
Updated Dec-2021 Test Engine to Practice ISFS Dumps & Practice Exam
Dumps Collection ISFS Test Engine Dumps Training With 80 Questions
Who should take the ISFS exam
The Exin ISFS certification is an internationally-recognized validation that identifies persons who earn it as possessing skilled in Exin Information Security Management Certification. If a candidate wants significant improvement in career growth needs enhanced knowledge, skills, and talents. The Exin Information Security Foundation based on ISO/IEC 27002 ISFS Exam certification provides proof of this advanced knowledge and skill. If a candidate has knowledge of associated technologies and skills that are required to pass the Exin Information Security Foundation based on ISO/IEC 27002 ISFS Exam then he should take this exam.
NEW QUESTION 12
Your organization has an office with space for 25 workstations. These workstations are all fully equipped and in use. Due to a reorganization 10 extra workstations are added, 5 of which are used for a call centre 24 hours per day. Five workstations must always be available. What physical security measures must be taken in order to ensure this?
- A. Obtain an extra office and set up 10 workstations. You would therefore have spare equipment that can be used to replace any non-functioning equipment.
- B. Obtain an extra office and set up 10 workstations. Ensure that there are security personnel both in the evenings and at night, so that staff can work there safely and securely.
- C. Obtain an extra office and provide a UPS (Uninterruptible Power Supply) for the five most important workstations.
- D. Obtain an extra office and connect all 10 new workstations to an emergency power supply and UPS (Uninterruptible Power Supply). Adjust the access control system to the working hours of the new staff.
Inform the building security personnel that work will also be carried out in the evenings and at night.
Answer: D
NEW QUESTION 13
What is an example of a good physical security measure?
- A. Maintenance staff can be given quick and unimpeded access to the server area in the event of disaster.
- B. All employees and visitors carry an access pass.
- C. Printers that are defective or have been replaced are immediately removed and given away as garbage for recycling.
Answer: B
NEW QUESTION 14
A non-human threat for computer systems is a flood. In which situation is a flood always a relevant threat?
- A. When the organization is located near a river.
- B. When computer systems are kept in a cellar below ground level.
- C. If the risk analysis has not been carried out.
- D. When the computer systems are not insured.
Answer: B
NEW QUESTION 15
Which one of the threats listed below can occur as a result of the absence of a physical measure?
- A. A user can view the files belonging to another user.
- B. A server shuts off because of overheating.
- C. A confidential document is left in the printer.
- D. Hackers can freely enter the computer network.
Answer: B
NEW QUESTION 16
There is a network printer in the hallway of the company where you work. Many employees dont pick up their printouts immediately and leave them in the printer. What are the consequences of this to the reliability of the information?
- A. The availability of the information is no longer guaranteed.
- B. The integrity of the information is no longer guaranteed.
- C. The confidentiality of the information is no longer guaranteed.
Answer: C
Explanation:
Explanation
NEW QUESTION 17
What is the best way to comply with legislation and regulations for personal data protection?
- A. Performing a threat analysis
- B. Performing a vulnerability analysis
- C. Maintaining an incident register
- D. Appointing the responsibility to someone
Answer: D
NEW QUESTION 18
A couple of years ago you started your company which has now grown from 1 to 20 employees. Your companys information is worth more and more and gone are the days when you could keep it all in hand yourself. You are aware that you have to take measures, but what should they be? You hire a consultant who advises you to start with a qualitative risk analysis. What is a qualitative risk analysis?
- A. This analysis is based on scenarios and situations and produces a subjective view of the possible threats.
- B. This analysis follows a precise statistical probability calculation in order to calculate exact loss caused by damage.
Answer: A
NEW QUESTION 19
A well executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives. What is not one of the four main objectives of a risk analysis?
- A. Determining the costs of threats
- B. Identifying assets and their value
- C. Determining relevant vulnerabilities and threats
- D. Establishing a balance between the costs of an incident and the costs of a security measure
Answer: A
NEW QUESTION 20
You are the owner of the courier company SpeeDelivery. On the basis of your risk analysis you have decided to take a number of measures. You have daily backups made of the server, keep the server room locked and install an intrusion alarm system and a sprinkler system. Which of these measures is a detective measure?
- A. Sprinkler installation
- B. Access restriction to special rooms
- C. Backup tape
- D. Intrusion alarm
Answer: D
NEW QUESTION 21
An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry date of a contract with one of the clients is earlier than the start date. What type of measure could prevent this error?
- A. Organizational measure
- B. Availability measure
- C. Integrity measure
- D. Technical measure
Answer: D
NEW QUESTION 22
At Midwest Insurance, all information is classified. What is the goal of this classification of information?
- A. Structuring information according to its sensitivity
- B. Applying labels making the information easier to recognize
- C. To create a manual about how to handle mobile devices
Answer: A
NEW QUESTION 23
What is a risk analysis used for?
- A. A risk analysis is used to ensure that security measures are deployed in a cost-effective and timely fashion.
- B. A risk analysis is used in conjunction with security measures to reduce risks to an acceptable level.
- C. A risk analysis is used to clarify to management their responsibilities.
- D. A risk analysis is used to express the value of information for an organization in monetary terms.
Answer: A
NEW QUESTION 24
What physical security measure is necessary to control access to company information?
- A. Username and password
- B. The use of break-resistant glass and doors with the right locks, frames and hinges
- C. Prohibiting the use of USB sticks
- D. Air-conditioning
Answer: B
NEW QUESTION 25
Logging in to a computer system is an access-granting process consisting of three steps: identification, authentication and authorization.
What occurs during the first step of this process: identification?
- A. The first step consists of comparing the password with the registered password.
- B. The first step consists of granting access to the information to which the user is authorized.
- C. The first step consists of checking if the user is using the correct certificate.
- D. The first step consists of checking if the user appears on the list of authorized users.
Answer: D
NEW QUESTION 26
Which is a legislative or regulatory act related to information security that can be imposed upon all organizations?
- A. Personal data protection legislation
- B. Intellectual Property Rights
- C. ISO/IEC 27002:2005
- D. ISO/IEC 27001:2005
Answer: A
NEW QUESTION 27
......
EXIN ISFS Dumps Cover Real Exam Questions: https://www.fast2test.com/ISFS-premium-file.html
Real ISFS dumps - Real EXIN dumps PDF: https://drive.google.com/open?id=13LUgeoPQ--PaJeUQbMjsdA7L2YxIAMee