Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. BCS
  3. CISMP-V9

BCS CISMP-V9 Exam (page: 3)
BCS Foundation Certificate in Information Security Management Principles V9.0
Updated on: 12-Feb-2026

Viewing Page 3 of 21
CISMP-V9 PDF 100 Questions

Which term describes a vulnerability that is unknown and therefore has no mitigating control which is immediately and generally available?

  1. Advanced Persistent Threat.
  2. Trojan.
  3. Stealthware.
  4. Zero-day.

Answer(s): D


Reference:

https://en.wikipedia.org/wiki/Zero-day_(computing)



Which of the following is MOST LIKELY to be described as a consequential loss?

  1. Reputation damage.
  2. Monetary theft.
  3. Service disruption.
  4. Processing errors.

Answer(s): A



Which of the following is considered to be the GREATEST risk to information systems that results from deploying end-to-end Internet of Things (IoT) solutions?

  1. Use of 'cheap" microcontroller based sensors.
  2. Much larger attack surface than traditional IT systems.
  3. Use of proprietary networking protocols between nodes.
  4. Use of cloud based systems to collect loT data.

Answer(s): D



Which of the following is NOT an information security specific vulnerability?

  1. Use of HTTP based Apache web server.
  2. Unpatched Windows operating system.
  3. Confidential data stored in a fire safe.
  4. Use of an unlocked filing cabinet.

Answer(s): A



What Is the PRIMARY security concern associated with the practice known as Bring Your Own Device (BYOD) that might affect a large organisation?

  1. Most BYOD involves the use of non-Windows hardware which is intrinsically insecure and open to abuse.
  2. The organisation has significantly less control over the device than over a corporately provided and managed device.
  3. Privately owned end user devices are not provided with the same volume nor frequency of security patch updates as a corporation.
  4. Under GDPR it is illegal for an individual to use a personal device when handling personal information under corporate control.

Answer(s): A



Viewing Page 3 of 21



Share your comments for BCS CISMP-V9 exam with other users:

sarra 1/17/2024 3:44:00 AM

the aaa triad in information security is authentication, accounting and authorisation so the answer should be d 1, 3 and 5.
UNITED KINGDOM