• Home
  • Articles
  • Pass ISMP Exam in First Attempt Guaranteed 2021 Dumps! [Q10-Q28]

Pass ISMP Exam in First Attempt Guaranteed 2021 Dumps! [Q10-Q28]

Share

Pass ISMP Exam in First Attempt Guaranteed 2021 Dumps!

ISMP Dumps Full Questions - Exam Study Guide

NEW QUESTION 10
In a company the IT strategy is migrating towards a Service Oriented Architecture (SOA) so that migrating to the cloud is better feasible in the future. The security architect is asked to make a first draft of the security architecture.
Which elements should the security architect draft?

  • A. Management and control of the security services
  • B. The information security policy, the risk assessment and the controls in the security services
  • C. Which security services are provided and in which supporting architectures are they defined

Answer: C

 

NEW QUESTION 11
What needs to be decided prior to considering the treatment of risks?

  • A. How to apply appropriate controls to reduce the risks
  • B. Mitigation plans
  • C. The development of own guidelines
  • D. Criteria for determining whether or not the risk can be accepted

Answer: D

 

NEW QUESTION 12
What is the best way to start setting the information security controls?

  • A. Implement the security measures as prescribed by a risk analysis tool
  • B. Use a standard security baseline
  • C. Resort back to the default factory standards

Answer: B

 

NEW QUESTION 13
What is a key item that must be kept in mind when designing an enterprise-wide information security program?

  • A. Determine controls in the light of specific risks an organization is facing
  • B. Put an enterprise-wide network and Host-Based Intrusion Detection and Prevention System (Host-Based IDPS) into place as soon as possible
  • C. Put an incident management and log file analysis program in place immediately
  • D. When defining controls follow an approach and framework that is consistent with organizational culture

Answer: A

 

NEW QUESTION 14
An experienced security manager is well aware of the risks related to communication over the internet. She also knows that Public Key Infrastructure (PKI) can be used to keep e-mails between employees confidential.
Which is the main risk of PKI?

  • A. The HR department wants to be a Registration Authority (RA).
  • B. The Certificate Authority (CA) is hacked.
  • C. The users lose their public keys.
  • D. The certificate is invalid because it is on a Certificate Revocation List.

Answer: B

 

NEW QUESTION 15
Zoning is a security control to separate physical areas with different security levels. Zones with higher security levels can be secured by more controls. The facility manager of a conference center is responsible for security.
What combination of business functions should be combined into one security zone?

  • A. Boardroom and general office space
  • B. Computer room and storage facility
  • C. Lobby and public restaurant
  • D. Meeting rooms and Human Resource rooms

Answer: C

 

NEW QUESTION 16
Which security item is designed to take collections of data from multiple computers?

  • A. Network-Based Intrusion Detection and Prevention System (Network-Based IDPS)
  • B. Host-Based Intrusion Detection and Prevention System (Host-Based IDPS)
  • C. Firewall
  • D. Virtual Private Network (VPN)

Answer: A

 

NEW QUESTION 17
A protocol to investigate fraud by employees is being designed.
Which measure can be part of this protocol?

  • A. Put a phone tap on the employee's business phone
  • B. Investigate the contents of the workstation of the employee
  • C. Seize and investigate the private laptop of the employee
  • D. Investigate the private mailbox of the employee

Answer: B

 

NEW QUESTION 18
The information security manager is writing the Information Security Management System (ISMS) documentation. The controls that are to be implemented must be described in one of the phases of the Plan-Do- Check-Act (PDCA) cycle of the ISMS.
In which phase should these controls be described?

  • A. Do
  • B. Check
  • C. Plan
  • D. Act

Answer: C

 

NEW QUESTION 19
A security manager for a large company has the task to achieve physical protection for corporate data stores.
Through which control can physical protection be achieved?

  • A. Using key access controls for employees needing access
  • B. Using access control lists to prevent logical access to organizational infrastructure
  • C. Using a firewall to prevent access to the network infrastructure
  • D. Having visitors sign in and out of the corporate datacenter

Answer: A

 

NEW QUESTION 20
What is a risk treatment strategy?

  • A. Software installation
  • B. Risk exclusion
  • C. Mobile updates
  • D. Risk acceptance

Answer: D

 

NEW QUESTION 21
A risk manager is asked to perform a complete risk assessment for a company.
What is the best method to identify most of the threats to the company?

  • A. Interview top management
  • B. Have a brainstorm with representatives of all stakeholders
  • C. Send a checklist for threat identification to all staff involved in information security

Answer: B

 

NEW QUESTION 22
......

Information Security Management  Free Certification Exam Material from TestkingPDF with 31 Questions: https://www.testkingpdf.com/ISMP-testking-pdf-torrent.html

Related Articles

more
EXIN ISMP Certification Practice Exam

All our valid test online materials with stable pass king provided by us are edited by skilled experts in this field. The key points and prepare of latest PDF dumps for most the certifications will help you prepare easily for your test.

Tags

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 TestkingPDF NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy

Disclaimer:
TestkingPDF doesn't offer Real (ISC)² Exam Questions.
TestkingPDF doesn't offer Real CompTIA Exam Questions.
Oracle and Java are registered trademarks of Oracle and/or its affiliates
TestkingPDF material do not contain actual actual Oracle Exam Questions or material.
TestkingPDF doesn't offer Real Microsoft Exam Questions.
Microsoft®, Azure®, Windows®, Windows Vista®, and the Windows logo are registered trademarks of Microsoft Corporation
TestkingPDF Materials do not contain actual questions and answers from Cisco's Certification Exams. The brand Cisco is a registered trademark of CISCO, Inc
CFA Institute does not endorse, promote or warrant the accuracy or quality of these questions. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
TestkingPDF does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. TestkingPDF does not own or claim any ownership on any of the brands.