Amazon
Avaya
Checkpoint
Cisco®
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL®
Juniper
Microsoft
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. BCS
  3. CISMP-V9

BCS CISMP-V9 Exam (page: 2)
BCS Foundation Certificate in Information Security Management Principles V9.0
Updated on: 25-Dec-2025

Viewing Page 2 of 21
CISMP-V9 PDF 100 Questions

Which of the following types of organisation could be considered the MOST at risk from the theft of electronic based credit card data?

  1. Online retailer.
  2. Traditional market trader.
  3. Mail delivery business.
  4. Agricultural producer.

Answer(s): A

Explanation:

Online retailers often collect and store large amounts of credit card data from their customers, making them a more attractive target for cybercriminals looking to steal such data. Traditional market traders, mail delivery businesses, and agricultural producers are typically less likely to collect and store large amounts of electronic credit card data and therefore may be less at risk for this type of cybercrime.



Which types of organisations are likely to be the target of DDoS attacks?

  1. Cloud service providers.
  2. Any financial sector organisations.
  3. Online retail based organisations.
  4. Any organisation with an online presence.

Answer(s): D



In a security governance framework, which of the following publications would be at the HIGHEST level?

  1. Procedures.
  2. Standards
  3. Policy.
  4. Guidelines

Answer(s): A



Which of the following is LEASTLIKELY to be the result of a global pandemic impacting on information security?

  1. A large increase in remote workers operating in insecure premises.
  2. Additional physical security requirements at data centres and corporate headquarters.
  3. Increased demand on service desks as users need additional tools such as VPNs.
  4. An upsurge in activity by attackers seeking vulnerabilities caused by operational changes.

Answer(s): C



In order to maintain the currency of risk countermeasures, how often SHOULD an organisation review these risks?

  1. Once defined, they do not need reviewing.
  2. A maximum of once every other month.
  3. When the next risk audit is due.
  4. Risks remain under constant review.

Answer(s): D



Viewing Page 2 of 21



Share your comments for BCS CISMP-V9 exam with other users:

sarra 1/17/2024 3:44:00 AM

the aaa triad in information security is authentication, accounting and authorisation so the answer should be d 1, 3 and 5.
UNITED KINGDOM