EXIN Information Security Foundation based on ISO/IEC 27002 exam ISFS Dumps in PDF

Free EXIN ISFS Real Questions (page: 2)

You work for a large organization. You notice that you have access to confidential information that you should not be able to access in your position. You report this security incident to the helpdesk. The incident cycle isinitiated. What are the stages of the security incident cycle?

  1. Threat, Damage, Incident, Recovery
  2. Threat, Damage, Recovery, Incident
  3. Threat, Incident, Damage, Recovery
  4. Threat, Recovery, Incident, Damage

Answer(s): C



Your organization has an office with space for 25 workstations. These workstations are all fully equipped and in use. Due to a reorganization 10 extra workstations are added, 5 of which are used for a call centre 24 hours per day. Five workstations must always be available. What physical security measures must be taken in order to ensure this?

  1. Obtain an extra office and set up 10 workstations. You would therefore have spare equipment that can be used to replace any non-functioning equipment.
  2. Obtain an extra office and set up 10 workstations. Ensure that there are security personnel both in the evenings and at night, so that staff can work there safely and securely.
  3. Obtain an extra office and connect all 10 new workstations to an emergency power supply and UPS (Uninterruptible Power Supply). Adjust the access control system to the working hours of the new staff. Inform the building security personnel that work will also be carried out in the evenings and at night.
  4. Obtain an extra office and provide a UPS (Uninterruptible Power Supply) for the five most important workstations.

Answer(s): C



Which of the following measures is a preventive measure?

  1. Installing a logging system that enables changes in a system to be recognized
  2. Shutting down all internet traffic after a hacker has gained access to the company systems
  3. Putting sensitive information in a safe
  4. Classifying a risk as acceptable because the cost of addressing the threat is higher than the value of the information at risk

Answer(s): C



What is a risk analysis used for?

  1. A risk analysis is used to express the value of information for an organization in monetary terms.
  2. A risk analysis is used to clarify to management their responsibilities.
  3. A risk analysis is used in conjunction with security measures to reduce risks to an acceptable level.
  4. A risk analysis is used to ensure that security measures are deployed in a cost-effective and timely fashion.

Answer(s): D



A well executed risk analysis provides a great deal of useful information. A risk analysis has four
main objectives. What is not one of the four main objectives of a risk analysis?

  1. Identifying assets and their value
  2. Determining the costs of threats
  3. Establishing a balance between the costs of an incident and the costs of a security measure
  4. Determining relevant vulnerabilities and threats

Answer(s): B



What is an example of a security incident?

  1. The lighting in the department no longer works.
  2. A member of staff loses a laptop.
  3. You cannot set the correct fonts in your word processing software.
  4. A file is saved under an incorrect name.

Answer(s): B



Which of the following measures is a corrective measure?

  1. Incorporating an Intrusion Detection System (IDS) in the design of a computer centre
  2. Installing a virus scanner in an information system
  3. Making a backup of the data that has been created or altered that day
  4. Restoring a backup of the correct database after a corrupt copy of the database was written over the original

Answer(s): D



We can acquire and supply information in various ways. The value of the information depends on whether it is reliable. What are the reliability aspects of information?

  1. Availability, Information Value and Confidentiality
  2. Availability, Integrity and Confidentiality
  3. Availability, Integrity and Completeness
  4. Timeliness, Accuracy and Completeness

Answer(s): B



Share your comments for EXIN ISFS exam with other users:

G
Giri
9/13/2023 10:31:00 PM

can you please provide dumps so that it helps me more

A
Aaron
2/8/2023 12:10:00 AM

thank you for providing me with the updated question and answers. this version has all the questions from the exam. i just saw them in my exam this morning. i passed my exam today.

S
Sarwar
12/21/2023 4:54:00 PM

how i can see exam questions?

C
Chengchaone
9/11/2023 10:22:00 AM

can you please upload please?

M
Mouli
9/2/2023 7:02:00 AM

question 75: option c is correct answer

J
JugHead
9/27/2023 2:40:00 PM

please add this exam

S
sushant
6/28/2023 4:38:00 AM

please upoad

J
John
8/7/2023 12:09:00 AM

has anyone recently attended safe 6.0 certification? is it the samq question from here.

B
Blessious Phiri
8/14/2023 3:49:00 PM

expository experience

C
concerned citizen
12/29/2023 11:31:00 AM

52 should be b&c. controller failure has nothing to do with this type of issue. degraded state tells us its a raid issue, and if the os is missing then the bootable device isnt found. the only other consideration could be data loss but thats somewhat broad whereas b&c show understanding of the specific issues the question is asking about.

D
deedee
12/23/2023 5:10:00 PM

great help!!!

S
Samir
8/1/2023 3:07:00 PM

very useful tools

S
Saeed
11/7/2023 3:14:00 AM

looks a good platform to prepare az-104

M
Matiullah
6/24/2023 7:37:00 AM

want to pass the exam

S
SN
9/5/2023 2:25:00 PM

good resource

Z
Zoubeyr
9/8/2023 5:56:00 AM

question 11 : d

U
User
8/29/2023 3:24:00 AM

only the free dumps will be enough for pass, or have to purchase the premium one. please suggest.

C
CW
7/6/2023 7:37:00 PM

good questions. thanks.

F
Farooqi
11/21/2023 1:37:00 AM

good for practice.

I
Isaac
10/28/2023 2:30:00 PM

great case study

M
Malviya
2/3/2023 9:10:00 AM

the questions in this exam dumps is valid. i passed my test last monday. i only whish they had their pricing in inr instead of usd. but it is still worth it.

R
rsmyth
5/18/2023 12:44:00 PM

q40 the answer is not d, why are you giving incorrect answers? snapshot consolidation is used to merge the snapshot delta disk files to the vm base disk

K
Keny
6/23/2023 9:00:00 PM

thanks, very relevant

M
Muhammad Rawish Siddiqui
11/29/2023 12:14:00 PM

wrong answer. it is true not false.

J
Josh
7/10/2023 1:54:00 PM

please i need the mo-100 questions

V
VINNY
6/2/2023 11:59:00 AM

very good use full

A
Andy
12/6/2023 5:56:00 AM

very valid questions

M
Mamo
8/12/2023 7:46:00 AM

will these question help me to clear pl-300 exam?

M
Marial Manyang
7/26/2023 10:13:00 AM

please provide me with these dumps questions. thanks

A
Amel Mhamdi
12/16/2022 10:10:00 AM

in the pdf downloaded is write google cloud database engineer i think that it isnt the correct exam

A
Angel
8/30/2023 10:58:00 PM

i think you have the answers wrong regarding question: "what are three core principles of web content accessibility guidelines (wcag)? answer: robust, operable, understandable

S
SH
5/16/2023 1:43:00 PM

these questions are not valid , they dont come for the exam now

S
sudhagar
9/6/2023 3:02:00 PM

question looks valid

V
Van
11/24/2023 4:02:00 AM

good for practice

AI Tutor 👋 I’m here to help!