

A.

Public Records Act

B.

Dutch Tax Law

C.

Sarbanes-Oxley Act

D.

Security regulations for the Dutch government

Question 7

Some threats are caused directly by people, others have a natural cause. What is an example of

an intentional human threat?

Options:

A.

Lightning strike

B.

Arson

C.

Flood

D.

Loss of a USB stick

Question 8

You are the owner of SpeeDelivery courier service. Because of your companys growth you have

to think about information security. You know that you have to start creating a policy. Why is it so

important to have an information security policy as a starting point?

Options:

A.

The information security policy gives direction to the information security efforts.

B.

The information security policy supplies instructions for the daily practice of information

security.

C.

The information security policy establishes which devices will be protected.

D.

The information security policy establishes who is responsible for which area of information

security.

Question 9

What is the greatest risk for an organization if no information security policy has been defined?

Options:

A.

If everyone works with the same account, it is impossible to find out who worked on what.

B.

Information security activities are carried out by only a few people.

C.

Too many measures are implemented.

D.

It is not possible for an organization to implement information security in a consistent manner.

Question 10

Why is air-conditioning placed in the server room?

Options:

A.

In the server room the air has to be cooled and the heat produced by the equipment has to be extracted. The air in the room is also dehumidified and filtered.

B.

When a company wishes to cool its offices, the server room is the best place. This way, no office space needs to be sacrificed for such a large piece of equipment.

C.

It is not pleasant for the maintenance staff to have to work in a server room that is too warm.

D.

Backup tapes are made from thin plastic which cannot withstand high temperatures.

Therefore, if it gets too hot in a server room, they may get damaged.

Question 11

What is the relationship between data and information?

Options:

A.

Data is structured information.

B.

Information is the meaning and value assigned to a collection of data.

Question 12

Which type of malware builds a network of contaminated computers?

Options:

A.

Logic Bomb

B.

Storm Worm or Botnet

C.

Trojan

D.

Virus

Exam Detail
Vendor: Exin
Certification: Exin Other Certification
Exam Code: ISFS
Exam Name: Information Security Foundation based on ISO/IEC 27002
Last Update: Dec 26, 2024
ISFS Question Answers
Page: 1 / 3
Total 80 questions
Get ISFS Full Access Download ISFS PDF