최신 ISFS 무료덤프 - EXIN Information Security Foundation based on ISO/IEC 27001

문제1

In the organization where you work, information of a very sensitive nature is processed. Management is legally obliged to implement the highest-level security measures. What is this kind of risk strategy called?

A. Risk neutral

B. Risk bearing

C. Risk avoiding

정답: C

문제2

We can acquire and supply information in various ways. The value of the information depends on whether it is reliable. What are the reliability aspects of information?

A. Availability, Information Value and Confidentiality

B. Availability, Integrity and Completeness

C. Availability, Integrity and Confidentiality

D. Timeliness, Accuracy and Completeness

정답: C

문제3

Midwest Insurance controls access to its offices with a passkey system. We call this a preventive measure. What are some other measures?

A. Repressive, adaptive and corrective measures

B. Detective, repressive and corrective measures

C. Partial, adaptive and corrective measures

정답: B

문제4

When we are at our desk, we want the information system and the necessary information to be available. We want to be able to work with the computer and access the network and our files. What is the correct definition of availability?

A. The degree to which the continuity of an organization is guaranteed

B. The degree to which the system capacity is enough to allow all users to work with it

C. The total amount of time that an information system is accessible to the users

D. The degree to which an information system is available for the users

정답: D

문제5

An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry date of a contract with one of the clients is earlier than the start date. What type of measure could prevent this error?

A. Availability measure

B. Technical measure

C. Integrity measure

D. Organizational measure

정답: B

문제6

You are the owner of a growing company, SpeeDelivery, which provides courier services. You decide that it is time to draw up a risk analysis for your information system. This includes an inventory of the threats and risks. What is the relation between a threat, risk and risk analysis?

A. A risk analysis is used to remove the risk of a threat.

B. Risk analyses help to find a balance between threats and risks.

C. A risk analysis is used to clarify which threats are relevant and what risks they involve.

D. A risk analysis identifies threats from the known risks.

정답: C

문제7

Midwest Insurance grades the monthly report of all claimed losses per insured as confidential. What is accomplished if all other reports from this insurance office are also assigned the appropriate grading?

A. Reports can be developed more easily and with fewer errors.

B. The costs for automating are easier to charge to the responsible departments.

C. A determination can be made as to which report should be printed first and which one can wait a little longer.

D. Everyone can easiliy see how sensitive the reports' contents are by consulting the grading label.

정답: D

문제8

You are the owner of SpeeDelivery courier service. Because of your companys growth you have to think about information security. You know that you have to start creating a policy. Why is it so important to have an information security policy as a starting point?

A. The information security policy establishes who is responsible for which area of information security.

B. The information security policy supplies instructions for the daily practice of information security.

C. The information security policy establishes which devices will be protected.

D. The information security policy gives direction to the information security efforts.

정답: D

최신 ISFS 무료덤프 - EXIN Information Security Foundation based on ISO/IEC 27001

우리와 연락하기

유용한 링크

최신 업데이트