100% Pass Your ISFS Exam Dumps at First Attempt with PassTestking [Q30-Q50]

Rate this post

100% Pass Your ISFS Exam Dumps at First Attempt with PassTestking

Penetration testers simulate ISFS exam PDF

Who should take the ISFS exam

The Exin ISFS certification is an internationally-recognized validation that identifies persons who earn it as possessing skilled in Exin Information Security Management Certification. If a candidate wants significant improvement in career growth needs enhanced knowledge, skills, and talents. The Exin Information Security Foundation based on ISO/IEC 27002 ISFS Exam certification provides proof of this advanced knowledge and skill. If a candidate has knowledge of associated technologies and skills that are required to pass the Exin Information Security Foundation based on ISO/IEC 27002 ISFS Exam then he should take this exam.

Certification Path

There no prerequisite for this exam.

NEW QUESTION 30
Peter works at the company Midwest Insurance. His manager, Linda, asks him to send the terms and conditions for a life insurance policy to Rachel, a client. Who determines the value of the information in the insurance terms and conditions document?

The recipient, Rachel

The person who drafted the insurance terms and conditions

The manager, Linda

The sender, Peter

NEW QUESTION 31
You are the owner of the courier company SpeeDelivery. You employ a few people who, while waiting to make a delivery, can carry out other tasks. You notice, however, that they use this time to send and read their private mail and surf the Internet. In legal terms, in which way can the use of the Internet and e-mail facilities be best regulated?

Installing an application that makes certain websites no longer accessible and that filters attachments in e-mails

Drafting a code of conduct for the use of the Internet and e-mail in which the rights and obligations of both the employer and staff are set down

Implementing privacy regulations

Installing a virus scanner

NEW QUESTION 32
Which of these is not malicious software?

Phishing

Spyware

Virus

Worm

NEW QUESTION 33
You have a small office in an industrial areA. You would like to analyze the risks your company faces. The office is in a pretty remote location; therefore, the possibility of arson is not entirely out of the question. What is the relationship between the threat of fire and the risk of fire?

The risk of fire is the threat of fire multiplied by the chance that the fire may occur and the consequences thereof.

The threat of fire is the risk of fire multiplied by the chance that the fire may occur and the consequences thereof.

NEW QUESTION 34
Which of the following measures is a corrective measure?

Incorporating an Intrusion Detection System (IDS) in the design of a computer centre

Installing a virus scanner in an information system

Making a backup of the data that has been created or altered that day

Restoring a backup of the correct database after a corrupt copy of the database was written over the original

NEW QUESTION 35
Which of the following measures is a preventive measure?

Installing a logging system that enables changes in a system to be recognized

Shutting down all internet traffic after a hacker has gained access to the company systems

Putting sensitive information in a safe

Classifying a risk as acceptable because the cost of addressing the threat is higher than the value of the information at risk

NEW QUESTION 36
What is the definition of the Annual Loss Expectancy?

The Annual Loss Expectancy is the amount of damage that can occur as a result of an incident during the year.

The Annual Loss Expectancy is the size of the damage claims resulting from not having carried out risk analyses effectively.

The Annual Loss Expectancy is the average damage calculated by insurance companies for businesses in a country.

The Annual Loss Expectancy is the minimum amount for which an organization must insure itself.

NEW QUESTION 37
What action is an unintentional human threat?

Arson

Theft of a laptop

Social engineering

Incorrect use of fire extinguishing equipment

Explanation/Reference:

NEW QUESTION 38
Your organization has an office with space for 25 workstations. These workstations are all fully equipped and in use. Due to a reorganization 10 extra workstations are added, 5 of which are used for a call centre 24 hours per day. Five workstations must always be available. What physical security measures must be taken in order to ensure this?

Obtain an extra office and set up 10 workstations. You would therefore have spare equipment that can be used to replace any non-functioning equipment.

Obtain an extra office and set up 10 workstations. Ensure that there are security personnel both in the evenings and at night, so that staff can work there safely and securely.

Obtain an extra office and connect all 10 new workstations to an emergency power supply and UPS (Uninterruptible Power Supply). Adjust the access control system to the working hours of the new staff. Inform the building security personnel that work will also be carried out in the evenings and at night.

Obtain an extra office and provide a UPS (Uninterruptible Power Supply) for the five most important workstations.

NEW QUESTION 39
My user profile specifies which network drives I can read and write to. What is the name of the type of logical access management wherein my access and rights are determined centrally?

Discretionary Access Control (DAC)

Mandatory Access Control (MAC)

Public Key Infrastructure (PKI)

NEW QUESTION 40
A Dutch company requests to be listed on the American Stock Exchange. Which legislation within the scope of information security is relevant in this case?

Public Records Act

Dutch Tax Law

Sarbanes-Oxley Act

Security regulations for the Dutch government

NEW QUESTION 41
There is a network printer in the hallway of the company where you work. Many employees dont pick up their printouts immediately and leave them in the printer. What are the consequences of this to the reliability of the information?

The integrity of the information is no longer guaranteed.

The availability of the information is no longer guaranteed.

The confidentiality of the information is no longer guaranteed.

Explanation

NEW QUESTION 42
What is a risk analysis used for?

A risk analysis is used to express the value of information for an organization in monetary terms.

A risk analysis is used to clarify to management their responsibilities.

A risk analysis is used in conjunction with security measures to reduce risks to an acceptable level.

A risk analysis is used to ensure that security measures are deployed in a cost-effective and timely fashion.

NEW QUESTION 43
What is a repressive measure in the case of a fire?

Taking out fire insurance

Putting out a fire after it has been detected by a fire detector

Repairing damage caused by the fire

NEW QUESTION 44
The Information Security Manager (ISM) at Smith Consultants Inc. introduces the following measures to assure information security:
-The security requirements for the network are specified.
-A test environment is set up for the purpose of testing reports coming from the database.
-The various employee functions are assigned corresponding access rights.
–
RFID access passes are introduced for the building. Which one of these measures is not a technical measure?

The specification of requirements for the network

Setting up a test environment

Introducing a logical access policy

Introducing RFID access passes

NEW QUESTION 45
Some threats are caused directly by people, others have a natural cause. What is an example of an intentional human threat?

Lightning strike

Arson

Flood

Loss of a USB stick

NEW QUESTION 46
Susan sends an email to Paul. Who determines the meaning and the value of information in this email?

Paul, the recipient of the information.

Paul and Susan, the sender and the recipient of the information.

Susan, the sender of the information.

NEW QUESTION 47
What is the relationship between data and information?

Data is structured information.

Information is the meaning and value assigned to a collection of data.

Explanation

NEW QUESTION 48
You have just started working at a large organization. You have been asked to sign a code of conduct as well as a contract. What does the organization wish to achieve with this?

A code of conduct helps to prevent the misuse of IT facilities.

A code of conduct is a legal obligation that organizations have to meet.

A code of conduct prevents a virus outbreak.

A code of conduct gives staff guidance on how to report suspected misuses of IT facilities.

NEW QUESTION 49
You work for a large organization. You notice that you have access to confidential information that you should not be able to access in your position. You report this security incident to the helpdesk. The incident cycle isinitiated. What are the stages of the security incident cycle?

Threat, Damage, Incident, Recovery

Threat, Damage, Recovery, Incident

Threat, Incident, Damage, Recovery

Threat, Recovery, Incident, Damage

NEW QUESTION 50
Which is a legislative or regulatory act related to information security that can be imposed upon all organizations?

ISO/IEC 27001:2005

Intellectual Property Rights

ISO/IEC 27002:2005

Personal data protection legislation

Loading …

All ISFS Dumps and Training Courses: https://www.passtestking.com/EXIN/ISFS-practice-exam-dumps.html

Categories:ISFSEXIN

Tags:ISFS certification exam ISFS free study material ISFS latest braindumps ISFS latest material ISFS reliable test cram sheet ISFS study plan new ISFS test test

admin

ISFS / EXIN

Exam Practice Questions

100% Pass Your ISFS Exam Dumps at First Attempt with PassTestking [Q30-Q50]

Who should take the ISFS exam

Certification Path

Leave a Reply Cancel reply

Who should take the ISFS exam

Certification Path

Related Posts

Unique Top-selling ISFS Exams – New 2024 EXIN Pratice Exam [Q33-Q53]

Prepare ISFS Exam Questions [2022] Recently Updated Questions [Q10-Q27]

[Jul 04, 2024] PR2F Ultimate Study Guide – PassTestking [Q167-Q181]

Leave a Reply Cancel reply