← Back to exam page

ISFS Information Security Foundation (based on ISO/IEC 27002) (EX0-105)

Loading demo links...

Showing 1–3 of 10 questions

Question 1

Why do organizations have an information security policy?

Select an option, then click Submit answer.

  • In order to demonstrate the operation of the Plan-Do-Check-Act cycle within an organization.

  • In order to ensure that staff do not break any laws.

  • In order to give direction to how information security is set up within an organization.

  • In order to ensure that everyone knows who is responsible for carrying out the backup procedures.

Question 2

You work for a large organization. You notice that you have access to confidential information that you should not be able to access in your position. You report this security incident to the helpdesk. The incident cycle isinitiated. What are the stages of the security incident cycle?

Select an option, then click Submit answer.

  • Threat, Damage, Incident, Recovery

  • Threat, Damage, Recovery, Incident

  • Threat, Incident, Damage, Recovery

  • Threat, Recovery, Incident, Damage

Question 3

What is the goal of an organization's security policy?

Select an option, then click Submit answer.

  • To provide direction and support to information security

  • To define all threats to and measures for ensuring information security

  • To document all incidents that threaten the reliability of information

  • To document all procedures required to maintain information security