[Q31-Q49] Get up-to-date Real Exam Questions for ISFS UPDATED [2024]

Get up-to-date Real Exam Questions for ISFS UPDATED [2024]

Pass EXIN ISFS Exam in First Attempt Guaranteed

NEW QUESTION # 31
You work in the IT department of a medium-sized company. Confidential information has got into the wrong hands several times. This has hurt the image of the company. You have been asked to propose organizational security measures for laptops at your company. What is the first step that you should take?

• A. Set up an access control policy
• B. Formulate a policy regarding mobile media (PDAs, laptops, smartphones, USB sticks)
• C. Encrypt the hard drives of laptops and USB sticks
• D. Appoint security personnel

Answer: B

Explanation:
Explanation/Reference:

NEW QUESTION # 32
A company moves into a new building. A few weeks after the move, a visitor appears unannounced in the office of the director. An investigation shows that visitors passes grant the same access as the passes of the companys staff. Which kind of security measure could have prevented this?

• A. A physical security measure
• B. An organizational security measure
• C. A technical security measure

Answer: A

NEW QUESTION # 33
An airline company employee notices that she has access to one of the company's applications that she has not used before. Is this an information security incident?

• A. No
• B. Yes

Answer: A

Explanation:
Explanation

NEW QUESTION # 34
What is the most important reason for applying segregation of duties?

• A. Segregation of duties makes it clear who is responsible for what.
• B. Segregation of duties makes it easier for a person who is ready with his or her part of the work to take time off or to take over the work of another person.
• C. Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.
• D. Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.

Answer: C

NEW QUESTION # 35
What action is an unintentional human threat?

• A. Social engineering
• B. Theft of a laptop
• C. Incorrect use of fire extinguishing equipment
• D. Arson

Answer: C

Explanation:
Explanation/Reference:

NEW QUESTION # 36
There is a network printer in the hallway of the company where you work. Many employees dont pick up their printouts immediately and leave them in the printer. What are the consequences of this to the reliability of the information?

• A. The confidentiality of the information is no longer guaranteed.
• B. The availability of the information is no longer guaranteed.
• C. The integrity of the information is no longer guaranteed.

Answer: A

Explanation:
Explanation

NEW QUESTION # 37
Which of these is not malicious software?

• A. Phishing
• B. Spyware
• C. Virus
• D. Worm

Answer: A

NEW QUESTION # 38
A couple of years ago you started your company which has now grown from 1 to 20 employees. Your companys information is worth more and more and gone are the days when you could keep it all in hand yourself. You are aware that you have to take measures, but what should they be? You hire a consultant who advises you to start with a qualitative risk analysis. What is a qualitative risk analysis?

• A. This analysis is based on scenarios and situations and produces a subjective view of the possible threats.
• B. This analysis follows a precise statistical probability calculation in order to calculate exact loss caused by damage.

Answer: A

NEW QUESTION # 39
When we are at our desk, we want the information system and the necessary information to be available. We want to be able to work with the computer and access the network and our files. What is the correct definition of availability?

• A. The total amount of time that an information system is accessible to the users
• B. The degree to which an information system is available for the users
• C. The degree to which the system capacity is enough to allow all users to work with it
• D. The degree to which the continuity of an organization is guaranteed

Answer: B

NEW QUESTION # 40
You apply for a position in another company and get the job. Along with your contract, you are asked to sign a code of conduct. What is a code of conduct?

• A. A code of conduct differs from company to company and specifies, among other things, the rules of behavior with regard to the usage of information systems.
• B. A code of conduct is a standard part of a labor contract.
• C. A code of conduct specifies how employees are expected to conduct themselves and is the same for all companies.

Answer: A

NEW QUESTION # 41
Midwest Insurance controls access to its offices with a passkey system. We call this a preventive measure.
What are some other measures?

• A. Detective, repressive and corrective measures
• B. Partial, adaptive and corrective measures
• C. Repressive, adaptive and corrective measures

Answer: A

NEW QUESTION # 42
You own a small company in a remote industrial areA. Lately, the alarm regularly goes off in the middle of the night. It takes quite a bit of time to respond to it and it seems to be a false alarm every time. You decide to set up a hidden camerA. What is such a measure called?

• A. Repressive measure
• B. Preventive measure
• C. Detective measure

Answer: C

Explanation:
Explanation/Reference:

NEW QUESTION # 43
You have an office that designs corporate logos. You have been working on a draft for a large client. Just as you are going to press the <save> button, the screen goes blank. The hard disk is damaged and cannot be repaired. You find an early version of the design in your mail folder and you reproduce the draft for the customer. What is such a measure called?

• A. Preventive measure
• B. Reductive measure
• C. Corrective measure

Answer: C

NEW QUESTION # 44
Who is authorized to change the classification of a document?

• A. The administrator of the document
• B. The owner of the document
• C. The manager of the owner of the document
• D. The author of the document

Answer: B

NEW QUESTION # 45
We can acquire and supply information in various ways. The value of the information depends on whether it is reliable. What are the reliability aspects of information?

• A. Availability, Information Value and Confidentiality
• B. Availability, Integrity and Confidentiality
• C. Availability, Integrity and Completeness
• D. Timeliness, Accuracy and Completeness

Answer: B

NEW QUESTION # 46
An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry date of a contract with one of the clients is earlier than the start date. What type of measure could prevent this error?

• A. Technical measure
• B. Integrity measure
• C. Organizational measure
• D. Availability measure

Answer: A

Explanation:
Explanation/Reference:

NEW QUESTION # 47
The consultants at Smith Consultants Inc. work on laptops that are protected by asymmetrical cryptography. To keep the management of the keys cheap, all consultants use the same key pair. What is the companys risk if they operate in this manner?

• A. If the private key becomes known all laptops must be supplied with new keys.
• B. If the Public Key Infrastructure (PKI) becomes known all laptops must be supplied with new keys.
• C. If the public key becomes known all laptops must be supplied with new keys.

Answer: A

NEW QUESTION # 48
What do employees need to know to report a security incident?

• A. Whether the incident has occurred before and what was the resulting damage.
• B. Who is responsible for the incident and whether it was intentional.
• C. The measures that should have been taken to prevent the incident in the first place.
• D. How to report an incident and to whom.

Answer: D

NEW QUESTION # 49
......

EXIN ISFS Study Guide Archives : https://www.dumpexams.com/ISFS-real-answers.html

Pass ISFS Exam Latest Practice Questions: https://drive.google.com/open?id=1PiJkvLBZT58ANtq8aX1Kz2tvB4l8a0YR