Summer Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

BCS Foundation Certificate in Information Security Management Principles V9.0

Last Update 6 hours ago Total Questions : 100

The BCS Foundation Certificate in Information Security Management Principles V9.0 content is now fully updated, with all current exam questions added 6 hours ago. Deciding to include CISMP-V9 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our CISMP-V9 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these CISMP-V9 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any BCS Foundation Certificate in Information Security Management Principles V9.0 practice test comfortably within the allotted time.

Question # 21

Which standard deals with the implementation of business continuity?

A.

ISO/IEC 27001

B.

COBIT

C.

IS0223G1.

D.

BS5750.

Question # 22

Which of the following is considered to be the GREATEST risk to information systems that results from deploying end-to-end Internet of Things (IoT) solutions?

A.

Use of 'cheap" microcontroller based sensors.

B.

Much larger attack surface than traditional IT systems.

C.

Use of proprietary networking protocols between nodes.

D.

Use of cloud based systems to collect loT data.

Question # 23

Why have MOST European countries developed specific legislation that permits police and security services to monitor communications traffic for specific purposes, such as the detection of crime?

A.

Under the European Convention of Human Rights, the interception of telecommunications represents an interference with the right to privacy.

B.

GDPR overrides all previous legislation on information handling, so new laws were needed to ensure authorities did not inadvertently break the law.

C.

Police could previously intercept without lawful authority any communications in the course of transmission through a public post or telecoms system.

D.

Surveillance of a conversation or an online message by law enforcement agents was previously illegal due to the 1950 version of the Human Rights Convention.

Question # 24

In order to maintain the currency of risk countermeasures, how often SHOULD an organisation review these risks?

A.

Once defined, they do not need reviewing.

B.

A maximum of once every other month.

C.

When the next risk audit is due.

D.

Risks remain under constant review.

Question # 25

Which of the following is a framework and methodology for Enterprise Security Architecture and Service Management?

A.

TOGAF

B.

SABSA

C.

PCI DSS.

D.

OWASP.

Question # 26

Which standards framework offers a set of IT Service Management best practices to assist organisations in aligning IT service delivery with business goals - including security goals?

A.

ITIL.

B.

SABSA.

C.

COBIT

D.

ISAGA.

Question # 27

What Is the first yet MOST simple and important action to take when setting up a new web server?

A.

Change default system passwords.

B.

Fully encrypt the hard disk.

C.

Apply hardening to all applications.

D.

Patch the OS to the latest version

Question # 28

Which term is used to describe the set of processes that analyses code to ensure defined coding practices are being followed?

A.

Quality Assurance and Control

B.

Dynamic verification.

C.

Static verification.

D.

Source code analysis.

Question # 29

What type of diagram used in application threat modeling includes malicious users as well as descriptions like mitigates and threatens?

A.

Threat trees.

B.

STRIDE charts.

C.

Misuse case diagrams.

D.

DREAD diagrams.

Question # 30

What are the different methods that can be used as access controls?

1. Detective.

2. Physical.

3. Reactive.

4. Virtual.

5. Preventive.

A.

1, 2 and 4.

B.

1, 2 and 3.

C.

1, 2 and 5.

D.

3, 4 and 5.

Go to page: