Question 1

What is the purpose of an Information Security policy?

Options :

A : An information security policy makes the security plan concrete by providing the necessary details

B : An information security policy provides insight into threats and the possible consequences

C : An information security policy provides direction and support to the management regarding information security

D : An information security policy documents the analysis of risks and the search for countermeasures

Answer: C

Question 2

An employee caught with offense of abusing the internet, such as P2P file sharing or video/audio streaming, will not receive a warning for committing such act but will directly receive an IR.

Options :

A : True

B : False

Answer: A

Question 3

Phishing is what type of Information Security Incident?

Options :

A : Private Incidents

B : Cracker/Hacker Attacks

C : Technical Vulnerabilities

D : Legal Incidents

Answer: B

Question 4

-------------------------is an asset like other important business assets has value to an organization and consequently needs to be protected.

Options :

A : Infrastructure

B : Data

C : Information

D : Security

Answer: C

Question 5

A planning process that introduced the concept of planning as a cycle that forms the basis for continuous improvement is called:

Options :

A : time based planning.

B : plan, do, check, act.

C : planning for continuous improvement.

D : RACI Matrix

Answer: B

Higher Test Marks with Free Online ISO27-13-001 Exam Practice

Buying Options: