최신 ISFS 무료덤프 - EXIN Information Security Foundation based on ISO/IEC 27001

문제1

You are the first to arrive at work in the morning and notice that the CD ROM on which you saved contracts yesterday has disappeared. You were the last to leave yesterday. When should you report this information security incident?

A. You should first investigate this incident yourself and try to limit the damage.

B. You should wait a few days before reporting this incident. The CD ROM can still reappear and, in that case, you will have made a fuss for nothing.

C. This incident should be reported immediately.

정답: C

문제2

You are the owner of the courier company SpeeDelivery. On the basis of your risk analysis you have decided to take a number of measures. You have daily backups made of the server, keep the server room locked and install an intrusion alarm system and a sprinkler system. Which of these measures is a detective measure?

A. Access restriction to special rooms

B. Backup tape

C. Intrusion alarm

D. Sprinkler installation

정답: C

문제3

Which is a legislative or regulatory act related to information security that can be imposed upon all organizations?

A. ISO/IEC 27002:2005

B. Intellectual Property Rights

C. ISO/IEC 27001:2005

D. Personal data protection legislation

정답: D

문제4

What is an example of a good physical security measure?

A. Printers that are defective or have been replaced are immediately removed and given away as garbage for recycling.

B. All employees and visitors carry an access pass.

C. Maintenance staff can be given quick and unimpeded access to the server area in the event of disaster.

정답: B

문제5

Your company has to ensure that it meets the requirements set down in personal data protection legislation. What is the first thing you should do?

A. Appoint a person responsible for supporting managers in adhering to the policy.

B. Make the employees responsible for submitting their personal data.

C. Translate the personal data protection legislation into a privacy policy that is geared to the company and the contracts with the customers.

D. Issue a ban on the provision of personal information.

정답: C

문제6

You are a consultant and are regularly hired by the Ministry of Defense to perform analysis. Since the assignments are irregular, you outsource the administration of your business to temporary workers. You don't want the temporary workers to have access to your reports. Which reliability aspect of the information in your reports must you protect?

A. Integrity

B. Availability

C. Confidentiality

정답: C

문제7

What is the most important reason for applying segregation of duties?

A. Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.

B. Segregation of duties makes it clear who is responsible for what.

C. Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.

D. Segregation of duties makes it easier for a person who is ready with his or her part of the work to take time off or to take over the work of another person.

정답: C

문제8

Peter works at the company Midwest Insurance. His manager, Linda, asks him to send the terms and conditions for a life insurance policy to Rachel, a client. Who determines the value of the information in the insurance terms and conditions document?

A. The manager, Linda

B. The sender, Peter

C. The person who drafted the insurance terms and conditions

D. The recipient, Rachel

정답: D

최신 ISFS 무료덤프 - EXIN Information Security Foundation based on ISO/IEC 27001

우리와 연락하기

유용한 링크

최신 업데이트