• Home
  • Articles
  • EXIN ISMP Exam Dumps - PDF Questions and Testing Engine [Q10-Q32]

EXIN ISMP Exam Dumps - PDF Questions and Testing Engine [Q10-Q32]

Share

EXIN ISMP Exam Dumps - PDF Questions and Testing Engine

Latest ISMP Exam Dumps for Pass Guaranteed

NEW QUESTION 10
The information security manager is writing the Information Security Management System (ISMS) documentation. The controls that are to be implemented must be described in one of the phases of the Plan-Do- Check-Act (PDCA) cycle of the ISMS.
In which phase should these controls be described?

  • A. Act
  • B. Do
  • C. Plan
  • D. Check

Answer: C

 

NEW QUESTION 11
Who should be asked to check compliance with the information security policy throughout the company?

  • A. Internal audit department
  • B. The same company that checks the yearly financial statement
  • C. External forensics investigators

Answer: C

 

NEW QUESTION 12
Recovery Time Objective (RTO) and Recovery Point Objective (RPO) are key terms in business continuity management (BCM). Reducing loss of data is one of the focus areas of a BCM policy.
What requirement is in the data recovery policy to realize minimal data loss?

  • A. Reduce the time between RTO and RPO
  • B. Maximize RPO
  • C. Reduce RTO
  • D. Reduce RPO

Answer: D

 

NEW QUESTION 13
In a company a personalized smart card is used for both physical and logical access control.
What is the main purpose of the person's picture on the smart card?

  • A. To authorize the owner of the card
  • B. To verify the iris of the card owner
  • C. To identify the role of the card owner
  • D. To authenticate the owner of the card

Answer: D

 

NEW QUESTION 14
When should information security controls be considered?

  • A. During the risk assessment work
  • B. After the risk assessment
  • C. As part of the scoping meeting
  • D. At the kick-off meeting

Answer: B

 

NEW QUESTION 15
The security manager of a global company has decided that a risk assessment needs to be completed across the company.
What is the primary objective of the risk assessment?

  • A. Identify, quantify and prioritize risks against criteria for risk acceptance
  • B. Identify, quantify and prioritize which controls are going to be used to mitigate risk
  • C. Identify, quantify and prioritize the scope of this risk assessment
  • D. Identify, quantify and prioritize each of the business-critical assets residing on the corporate infrastructure

Answer: A

 

NEW QUESTION 16
What is a risk treatment strategy?

  • A. Software installation
  • B. Mobile updates
  • C. Risk acceptance
  • D. Risk exclusion

Answer: C

 

NEW QUESTION 17
The Board of Directors of an organization is accountable for obtaining adequate assurance.
Who should be responsible for coordinating the information security awareness campaigns?

  • A. The security manager
  • B. The Board of Directors
  • C. The user
  • D. The operational manager

Answer: A

 

NEW QUESTION 18
A security architect argues with the internal fire prevention team about the statement in the information security policy, that doors to confidential areas should be locked at all times. The emergency response team wants to access to those areas in case of fire.
What is the best solution to this dilemma?

  • A. The doors will automatically open in case of fire.
  • B. The security architect will be informed when there is a fire.
  • C. The doors should stay closed in case of fire to prevent access to confidential areas.

Answer: A

 

NEW QUESTION 19
What is the best way to start setting the information security controls?

  • A. Resort back to the default factory standards
  • B. Use a standard security baseline
  • C. Implement the security measures as prescribed by a risk analysis tool

Answer: B

 

NEW QUESTION 20
Security monitoring is an important control measure to make sure that the required security level is maintained. In order to realize 24/7 availability of the service, this service is outsourced to a partner in the cloud.
What should be an important control in the contract?

  • A. Your IT auditor has the right to audit the external party's service management processes.
  • B. The network communication channel is secured by using encryption.
  • C. The third party is certified against ISO/IEC 27001.
  • D. The third party is certified for adhering to privacy protection controls.

Answer: A

 

NEW QUESTION 21
What is a key item that must be kept in mind when designing an enterprise-wide information security program?

  • A. Determine controls in the light of specific risks an organization is facing
  • B. Put an incident management and log file analysis program in place immediately
  • C. Put an enterprise-wide network and Host-Based Intrusion Detection and Prevention System (Host-Based IDPS) into place as soon as possible
  • D. When defining controls follow an approach and framework that is consistent with organizational culture

Answer: A

 

NEW QUESTION 22
......

Reliable Information Security Management ISMP Dumps PDF Dec 20, 2021 Recently Updated Questions: https://www.prep4sureexam.com/ISMP-dumps-torrent.html

Related Articles

more
EXIN ISMP Certification Practice Exam

Copyright © 2026 Prep4sureExam NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy