Question 1

Which measure is a preventive measure?

Options :

A : Installing a logging system that enables changes in a system to be recognized

B : Shutting down all internet traffic after a hacker has gained access to the company systems

C : Putting sensitive information in a safe

Answer: C

Question 2

Which of the following does a lack of adequate security controls represent?

Options :

A : Asset

B : Vulnerability

C : Impact

D : Threat

Answer: B

Question 3

As a new member of the IT department you have noticed that confidential information has been leaked several times. This may damage the reputation of the company. You have been asked to propose an

organisational measure to protect laptop computers. What is the first step in a structured approach to come up with this measure?

Options :

A : Appoint security staff

B : Encrypt all sensitive information

C : Formulate a policy

D : Set up an access control procedure

Answer: C

Question 4

Phishing is what type of Information Security Incident?

Options :

A : Private Incidents

B : Cracker/Hacker Attacks

C : Technical Vulnerabilities

D : Legal Incidents

Answer: B

Question 5

A planning process that introduced the concept of planning as a cycle that forms the basis for continuous improvement is called:

Options :

A : time based planning.

B : plan, do, check, act.

C : planning for continuous improvement.

D : RACI Matrix

Answer: B