Online Access Free ISMP Exam Questions

A protocol to investigate fraud by employees is being designed.
Which measure can be part of this protocol?

• A.Investigate the contents of the workstation of the employee
• B.Put a phone tap on the employee's business phone
• C.Seize and investigate the private laptop of the employee
• D.Investigate the private mailbox of the employee

An information security officer is asked to write a retention policy for a financial system. She is aware of the fact that some data must be kept for a long time and other data must be deleted.
Where should she look for guidelines first?

• A.In finance management procedures
• B.In company policies
• C.In legislation

A company's webshop offers prospects and customers the possibility to search the catalog and place orders around the clock. In order to satisfy the needs of both customer and business several requirements have to be met. One of the criteria is data classification.
What is the most important classification aspect of the unit price of an object in a 24h webshop?

• A.Availability
• B.Confidentiality
• C.Integrity

What is the main reason to use a firewall to separate two parts of your internal network?

• A.To decrease network loads
• B.To enable the installation of an Intrusion Detection System
• C.To control traffic intensity between two network segments
• D.To separate areas with different confidentiality requirements

What is the best way to start setting the information security controls?

• A.Use a standard security baseline
• B.Implement the security measures as prescribed by a risk analysis tool
• C.Resort back to the default factory standards