• Home
  • Articles
  • [2021] Free ISFS Exam Dumps to Pass Exam Easily [Q15-Q38]

[2021] Free ISFS Exam Dumps to Pass Exam Easily [Q15-Q38]

Share

[2021] Free ISFS Exam Dumps to Pass Exam Easily

ISFS Exam Dumps, ISFS Practice Test Questions


What is the duration of the ISFS Exam

  • Number of Questions: 40
  • Passing Score: 65%
  • Format: Multiple choices, multiple answers
  • Length of Examination: 1 hour

How to book the ISFS Exam

These are following steps for registering the Exin ISFS exam. Step 1: Visit to Pearson VUE Exam Registration Step 2: Signup/Login to Pearson VUE account Step 3: Search for Exin ISFS Exam Certifications Exam Step 4: Select Date, time and confirm with payment method


EXIN ISFS Exam Syllabus Topics:

TopicDetails
Topic 1
  • Explain why legislation and regulations are important for the reliability of information
  • Explain the difference between data and information
Topic 2
  • Give examples of legislation related to information security
  • Outline the objectives and the content of a security policy
Topic 3
  • Describe the risks involved with insufficient technical security measures
  • Describe how the value of data and information can influence organizations
Topic 4
  • Describe access security measures such as the segregation of duties and the use of passwords
  • Name the most important roles in the security organization
Topic 5
  • Explain the importance to an organization of a well set-up business continuity management
  • Outline the objectives and the content of a security organization
Topic 6
  • Describe the concepts identification, authentication,and authorization
  • Describe the value of data and information for organizations
Topic 7
  • Explain the relationship between risks and security measures
  • Describe the risks involved with insufficient physical security measures
Topic 8
  • Describe various ways in which security measures may be structured or arranged
  • Summarize how security incidents are reported and what information is required
Topic 10
  • Describe the effects of escalation within the organization
  • Explain the relationship between a threat and a risk
Topic 11
  • Explain the consequences of not reporting security incidents
  • Explain the objective of the classification of information
Topic 12
  • Understand the concepts cryptography, digital signature,and certificate
  • Explain the concepts threat, risk and risk analysis
Topic 13
  • Describe the measures that can be used against malware, phishing,and spam
  • Give examples of regulations related to information security

 

NEW QUESTION 15
An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry date of a contract with one of the clients is earlier than the start date. What type of measure could prevent this error?

  • A. Technical measure
  • B. Integrity measure
  • C. Organizational measure
  • D. Availability measure

Answer: A

Explanation:
Explanation/Reference:

 

NEW QUESTION 16
A company moves into a new building. A few weeks after the move, a visitor appears unannounced in the office of the director. An investigation shows that visitors passes grant the same access as the passes of the companys staff. Which kind of security measure could have prevented this?

  • A. An organizational security measure
  • B. A technical security measure
  • C. A physical security measure

Answer: C

 

NEW QUESTION 17
What action is an unintentional human threat?

  • A. Arson
  • B. Incorrect use of fire extinguishing equipment
  • C. Social engineering
  • D. Theft of a laptop

Answer: B

Explanation:
Explanation/Reference:

 

NEW QUESTION 18
You work in the IT department of a medium-sized company. Confidential information has got into the wrong hands several times. This has hurt the image of the company. You have been asked to propose organizational security measures for laptops at your company. What is the first step that you should take?

  • A. Formulate a policy regarding mobile media (PDAs, laptops, smartphones, USB sticks)
  • B. Set up an access control policy
  • C. Appoint security personnel
  • D. Encrypt the hard drives of laptops and USB sticks

Answer: A

 

NEW QUESTION 19
Three characteristics determine the reliability of information. Which characteristics are these?

  • A. Availability, Nonrepudiation and Confidentiality
  • B. Availability, Integrity and Correctness
  • C. Availability, Integrity and Confidentiality

Answer: C

 

NEW QUESTION 20
Logging in to a computer system is an access-granting process consisting of three steps: identification, authentication and authorization. What occurs during the first step of this process: identification?

  • A. The first step consists of granting access to the information to which the user is authorized.
  • B. The first step consists of checking if the user is using the correct certificate.
  • C. The first step consists of checking if the user appears on the list of authorized users.
  • D. The first step consists of comparing the password with the registered password.

Answer: C

 

NEW QUESTION 21
What is an example of a good physical security measure?

  • A. Maintenance staff can be given quick and unimpeded access to the server area in the event of disaster.
  • B. All employees and visitors carry an access pass.
  • C. Printers that are defective or have been replaced are immediately removed and given away as garbage for recycling.

Answer: B

 

NEW QUESTION 22
What is the relationship between data and information?

  • A. Data is structured information.
  • B. Information is the meaning and value assigned to a collection of data.

Answer: B

 

NEW QUESTION 23
Who is authorized to change the classification of a document?

  • A. The owner of the document
  • B. The manager of the owner of the document
  • C. The administrator of the document
  • D. The author of the document

Answer: A

 

NEW QUESTION 24
The act of taking organizational security measures is inextricably linked with all other measures that have to be taken. What is the name of the system that guarantees the coherence of information security in the organization?

  • A. Security regulations for special information for the government
  • B. Rootkit
  • C. Information Security Management System (ISMS)

Answer: C

 

NEW QUESTION 25
In the organization where you work, information of a very sensitive nature is processed. Management is legally obliged to implement the highest-level security measures. What is this kind of risk strategy called?

  • A. Risk bearing
  • B. Risk neutral
  • C. Risk avoiding

Answer: C

 

NEW QUESTION 26
You work in the office of a large company. You receive a call from a person claiming to be from the Helpdesk. He asks you for your password. What kind of threat is this?

  • A. Natural threat
  • B. Organizational threat
  • C. Social Engineering

Answer: C

 

NEW QUESTION 27
You have a small office in an industrial areA. You would like to analyze the risks your company faces. The office is in a pretty remote location; therefore, the possibility of arson is not entirely out of the question. What is the relationship between the threat of fire and the risk of fire?

  • A. The risk of fire is the threat of fire multiplied by the chance that the fire may occur and the consequences thereof.
  • B. The threat of fire is the risk of fire multiplied by the chance that the fire may occur and the consequences thereof.

Answer: A

 

NEW QUESTION 28
What is the goal of an organization's security policy?

  • A. To define all threats to and measures for ensuring information security
  • B. To provide direction and support to information security
  • C. To document all incidents that threaten the reliability of information
  • D. To document all procedures required to maintain information security

Answer: B

 

NEW QUESTION 29
What is the most important reason for applying segregation of duties?

  • A. Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.
  • B. Segregation of duties makes it easier for a person who is ready with his or her part of the work to take time off or to take over the work of another person.
  • C. Segregation of duties makes it clear who is responsible for what.
  • D. Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.

Answer: D

 

NEW QUESTION 30
Why is air-conditioning placed in the server room?

  • A. Backup tapes are made from thin plastic which cannot withstand high temperatures. Therefore, if it gets too hot in a server room, they may get damaged.
  • B. In the server room the air has to be cooled and the heat produced by the equipment has to be extracted.
    The air in the room is also dehumidified and filtered.
  • C. It is not pleasant for the maintenance staff to have to work in a server room that is too warm.
  • D. When a company wishes to cool its offices, the server room is the best place. This way, no office space needs to be sacrificed for such a large piece of equipment.

Answer: B

 

NEW QUESTION 31
An airline company employee notices that she has access to one of the company's applications that she has not used before. Is this an information security incident?

  • A. No
  • B. Yes

Answer: A

 

NEW QUESTION 32
Your organization has an office with space for 25 workstations. These workstations are all fully equipped and in use. Due to a reorganization 10 extra workstations are added, 5 of which are used for a call centre 24 hours per day. Five workstations must always be available. What physical security measures must be taken in order to ensure this?

  • A. Obtain an extra office and provide a UPS (Uninterruptible Power Supply) for the five most important workstations.
  • B. Obtain an extra office and set up 10 workstations. Ensure that there are security personnel both in the evenings and at night, so that staff can work there safely and securely.
  • C. Obtain an extra office and connect all 10 new workstations to an emergency power supply and UPS (Uninterruptible Power Supply). Adjust the access control system to the working hours of the new staff.
    Inform the building security personnel that work will also be carried out in the evenings and at night.
  • D. Obtain an extra office and set up 10 workstations. You would therefore have spare equipment that can be used to replace any non-functioning equipment.

Answer: C

 

NEW QUESTION 33
What is the greatest risk for an organization if no information security policy has been defined?

  • A. If everyone works with the same account, it is impossible to find out who worked on what.
  • B. It is not possible for an organization to implement information security in a consistent manner.
  • C. Information security activities are carried out by only a few people.
  • D. Too many measures are implemented.

Answer: B

 

NEW QUESTION 34
Logging in to a computer system is an access-granting process consisting of three steps: identification, authentication and authorization.
What occurs during the first step of this process: identification?

  • A. The first step consists of granting access to the information to which the user is authorized.
  • B. The first step consists of checking if the user is using the correct certificate.
  • C. The first step consists of checking if the user appears on the list of authorized users.
  • D. The first step consists of comparing the password with the registered password.

Answer: C

 

NEW QUESTION 35
A couple of years ago you started your company which has now grown from 1 to 20 employees.
Your companys information is worth more and more and gone are the days when you could keep it all in hand yourself. You are aware that you have to take measures, but what should they be?
You hire a consultant who advises you to start with a qualitative risk analysis. What is a qualitative risk analysis?

  • A. This analysis follows a precise statistical probability calculation in order to calculate exact loss caused by damage.
  • B. This analysis is based on scenarios and situations and produces a subjective view of the possible threats.

Answer: B

Explanation:
Explanation

 

NEW QUESTION 36
Which is a legislative or regulatory act related to information security that can be imposed upon all organizations?

  • A. ISO/IEC 27002:2005
  • B. Intellectual Property Rights
  • C. ISO/IEC 27001:2005
  • D. Personal data protection legislation

Answer: D

 

NEW QUESTION 37
Three characteristics determine the reliability of information. Which characteristics are these?

  • A. Availability, Nonrepudiation and Confidentiality
  • B. Availability, Integrity and Correctness
  • C. Availability, Integrity and Confidentiality

Answer: C

Explanation:
Explanation/Reference:

 

NEW QUESTION 38
......

ISFS Exam Dumps, ISFS Practice Test Questions: https://www.dumpsvalid.com/ISFS-still-valid-exam.html

Free ISFS Study Guides Exam Questions & Answer: https://drive.google.com/open?id=1VS0VClTn69NOIh4oQLnGsjgdxbrXFzhr

Related Articles

more
EXIN ISFS Certification Practice Exam

Copyright © 2026 DumpsValid NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy