-
EX0-105题库demo免费下载
Filed under EXIN,IncAug 13EXIN,Inc认证EX0-105考试题库介绍
考试代号: EX0-105
问题数量:79 Q&As
更新时间: 2009-08-13
注册地点: Prometric/Pearson VUE
题库全称:Information Security Foundation based on ISO/IEC 27002免费EX0-105题库Demo赏析
Exam : EXIN EX0-105
Title : Information Security Foundation based on ISO/IEC 270021. You work in the office of a large company. You receive a call from a person claiming to be from the Helpdesk. He asks you for your password.
What kind of threat is this?
A. Natural threat
B. Organizational threat
C. Social Engineering
Answer: C2. You are a consultant and are regularly hired by the Ministry of Defense to perform analyses. Since the assignments are irregular, you outsource the administration of your business to temporary workers. You don’t want the temporary workers to have access to your reports.
Which reliability aspect of the information in your reports must you protect?
A. Availability
B. Integrity
C. Confidentiality
Answer: C3. Some threats are caused directly by people, others have a natural cause.
What is an example of an intentional human threat?
A. Lightning strike
B. Arson
C. Flood
D. Loss of a USB stick
Answer: B4. What action is an unintentional human threat?
A. Arson
B. Theft of a laptop
C. Social engineering
D. Incorrect use of fire extinguishing equipment
Answer: D5. A well executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives.
What is not one of the four main objectives of a risk analysis?
A. Identifying assets and their value
B. Determining the costs of threats
C. Establishing a balance between the costs of an incident and the costs of a security measure
D. Determining relevant vulnerabilities and threats
Answer: B6. Why do organizations have an information security policy?
A. In order to demonstrate the operation of the Plan-Do-Check-Act cycle within an organization.
B. In order to ensure that staff do not break any laws.
C. In order to give direction to how information security is set up within an organization.
D. In order to ensure that everyone knows who is responsible for carrying out the backup procedures.
Answer: C7. What is a risk analysis used for?
A. A risk analysis is used to express the value of information for an organization in monetary terms.
B. A risk analysis is used to clarify to management their responsibilities.
C. A risk analysis is used in conjunction with security measures to reduce risks to an acceptable level.
D. A risk analysis is used to ensure that security measures are deployed in a cost-effective and timely fashion.
Answer: D8. What is the greatest risk for an organization if no information security policy has been defined?
A. If everyone works with the same account, it is impossible to find out who worked on what.
B. Information security activities are carried out by only a few people.
C. Too many measures are implemented.
D. It is not possible for an organization to implement information security in a consistent manner.
Answer: D9. We can acquire and supply information in various ways. The value of the information depends on whether it is reliable.
What are the reliability aspects of information?
A. Availability, Information Value and Confidentiality
B. Availability, Integrity and Confidentiality
C. Availability, Integrity and Completeness
D. Timeliness, Accuracy and Completeness
Answer: B10. You are the owner of a growing company, SpeeDelivery, which provides courier services. You decide that it is time to draw up a risk analysis for your information system. This includes an inventory of the threats and risks.
What is the relation between a threat, risk and risk analysis?
A. A risk analysis identifies threats from the known risks.
B. A risk analysis is used to clarify which threats are relevant and what risks they involve.
C. A risk analysis is used to remove the risk of a threat.
D. Risk analyses help to find a balance between threats and risks.
Answer: B11. What is an example of a non-human threat to the physical environment?
A. Fraudulent transaction
B. Corrupted file
C. Storm
D. Virus
Answer: C12. Peter works at the company Midwest Insurance. His manager, Linda, asks him to send the terms and conditions for a life insurance policy to Rachel, a client.
Who determines the value of the information in the insurance terms and conditions document?
A. The recipient, Rachel
B. The person who drafted the insurance terms and conditions
C. The manager, Linda
D. The sender, Peter
Answer: A13. You are the owner of the courier company SpeeDelivery. You have carried out a risk analysis and now want to determine your risk strategy. You decide to take measures for the large risks but not for the small risks.
What is this risk strategy called?
A. Risk bearing
B. Risk avoiding
C. Risk neutral
Answer: C14. When we are at our desk, we want the information system and the necessary information to be available. We want to be able to work with the computer and access the network and our files.
What is the correct definition of availability?
A. The degree to which the system capacity is enough to allow all users to work with it
B. The degree to which the continuity of an organization is guaranteed
C. The degree to which an information system is available for the users
D. The total amount of time that an information system is accessible to the users
Answer: C15. What is the definition of the Annual Loss Expectancy?
A. The Annual Loss Expectancy is the amount of damage that can occur as a result of an incident during the year.
B. The Annual Loss Expectancy is the size of the damage claims resulting from not having carried out risk analyses effectively.
C. The Annual Loss Expectancy is the average damage calculated by insurance companies for businesses in a country.
D. The Annual Loss Expectancy is the minimum amount for which an organization must insure itself.
Answer: A免费下载EX0-105题库Demo
Examsoon提供最新的EXIN Inc Certification认证 EX0-105题库,其全名为:(Information Security Foundation based on ISO/IEC 27002). 在您决定是否购买之前 可以先下载EX0-105题库的部分演示. Examsoon是全球唯一提供所有IT认证考试题库demo免费下载的厂商 ,以下为免费EX0-105模拟测试题的下载链接
EXIN,Inc EX0-105学习指南
EXIN Inc Certification认证 EX0-105考试已经证明了它在全世界的广泛性和重要性,因此明白这项认证考试的世界各地的人必须具备与认证考试相关领域所需的技能和知识。EXIN,Inc认证 EX0-105学习指南的目的是检查考生的能力和他对概念的意识。很多时候练习测试EX0-105考试都已经被修改过了,删掉了许多过时的东西,而那些需求是在考试课程。当应用到时候你所学的知识的时候,就会鉴定出你所学到的东西以及对所学知识的应用是多么的恰到好处。EXIN,Inc认证 EX0-105是在IT行业的知名品牌,所以如果您通过了这样一个知名公司举行的一次考试,你可以想象你将来的事业会做的多么好。
想要通过这个考试当然存在很多困难。你所要做的就是准备好充足的勇气和信心,而这些都来源与你平时训练的好坏.建议大家可以去Examsoon这个网站看一下,它的EX0-105考试是为了测试您在这方面的知识的掌握程度,最好的部分是它可以使你不断更新你所学的知识,不断进步。如果你知道所有的概念和如何使用他们的时候才是你真正掌握了Examsoon的用意。这门考试检查了您的能力和一旦你通过这次考验你将成为最优秀的人才,其他EX0-105考试的Examsoon结算值得注意的影响就是你的薪水将直线上升这大概也是每个人都希望获得的,所以要找一些好的资源才行。
Examsoon考题大师EX0-105试题都是考试原题的完美组合,覆盖率95%以上,答案由多位专业资深讲师原版破解得出,正确率100%,只要您使用Examsoon的考试题库参加EX0-105考试,保证您一次轻松通过考试;
售后服务第一!我们相信要想在当今时代取得成功,必须为广大用户提供全套的周到细致的全程优质售后服务,只有客户满意了,才能发展。客户至上是Examsoon考题大师的一贯宗旨;
Leave a Reply
You must be logged in to post a comment.
Recent Comments