What action is an unintentional human threat?
A. Arson
B. Theft of a laptop
C. Social engineering
D. Incorrect use of fire extinguishing equipment
You are the owner of the courier company SpeeDelivery. You have carried out a risk analysis and now want to determine your risk strategy. You decide to take measures for the large risks but not for the small risks. What is this risk strategy called?
A. Risk bearing
B. Risk avoiding
C. Risk neutral
Three characteristics determine the reliability of information. Which characteristics are these?
A. Availability, Integrity and Correctness
B. Availability, Integrity and Confidentiality
C. Availability, Nonrepudiation and Confidentiality
You have an office that designs corporate logos. You have been working on a draft for a large client. Just as you are going to press the
A. Corrective measure
B. Preventive measure
C. Reductive measure
A company moves into a new building. A few weeks after the move, a visitor appears unannounced in the office of the director. An investigation shows that visitors passes grant the same access as the passes of the companys staff. Which kind of security measure could have prevented this?
A. A physical security measure
B. An organizational security measure
C. A technical security measure
The Information Security Manager (ISM) at Smith Consultants Inc. introduces the following measures to assure information security:
-The security requirements for the network are specified.
-A test environment is set up for the purpose of testing reports coming from the database.
-The various employee functions are assigned corresponding access rights.
-
RFID access passes are introduced for the building. Which one of these measures is not a technical measure?
A.
The specification of requirements for the network
B.
Setting up a test environment
C.
Introducing a logical access policy
D.
Introducing RFID access passes
What is the goal of an organization's security policy?
A. To provide direction and support to information security
B. To define all threats to and measures for ensuring information security
C. To document all incidents that threaten the reliability of information
D. To document all procedures required to maintain information security
At Midwest Insurance, all information is classified. What is the goal of this classification of information?
A. To create a manual about how to handle mobile devices
B. Applying labels making the information easier to recognize
C. Structuring information according to its sensitivity
Which one of the threats listed below can occur as a result of the absence of a physical measure?
A. A user can view the files belonging to another user.
B. A server shuts off because of overheating.
C. A confidential document is left in the printer.
D. Hackers can freely enter the computer network.
What is the best description of a risk analysis?
A. A risk analysis is a method of mapping risks without looking at company processes.
B. A risk analysis helps to estimate the risks and develop the appropriate security measures.
C. A risk analysis calculates the exact financial consequences of damages.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EXIN exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ISFS exam preparations and EXIN certification application, do not hesitate to visit our Vcedump.com to find your solutions here.