Below is Purpose of "Integrity", which is one of the Basic Components of Information Security
A. the property that information is not made available or disclosed to unauthorized individuals
B. the property of safeguarding the accuracy and completeness of assets.
C. the property that information is not made available or disclosed to unauthorized individuals
D. the property of being accessible and usable upon demand by an authorized entity.
After a devastating office fire, all staff are moved to other branches of the company. At what moment in the incident management process is this measure effectuated?
A. Between incident and damage
B. Between detection and classification
C. Between recovery and normal operations
D. Between classification and escalation
Information has a number of reliability aspects. Reliability is constantly being threatened. Examples of threats are: a cable becomes loose, someone alters information by accident, data is used privately or is falsified.
Which of these examples is a threat to integrity?
A. a loose cable
B. accidental alteration of data
C. private use of data
D. System restart
What is the relationship between data and information?
A. Data is structured information.
B. Information is the meaning and value assigned to a collection of data.
What is the purpose of an Information Security policy?
A. An information security policy makes the security plan concrete by providing the necessary details
B. An information security policy provides insight into threats and the possible consequences
C. An information security policy provides direction and support to the management regarding information security
D. An information security policy documents the analysis of risks and the search for countermeasures
How are data and information related?
A. Data is a collection of structured and unstructured information
B. Information consists of facts and statistics collected together for reference or analysis
C. When meaning and value are assigned to data, it becomes information
Why do we need to test a disaster recovery plan regularly, and keep it up to date?
A. Otherwise the measures taken and the incident procedures planned may not be adequate
B. Otherwise it is no longer up to date with the registration of daily occurring faults
C. Otherwise remotely stored backups may no longer be available to the security team
What controls can you do to protect sensitive data in your computer when you go out for lunch?
A. You activate your favorite screen-saver
B. You are confident to leave your computer screen as is since a password protected screensaver is installed and it is set to activate after 10 minutes of inactivity
C. You lock your computer by pressing Windows+L or CTRL-ALT-DELETE and then click "Lock Computer".
D. You turn off the monitor
What is social engineering?
A. A group planning for a social activity in the organization
B. Creating a situation wherein a third party gains confidential information from you
C. The organization planning an activity for welfare of the neighborhood
Which is the glue that ties the triad together
A. Process
B. People
C. Collaboration
D. Technology
Who is responsible for Initial asset allocation to the user/custodian of the assets?
A. Asset Manager
B. Asset Owner
C. Asset Practitioner
D. Asset Stakeholder
Who are allowed to access highly confidential files?
A. Employees with a business need-to-know
B. Contractors with a business need-to-know
C. Employees with signed NDA have a business need-to-know
D. Non-employees designated with approved access and have signed NDA
A scenario wherein the city or location where the building(s) reside is / are not accessible.
A. Component
B. Facility
C. City
D. Country
Backup media is kept in the same secure area as the servers. What risk may the organisation be exposed to?
A. Unauthorised persons will have access to both the servers and backups
B. Responsibility for the backups is not defined well
C. After a fire, the information systems cannot be restored
D. After a server crash, it will take extra time to bring it back up again
As a new member of the IT department you have noticed that confidential information has been leaked several times. This may damage the reputation of the company. You have been asked to propose an organisational measure to protect laptop computers. What is the first step in a structured approach to come up with this measure?
A. Appoint security staff
B. Encrypt all sensitive information
C. Formulate a policy
D. Set up an access control procedure