Information Security Foundation based on ISO/IEC 27002 試験
Question No : 1
What is the most important reason for applying segregation of duties?
Question No : 2
What is the definition of the Annual Loss Expectancy?
Question No : 3
Some threats are caused directly by people, others have a natural cause. What is an example of an intentional human threat?
Question No : 4
Which of these is not malicious software?
Question No : 5
In most organizations, access to the computer or the network is granted only after the user has entered a correct username and password. This process consists of 3 steps: identification, authentication and authorization. What is the purpose of the second step, authentication?
Question No : 6
What is an example of a non-human threat to the physical environment?
Question No : 7
When we are at our desk, we want the information system and the necessary information to be available. We want to be able to work with the computer and access the network and our files. What is the correct definition of availability?
Question No : 8
Peter works at the company Midwest Insurance. His manager, Linda, asks him to send the terms and conditions for a life insurance policy to Rachel, a client. Who determines the value of the information in the insurance terms and conditions document?
Question No : 9
You have just started working at a large organization. You have been asked to sign a code of conduct as well as a contract. What does the organization wish to achieve with this?
Question No : 10
What do employees need to know to report a security incident?
Question No : 11
What is the objective of classifying information?
Question No : 12
What is the greatest risk for an organization if no information security policy has been defined?
Question No : 13
An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry date of a contract with one of the clients is earlier than the start date. What type of measure could prevent this error?
Question No : 14
What sort of security does a Public Key Infrastructure (PKI) offer?
Question No : 15
Your company has to ensure that it meets the requirements set down in personal data protection legislation. What is the first thing you should do?