ITIL ITIL 4 Practitioner Information Security Management - ITIL 4 Practitioner Information Security Management Exam
Page: 1 / 4
Total 20 questions
Question #1 (Topic: Exam A)
What is an example of two-factor authentication?
A. Using encryption and a security certificate to positively identify a website
B. Using a password and a PIN to log in to a business application
C. Using a PIN and a physical key to unlock the door to a computer room
D. Using two passwords known by different people to access a computer system
Answer: C
Question #2 (Topic: Exam A)
Which action will be performed as part of the ‘information security incident review’ of the ‘information security incident management’ process, after a server has been compromised?
A. Configuring a new server to perform the role of the compromised system
B. Disconnecting the compromised system from the network
C. Contacting regulators to explain the impact of the incident
D. Monitoring services to ensure the incident has been fully resolved
Answer: D
Question #3 (Topic: Exam A)
An organization has a small information security team. This team evaluates all changes to decide if there might be a security impact, and this evaluation is a significant bottleneck for the organization, resulting in delays that slow down the rate of business change.
What should the organization do to manage this issue?
What should the organization do to manage this issue?
A. Allow staff from other teams to assess the security impact of changes that are frequent and low risk
B. Communicate the importance of information security to stakeholders so that people understand the need for the delays
C. Prioritize the evaluation of changes so that important business changes are not severely affected
D. Automatically approve changes that have not been assessed within agreed times.
Answer: A
Question #4 (Topic: Exam A)
A board of a large organization is considering certification of the organization’s information security management system to an internal standard. The board expects the certification to help retain and attract customers and reach new markets. CISO and information security managers estimated the costs of certification and necessary preparations and think that some requirements of the standard are too expensive to meet compared to the risks they address.
What is the BEST course of action for the organization in this situation?
What is the BEST course of action for the organization in this situation?
A. The board should consider the costs of the certification together with the expected value for the organization
B. The board should cancel the certification project as the costs are not justified
C. The organization should adopt only those parts of the standard which are recommended by the CISO
D. The organization should delegate the certification project to an external consultant
Answer: A
Question #5 (Topic: Exam A)
An organization has a public website where customers can make purchases. The website has daily automated vulnerability assessments to make sure that is protected from known attacks, and to detect some types of security breach.
What additional automation should the organization implement to help ensure security incidents are detected quickly?
What additional automation should the organization implement to help ensure security incidents are detected quickly?
A. Use regular automated vulnerability assessments to detect missing patches and updates
B. Automatically switch services away from any compromised servers to provide continual service to customers
C. Use automated data forensic tools to collect and save evidence before investigating incidents
D. Analyse transactions to identify unusual or unexpected customer behavior
Answer: D
