• Home
  • Articles
  • Pass Your ISMP Exam Easily - Real ISMP Practice Dump Updated Nov 03, 2021 [Q11-Q29]

Pass Your ISMP Exam Easily - Real ISMP Practice Dump Updated Nov 03, 2021 [Q11-Q29]

Share

Pass Your ISMP Exam Easily - Real ISMP Practice Dump Updated Nov 03, 2021

2021 Realistic Verified Free EXIN ISMP Exam Questions 

NEW QUESTION 11
The security manager of a global company has decided that a risk assessment needs to be completed across the company.
What is the primary objective of the risk assessment?

  • A. Identify, quantify and prioritize risks against criteria for risk acceptance
  • B. Identify, quantify and prioritize which controls are going to be used to mitigate risk
  • C. Identify, quantify and prioritize the scope of this risk assessment
  • D. Identify, quantify and prioritize each of the business-critical assets residing on the corporate infrastructure

Answer: A

 

NEW QUESTION 12
An experienced security manager is well aware of the risks related to communication over the internet. She also knows that Public Key Infrastructure (PKI) can be used to keep e-mails between employees confidential.
Which is the main risk of PKI?

  • A. The Certificate Authority (CA) is hacked.
  • B. The users lose their public keys.
  • C. The HR department wants to be a Registration Authority (RA).
  • D. The certificate is invalid because it is on a Certificate Revocation List.

Answer: A

 

NEW QUESTION 13
A risk manager is asked to perform a complete risk assessment for a company.
What is the best method to identify most of the threats to the company?

  • A. Send a checklist for threat identification to all staff involved in information security
  • B. Have a brainstorm with representatives of all stakeholders
  • C. Interview top management

Answer: B

 

NEW QUESTION 14
The Board of Directors of an organization is accountable for obtaining adequate assurance.
Who should be responsible for coordinating the information security awareness campaigns?

  • A. The security manager
  • B. The Board of Directors
  • C. The user
  • D. The operational manager

Answer: A

 

NEW QUESTION 15
The ambition of the security manager is to certify the organization against ISO/IEC 27001.
What is an activity in the certification program?

  • A. Implement the security baselines in Secure Systems Development Life Cycle (SecSDLC)
  • B. Formulate the security requirements in the outsourcing contracts
  • C. Produce a Statement of Applicability based on risk assessments
  • D. Perform a risk assessment of the secure internet connectivity architecture of the datacenter

Answer: C

 

NEW QUESTION 16
When is revision of an employee's access rights mandatory?

  • A. At hire
  • B. At least each year
  • C. At all moments stated in the information security policy
  • D. After any position change

Answer: C

 

NEW QUESTION 17
In a company a personalized smart card is used for both physical and logical access control.
What is the main purpose of the person's picture on the smart card?

  • A. To authorize the owner of the card
  • B. To verify the iris of the card owner
  • C. To identify the role of the card owner
  • D. To authenticate the owner of the card

Answer: D

 

NEW QUESTION 18
A security architect argues with the internal fire prevention team about the statement in the information security policy, that doors to confidential areas should be locked at all times. The emergency response team wants to access to those areas in case of fire.
What is the best solution to this dilemma?

  • A. The doors will automatically open in case of fire.
  • B. The security architect will be informed when there is a fire.
  • C. The doors should stay closed in case of fire to prevent access to confidential areas.

Answer: A

 

NEW QUESTION 19
What is a risk treatment strategy?

  • A. Software installation
  • B. Mobile updates
  • C. Risk acceptance
  • D. Risk exclusion

Answer: C

 

NEW QUESTION 20
A company's webshop offers prospects and customers the possibility to search the catalog and place orders around the clock. In order to satisfy the needs of both customer and business several requirements have to be met. One of the criteria is data classification.
What is the most important classification aspect of the unit price of an object in a 24h webshop?

  • A. Confidentiality
  • B. Availability
  • C. Integrity

Answer: B

 

NEW QUESTION 21
What needs to be decided prior to considering the treatment of risks?

  • A. Mitigation plans
  • B. Criteria for determining whether or not the risk can be accepted
  • C. How to apply appropriate controls to reduce the risks
  • D. The development of own guidelines

Answer: B

 

NEW QUESTION 22
Zoning is a security control to separate physical areas with different security levels. Zones with higher security levels can be secured by more controls. The facility manager of a conference center is responsible for security.
What combination of business functions should be combined into one security zone?

  • A. Lobby and public restaurant
  • B. Computer room and storage facility
  • C. Meeting rooms and Human Resource rooms
  • D. Boardroom and general office space

Answer: A

 

NEW QUESTION 23
......

ISMP Real Exam Questions and Answers FREE: https://www.pass4guide.com/ISMP-exam-guide-torrent.html

Related Articles

more
EXIN ISMP Certification Practice Exam