• Home
  • Articles
  • Real ISMP Exam PDF Test Engine Practice Test Questions [Q17-Q40]

Real ISMP Exam PDF Test Engine Practice Test Questions [Q17-Q40]

Share

Real ISMP Exam PDF Test Engine Practice Test Questions

EXIN ISMP Real 2022 Braindumps Mock Exam Dumps

NEW QUESTION 17
What needs to be decided prior to considering the treatment of risks?

  • A. Criteria for determining whether or not the risk can be accepted
  • B. How to apply appropriate controls to reduce the risks
  • C. The development of own guidelines
  • D. Mitigation plans

Answer: A

 

NEW QUESTION 18
What is a key item that must be kept in mind when designing an enterprise-wide information security program?

  • A. Put an enterprise-wide network and Host-Based Intrusion Detection and Prevention System (Host-Based IDPS) into place as soon as possible
  • B. When defining controls follow an approach and framework that is consistent with organizational culture
  • C. Put an incident management and log file analysis program in place immediately
  • D. Determine controls in the light of specific risks an organization is facing

Answer: D

 

NEW QUESTION 19
Security monitoring is an important control measure to make sure that the required security level is maintained. In order to realize 24/7 availability of the service, this service is outsourced to a partner in the cloud.
What should be an important control in the contract?

  • A. The third party is certified for adhering to privacy protection controls.
  • B. The third party is certified against ISO/IEC 27001.
  • C. Your IT auditor has the right to audit the external party's service management processes.
  • D. The network communication channel is secured by using encryption.

Answer: C

 

NEW QUESTION 20
In a company a personalized smart card is used for both physical and logical access control.
What is the main purpose of the person's picture on the smart card?

  • A. To authenticate the owner of the card
  • B. To verify the iris of the card owner
  • C. To authorize the owner of the card
  • D. To identify the role of the card owner

Answer: A

 

NEW QUESTION 21
What is a risk treatment strategy?

  • A. Mobile updates
  • B. Risk acceptance
  • C. Software installation
  • D. Risk exclusion

Answer: B

 

NEW QUESTION 22
Zoning is a security control to separate physical areas with different security levels. Zones with higher security levels can be secured by more controls. The facility manager of a conference center is responsible for security.
What combination of business functions should be combined into one security zone?

  • A. Lobby and public restaurant
  • B. Boardroom and general office space
  • C. Computer room and storage facility
  • D. Meeting rooms and Human Resource rooms

Answer: A

 

NEW QUESTION 23
What is the main reason to use a firewall to separate two parts of your internal network?

  • A. To enable the installation of an Intrusion Detection System
  • B. To control traffic intensity between two network segments
  • C. To decrease network loads
  • D. To separate areas with different confidentiality requirements

Answer: D

 

NEW QUESTION 24
A protocol to investigate fraud by employees is being designed.
Which measure can be part of this protocol?

  • A. Investigate the private mailbox of the employee
  • B. Put a phone tap on the employee's business phone
  • C. Investigate the contents of the workstation of the employee
  • D. Seize and investigate the private laptop of the employee

Answer: C

 

NEW QUESTION 25
Who should be asked to check compliance with the information security policy throughout the company?

  • A. The same company that checks the yearly financial statement
  • B. External forensics investigators
  • C. Internal audit department

Answer: B

 

NEW QUESTION 26
The handling of security incidents is done by the incident management process under guidelines of information security management. These guidelines call for several types of mitigation plans.
Which mitigation plan covers short-term recovery after a security incident has occurred?

  • A. The disaster recovery plan
  • B. The risk treatment plan
  • C. The incident response plan
  • D. The Business Continuity Plan (BCP)

Answer: C

 

NEW QUESTION 27
The Board of Directors of an organization is accountable for obtaining adequate assurance.
Who should be responsible for coordinating the information security awareness campaigns?

  • A. The operational manager
  • B. The Board of Directors
  • C. The user
  • D. The security manager

Answer: D

 

NEW QUESTION 28
An information security officer is asked to write a retention policy for a financial system. She is aware of the fact that some data must be kept for a long time and other data must be deleted.
Where should she look for guidelines first?

  • A. In finance management procedures
  • B. In company policies
  • C. In legislation

Answer: C

 

NEW QUESTION 29
......

Prepare For The ISMP Question Papers In Advance: https://www.latestcram.com/ISMP-exam-cram-questions.html

Related Articles

more
EXIN ISMP Certification Practice Exam

LatestCram is an excellent team of professionals that provide all of best Reliable Exam Braindumps & Valid Latest Questions that will help you magnificently prepare for certification examinations. Right Exam Cram has 96% pass rate.

Latest practice material

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 LatestCram. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy