Black Friday Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

Dumpsbuddy Logo
  1. Home
  2. Exin
  3. Privacy & Data Protection
  4. ISFS
  5. Information Security Foundation based on ISO/IEC 27002 Questions and Answers
Note! Exin has retired the ISFS Exam Contact us through Live Chat or email us for more information.

ISFS Information Security Foundation based on ISO/IEC 27002 Questions and Answers

Questions 4

A non-human threat for computer systems is a flood. In which situation is a flood always a

relevant threat?

Options:

A.

If the risk analysis has not been carried out.

B.

When computer systems are kept in a cellar below ground level.

C.

When the computer systems are not insured.

D.

When the organization is located near a river.

Buy Now
Questions 5

Your company is in the news as a result of an unfortunate action by one of your employees. The

phones are ringing off the hook with customers wanting to cancel their contracts. What do we call

this type of damage?

Options:

A.

Direct damage

B.

Indirect damage

Buy Now
Questions 6

What is the relationship between data and information?

Options:

A.

Data is structured information.

B.

Information is the meaning and value assigned to a collection of data.

Buy Now
Questions 7

There is a network printer in the hallway of the company where you work. Many employees dont

pick up their printouts immediately and leave them in the printer. What are the consequences of

this to the reliability of the information?

Options:

A.

The integrity of the information is no longer guaranteed.

B.

The availability of the information is no longer guaranteed.

C.

The confidentiality of the information is no longer guaranteed.

Buy Now
Questions 8

What is the most important reason for applying segregation of duties?

Options:

A.

Segregation of duties makes it clear who is responsible for what.

B.

Segregation of duties ensures that, when a person is absent, it can be investigated whether he

or she has been committing fraud.

C.

Tasks and responsibilities must be separated in order to minimize the opportunities for

business assets to be misused or changed, whether the change be unauthorized or

unintentional.

D.

Segregation of duties makes it easier for a person who is ready with his or her part of the work

to take time off or to take over the work of another person.

Buy Now
Questions 9

In most organizations, access to the computer or the network is granted only after the user has

entered a correct username and password. This process consists of 3 steps: identification,

authentication and authorization. What is the purpose of the second step, authentication?

Options:

A.

In the second step, you make your identity known, which means you are given access to the

system.

B.

The authentication step checks the username against a list of users who have access to the

system.

C.

The system determines whether access may be granted by determining whether the token

used is authentic.

D.

During the authentication step, the system gives you the rights that you need, such as being

able to read the data in the system.

Buy Now
Questions 10

You own a small company in a remote industrial areA. Lately, the alarm regularly goes off in the middle of the night. It takes quite a bit of time to respond to it and it seems to be a false alarm every time. You decide to set up a hidden camerA. What is such a measure called?

Options:

A.

Detective measure

B.

Preventive measure

C.

Repressive measure

Buy Now
Questions 11

You have just started working at a large organization. You have been asked to sign a code of

conduct as well as a contract. What does the organization wish to achieve with this?

Options:

A.

A code of conduct helps to prevent the misuse of IT facilities.

B.

A code of conduct is a legal obligation that organizations have to meet.

C.

A code of conduct prevents a virus outbreak.

D.

A code of conduct gives staff guidance on how to report suspected misuses of IT facilities.

Buy Now
Questions 12

What is the goal of an organization's security policy?

Options:

A.

To provide direction and support to information security

B.

To define all threats to and measures for ensuring information security

C.

To document all incidents that threaten the reliability of information

D.

To document all procedures required to maintain information security

Buy Now
Exam Code: ISFS
Exam Name: Information Security Foundation based on ISO/IEC 27002
Last Update: Nov 23, 2024
Questions: 80