Use Real EXIN Achieve the ISFS Dumps - 100% Exam Passing Guarantee [Q42-Q63]

Use Real EXIN Achieve the ISFS Dumps - 100% Exam Passing Guarantee

Verified ISFS Q&As - Pass Guarantee ISFS Exam Dumps

NEW QUESTION 42
You are the owner of a growing company, SpeeDelivery, which provides courier services. You decide that it is time to draw up a risk analysis for your information system. This includes an inventory of the threats and risks.
What is the relation between a threat, risk and risk analysis?

• A. A risk analysis identifies threats from the known risks.
• B. Risk analyses help to find a balance between threats and risks.
• C. A risk analysis is used to remove the risk of a threat.
• D. A risk analysis is used to clarify which threats are relevant and what risks they involve.

Answer: D

 

NEW QUESTION 43
What is the relationship between data and information?

• A. Information is the meaning and value assigned to a collection of data.
• B. Data is structured information.

Answer: A

Explanation:
Explanation

 

NEW QUESTION 44
You work in the office of a large company. You receive a call from a person claiming to be from the Helpdesk. He asks you for your password. What kind of threat is this?

• A. Organizational threat
• B. Natural threat
• C. Social Engineering

Answer: C

 

NEW QUESTION 45
Midwest Insurance grades the monthly report of all claimed losses per insured as confidential. What is accomplished if all other reports from this insurance office are also assigned the appropriate grading?

• A. The costs for automating are easier to charge to the responsible departments.
• B. Everyone can easiliy see how sensitive the reports' contents are by consulting the grading label.
• C. A determination can be made as to which report should be printed first and which one can wait a little longer.
• D. Reports can be developed more easily and with fewer errors.

Answer: B

 

NEW QUESTION 46
What is the best description of a risk analysis?

• A. A risk analysis calculates the exact financial consequences of damages.
• B. A risk analysis helps to estimate the risks and develop the appropriate security measures.
• C. A risk analysis is a method of mapping risks without looking at company processes.

Answer: B

 

NEW QUESTION 47
A couple of years ago you started your company which has now grown from 1 to 20 employees. Your companys information is worth more and more and gone are the days when you could keep it all in hand yourself. You are aware that you have to take measures, but what should they be? You hire a consultant who advises you to start with a qualitative risk analysis. What is a qualitative risk analysis?

• A. This analysis is based on scenarios and situations and produces a subjective view of the possible threats.
• B. This analysis follows a precise statistical probability calculation in order to calculate exact loss caused by damage.

Answer: A

 

NEW QUESTION 48
My user profile specifies which network drives I can read and write to. What is the name of the type of logical access management wherein my access and rights are determined centrally?

• A. Mandatory Access Control (MAC)
• B. Public Key Infrastructure (PKI)
• C. Discretionary Access Control (DAC)

Answer: A

 

NEW QUESTION 49
You work in the IT department of a medium-sized company. Confidential information has got into the wrong hands several times. This has hurt the image of the company. You have been asked to propose organizational security measures for laptops at your company. What is the first step that you should take?

• A. Appoint security personnel
• B. Encrypt the hard drives of laptops and USB sticks
• C. Formulate a policy regarding mobile media (PDAs, laptops, smartphones, USB sticks)
• D. Set up an access control policy

Answer: C

 

NEW QUESTION 50
You are a consultant and are regularly hired by the Ministry of Defense to perform analysis.
Since the assignments are irregular, you outsource the administration of your business to temporary workers. You don't want the temporary workers to have access to your reports. Which reliability aspect of the information in your reports must you protect?

• A. Confidentiality
• B. Integrity
• C. Availability

Answer: A

 

NEW QUESTION 51
Your organization has an office with space for 25 workstations. These workstations are all fully equipped and in use. Due to a reorganization 10 extra workstations are added, 5 of which are used for a call centre 24 hours per day. Five workstations must always be available. What physical security measures must be taken in order to ensure this?

• A. Obtain an extra office and connect all 10 new workstations to an emergency power supply and UPS (Uninterruptible Power Supply). Adjust the access control system to the working hours of the new staff.
  Inform the building security personnel that work will also be carried out in the evenings and at night.
• B. Obtain an extra office and set up 10 workstations. You would therefore have spare equipment that can be used to replace any non-functioning equipment.
• C. Obtain an extra office and provide a UPS (Uninterruptible Power Supply) for the five most important workstations.
• D. Obtain an extra office and set up 10 workstations. Ensure that there are security personnel both in the evenings and at night, so that staff can work there safely and securely.

Answer: A

 

NEW QUESTION 52
What is the definition of the Annual Loss Expectancy?

• A. The Annual Loss Expectancy is the size of the damage claims resulting from not having carried out risk analyses effectively.
• B. The Annual Loss Expectancy is the average damage calculated by insurance companies for businesses in a country.
• C. The Annual Loss Expectancy is the amount of damage that can occur as a result of an incident during the year.
• D. The Annual Loss Expectancy is the minimum amount for which an organization must insure itself.

Answer: C

 

NEW QUESTION 53
You are the owner of the courier company SpeeDelivery. On the basis of your risk analysis you have decided to take a number of measures. You have daily backups made of the server, keep the server room locked and install an intrusion alarm system and a sprinkler system. Which of these measures is a detective measure?

• A. Access restriction to special rooms
• B. Intrusion alarm
• C. Sprinkler installation
• D. Backup tape

Answer: B

 

NEW QUESTION 54
Your company has to ensure that it meets the requirements set down in personal data protection legislation.
What is the first thing you should do?

• A. Make the employees responsible for submitting their personal data.
• B. Translate the personal data protection legislation into a privacy policy that is geared to the company and the contracts with the customers.
• C. Issue a ban on the provision of personal information.
• D. Appoint a person responsible for supporting managers in adhering to the policy.

Answer: B

 

NEW QUESTION 55
We can acquire and supply information in various ways. The value of the information depends on whether it is reliable. What are the reliability aspects of information?

• A. Availability, Integrity and Completeness
• B. Timeliness, Accuracy and Completeness
• C. Availability, Information Value and Confidentiality
• D. Availability, Integrity and Confidentiality

Answer: D

 

NEW QUESTION 56
Why do organizations have an information security policy?

• A. In order to give direction to how information security is set up within an organization.
• B. In order to ensure that staff do not break any laws.
• C. In order to ensure that everyone knows who is responsible for carrying out the backup procedures.
• D. In order to demonstrate the operation of the Plan-Do-Check-Act cycle within an organization.

Answer: A

 

NEW QUESTION 57
An airline company employee notices that she has access to one of the company's applications that she has not used before. Is this an information security incident?

• A. Yes
• B. No

Answer: B

Explanation:
Explanation

 

NEW QUESTION 58
There is a network printer in the hallway of the company where you work. Many employees dont pick up their printouts immediately and leave them in the printer. What are the consequences of this to the reliability of the information?

• A. The integrity of the information is no longer guaranteed.
• B. The confidentiality of the information is no longer guaranteed.
• C. The availability of the information is no longer guaranteed.

Answer: B

 

NEW QUESTION 59
Peter works at the company Midwest Insurance. His manager, Linda, asks him to send the terms and conditions for a life insurance policy to Rachel, a client. Who determines the value of the information in the insurance terms and conditions document?

• A. The person who drafted the insurance terms and conditions
• B. The manager, Linda
• C. The recipient, Rachel
• D. The sender, Peter

Answer: C

 

NEW QUESTION 60
An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry date of a contract with one of the clients is earlier than the start date. What type of measure could prevent this error?

• A. Organizational measure
• B. Integrity measure
• C. Availability measure
• D. Technical measure

Answer: D

Explanation:
Explanation/Reference:

 

NEW QUESTION 61
What is an example of a security incident?

• A. A member of staff loses a laptop.
• B. You cannot set the correct fonts in your word processing software.
• C. A file is saved under an incorrect name.
• D. The lighting in the department no longer works.

Answer: A

 

NEW QUESTION 62
Who is authorized to change the classification of a document?

• A. The administrator of the document
• B. The author of the document
• C. The owner of the document
• D. The manager of the owner of the document

Answer: C

 

NEW QUESTION 63
......

Check the Free demo of our ISFS Exam Dumps with 80 Questions: https://pass4sure.troytecdumps.com/ISFS-troytec-exam-dumps.html