Question No. 1

What is the definition of the Annual Loss Expectancy?

AThe Annual Loss Expectancy is the amount of damage that can occur as a result of an incident
during the year.

BThe Annual Loss Expectancy is the size of the damage claims resulting from not having
carried out risk analyses effectively.

CThe Annual Loss Expectancy is the average damage calculated by insurance companies for
businesses in a country.

DThe Annual Loss Expectancy is the minimum amount for which an organization must insure
itself.

Show Answer

Correct Answer: A

Question No. 2

Midwest Insurance controls access to its offices with a passkey system. We call this a preventive

measure. What are some other measures?

ADetective, repressive and corrective measures

BPartial, adaptive and corrective measures

CRepressive, adaptive and corrective measures

Show Answer

Correct Answer: A

Question No. 3

The Information Security Manager (ISM) at Smith Consultants Inc. introduces the following

measures to assure information security:

- The security requirements for the network are specified.

- A test environment is set up for the purpose of testing reports coming from the database.

- The various employee functions are assigned corresponding access rights.

- RFID access passes are introduced for the building.

Which one of these measures is not a technical measure?

AThe specification of requirements for the network

BSetting up a test environment

CIntroducing a logical access policy

DIntroducing RFID access passes

Show Answer

Correct Answer: D

Question No. 4

You are the owner of SpeeDelivery courier service. Because of your companys growth you have

to think about information security. You know that you have to start creating a policy. Why is it so

important to have an information security policy as a starting point?

AThe information security policy gives direction to the information security efforts.

BThe information security policy supplies instructions for the daily practice of information
security.

CThe information security policy establishes which devices will be protected.

DThe information security policy establishes who is responsible for which area of information
security.

Show Answer

Correct Answer: A

Question No. 5

You are the owner of the SpeeDelivery courier service. Last year you had a firewall installed. You

now discover that no maintenance has been performed since the installation. What is the biggest

risk because of this?

AThe risk that hackers can do as they wish on the network without detection

BThe risk that fire may break out in the server room

CThe risk of a virus outbreak

DThe risk of undesired e-mails

Show Answer

Correct Answer: A

Free Exin ISFS Exam Actual Questions

The questions for ISFS were last updated On Nov 19, 2024