Isf Sample Exam En V1.0

Sample Exam

Information Security Foundation Sample Exam

Sample Exam Information Security Foundation SECO-Institute issues the official Information Security courseware to accredited training centres where students are trained by accredited instructors. Students can take their exams at an accredited exam centre or directly at the SECO-Institute. Attending an official certification course is not a prerequisite for taking an exam. Upon successful completion of a foundation exam (with a passing score of 60%), students can claim their digital badge at the SECO-Institute.

This document provides a sample exam for you to familiarise yourself with the structure and topic areas of the current Data Protection Foundation examination. We strongly recommend you to test your knowledge before taking the actual assessment. The results of this test do not count towards your certification assessment.

Examination type • •

Computer-based 40 Multiple choice: 2,5 points per question

Time allotted for examination •

60 minutes

Examination details • • • •

Pass mark: 60% (out of 100) Open book/notes: no Electronic equipment permitted: no The Rules and Regulations for SECO-Institute examinations apply to this exam

1

Information Security Foundation Sample Exam

Questions

Question 1 What type of system ensures a coherent Information Security organisation? A. Federal Information Security Management Act (FISMA) B. Information Technology Service Management System (ITSM) C. Information Security Management System (ISMS)

Question 2 Security organisations strive to be compliant with published requirements. For which type of model can non-compliance lead to legal consequences? A. Information security standard B. Information security framework C. Information security code of conduct

Question 3 In which order is an Information Security Management System set up? A. B. C. D.

Implementation, operation, maintenance, establishment Implementation, operation, improvement, maintenance Establishment, implementation, operation, maintenance Establishment, operation, monitoring, improvement

Question 4 The DIKW model is often used to talk about information management and knowledge management. During which stage of this model do we ask ourselves 'What'?" A. B. C. D.

Data Wisdom Information Knowledge

2

Information Security Foundation Sample Exam Question 5 How are data and information related? A. Data is a collection of structured and unstructured information B. Information consists of facts and statistics collected together for reference or analysis C. When meaning and value are assigned to data, it becomes information

Question 6 Which of the following factors does NOT contribute to the value of data for an organisation? A. B. C. D.

The correctness of data The indispensability of data The importance of data for processes The content of data

Question 7 A hacker gains access to a web server and reads the credit card numbers stored on that server. Which security principle is violated? A. B. C. D.

Availability Confidentiality Integrity Authenticity

Question 8 Often, people do not pick up their prints from a shared printer. How can this affect the confidentiality of information? A. B. C. D.

Confidentiality cannot be guaranteed Integrity cannot be guaranteed Authenticity cannot be guaranteed Availability cannot be guaranteed

Question 9 Which reliability aspect of information is compromised when a staff member denies having sent a message? A. B. C. D.

Confidentiality Integrity Availability Correctness

3

Information Security Foundation Sample Exam Question 10 Which of the following is a possible event that can have a disruptive effect on the reliability of information? A. B. C. D.

Threat Risk Vulnerability Dependency

Question 11 What is the purpose of risk management? A. B. C. D.

To outline the threats to which IT resources are exposed To determine the damage caused by possible security incidents To implement measures to reduce risks to an acceptable level To determine the probability that a certain risk will occur

Question 12 What is a correct description of qualitative risk analysis? A. Use of a set of methods, principles, or rules for assessing risks based on the use of numbers B. Use of a set of methods, principles, or rules for assessing risk based on categories or levels C. A risk assessment process, together with a risk model, assessment approach, and analysis approach

Question 13 Backup media is kept in the same secure area as the servers. What risk may the organisation be exposed to? A. B. C. D.

Unauthorised persons will have access to both the servers and backups Responsibility for the backups is not defined well After a fire, the information systems cannot be restored After a server crash, it will take extra time to bring it back up again

Question 14 Which of the following is a human threat? A. B. C. D.

Use of a jump-drive causes a virus infection The server room contains too much dust Lightning strikes the data centre New legislation means that from now on personal data is compromised

4

Information Security Foundation Sample Exam Question 15 Someone from a large tech company calls you on behalf of your company to check the health of your PC, and therefore needs your user-id and password. What type of threat is this? A. B. C. D.

Social engineering threat Organisational threat Technical threat Malware threat

Question 16 What type of malware results in a network of contaminated internet connected devices? A. B. C. D.

Worm Trojan Spyware Botnet

Question 17 Which of the following is an example of indirect damage caused by fire? A. B. C. D.

Damage caused by the sprinkler installation Burnt computer network equipment Melted backup media Damage caused by the heat of the fire

Question 18 After carrying out risk analysis, you now want to determine your risk strategy. You decide to take measures for the large risks but not for the small risks. What is this risk strategy called? A. B. C. D.

Risk neutral Risk bearing Risk hungry Risk avoiding

5

Information Security Foundation Sample Exam Question 19 What is the purpose of an Information Security policy? A. An information security policy makes the security plan concrete by providing the necessary details B. An information security policy provides insight into threats and the possible consequences C. An information security policy provides direction and support to the management regarding information security D. An information security policy documents the analysis of risks and the search for countermeasures

Question 20 A security officer finds a virus-infected workstation. The infection was caused by a targeted phishing mail. How can this type of threat best be avoided in the future? A. B. C. D.

By installing MAC-proofing measures on the network. By updating the firewall software. By introducing a new risk strategy. By starting an awareness campaign

Question 21 A manager discovers that staff regularly use the corporate email system to send personal messages. How can this type of use best be regulated? A. B. C. D.

Implementing a code of practice Implementing privacy regulations Installing a monitoring system Drafting a code of conduct

Question 22 After a devastating office fire, all staff are moved to other branches of the company. At what moment in the incident management process is this measure effectuated? A. B. C. D.

Between incident and damage Between detection and classification Between recovery and normal operations Between classification and escalation

6

Information Security Foundation Sample Exam Question 23 A member of staff discovers that unauthorised changes were made to her work. She calls the helpdesk, and is asked to provide the following information: date/time, description of the event, consequences of the event. What essential piece of information is still missing to help solve the incident? A. B. C. D.

Name and position Name of caller PC identification tag List of informed people

Question 24 What type of measure involves the stopping of possible consequences of security incidents? A. B. C. D.

Corrective Detective Repressive Preventive

Question 25 What is a reason for the classification of information? A. To provide clear identification tags B. To structure the information according to its sensitivity C. Creating a manual describing the BYOD policy

Question 26 Which role is authorised to change the classification of a document? A. B. C. D.

Author Manager Owner Administrator

Question 27 Which of the following is a preventive security measure? A. Installing logging and monitoring software B. Shutting down the Internet connection after an attack C. Storing sensitive information in a data save

7

Information Security Foundation Sample Exam Question 28 After a fire has occurred, what repressive measure can be taken? A. Extinguishing the fire after the fire alarm sounds B. Buying in a proper fire insurance policy C. Repairing all systems after the fire

Question 29 A computer room is protected by a biometric identity system in which only system administrators are registered. What type of security measure is this? A. B. C. D.

Organisational threat Physical Technical Repressive

Question 30 In physical security, protection rings with dedicated measures (different levels, etc.) can be applied. Within which ring are the working spaces situated? A. B. C. D.

Internal Public Object Sensitive

Question 31 As a new member of the IT department you have noticed that confidential information has been leaked several times. This may damage the reputation of the company. You have been asked to propose an organisational measure to protect laptop computers. What is the first step in a structured approach to come up with this measure? A. B. C. D.

Appoint security staff Encrypt all sensitive information Formulate a policy Set up an access control procedure

Question 32 Which of the following is a technical security measure? A. B. C. D.

Encryption Security policy Safe storage of backups User role profiles. 8

Information Security Foundation Sample Exam Question 33 Which threat could occur if no physical measures are taken? A. B. C. D.

Unauthorised persons viewing sensitive files Confidential prints being left on the printer A server shutting down because of overheating Hackers entering the corporate network

Question 34 In what part of the process to grant access to a system does the user present a token? A. B. C. D.

Authorisation Verification Authentication Identification

Question 35 What is the security management term for establishing whether someone's identity is correct? A. B. C. D.

Identification Authentication Authorisation Verification

Question 36 Why do we need to test a disaster recovery plan regularly, and keep it up to date? A. Otherwise the measures taken and the incident procedures planned may not be adequate B. Otherwise it is no longer up to date with the registration of daily occurring faults C. Otherwise remotely stored backups may no longer be available to the security team

Question 37 What type of compliancy standard, regulation or legislation provides a code of practice for information security? A. B. C. D.

ISO/IEC 27002 Personal data protection act Computer criminality act IT Service Management

9

Information Security Foundation Sample Exam Question 38 On the basis of which type of legislation can someone request to inspect the data that has been registered about them? * A. B. C. D.

Public records act Computer criminality act Personal data protection act Intellectual property act

Question 39 What is a definition of compliance? A. B. C. D.

Laws, considered collectively or the process of making or enacting laws The state or fact of according with or meeting rules or standards An official or authoritative instruction A rule or directive made and maintained by an authority.

Question 40 What type of legislation requires a proper controlled purchase process? A. B. C. D.

Personal data protection act Computer criminality act Government information act Intellectual property rights act

10

Information Security Foundation Sample Exam

Answers

Question

Answer Explanation

1

C

2

A

3

C

4

C

5

C

6 7

D B

8

A

9

B

10

A

11 12

C B

13

C

14 15 16 17 18 19 20

A A D A B C D

21

D

22

A

23

A

24 25 26 27 28

C B C C A

The ISMS is described in ISO/IEC 27001. (Chapter 3) A standard formulates formal requirements which are sometimes enforced by laws. ISMS : Establishing , implementing, operating, monitoring , reviewing, maintaining and improving a documented ISMS within the context of the overall business risks to the organization. Information: Who, what, when, where Information is data that has a meaning (within a certain context) for its receiver. The content of data does not determine its value. The hacker was able to read the file (confidentiality) The information can be read by non-authorised persons, which means that the confidentiality is compromised. Denial of sending a message concerns non-repudiation, this is a threat to integrity. A threat is a possible event that can have a disruptive effect on the reliability of information. The purpose of risk management is to reduce risks to an acceptable level. The qualitative approach is non-numerical. The tapes are secure, but can be lost together with the systems leaving no backup at all. Using the jump-drive is a human threat. The devices become net-enabled robots, hence botnet. The sprinkler installation going off is a side effect of the fire. Certain risks are accepted as a fact of life. This problem needs an organisational measure. A code of conduct is how this can be regulated. E.g. permitting use during lunch breaks, or completely banning this type of use. This measure, stand-by arrangement, is taken to mitigate further damage to the organisation. Staff can now continue their work. Without logging the caller, no follow-up actions can be taken. The name is connected to other essential information like position, department, authorisations, etc. Repressive Classification is used to define different levels within the group. Only the owner (asset owner) is allowed to do this. The other two are detective and repressive respectively. This repressive measure minimizes the damage caused by the fire. 11

Information Security Foundation Sample Exam 29 30

B D

31

C

32

A

33

C

34

D

35 36

B A

37

A

38 39

C B

40

D

This is a physical security measure. Working spaces are situated within the sensitive ring. Formulating a policy on the correct use of company computer assets is the first step. Encryption is a technical measure. Physical security includes the protection of equipment through climate control. Identification is the first step in the process to grant access. In identification, the person or system presents a token, for example a key, username or password Authentication is the process of establishing confidence of authenticity. Major disruptions need an up-to-date and proven plan to be effective. ISO/IEC 27002; Information technology -- Security techniques -- Code of practice for information security controls Personal data protection act(s). See: ISF module 06, Section ‘Legislation and Regulations’ IPR controls include: - Policies - Controlled purchase process - Creating and maintaining awareness - Asset registers which include IPR information - Etc.

12

Information Security Foundation Sample Exam

How to book your exam? All our exams are delivered through an online examination system called ProctorU. To enrol for an exam, go to: https://www.seco-institute.org/certification-exams/how-to-book-exam/ Make sure you are fully prepared. Use the ProctorU Preparation checklist to assess whether you are ready to take the exam. Review the examination rules at https://www.seco-institute.org/html/filesystem/storeFolder/10/Rules-and-Regulations-for-SECOInstitute-Examinations-2017-11.pdf

Digital badges SECO-Institute and digital badge provider Acclaim have partnered to provide certification holders with a digital badge of their SECOInstitute certification. Digital badges can be used in email signatures as well as on personal websites, social media sites such as LinkedIn and Twitter, and electronic copies of resumes. Digital badges help certification holders convey employers, potential employers and interested parties the skills they have acquired to earn and maintain a specialised certification. SECO-Institute doesn’t issue certification titles for Foundation courses. However, upon successful completion of your Foundation exam, you can claim your digital badge free of charge at the SECO-Institute. https://www.seco-institute.org/claim-your-foundation-badge

13

Information Security Foundation Sample Exam

ISF-Sample Exam-EN-v1.0

14