Question 1

What is the purpose of an Information Security policy?

Options :

A : An information security policy makes the security plan concrete by providing the necessary details

B : An information security policy provides insight into threats and the possible consequences

C : An information security policy provides direction and support to the management regarding information security

D : An information security policy documents the analysis of risks and the search for countermeasures

Answer: C

Question 2

You receive the following mail from the IT support team: Dear User,Starting next week, we will be deleting all inactive email accounts in order to create spaceshare the below details in order to continue using your account. In case of no response,

Name:

Email ID:

Password:

DOB:

Kindly contact the webmail team for any further support. Thanks for your attention.

Which of the following is the best response?

Options :

A : Ignore the email

B : Respond it by saying that one should not share the password with anyone

C : One should not respond to these mails and report such email to your supervisor

Answer: C

Question 3

A well-executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives.

What is not one of the four main objectives of a risk analysis?

Options :

A : Identifying assets and their value

B : Implementing counter measures

C : Establishing a balance between the costs of an incident and the costs of a security measure

D : Determining relevant vulnerabilities and threats

Answer: B

Question 4

-------------------------is an asset like other important business assets has value to an organization and consequently needs to be protected.

Options :

A : Infrastructure

B : Data

C : Information

D : Security

Answer: C

Question 5

Which of the following does a lack of adequate security controls represent?

Options :

A : Asset

B : Vulnerability

C : Impact

D : Threat

Answer: B