Exin ISMP Practice Questions| TestInsights

Question 1

The ambition of the security manager is to certify the organization against ISO/IEC 27001.

What is an activity in the certification program?

AFormulate the security requirements in the outsourcing contracts

BImplement the security baselines in Secure Systems Development Life Cycle (SecSDLC)

CPerform a risk assessment of the secure internet connectivity architecture of the datacenter

DProduce a Statement of Applicability based on risk assessments

Correct : D

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

AFormulate the security requirements in the outsourcing contracts

BImplement the security baselines in Secure Systems Development Life Cycle (SecSDLC)

CPerform a risk assessment of the secure internet connectivity architecture of the datacenter

DProduce a Statement of Applicability based on risk assessments

Question 2

The information security manager is writing the Information Security Management System (ISMS) documentation. The controls that are to be implemented must be described in one of the phases of the Plan-Do-

Check-Act (PDCA) cycle of the ISMS.

In which phase should these controls be described?

APlan

BDo

CCheck

DAct

Correct : A

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

APlan

BDo

CCheck

DAct

Question 3

What needs to be decided prior to considering the treatment of risks?

ACriteria for determining whether or not the risk can be accepted

BHow to apply appropriate controls to reduce the risks

CMitigation plans

DThe development of own guidelines

Correct : A

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

ACriteria for determining whether or not the risk can be accepted

BHow to apply appropriate controls to reduce the risks

CMitigation plans

DThe development of own guidelines

Question 4

Security monitoring is an important control measure to make sure that the required security level is maintained. In order to realize 24/7 availability of the service, this service is outsourced to a partner in the cloud.

What should be an important control in the contract?

AThe network communication channel is secured by using encryption.

BThe third party is certified against ISO/IEC 27001.

CThe third party is certified for adhering to privacy protection controls.

DYour IT auditor has the right to audit the external party's service management processes.

Correct : D

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

AThe network communication channel is secured by using encryption.

BThe third party is certified against ISO/IEC 27001.

CThe third party is certified for adhering to privacy protection controls.

DYour IT auditor has the right to audit the external party's service management processes.

Question 5

What is the best way to start setting the information security controls?

AImplement the security measures as prescribed by a risk analysis tool

BResort back to the default factory standards

CUse a standard security baseline

Correct : C

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

AImplement the security measures as prescribed by a risk analysis tool

BResort back to the default factory standards

CUse a standard security baseline

Curious about Actual Exin Information Security Management (ISMP) Exam Questions?

Options Selected by Other Users:

Options Selected by Other Users:

Options Selected by Other Users:

Options Selected by Other Users:

Options Selected by Other Users: