ISO-ISMS-LA Online Practice Questions and Answers

What type of measure involves the stopping of possible consequences of security incidents?

A. Corrective

B. Detective

C. Repressive

D. Preventive

Does the security have the right to ask you to display your ID badges and check your bags?

A. True

B. False

Who is authorized to change the classification of a document?

A. The author of the document

B. The administrator of the document

C. The owner of the document

D. The manager of the owner of the document

Someone from a large tech company calls you on behalf of your company to check the health of your PC, and therefore needs your user-id and password. What type of threat is this?

A. Social engineering threat

B. Organisational threat

C. Technical threat

D. Malware threat

After a fire has occurred, what repressive measure can be taken?

A. Extinguishing the fire after the fire alarm sounds

B. Buying in a proper fire insurance policy

C. Repairing all systems after the fire

What is the relationship between data and information?

A. Data is structured information.

B. Information is the meaning and value assigned to a collection of data.

-------------------------is an asset like other important business assets has value to an organization and consequently needs to be protected.

A. Infrastructure

B. Data

C. Information

D. Security

In order to take out a fire insurance policy, an administration office must determine the value of the data that it manages.

Which factor is [b]not[/b] important for determining the value of data for an organization?

A. The content of data.

B. The degree to which missing, incomplete or incorrect data can be recovered.

C. The indispensability of data for the business processes.

D. The importance of the business processes that make use of the data.

Backup media is kept in the same secure area as the servers. What risk may the organisation be exposed to?

A. Unauthorised persons will have access to both the servers and backups

B. Responsibility for the backups is not defined well

C. After a fire, the information systems cannot be restored

D. After a server crash, it will take extra time to bring it back up again

Which of the following factors does NOT contribute to the value of data for an organisation?

A. The correctness of data

B. The indispensability of data

C. The importance of data for processes

D. The content of data