You are the owner of the SpeeDelivery courier service. Last year you had a firewall installed. You now discover that no maintenance has been performed since the installation. What is the biggest risk because of this?
Answer : A
A couple of years ago you started your company which has now grown from 1 to 20 employees.
Your companys information is worth more and more and gone are the days when you could keep it all in hand yourself. You are aware that you have to take measures, but what should they be?
You hire a consultant who advises you to start with a qualitative risk analysis. What is a qualitative risk analysis?
Answer : B
Susan sends an email to Paul. Who determines the meaning and the value of information in this email?
Answer : A
Which measure assures that valuable information is not left out available for the taking?
Answer : A
What is an example of a good physical security measure?
Answer : A
You read in the newspapers that the ex-employee of a large company systematically deleted files out of revenge on his manager. Recovering these files caused great losses in time and money.
What is this kind of threat called?
Answer : A
Which is a legislative or regulatory act related to information security that can be imposed upon all organizations?
Answer : D
You are the first to arrive at work in the morning and notice that the CD ROM on which you saved contracts yesterday has disappeared. You were the last to leave yesterday. When should you report this information security incident?
Answer : A
A Dutch company requests to be listed on the American Stock Exchange. Which legislation within the scope of information security is relevant in this case?
Answer : C
At Midwest Insurance, all information is classified. What is the goal of this classification of information?
Answer : C
Which one of the threats listed below can occur as a result of the absence of a physical measure?
Answer : B
What is the best description of a risk analysis?
Answer : B
What is the goal of an organization's security policy?
Answer : A
The Information Security Manager (ISM) at Smith Consultants Inc. introduces the following measures to assure information security:
- The security requirements for the network are specified.
- A test environment is set up for the purpose of testing reports coming from the database.
- The various employee functions are assigned corresponding access rights.
- RFID access passes are introduced for the building.
Which one of these measures is not a technical measure?
Answer : D