Online Access Free ISMP Practice Test

Who should be asked to check compliance with the information security policy throughout the company?

• A.External forensics investigators
• B.The same company that checks the yearly financial statement
• C.Internal audit department

What is a key item that must be kept in mind when designing an enterprise-wide information security program?

• A.Determine controls in the light of specific risks an organization is facing
• B.When defining controls follow an approach and framework that is consistent with organizational culture
• C.Put an enterprise-wide network and Host-Based Intrusion Detection and Prevention System (Host-Based IDPS) into place as soon as possible
• D.Put an incident management and log file analysis program in place immediately

What is the main reason to use a firewall to separate two parts of your internal network?

• A.To decrease network loads
• B.To separate areas with different confidentiality requirements
• C.To control traffic intensity between two network segments
• D.To enable the installation of an Intrusion Detection System

The Board of Directors of an organization is accountable for obtaining adequate assurance.
Who should be responsible for coordinating the information security awareness campaigns?

• A.The Board of Directors
• B.The operational manager
• C.The security manager
• D.The user

The information security manager is writing the Information Security Management System (ISMS) documentation. The controls that are to be implemented must be described in one of the phases of the Plan-Do- Check-Act (PDCA) cycle of the ISMS.
In which phase should these controls be described?

• A.Check
• B.Act
• C.Do
• D.Plan