• Home
  • Articles
  • Free Sales Ending Soon - 100% Valid ISFS Exam Dumps with 80 Questions [Q22-Q41]

Free Sales Ending Soon - 100% Valid ISFS Exam Dumps with 80 Questions [Q22-Q41]

Share

Free Sales Ending Soon - 100% Valid ISFS Exam Dumps with 80 Questions

Verified ISFS dumps Q&As on your Exin Certification Exam Questions Certain Success!


EXIN ISFS exam is based on the ISO/IEC 27001 standard, which is a globally recognized standard for information security management. Information Security Foundation based on ISO/IEC 27001 certification is ideal for individuals who want to start their career in information security or those who want to validate their existing knowledge and experience. Information Security Foundation based on ISO/IEC 27001 certification exam covers essential topics such as confidentiality, integrity, availability, risk management, compliance, and much more.

 

NEW QUESTION # 22
An airline company employee notices that she has access to one of the company's applications that she has not used before. Is this an information security incident?

  • A. No
  • B. Yes

Answer: A

Explanation:
Explanation


NEW QUESTION # 23
At Midwest Insurance, all information is classified. What is the goal of this classification of information?

  • A. Structuring information according to its sensitivity
  • B. Applying labels making the information easier to recognize
  • C. To create a manual about how to handle mobile devices

Answer: A


NEW QUESTION # 24
You own a small company in a remote industrial areA. Lately, the alarm regularly goes off in the middle of the night. It takes quite a bit of time to respond to it and it seems to be a false alarm every time. You decide to set up a hidden camerA. What is such a measure called?

  • A. Repressive measure
  • B. Detective measure
  • C. Preventive measure

Answer: B


NEW QUESTION # 25
You are the owner of a growing company, SpeeDelivery, which provides courier services. You decide that it is time to draw up a risk analysis for your information system. This includes an inventory of the threats and risks. What is the relation between a threat, risk and risk analysis?

  • A. A risk analysis identifies threats from the known risks.
  • B. Risk analyses help to find a balance between threats and risks.
  • C. A risk analysis is used to clarify which threats are relevant and what risks they involve.
  • D. A risk analysis is used to remove the risk of a threat.

Answer: C


NEW QUESTION # 26
What physical security measure is necessary to control access to company information?

  • A. Prohibiting the use of USB sticks
  • B. The use of break-resistant glass and doors with the right locks, frames and hinges
  • C. Air-conditioning
  • D. Username and password

Answer: B


NEW QUESTION # 27
You have an office that designs corporate logos. You have been working on a draft for a large client. Just as you are going to press the <save> button, the screen goes blank. The hard disk is damaged and cannot be repaired. You find an early version of the design in your mail folder and you reproduce the draft for the customer. What is such a measure called?

  • A. Preventive measure
  • B. Corrective measure
  • C. Reductive measure

Answer: B


NEW QUESTION # 28
What is the most important reason for applying segregation of duties?

  • A. Segregation of duties makes it easier for a person who is ready with his or her part of the work to take time off or to take over the work of another person.
  • B. Segregation of duties makes it clear who is responsible for what.
  • C. Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.
  • D. Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.

Answer: C


NEW QUESTION # 29
What is a repressive measure in the case of a fire?

  • A. Repairing damage caused by the fire
  • B. Taking out fire insurance
  • C. Putting out a fire after it has been detected by a fire detector

Answer: C


NEW QUESTION # 30
Three characteristics determine the reliability of information. Which characteristics are these?

  • A. Availability, Integrity and Confidentiality
  • B. Availability, Nonrepudiation and Confidentiality
  • C. Availability, Integrity and Correctness

Answer: A

Explanation:
Explanation/Reference:


NEW QUESTION # 31
A Dutch company requests to be listed on the American Stock Exchange. Which legislation within the scope of information security is relevant in this case?

  • A. Security regulations for the Dutch government
  • B. Public Records Act
  • C. Sarbanes-Oxley Act
  • D. Dutch Tax Law

Answer: C


NEW QUESTION # 32
A company moves into a new building. A few weeks after the move, a visitor appears unannounced in the office of the director. An investigation shows that visitors passes grant the same access as the passes of the companys staff. Which kind of security measure could have prevented this?

  • A. An organizational security measure
  • B. A technical security measure
  • C. A physical security measure

Answer: C


NEW QUESTION # 33
You have a small office in an industrial areA. You would like to analyze the risks your company faces. The office is in a pretty remote location; therefore, the possibility of arson is not entirely out of the question. What is the relationship between the threat of fire and the risk of fire?

  • A. The threat of fire is the risk of fire multiplied by the chance that the fire may occur and the consequences thereof.
  • B. The risk of fire is the threat of fire multiplied by the chance that the fire may occur and the consequences thereof.

Answer: B


NEW QUESTION # 34
A well executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives. What is not one of the four main objectives of a risk analysis?

  • A. Identifying assets and their value
  • B. Determining the costs of threats
  • C. Establishing a balance between the costs of an incident and the costs of a security measure
  • D. Determining relevant vulnerabilities and threats

Answer: B


NEW QUESTION # 35
When we are at our desk, we want the information system and the necessary information to be available. We want to be able to work with the computer and access the network and our files.
What is the correct definition of availability?

  • A. The degree to which the continuity of an organization is guaranteed
  • B. The degree to which an information system is available for the users
  • C. The degree to which the system capacity is enough to allow all users to work with it
  • D. The total amount of time that an information system is accessible to the users

Answer: B

Explanation:
Explanation/Reference:


NEW QUESTION # 36
Your organization has an office with space for 25 workstations. These workstations are all fully equipped and in use. Due to a reorganization 10 extra workstations are added, 5 of which are used for a call centre 24 hours per day. Five workstations must always be available. What physical security measures must be taken in order to ensure this?

  • A. Obtain an extra office and set up 10 workstations. Ensure that there are security personnel both in the evenings and at night, so that staff can work there safely and securely.
  • B. Obtain an extra office and provide a UPS (Uninterruptible Power Supply) for the five most important workstations.
  • C. Obtain an extra office and connect all 10 new workstations to an emergency power supply and UPS (Uninterruptible Power Supply). Adjust the access control system to the working hours of the new staff. Inform the building security personnel that work will also be carried out in the evenings and at night.
  • D. Obtain an extra office and set up 10 workstations. You would therefore have spare equipment that can be used to replace any non-functioning equipment.

Answer: C


NEW QUESTION # 37
A non-human threat for computer systems is a flood. In which situation is a flood always a relevant threat?

  • A. When computer systems are kept in a cellar below ground level.
  • B. When the computer systems are not insured.
  • C. If the risk analysis has not been carried out.
  • D. When the organization is located near a river.

Answer: A


NEW QUESTION # 38
Which of the following measures is a preventive measure?

  • A. Putting sensitive information in a safe
  • B. Installing a logging system that enables changes in a system to be recognized
  • C. Shutting down all internet traffic after a hacker has gained access to the company systems
  • D. Classifying a risk as acceptable because the cost of addressing the threat is higher than the value of the information at risk

Answer: A


NEW QUESTION # 39
What is the goal of an organization's security policy?

  • A. To document all procedures required to maintain information security
  • B. To provide direction and support to information security
  • C. To document all incidents that threaten the reliability of information
  • D. To define all threats to and measures for ensuring information security

Answer: B


NEW QUESTION # 40
Which of these is not malicious software?

  • A. Virus
  • B. Worm
  • C. Spyware
  • D. Phishing

Answer: D


NEW QUESTION # 41
......

ISFS Exam Dumps - 100% Marks In ISFS Exam: https://certkingdom.preppdf.com/EXIN/ISFS-prepaway-exam-dumps.html

Related Articles

more
EXIN ISFS Certification Practice Exam