Labour Day Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Certensure Logo
  1. Home
  2. Exin
  3. EXIN Information Security Management ISO/IEC 27001
  4. ISMP - Information Security Management Professional based on ISO/IEC 27001

Exin ISMP Information Security Management Professional based on ISO/IEC 27001 Exam Practice Test

Demo: 4 questions
Total 30 questions
Get ISMP Full Access Download ISMP PDF

Information Security Management Professional based on ISO/IEC 27001 Questions and Answers

Question 1

A security manager for a large company has the task to achieve physical protection for corporate data stores.

Through which control can physical protection be achieved?

Options:

A.

Having visitors sign in and out of the corporate datacenter

B.

Using a firewall to prevent access to the network infrastructure

C.

Using access control lists to prevent logical access to organizational infrastructure

D.

Using key access controls for employees needing access

Question 2

Security monitoring is an important control measure to make surethat the required security level is maintained. In order to realize 24/7 availability of the service, this service is outsourced to a partner in the cloud.

What should be an important control in the contract?

Options:

A.

The network communication channel is securedby using encryption.

B.

The third party is certified against ISO/IEC 27001.

C.

The third party is certified for adhering to privacy protection controls.

D.

Your IT auditor has the right to audit the external party's service management processes.

Question 3

The security manager of a global company has decided that a risk assessment needs to be completed across the company.

What is the primary objective of the risk assessment?

Options:

A.

Identify, quantify and prioritize each of thebusiness-critical assets residing on the corporate infrastructure

B.

Identify, quantify and prioritize risks against criteria for risk acceptance

C.

Identify, quantify and prioritize the scope of this risk assessment

D.

Identify, quantify and prioritize which controls are going to be used to mitigate risk

Question 4

A risk manager is asked to perform a complete risk assessment for a company.

What is the best method to identify most of the threats to the company?

Options:

A.

Have a brainstorm with representatives of all stakeholders

B.

Interview top management

C.

Send a checklist for threat identification to all staff involved in information security

Load More ISMP Questions
Demo: 4 questions
Total 30 questions
Get ISMP Full Access Download ISMP PDF