Question No. 1

What is a key item that must be kept in mind when designing an enterprise-wide information security program?

AWhen defining controls follow an approach and framework that is consistent with organizational culture

BDetermine controls in the light of specific risks an organization is facing

CPut an enterprise-wide network and Host-Based Intrusion Detection and Prevention System (Host-Based IDPS) into place as soon as possible

DPut an incident management and log file analysis program in place immediately

Show Answer

Correct Answer: B

Question No. 2

What is a risk treatment strategy?

AMobile updates

BRisk acceptance

CRisk exclusion

DSoftware installation

Show Answer

Correct Answer: B

Question No. 3

An information security officer is asked to write a retention policy for a financial system. She is aware of the fact that some data must be kept for a long time and other data must be deleted.

Where should she look for guidelines first?

AIn company policies

BIn finance management procedures

CIn legislation

Show Answer

Correct Answer: C

Question No. 4

Who should be asked to check compliance with the information security policy throughout the company?

AInternal audit department

BExternal forensics investigators

CThe same company that checks the yearly financial statement

Show Answer

Correct Answer: B

Question No. 5

A company's webshop offers prospects and customers the possibility to search the catalog and place orders around the clock. In order to satisfy the needs of both customer and business several requirements have to

be met. One of the criteria is data classification.

What is the most important classification aspect of the unit price of an object in a 24h webshop?

AConfidentiality

BIntegrity

CAvailability

Show Answer

Correct Answer: C

Free Exin ISMP Exam Actual Questions

The questions for ISMP were last updated On Dec 20, 2024