Exin Information Security Foundation ISO/IEC Exam Practice Test

What action is an unintentional human threat?

Three characteristics determine the reliability of information. Which characteristics are these?

You are the owner of the courier company SpeeDelivery. You have carried out a risk analysis and

now want to determine your risk strategy. You decide to take measures for the large risks but not

for the small risks. What is this risk strategy called?

You have an office that designs corporate logos. You have been working on a draft for a large

client. Just as you are going to press the button, the screen goes blank. The hard disk is

damaged and cannot be repaired. You find an early version of the design in your mail folder and

you reproduce the draft for the customer. What is such a measure called?

A company moves into a new building. A few weeks after the move, a visitor appears unannounced in the office of the director. An investigation shows that visitors passes grant the same access as the passes of the companys staff. Which kind of security measure could have prevented this?

The Information Security Manager (ISM) at Smith Consultants Inc. introduces the following

measures to assure information security:

- The security requirements for the network are specified.

- A test environment is set up for the purpose of testing reports coming from the database.

- The various employee functions are assigned corresponding access rights.

- RFID access passes are introduced for the building.

Which one of these measures is not a technical measure?

What is the goal of an organization's security policy?