• Home
  • Articles
  • ISMP Practice Exam Tests Latest Updated on Jan-2022 [Q18-Q41]

ISMP Practice Exam Tests Latest Updated on Jan-2022 [Q18-Q41]

Share

ISMP Practice Exam Tests Latest Updated on Jan-2022

Pass ISMP Exam in First Attempt Guaranteed Dumps!

NEW QUESTION 18
A security architect argues with the internal fire prevention team about the statement in the information security policy, that doors to confidential areas should be locked at all times. The emergency response team wants to access to those areas in case of fire.
What is the best solution to this dilemma?

  • A. The doors will automatically open in case of fire.
  • B. The doors should stay closed in case of fire to prevent access to confidential areas.
  • C. The security architect will be informed when there is a fire.

Answer: A

 

NEW QUESTION 19
An information security officer is asked to write a retention policy for a financial system. She is aware of the fact that some data must be kept for a long time and other data must be deleted.
Where should she look for guidelines first?

  • A. In finance management procedures
  • B. In legislation
  • C. In company policies

Answer: B

 

NEW QUESTION 20
A security manager just finished the final copy of a risk assessment. This assessment contains a list of identified risks and she has to determine how to treat these risks.
What is the best option for the treatment of risks?

  • A. Remediate the risk regardless of cost
  • B. Begin risk remediation immediately as the organization is currently at risk
  • C. Decide the criteria for determining if the risk can be accepted
  • D. Design appropriate controls to reduce the risk

Answer: C

 

NEW QUESTION 21
Zoning is a security control to separate physical areas with different security levels. Zones with higher security levels can be secured by more controls. The facility manager of a conference center is responsible for security.
What combination of business functions should be combined into one security zone?

  • A. Boardroom and general office space
  • B. Lobby and public restaurant
  • C. Meeting rooms and Human Resource rooms
  • D. Computer room and storage facility

Answer: B

 

NEW QUESTION 22
Recovery Time Objective (RTO) and Recovery Point Objective (RPO) are key terms in business continuity management (BCM). Reducing loss of data is one of the focus areas of a BCM policy.
What requirement is in the data recovery policy to realize minimal data loss?

  • A. Maximize RPO
  • B. Reduce the time between RTO and RPO
  • C. Reduce RTO
  • D. Reduce RPO

Answer: D

 

NEW QUESTION 23
The ambition of the security manager is to certify the organization against ISO/IEC 27001.
What is an activity in the certification program?

  • A. Perform a risk assessment of the secure internet connectivity architecture of the datacenter
  • B. Produce a Statement of Applicability based on risk assessments
  • C. Formulate the security requirements in the outsourcing contracts
  • D. Implement the security baselines in Secure Systems Development Life Cycle (SecSDLC)

Answer: B

 

NEW QUESTION 24
In a company a personalized smart card is used for both physical and logical access control.
What is the main purpose of the person's picture on the smart card?

  • A. To authorize the owner of the card
  • B. To identify the role of the card owner
  • C. To verify the iris of the card owner
  • D. To authenticate the owner of the card

Answer: D

 

NEW QUESTION 25
Which security item is designed to take collections of data from multiple computers?

  • A. Virtual Private Network (VPN)
  • B. Firewall
  • C. Host-Based Intrusion Detection and Prevention System (Host-Based IDPS)
  • D. Network-Based Intrusion Detection and Prevention System (Network-Based IDPS)

Answer: D

 

NEW QUESTION 26
Security monitoring is an important control measure to make sure that the required security level is maintained. In order to realize 24/7 availability of the service, this service is outsourced to a partner in the cloud.
What should be an important control in the contract?

  • A. The third party is certified for adhering to privacy protection controls.
  • B. Your IT auditor has the right to audit the external party's service management processes.
  • C. The third party is certified against ISO/IEC 27001.
  • D. The network communication channel is secured by using encryption.

Answer: B

 

NEW QUESTION 27
A security manager for a large company has the task to achieve physical protection for corporate data stores.
Through which control can physical protection be achieved?

  • A. Using access control lists to prevent logical access to organizational infrastructure
  • B. Using key access controls for employees needing access
  • C. Using a firewall to prevent access to the network infrastructure
  • D. Having visitors sign in and out of the corporate datacenter

Answer: B

 

NEW QUESTION 28
What needs to be decided prior to considering the treatment of risks?

  • A. Criteria for determining whether or not the risk can be accepted
  • B. The development of own guidelines
  • C. How to apply appropriate controls to reduce the risks
  • D. Mitigation plans

Answer: A

 

NEW QUESTION 29
What is the main reason to use a firewall to separate two parts of your internal network?

  • A. To decrease network loads
  • B. To control traffic intensity between two network segments
  • C. To separate areas with different confidentiality requirements
  • D. To enable the installation of an Intrusion Detection System

Answer: C

 

NEW QUESTION 30
......

Information Security Management  Free Certification Exam Material from PracticeVCE with 31 Questions: https://www.practicevce.com/EXIN/ISMP-practice-exam-dumps.html

Related Articles

more
EXIN ISMP Certification Practice Exam