The Best ISFS Exam Study Material Premium Files and Preparation Tool (Feb-2024) [Q24-Q44]

Q24. An airline company employee notices that she has access to one of the company’s applications that she has not used before. Is this an information security incident?

Q25. An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry date of a contract with one of the clients is earlier than the start date. What type of measure could prevent this error?

Q26. Why is compliance important for the reliability of the information?

Q27. Midwest Insurance controls access to its offices with a passkey system. We call this a preventive measure.
What are some other measures?

Q28. Under which condition is an employer permitted to check if Internet and email services in the workplace are being used for private purposes?

Q29. An airline company employee notices that she has access to one of the company’s applications that she has not used before. Is this an information security incident?

Q30. In the organization where you work, information of a very sensitive nature is processed. Management is legally obliged to implement the highest-level security measures. What is this kind of risk strategy called?

Q31. What is the goal of an organization’s security policy?

Q32. What is a repressive measure in the case of a fire?

Q33. What is the most important reason for applying segregation of duties?

Q34. A non-human threat for computer systems is a flood. In which situation is a flood always a relevant threat?

Q35. You are the first to arrive at work in the morning and notice that the CD ROM on which you saved contracts yesterday has disappeared. You were the last to leave yesterday. When should you report this information security incident?

Q36. Which type of malware builds a network of contaminated computers?

Q37. You work for a large organization. You notice that you have access to confidential information that you should not be able to access in your position. You report this security incident to the helpdesk. The incident cycle isinitiated. What are the stages of the security incident cycle?

Q38. What is the relationship between data and information?

Q39. You work in the office of a large company. You receive a call from a person claiming to be from the Helpdesk.
He asks you for your password. What kind of threat is this?

Q40. What is the greatest risk for an organization if no information security policy has been defined?

Q41. You are the owner of the SpeeDelivery courier service. Last year you had a firewall installed. You now discover that no maintenance has been performed since the installation. What is the biggest risk because of this?

Q42. What is the best way to comply with legislation and regulations for personal data protection?

Q43. You read in the newspapers that the ex-employee of a large company systematically deleted files out of revenge on his manager. Recovering these files caused great losses in time and money. What is this kind of threat called?

Q44. You have an office that designs corporate logos. You have been working on a draft for a large client. Just as you are going to press the <save> button, the screen goes blank. The hard disk is damaged and cannot be repaired. You find an early version of the design in your mail folder and you reproduce the draft for the customer. What is such a measure called?