• Home
  • Articles
  • Dependable ISFS Exam Dumps to Become EXIN Certified [Q14-Q32]

Dependable ISFS Exam Dumps to Become EXIN Certified [Q14-Q32]

Share

Dependable ISFS Exam Dumps to Become EXIN Certified

Get Ready with ISFS Exam Dumps (2022)


What is the duration of the ISFS Exam

  • Format: Multiple choices, multiple answers
  • Length of Examination: 1 hour
  • Passing Score: 65%
  • Number of Questions: 40

For more info visit:

Exin ISFS Exam Reference


Who should take the ISFS exam

The Exin ISFS certification is an internationally-recognized validation that identifies persons who earn it as possessing skilled in Exin Information Security Management Certification. If a candidate wants significant improvement in career growth needs enhanced knowledge, skills, and talents. The Exin Information Security Foundation based on ISO/IEC 27002 ISFS Exam certification provides proof of this advanced knowledge and skill. If a candidate has knowledge of associated technologies and skills that are required to pass the Exin Information Security Foundation based on ISO/IEC 27002 ISFS Exam then he should take this exam.

 

NEW QUESTION 14
The Information Security Manager (ISM) at Smith Consultants Inc. introduces the following measures to assure information security:
-The security requirements for the network are specified.
-A test environment is set up for the purpose of testing reports coming from the database.
-The various employee functions are assigned corresponding access rights.
-
RFID access passes are introduced for the building. Which one of these measures is not a technical measure?

  • A. Introducing a logical access policy
  • B. The specification of requirements for the network
  • C. Setting up a test environment
  • D. Introducing RFID access passes

Answer: D

 

NEW QUESTION 15
An airline company employee notices that she has access to one of the company's applications that she has not used before. Is this an information security incident?

  • A. Yes
  • B. No

Answer: B

Explanation:
Explanation

 

NEW QUESTION 16
The consultants at Smith Consultants Inc. work on laptops that are protected by asymmetrical cryptography. To keep the management of the keys cheap, all consultants use the same key pair. What is the companys risk if they operate in this manner?

  • A. If the public key becomes known all laptops must be supplied with new keys.
  • B. If the private key becomes known all laptops must be supplied with new keys.
  • C. If the Public Key Infrastructure (PKI) becomes known all laptops must be supplied with new keys.

Answer: B

 

NEW QUESTION 17
Which measure assures that valuable information is not left out available for the taking?

  • A. Clear desk policy
  • B. Access passes
  • C. Infra-red detection

Answer: A

 

NEW QUESTION 18
What is the relationship between data and information?

  • A. Information is the meaning and value assigned to a collection of data.
  • B. Data is structured information.

Answer: A

 

NEW QUESTION 19
My user profile specifies which network drives I can read and write to. What is the name of the type of logical access management wherein my access and rights are determined centrally?

  • A. Public Key Infrastructure (PKI)
  • B. Discretionary Access Control (DAC)
  • C. Mandatory Access Control (MAC)

Answer: C

 

NEW QUESTION 20
Which of the following measures is a corrective measure?

  • A. Restoring a backup of the correct database after a corrupt copy of the database was written over the original
  • B. Installing a virus scanner in an information system
  • C. Incorporating an Intrusion Detection System (IDS) in the design of a computer centre
  • D. Making a backup of the data that has been created or altered that day

Answer: A

 

NEW QUESTION 21
Which is a legislative or regulatory act related to information security that can be imposed upon all organizations?

  • A. ISO/IEC 27002:2005
  • B. ISO/IEC 27001:2005
  • C. Intellectual Property Rights
  • D. Personal data protection legislation

Answer: D

 

NEW QUESTION 22
What is the most important reason for applying segregation of duties?

  • A. Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.
  • B. Segregation of duties makes it clear who is responsible for what.
  • C. Segregation of duties makes it easier for a person who is ready with his or her part of the work to take time off or to take over the work of another person.
  • D. Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.

Answer: A

Explanation:
Explanation

 

NEW QUESTION 23
Logging in to a computer system is an access-granting process consisting of three steps: identification, authentication and authorization. What occurs during the first step of this process: identification?

  • A. The first step consists of granting access to the information to which the user is authorized.
  • B. The first step consists of comparing the password with the registered password.
  • C. The first step consists of checking if the user is using the correct certificate.
  • D. The first step consists of checking if the user appears on the list of authorized users.

Answer: D

 

NEW QUESTION 24
Three characteristics determine the reliability of information. Which characteristics are these?

  • A. Availability, Nonrepudiation and Confidentiality
  • B. Availability, Integrity and Confidentiality
  • C. Availability, Integrity and Correctness

Answer: B

Explanation:
Explanation/Reference:

 

NEW QUESTION 25
What is an example of a good physical security measure?

  • A. All employees and visitors carry an access pass.
  • B. Printers that are defective or have been replaced are immediately removed and given away as garbage for recycling.
  • C. Maintenance staff can be given quick and unimpeded access to the server area in the event of disaster.

Answer: A

 

NEW QUESTION 26
What action is an unintentional human threat?

  • A. Social engineering
  • B. Arson
  • C. Theft of a laptop
  • D. Incorrect use of fire extinguishing equipment

Answer: D

Explanation:
Explanation/Reference:

 

NEW QUESTION 27
What is the greatest risk for an organization if no information security policy has been defined?

  • A. If everyone works with the same account, it is impossible to find out who worked on what.
  • B. Information security activities are carried out by only a few people.
  • C. It is not possible for an organization to implement information security in a consistent manner.
  • D. Too many measures are implemented.

Answer: C

 

NEW QUESTION 28
Which of the following measures is a preventive measure?

  • A. Installing a logging system that enables changes in a system to be recognized
  • B. Classifying a risk as acceptable because the cost of addressing the threat is higher than the value of the information at risk
  • C. Putting sensitive information in a safe
  • D. Shutting down all internet traffic after a hacker has gained access to the company systems

Answer: C

 

NEW QUESTION 29
Your organization has an office with space for 25 workstations. These workstations are all fully equipped and in use. Due to a reorganization 10 extra workstations are added, 5 of which are used for a call centre 24 hours per day. Five workstations must always be available. What physical security measures must be taken in order to ensure this?

  • A. Obtain an extra office and connect all 10 new workstations to an emergency power supply and UPS (Uninterruptible Power Supply). Adjust the access control system to the working hours of the new staff.
    Inform the building security personnel that work will also be carried out in the evenings and at night.
  • B. Obtain an extra office and set up 10 workstations. You would therefore have spare equipment that can be used to replace any non-functioning equipment.
  • C. Obtain an extra office and set up 10 workstations. Ensure that there are security personnel both in the evenings and at night, so that staff can work there safely and securely.
  • D. Obtain an extra office and provide a UPS (Uninterruptible Power Supply) for the five most important workstations.

Answer: A

 

NEW QUESTION 30
You work in the office of a large company. You receive a call from a person claiming to be from the Helpdesk. He asks you for your password. What kind of threat is this?

  • A. Natural threat
  • B. Social Engineering
  • C. Organizational threat

Answer: B

 

NEW QUESTION 31
What action is an unintentional human threat?

  • A. Social engineering
  • B. Arson
  • C. Theft of a laptop
  • D. Incorrect use of fire extinguishing equipment

Answer: D

 

NEW QUESTION 32
......

Download Exam ISFS Practice Test Questions with 100% Verified Answers: https://www.testkingfree.com/EXIN/ISFS-practice-exam-dumps.html

Realistic ISFS Dumps are Available for Instant Access: https://drive.google.com/open?id=12ojuVQtp69JWTPKMAgTNiW7DfsaqJoG6

Related Articles

more
EXIN ISFS Certification Practice Exam