• Home
  • Blogs
  • [Q11-Q32] Use the best ways of preparing for ISMP Exam Dumps with TestKingsIT EXIN ISMP PDF Dumps [2021]

[Q11-Q32] Use the best ways of preparing for ISMP Exam Dumps with TestKingsIT EXIN ISMP PDF Dumps [2021]

Share

Use the best ways of preparing for ISMP Exam Dumps with TestKingsIT EXIN ISMP dump PDF [2021]

EXIN ISMP exam candidates will surely pass the Exam if they consider the ISMP dumps learning material presented by TestKingsIT.

NEW QUESTION 11
When should information security controls be considered?

  • A. As part of the scoping meeting
  • B. During the risk assessment work
  • C. At the kick-off meeting
  • D. After the risk assessment

Answer: D

 

NEW QUESTION 12
Which security item is designed to take collections of data from multiple computers?

  • A. Network-Based Intrusion Detection and Prevention System (Network-Based IDPS)
  • B. Host-Based Intrusion Detection and Prevention System (Host-Based IDPS)
  • C. Firewall
  • D. Virtual Private Network (VPN)

Answer: A

 

NEW QUESTION 13
In a company a personalized smart card is used for both physical and logical access control.
What is the main purpose of the person's picture on the smart card?

  • A. To authorize the owner of the card
  • B. To identify the role of the card owner
  • C. To authenticate the owner of the card
  • D. To verify the iris of the card owner

Answer: C

 

NEW QUESTION 14
A risk manager is asked to perform a complete risk assessment for a company.
What is the best method to identify most of the threats to the company?

  • A. Interview top management
  • B. Have a brainstorm with representatives of all stakeholders
  • C. Send a checklist for threat identification to all staff involved in information security

Answer: B

 

NEW QUESTION 15
What needs to be decided prior to considering the treatment of risks?

  • A. How to apply appropriate controls to reduce the risks
  • B. Mitigation plans
  • C. The development of own guidelines
  • D. Criteria for determining whether or not the risk can be accepted

Answer: D

 

NEW QUESTION 16
Who should be asked to check compliance with the information security policy throughout the company?

  • A. Internal audit department
  • B. External forensics investigators
  • C. The same company that checks the yearly financial statement

Answer: B

 

NEW QUESTION 17
It is important that an organization is able to prove compliance with information standards and legislation. One of the most important areas is documentation concerning access management. This process contains a number of activities including granting rights, monitoring identity status, logging, tracking access and removing rights. Part of these controls are audit trail records which may be used as evidence for both internal and external audits.
What component of the audit trail is the most important for an external auditor?

  • A. Log review, consolidation and management
  • B. Access criteria and access control mechanisms
  • C. System-specific policies for business systems

Answer: B

 

NEW QUESTION 18
What is the best way to start setting the information security controls?

  • A. Implement the security measures as prescribed by a risk analysis tool
  • B. Use a standard security baseline
  • C. Resort back to the default factory standards

Answer: B

 

NEW QUESTION 19
A security architect argues with the internal fire prevention team about the statement in the information security policy, that doors to confidential areas should be locked at all times. The emergency response team wants to access to those areas in case of fire.
What is the best solution to this dilemma?

  • A. The security architect will be informed when there is a fire.
  • B. The doors should stay closed in case of fire to prevent access to confidential areas.
  • C. The doors will automatically open in case of fire.

Answer: C

 

NEW QUESTION 20
The information security architect of a large service provider advocates an open design of the security architecture, as opposed to a secret design.
What is her main argument for this choice?

  • A. Open designs are tested extensively.
  • B. Open designs are easily configured.
  • C. Open designs have more functionality.

Answer: A

 

NEW QUESTION 21
The ambition of the security manager is to certify the organization against ISO/IEC 27001.
What is an activity in the certification program?

  • A. Perform a risk assessment of the secure internet connectivity architecture of the datacenter
  • B. Produce a Statement of Applicability based on risk assessments
  • C. Formulate the security requirements in the outsourcing contracts
  • D. Implement the security baselines in Secure Systems Development Life Cycle (SecSDLC)

Answer: B

 

NEW QUESTION 22
In a company the IT strategy is migrating towards a Service Oriented Architecture (SOA) so that migrating to the cloud is better feasible in the future. The security architect is asked to make a first draft of the security architecture.
Which elements should the security architect draft?

  • A. Management and control of the security services
  • B. The information security policy, the risk assessment and the controls in the security services
  • C. Which security services are provided and in which supporting architectures are they defined

Answer: C

 

NEW QUESTION 23
......

Accurate & Verified Answers As Seen in the Real Exam here: https://www.testkingit.com/EXIN/latest-ISMP-exam-dumps.html

Related Blogs

more
EXIN ISMP Certification Practice Exam