Welcome to TestSimulate

Pass Your Next Certification Exam Fast!

Everything you need to prepare, learn & pass your certification exam easily.

365 days free updates. First attempt guaranteed success.

  • Home
  • Blogs
  • [Dec 28, 2021] TestSimulate ISMP Exam Practice Test Questions (Updated 31 Questions) [Q13-Q29]

[Dec 28, 2021] TestSimulate ISMP Exam Practice Test Questions (Updated 31 Questions) [Q13-Q29]

Share

[Dec 28, 2021] TestSimulate ISMP  Exam Practice Test Questions (Updated 31 Questions)

Pass EXIN ISMP Exam Info and Free Practice Test 

NEW QUESTION 13
Which security item is designed to take collections of data from multiple computers?

  • A. Firewall
  • B. Host-Based Intrusion Detection and Prevention System (Host-Based IDPS)
  • C. Network-Based Intrusion Detection and Prevention System (Network-Based IDPS)
  • D. Virtual Private Network (VPN)

Answer: C

 

NEW QUESTION 14
Security monitoring is an important control measure to make sure that the required security level is maintained. In order to realize 24/7 availability of the service, this service is outsourced to a partner in the cloud.
What should be an important control in the contract?

  • A. Your IT auditor has the right to audit the external party's service management processes.
  • B. The network communication channel is secured by using encryption.
  • C. The third party is certified against ISO/IEC 27001.
  • D. The third party is certified for adhering to privacy protection controls.

Answer: A

 

NEW QUESTION 15
The handling of security incidents is done by the incident management process under guidelines of information security management. These guidelines call for several types of mitigation plans.
Which mitigation plan covers short-term recovery after a security incident has occurred?

  • A. The incident response plan
  • B. The disaster recovery plan
  • C. The Business Continuity Plan (BCP)
  • D. The risk treatment plan

Answer: A

 

NEW QUESTION 16
Who should be asked to check compliance with the information security policy throughout the company?

  • A. Internal audit department
  • B. The same company that checks the yearly financial statement
  • C. External forensics investigators

Answer: C

 

NEW QUESTION 17
An employee has worked on the organizational risk assessment. The goal of the assessment is not to bring residual risks to zero, but to bring the residual risks in line with an organization's risk appetite.
When has the risk assessment program accomplished its primary goal?

  • A. When the risk analysis is completed
  • B. Once the controls are implemented
  • C. Once the transference of the risk is complete
  • D. When decision makers have been informed of uncontrolled risks and proper authority groups decide to leave the risks in place

Answer: D

 

NEW QUESTION 18
The security manager of a global company has decided that a risk assessment needs to be completed across the company.
What is the primary objective of the risk assessment?

  • A. Identify, quantify and prioritize risks against criteria for risk acceptance
  • B. Identify, quantify and prioritize which controls are going to be used to mitigate risk
  • C. Identify, quantify and prioritize the scope of this risk assessment
  • D. Identify, quantify and prioritize each of the business-critical assets residing on the corporate infrastructure

Answer: A

 

NEW QUESTION 19
A protocol to investigate fraud by employees is being designed.
Which measure can be part of this protocol?

  • A. Investigate the contents of the workstation of the employee
  • B. Seize and investigate the private laptop of the employee
  • C. Put a phone tap on the employee's business phone
  • D. Investigate the private mailbox of the employee

Answer: A

 

NEW QUESTION 20
When is revision of an employee's access rights mandatory?

  • A. At hire
  • B. At least each year
  • C. At all moments stated in the information security policy
  • D. After any position change

Answer: C

 

NEW QUESTION 21
A security architect argues with the internal fire prevention team about the statement in the information security policy, that doors to confidential areas should be locked at all times. The emergency response team wants to access to those areas in case of fire.
What is the best solution to this dilemma?

  • A. The doors will automatically open in case of fire.
  • B. The security architect will be informed when there is a fire.
  • C. The doors should stay closed in case of fire to prevent access to confidential areas.

Answer: A

 

NEW QUESTION 22
What is the best way to start setting the information security controls?

  • A. Resort back to the default factory standards
  • B. Use a standard security baseline
  • C. Implement the security measures as prescribed by a risk analysis tool

Answer: B

 

NEW QUESTION 23
The ambition of the security manager is to certify the organization against ISO/IEC 27001.
What is an activity in the certification program?

  • A. Implement the security baselines in Secure Systems Development Life Cycle (SecSDLC)
  • B. Formulate the security requirements in the outsourcing contracts
  • C. Produce a Statement of Applicability based on risk assessments
  • D. Perform a risk assessment of the secure internet connectivity architecture of the datacenter

Answer: C

 

NEW QUESTION 24
When should information security controls be considered?

  • A. During the risk assessment work
  • B. After the risk assessment
  • C. As part of the scoping meeting
  • D. At the kick-off meeting

Answer: B

 

NEW QUESTION 25
......

Pass Your EXIN Exam with ISMP Exam Dumps: https://www.testsimulate.com/ISMP-study-materials.html

Related Blogs

more
Go To ISMP Questions

Copyright © 2026 TESTSIMULATE.COM. All rights reserved. All trademarks are the property of their respective owners and we don't provide actual questions from any vendor.