Dumps of ISFS Cover all the requirements of the Real Exam [Q11-Q33]

Dumps of ISFS Cover all the requirements of the Real Exam

Correct Practice Tests of ISFS Dumps with Practice Exam

NEW QUESTION # 11
Midwest Insurance controls access to its offices with a passkey system. We call this a preventive measure. What are some other measures?

• A. Detective, repressive and corrective measures
• B. Partial, adaptive and corrective measures
• C. Repressive, adaptive and corrective measures

Answer: A

NEW QUESTION # 12
Your company is in the news as a result of an unfortunate action by one of your employees. The phones are ringing off the hook with customers wanting to cancel their contracts. What do we call this type of damage?

• A. Direct damage
• B. Indirect damage

Answer: B

NEW QUESTION # 13
You work in the office of a large company. You receive a call from a person claiming to be from the Helpdesk.
He asks you for your password. What kind of threat is this?

• A. Social Engineering
• B. Organizational threat
• C. Natural threat

Answer: A

NEW QUESTION # 14
What is an example of a non-human threat to the physical environment?

• A. Virus
• B. Storm
• C. Corrupted file
• D. Fraudulent transaction

Answer: B

NEW QUESTION # 15
You are the owner of the SpeeDelivery courier service. Last year you had a firewall installed. You now discover that no maintenance has been performed since the installation. What is the biggest risk because of this?

• A. The risk of undesired e-mails
• B. The risk that fire may break out in the server room
• C. The risk that hackers can do as they wish on the network without detection
• D. The risk of a virus outbreak

Answer: C

NEW QUESTION # 16
Which of the following measures is a corrective measure?

• A. Restoring a backup of the correct database after a corrupt copy of the database was written over the original
• B. Making a backup of the data that has been created or altered that day
• C. Incorporating an Intrusion Detection System (IDS) in the design of a computer centre
• D. Installing a virus scanner in an information system

Answer: A

NEW QUESTION # 17
At Midwest Insurance, all information is classified. What is the goal of this classification of information?

• A. Applying labels making the information easier to recognize
• B. Structuring information according to its sensitivity
• C. To create a manual about how to handle mobile devices

Answer: B

NEW QUESTION # 18
What action is an unintentional human threat?

• A. Theft of a laptop
• B. Social engineering
• C. Incorrect use of fire extinguishing equipment
• D. Arson

Answer: C

NEW QUESTION # 19
Who is authorized to change the classification of a document?

• A. The administrator of the document
• B. The owner of the document
• C. The author of the document
• D. The manager of the owner of the document

Answer: B

NEW QUESTION # 20
You have an office that designs corporate logos. You have been working on a draft for a large client. Just as you are going to press the <save> button, the screen goes blank. The hard disk is damaged and cannot be repaired. You find an early version of the design in your mail folder and you reproduce the draft for the customer. What is such a measure called?

• A. Reductive measure
• B. Corrective measure
• C. Preventive measure

Answer: B

NEW QUESTION # 21
You are a consultant and are regularly hired by the Ministry of Defense to perform analysis. Since the assignments are irregular, you outsource the administration of your business to temporary workers. You don't want the temporary workers to have access to your reports. Which reliability aspect of the information in your reports must you protect?

• A. Availability
• B. Integrity
• C. Confidentiality

Answer: C

NEW QUESTION # 22
A well executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives. What is not one of the four main objectives of a risk analysis?

• A. Establishing a balance between the costs of an incident and the costs of a security measure
• B. Determining relevant vulnerabilities and threats
• C. Identifying assets and their value
• D. Determining the costs of threats

Answer: D

NEW QUESTION # 23
Your company has to ensure that it meets the requirements set down in personal data protection legislation. What is the first thing you should do?

• A. Appoint a person responsible for supporting managers in adhering to the policy.
• B. Make the employees responsible for submitting their personal data.
• C. Translate the personal data protection legislation into a privacy policy that is geared to the company and the contracts with the customers.
• D. Issue a ban on the provision of personal information.

Answer: C

NEW QUESTION # 24
A couple of years ago you started your company which has now grown from 1 to 20 employees.
Your companys information is worth more and more and gone are the days when you could keep it all in hand yourself. You are aware that you have to take measures, but what should they be?
You hire a consultant who advises you to start with a qualitative risk analysis. What is a qualitative risk analysis?

• A. This analysis follows a precise statistical probability calculation in order to calculate exact loss caused by damage.
• B. This analysis is based on scenarios and situations and produces a subjective view of the possible threats.

Answer: B

Explanation:
Explanation

NEW QUESTION # 25
You work for a large organization. You notice that you have access to confidential information that you should not be able to access in your position. You report this security incident to the helpdesk. The incident cycle isinitiated. What are the stages of the security incident cycle?

• A. Threat, Damage, Incident, Recovery
• B. Threat, Damage, Recovery, Incident
• C. Threat, Incident, Damage, Recovery
• D. Threat, Recovery, Incident, Damage

Answer: C

NEW QUESTION # 26
What sort of security does a Public Key Infrastructure (PKI) offer?

• A. It provides digital certificates which can be used to digitally sign documents. Such signatures irrefutably determine from whom a document was sent.
• B. Having a PKI shows customers that a web-based business is secure.
• C. By providing agreements, procedures and an organization structure, a PKI defines which person or which system belongs to which specific public key.
• D. A PKI ensures that backups of company data are made on a regular basis.

Answer: C

NEW QUESTION # 27
You are the owner of a growing company, SpeeDelivery, which provides courier services. You decide that it is time to draw up a risk analysis for your information system. This includes an inventory of the threats and risks.
What is the relation between a threat, risk and risk analysis?

• A. A risk analysis is used to remove the risk of a threat.
• B. Risk analyses help to find a balance between threats and risks.
• C. A risk analysis is used to clarify which threats are relevant and what risks they involve.
• D. A risk analysis identifies threats from the known risks.

Answer: C

NEW QUESTION # 28
You are a consultant and are regularly hired by the Ministry of Defense to perform analysis.
Since the assignments are irregular, you outsource the administration of your business to temporary workers. You don't want the temporary workers to have access to your reports. Which reliability aspect of the information in your reports must you protect?

• A. Availability
• B. Integrity
• C. Confidentiality

Answer: C

NEW QUESTION # 29
You work in the IT department of a medium-sized company. Confidential information has got into the wrong hands several times. This has hurt the image of the company. You have been asked to propose organizational security measures for laptops at your company. What is the first step that you should take?

• A. Set up an access control policy
• B. Encrypt the hard drives of laptops and USB sticks
• C. Formulate a policy regarding mobile media (PDAs, laptops, smartphones, USB sticks)
• D. Appoint security personnel

Answer: C

NEW QUESTION # 30
The act of taking organizational security measures is inextricably linked with all other measures that have to be taken. What is the name of the system that guarantees the coherence of information security in the organization?

• A. Security regulations for special information for the government
• B. Rootkit
• C. Information Security Management System (ISMS)

Answer: C

NEW QUESTION # 31
A couple of years ago you started your company which has now grown from 1 to 20 employees.
Your companys information is worth more and more and gone are the days when you could keep it all in hand yourself. You are aware that you have to take measures, but what should they be?
You hire a consultant who advises you to start with a qualitative risk analysis. What is a qualitative risk analysis?

• A. This analysis follows a precise statistical probability calculation in order to calculate exact loss caused by damage.
• B. This analysis is based on scenarios and situations and produces a subjective view of the possible threats.

Answer: B

NEW QUESTION # 32
You own a small company in a remote industrial areA. Lately, the alarm regularly goes off in the middle of the night. It takes quite a bit of time to respond to it and it seems to be a false alarm every time. You decide to set up a hidden camerA. What is such a measure called?

• A. Detective measure
• B. Repressive measure
• C. Preventive measure

Answer: A

NEW QUESTION # 33
......

EXIN ISFS Certification Exam covers a wide range of topics related to information security management, including the principles of information security, the ISO/IEC 27001 standard, risk management, and compliance. ISFS exam consists of 40 multiple-choice questions that must be completed within 60 minutes. To pass the exam, candidates must achieve a score of at least 65%.

 

Sample Questions of ISFS Dumps With 100% Exam Passing Guarantee: https://quiztorrent.testbraindump.com/ISFS-exam-prep.html