ISFS ISFS ISFS www.it-pruefungen.ch
Prüfungsnummer : ISFS
Prüfungsname:Information Security Foundation based on ISO/IEC 27002
Version : Demo
1.What physical security measure is necessary to control access to company information?
A. Air-conditioning
B. Username and password
C. The use of break-resistant glass and doors with the right locks, frames and hinges
D. Prohibiting the use of USB sticks
Answer: C
ISFS ISFS ISFS www.it-pruefungen.ch
2.Why do organizations have an information security policy?
A. In order to demonstrate the operation of the Plan-Do-Check-Act cycle within an organization.
B. In order to ensure that staff do not break any laws.
C. In order to give direction to how information security is set up within an organization.
D. In order to ensure that everyone knows who is responsible for carrying out the backup procedures.
Answer: C
ISFS ISFS ISFS www.it-pruefungen.ch
3.You work in the IT department of a medium-sized company. Confidential information has got into the wrong hands several times. This has hurt the image of the company. You have been asked to propose organizational security measures for laptops at your company. What is the first step that you should take?
A. Formulate a policy regarding mobile media (PDAs, laptops, smartphones, USB sticks)
B. Appoint security personnel
C. Encrypt the hard drives of laptops and USB sticks
D. Set up an access control policy
Answer: A
