Exin ISFS ISO/IEC Exam Questions Instant Access

Question 1

Three characteristics determine the reliability of information. Which characteristics are these?

AAvailability, Integrity and Correctness

BAvailability, Integrity and Confidentiality

CAvailability, Nonrepudiation and Confidentiality

Answer : B

Question 2

What is the most important reason for applying segregation of duties?

ASegregation of duties makes it clear who is responsible for what.

BSegregation of duties ensures that, when a person is absent, it can be investigated whether he
or she has been committing fraud.

CTasks and responsibilities must be separated in order to minimize the opportunities for
business assets to be misused or changed, whether the change be unauthorized or
unintentional.

DSegregation of duties makes it easier for a person who is ready with his or her part of the work
to take time off or to take over the work of another person.

Answer : C

Question 3

A Dutch company requests to be listed on the American Stock Exchange. Which legislation within

the scope of information security is relevant in this case?

APublic Records Act

BDutch Tax Law

CSarbanes-Oxley Act

DSecurity regulations for the Dutch government

Answer : C

Question 4

An airline company employee notices that she has access to one of the company's applications

that she has not used before. Is this an information security incident?

AYes

BNo

Answer : B

Question 5

What is the best description of a risk analysis?

AA risk analysis is a method of mapping risks without looking at company processes.

BA risk analysis helps to estimate the risks and develop the appropriate security measures.

CA risk analysis calculates the exact financial consequences of damages.

Answer : B

Question 6

What action is an unintentional human threat?

AArson

BTheft of a laptop

CSocial engineering

DIncorrect use of fire extinguishing equipment

Answer : D

Question 7

What do employees need to know to report a security incident?

AHow to report an incident and to whom.

BWhether the incident has occurred before and what was the resulting damage.

CThe measures that should have been taken to prevent the incident in the first place.

DWho is responsible for the incident and whether it was intentional.

Answer : A

Exin Information Security Foundation ISFS ISO/IEC Exam Questions