Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

BCS Foundation Certificate in Information Security Management Principles V9.0

Last Update 6 hours ago Total Questions : 100

The BCS Foundation Certificate in Information Security Management Principles V9.0 content is now fully updated, with all current exam questions added 6 hours ago. Deciding to include CISMP-V9 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our CISMP-V9 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these CISMP-V9 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any BCS Foundation Certificate in Information Security Management Principles V9.0 practice test comfortably within the allotted time.

Question # 11

When establishing objectives for physical security environments, which of the following functional controls SHOULD occur first?

A.

Delay.

B.

Drop.

C.

Deter.

D.

Deny.

Question # 12

Which term describes the acknowledgement and acceptance of ownership of actions, decisions, policies and deliverables?

A.

Accountability.

B.

Responsibility.

C.

Credibility.

D.

Confidentiality.

Question # 13

A security analyst has been asked to provide a triple A service (AAA) for both wireless and remote access network services in an organization and must avoid using proprietary solutions.

What technology SHOULD they adapt?

A.

TACACS+

B.

RADIUS.

C.

Oauth.

D.

MS Access Database.

Question # 14

When calculating the risk associated with a vulnerability being exploited, how is this risk calculated?

A.

Risk = Likelihood * Impact.

B.

Risk = Likelihood / Impact.

C.

Risk = Vulnerability / Threat.

D.

Risk = Threat * Likelihood.

Question # 15

You are undertaking a qualitative risk assessment of a likely security threat to an information system.

What is the MAIN issue with this type of risk assessment?

A.

These risk assessments are largely subjective and require agreement on rankings beforehand.

B.

Dealing with statistical and other numeric data can often be hard to interpret.

C.

There needs to be a large amount of previous data to "train" a qualitative risk methodology.

D.

It requires the use of complex software tools to undertake this risk assessment.

Question # 16

A penetration tester undertaking a port scan of a client's network, discovers a host which responds to requests on TCP ports 22, 80, 443, 3306 and 8080.

What type of device has MOST LIKELY been discovered?

A.

File server.

B.

Printer.

C.

Firewall.

D.

Web server

Question # 17

For which security-related reason SHOULD staff monitoring critical CCTV systems be rotated regularly during each work session?

A.

To reduce the chance of collusion between security staff and those being monitored.

B.

To give experience to monitoring staff across a range of activities for training purposes.

C.

Health and Safety regulations demand that staff are rotated to prevent posture and vision related harm.

D.

The human attention span during intense monitoring sessions is about 20 minutes.

Question # 18

In software engineering, what does 'Security by Design” mean?

A.

Low Level and High Level Security Designs are restricted in distribution.

B.

All security software artefacts are subject to a code-checking regime.

C.

The software has been designed from its inception to be secure.

D.

All code meets the technical requirements of GDPR.

Question # 19

When handling and investigating digital evidence to be used in a criminal cybercrime investigation, which of the following principles is considered BEST practice?

A.

Digital evidence must not be altered unless absolutely necessary.

B.

Acquiring digital evidence cart only be carried on digital devices which have been turned off.

C.

Digital evidence can only be handled by a member of law enforcement.

D.

Digital devices must be forensically "clean" before investigation.

Question # 20

How does the use of a "single sign-on" access control policy improve the security for an organisation implementing the policy?

A.

Password is better encrypted for system authentication.

B.

Access control logs are centrally located.

C.

Helps prevent the likelihood of users writing down passwords.

D.

Decreases the complexity of passwords users have to remember.

Go to page: