← Back to exam page

ISFS Information Security Foundation (based on ISO/IEC 27002) (EX0-105)

Loading demo links...

Showing 7–9 of 10 questions

Question 7

Your company has to ensure that it meets the requirements set down in personal data protection

legislation. What is the first thing you should do?

Select an option, then click Submit answer.

  • Make the employees responsible for submitting their personal data.

  • Translate the personal data protection legislation into a privacy policy that is geared to the company and the contracts with the customers.

  • Appoint a person responsible for supporting managers in adhering to the policy.

  • Issue a ban on the provision of personal information.

Question 8

You are the first to arrive at work in the morning and notice that the CD ROM on which you saved

contracts yesterday has disappeared. You were the last to leave yesterday. When should you

report this information security incident?

Select an option, then click Submit answer.

  • This incident should be reported immediately.

  • You should first investigate this incident yourself and try to limit the damage.

  • You should wait a few days before reporting this incident. The CD ROM can still reappear and, in that case, you will have made a fuss for nothing.

Question 9

What do employees need to know to report a security incident?

Select an option, then click Submit answer.

  • How to report an incident and to whom.

  • Whether the incident has occurred before and what was the resulting damage.

  • The measures that should have been taken to prevent the incident in the first place.

  • Who is responsible for the incident and whether it was intentional.