aiotestking uk

ISFS Exam Questions - Online Test


ISFS Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

New EXIN,Inc ISFS Exam Dumps Collection (Question 1 - Question 10)

Q1. A well executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives. What is not one of the four main objectives of a risk analysis?

A. Identifying assets and their value

B. Determining the costs of threats

C. Establishing a balance between the costs of an incident and the costs of a security measure

D. Determining relevant vulnerabilities and threats

Answer: B


Q2. What is the relationship between data and information?

A. Data is structured information.

B. Information is the meaning and value assigned to a collection of data.

Answer: B


Q3. Your company is in the news as a result of an unfortunate action by one of your employees. The

phones are ringing off the hook with customers wanting to cancel their contracts. What do we call this type of damage?

A. Direct damage

B. Indirect damage

Answer: B


Q4. What is the relationship between data and information?

A. Data is structured information.

B. Information is the meaning and value assigned to a collection of data.

Answer: B


Q5. Some threats are caused directly by people, others have a natural cause. What is an example of an intentional human threat?

A. Lightning strike

B. Arson

C. Flood

D. Loss of a USB stick

Answer: B


Q6. Who is authorized to change the classification of a document?

A. The author of the document

B. The administrator of the document

C. The owner of the document

D. The manager of the owner of the document

Answer: C


Q7. The Information Security Manager (ISM) at Smith Consultants Inc. introduces the following measures to assure information security:

- The security requirements for the network are specified.

- A test environment is set up for the purpose of testing reports coming from the database.

- The various employee functions are assigned corresponding access rights.

- RFID access passes are introduced for the building. Which one of these measures is not a technical measure?

A. The specification of requirements for the network

B. Setting up a test environment

C. Introducing a logical access policy

D. Introducing RFID access passes

Answer: : D


Q8. What is the objective of classifying information?

A. Authorizing the use of an information system

B. Creating a label that indicates how confidential the information is

C. Defining different levels of sensitivity into which information may be arranged

D. Displaying on the document who is permitted access

Answer: C


Q9. You own a small company in a remote industrial areA. Lately, the alarm regularly goes off in the middle of the night. It takes quite a bit of time to respond to it and it seems to be a false alarm every time. You decide to set up a hidden camerA. What is such a measure called?

A. Detective measure

B. Preventive measure

C. Repressive measure

Answer: A


Q10. What is the definition of the Annual Loss Expectancy?

A. The Annual Loss Expectancy is the amount of damage that can occur as a result of an incident

during the year.

B. The Annual Loss Expectancy is the size of the damage claims resulting from not having carried out risk analyses effectively.

C. The Annual Loss Expectancy is the average damage calculated by insurance companies for

businesses in a country.

D. The Annual Loss Expectancy is the minimum amount for which an organization must insure

itself.

Answer: A


P.S. Easily pass ISFS Exam with Examcollection Vivid Dumps & pdf vce, Try Free: http://www.examcollectionuk.com/ISFS-vce-download.html ( New Questions)