• Home
  • Articles
  • [Oct 26, 2021] ISMP Ultimate Study Guide - DumpExam [Q12-Q27]

[Oct 26, 2021] ISMP Ultimate Study Guide - DumpExam [Q12-Q27]

Share

[Oct 26, 2021] ISMP Ultimate Study Guide -  DumpExam

Ultimate Guide to Prepare ISMP Certification Exam for Information Security Management in 2021

NEW QUESTION 12
The information security architect of a large service provider advocates an open design of the security architecture, as opposed to a secret design.
What is her main argument for this choice?

  • A. Open designs are tested extensively.
  • B. Open designs have more functionality.
  • C. Open designs are easily configured.

Answer: A

 

NEW QUESTION 13
A security architect argues with the internal fire prevention team about the statement in the information security policy, that doors to confidential areas should be locked at all times. The emergency response team wants to access to those areas in case of fire.
What is the best solution to this dilemma?

  • A. The doors will automatically open in case of fire.
  • B. The doors should stay closed in case of fire to prevent access to confidential areas.
  • C. The security architect will be informed when there is a fire.

Answer: A

 

NEW QUESTION 14
The ambition of the security manager is to certify the organization against ISO/IEC 27001.
What is an activity in the certification program?

  • A. Perform a risk assessment of the secure internet connectivity architecture of the datacenter
  • B. Produce a Statement of Applicability based on risk assessments
  • C. Formulate the security requirements in the outsourcing contracts
  • D. Implement the security baselines in Secure Systems Development Life Cycle (SecSDLC)

Answer: B

 

NEW QUESTION 15
An information security officer is asked to write a retention policy for a financial system. She is aware of the fact that some data must be kept for a long time and other data must be deleted.
Where should she look for guidelines first?

  • A. In finance management procedures
  • B. In legislation
  • C. In company policies

Answer: B

 

NEW QUESTION 16
Zoning is a security control to separate physical areas with different security levels. Zones with higher security levels can be secured by more controls. The facility manager of a conference center is responsible for security.
What combination of business functions should be combined into one security zone?

  • A. Boardroom and general office space
  • B. Lobby and public restaurant
  • C. Meeting rooms and Human Resource rooms
  • D. Computer room and storage facility

Answer: B

 

NEW QUESTION 17
A risk manager is asked to perform a complete risk assessment for a company.
What is the best method to identify most of the threats to the company?

  • A. Send a checklist for threat identification to all staff involved in information security
  • B. Interview top management
  • C. Have a brainstorm with representatives of all stakeholders

Answer: C

 

NEW QUESTION 18
The Board of Directors of an organization is accountable for obtaining adequate assurance.
Who should be responsible for coordinating the information security awareness campaigns?

  • A. The operational manager
  • B. The Board of Directors
  • C. The security manager
  • D. The user

Answer: C

 

NEW QUESTION 19
Which security item is designed to take collections of data from multiple computers?

  • A. Virtual Private Network (VPN)
  • B. Firewall
  • C. Host-Based Intrusion Detection and Prevention System (Host-Based IDPS)
  • D. Network-Based Intrusion Detection and Prevention System (Network-Based IDPS)

Answer: D

 

NEW QUESTION 20
When is revision of an employee's access rights mandatory?

  • A. At all moments stated in the information security policy
  • B. After any position change
  • C. At hire
  • D. At least each year

Answer: A

 

NEW QUESTION 21
A company's webshop offers prospects and customers the possibility to search the catalog and place orders around the clock. In order to satisfy the needs of both customer and business several requirements have to be met. One of the criteria is data classification.
What is the most important classification aspect of the unit price of an object in a 24h webshop?

  • A. Confidentiality
  • B. Availability
  • C. Integrity

Answer: B

 

NEW QUESTION 22
What is a risk treatment strategy?

  • A. Risk acceptance
  • B. Software installation
  • C. Risk exclusion
  • D. Mobile updates

Answer: A

 

NEW QUESTION 23
It is important that an organization is able to prove compliance with information standards and legislation. One of the most important areas is documentation concerning access management. This process contains a number of activities including granting rights, monitoring identity status, logging, tracking access and removing rights. Part of these controls are audit trail records which may be used as evidence for both internal and external audits.
What component of the audit trail is the most important for an external auditor?

  • A. Access criteria and access control mechanisms
  • B. Log review, consolidation and management
  • C. System-specific policies for business systems

Answer: A

 

NEW QUESTION 24
......

Information Security Management Fundamentals-ISMP Exam-Practice-Dumps: https://www.dumpexam.com/ISMP-valid-torrent.html

Related Articles

more
EXIN ISMP Certification Practice Exam

DumpExam exam dump materials and dumps PDF will assist you pass certificate exams certainly. We guarantee your money safety and provide you worry-free shopping. Best exam dump, valid dumps PDF, accurate exam materials is here waiting for you.

Latest Exam Dump

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 DumpExam NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy