최신 ISFS 무료덤프 - EXIN Information Security Foundation based on ISO/IEC 27001

문제1

The consultants at Smith Consultants Inc. work on laptops that are protected by asymmetrical cryptography. To keep the management of the keys cheap, all consultants use the same key pair. What is the companys risk if they operate in this manner?

A. If the Public Key Infrastructure (PKI) becomes known all laptops must be supplied with new keys.

B. If the private key becomes known all laptops must be supplied with new keys.

C. If the public key becomes known all laptops must be supplied with new keys.

정답: B

문제2

Your organization has an office with space for 25 workstations. These workstations are all fully equipped and in use. Due to a reorganization 10 extra workstations are added, 5 of which are used for a call centre 24 hours per day. Five workstations must always be available. What physical security measures must be taken in order to ensure this?

A. Obtain an extra office and set up 10 workstations. Ensure that there are security personnel both in the evenings and at night, so that staff can work there safely and securely.

B. Obtain an extra office and set up 10 workstations. You would therefore have spare equipment that can be used to replace any non-functioning equipment.

C. Obtain an extra office and provide a UPS (Uninterruptible Power Supply) for the five most important workstations.

D. Obtain an extra office and connect all 10 new workstations to an emergency power supply and UPS (Uninterruptible Power Supply). Adjust the access control system to the working hours of the new staff. Inform the building security personnel that work will also be carried out in the evenings and at night.

정답: D

문제3

There is a network printer in the hallway of the company where you work. Many employees dont pick up their printouts immediately and leave them in the printer. What are the consequences of this to the reliability of the information?

A. The availability of the information is no longer guaranteed.

B. The confidentiality of the information is no longer guaranteed.

C. The integrity of the information is no longer guaranteed.

정답: B

문제4

Why do organizations have an information security policy?

A. In order to ensure that everyone knows who is responsible for carrying out the backup procedures.

B. In order to give direction to how information security is set up within an organization.

C. In order to demonstrate the operation of the Plan-Do-Check-Act cycle within an organization.

D. In order to ensure that staff do not break any laws.

정답: B

문제5

You are the owner of the courier company SpeeDelivery. You employ a few people who, while waiting to make a delivery, can carry out other tasks. You notice, however, that they use this time to send and read their private mail and surf the Internet. In legal terms, in which way can the use of the Internet and e-mail facilities be best regulated?

A. Drafting a code of conduct for the use of the Internet and e-mail in which the rights and obligations of both the employer and staff are set down

B. Installing an application that makes certain websites no longer accessible and that filters attachments in e-mails

C. Installing a virus scanner

D. Implementing privacy regulations

정답: A

문제6

What is a repressive measure in the case of a fire?

A. Repairing damage caused by the fire

B. Taking out fire insurance

C. Putting out a fire after it has been detected by a fire detector

정답: C

문제7

What is a human threat to the reliability of the information on your company website?

A. The computer hosting your website is overloaded and crashes. Your website is offline.

B. Because of a lack of maintenance, a fire hydrant springs a leak and floods the premises. Your employees cannot come into the office and therefore can not keep the information on the website up to date.

C. One of your employees commits an error in the price of a product on your website.

정답: C

문제8

In the organization where you work, information of a very sensitive nature is processed. Management is legally obliged to implement the highest-level security measures. What is this kind of risk strategy called?

A. Risk neutral

B. Risk bearing

C. Risk avoiding

정답: C

최신 ISFS 무료덤프 - EXIN Information Security Foundation based on ISO/IEC 27001

우리와 연락하기

유용한 링크

최신 업데이트