Free Access EXIN.ISMP.v2022-08-20.q9 Practice Test (Page 2)

Question 1

A security manager for a large company has the task to achieve physical protection for corporate data stores.
Through which control can physical protection be achieved?

A.Using access control lists to prevent logical access to organizational infrastructure

B.Using a firewall to prevent access to the network infrastructure

C.Having visitors sign in and out of the corporate datacenter

D.Using key access controls for employees needing access

Question 2

An employee has worked on the organizational risk assessment. The goal of the assessment is not to bring residual risks to zero, but to bring the residual risks in line with an organization's risk appetite.
When has the risk assessment program accomplished its primary goal?

A.When the risk analysis is completed

B.Once the transference of the risk is complete

C.Once the controls are implemented

D.When decision makers have been informed of uncontrolled risks and proper authority groups decide to leave the risks in place

Question 3

The information security manager is writing the Information Security Management System (ISMS) documentation. The controls that are to be implemented must be described in one of the phases of the Plan-Do- Check-Act (PDCA) cycle of the ISMS.
In which phase should these controls be described?

A.Act

B.Plan

C.Check

D.Do

Question 4

Zoning is a security control to separate physical areas with different security levels. Zones with higher security levels can be secured by more controls. The facility manager of a conference center is responsible for security.
What combination of business functions should be combined into one security zone?

A.Computer room and storage facility

B.Meeting rooms and Human Resource rooms

C.Boardroom and general office space

D.Lobby and public restaurant

Question 5

What is a key item that must be kept in mind when designing an enterprise-wide information security program?

A.When defining controls follow an approach and framework that is consistent with organizational culture

B.Put an incident management and log file analysis program in place immediately

C.Determine controls in the light of specific risks an organization is facing

D.Put an enterprise-wide network and Host-Based Intrusion Detection and Prevention System (Host-Based IDPS) into place as soon as possible

Other Version: 719EXIN.ISMP.v2022-01-30.q10; 116EXIN.Prepawaypdf.ISMP.v2021-10-04.by.kristin.10q.pdf

Latest Upload: 144Huawei.H12-811_V1.0.v2025-10-02.q205; 110PMI.PfMP.v2025-10-02.q265; 112EMC.D-NWR-DY-01.v2025-10-02.q145; 132Salesforce.Public-Sector-Solutions.v2025-10-01.q106; 111Microsoft.SC-300.v2025-10-01.q358; 106Snowflake.DSA-C03.v2025-10-01.q105; 109Fortinet.NSE7_SDW-7.2.v2025-10-01.q108; 109Scrum.PAL-I.v2025-09-30.q47; 119SAP.C-C4H22-2411.v2025-09-30.q28; 148LinuxFoundation.CKAD.v2025-09-29.q102

Question 1

Question 2

Question 3

Question 4

Question 5

Download PDF File