• Home
  • Articles
  • NEW 2022 Certification Sample Questions ISMP Dumps & Practice Exam [Q11-Q32]

NEW 2022 Certification Sample Questions ISMP Dumps & Practice Exam [Q11-Q32]

Share

NEW 2022 Certification Sample Questions ISMP Dumps & Practice Exam

ISMP Deluxe Study Guide with Online Test Engine

NEW QUESTION 11
The Board of Directors of an organization is accountable for obtaining adequate assurance.
Who should be responsible for coordinating the information security awareness campaigns?

  • A. The security manager
  • B. The Board of Directors
  • C. The user
  • D. The operational manager

Answer: A

 

NEW QUESTION 12
A security manager for a large company has the task to achieve physical protection for corporate data stores.
Through which control can physical protection be achieved?

  • A. Using access control lists to prevent logical access to organizational infrastructure
  • B. Using a firewall to prevent access to the network infrastructure
  • C. Having visitors sign in and out of the corporate datacenter
  • D. Using key access controls for employees needing access

Answer: D

 

NEW QUESTION 13
What is a risk treatment strategy?

  • A. Risk exclusion
  • B. Mobile updates
  • C. Software installation
  • D. Risk acceptance

Answer: D

 

NEW QUESTION 14
The ambition of the security manager is to certify the organization against ISO/IEC 27001.
What is an activity in the certification program?

  • A. Perform a risk assessment of the secure internet connectivity architecture of the datacenter
  • B. Implement the security baselines in Secure Systems Development Life Cycle (SecSDLC)
  • C. Produce a Statement of Applicability based on risk assessments
  • D. Formulate the security requirements in the outsourcing contracts

Answer: C

 

NEW QUESTION 15
Security monitoring is an important control measure to make sure that the required security level is maintained. In order to realize 24/7 availability of the service, this service is outsourced to a partner in the cloud.
What should be an important control in the contract?

  • A. Your IT auditor has the right to audit the external party's service management processes.
  • B. The third party is certified against ISO/IEC 27001.
  • C. The network communication channel is secured by using encryption.
  • D. The third party is certified for adhering to privacy protection controls.

Answer: A

 

NEW QUESTION 16
What is the best way to start setting the information security controls?

  • A. Resort back to the default factory standards
  • B. Implement the security measures as prescribed by a risk analysis tool
  • C. Use a standard security baseline

Answer: C

 

NEW QUESTION 17
When is revision of an employee's access rights mandatory?

  • A. After any position change
  • B. At hire
  • C. At least each year
  • D. At all moments stated in the information security policy

Answer: D

 

NEW QUESTION 18
The information security architect of a large service provider advocates an open design of the security architecture, as opposed to a secret design.
What is her main argument for this choice?

  • A. Open designs are easily configured.
  • B. Open designs have more functionality.
  • C. Open designs are tested extensively.

Answer: C

 

NEW QUESTION 19
A risk manager is asked to perform a complete risk assessment for a company.
What is the best method to identify most of the threats to the company?

  • A. Interview top management
  • B. Send a checklist for threat identification to all staff involved in information security
  • C. Have a brainstorm with representatives of all stakeholders

Answer: C

 

NEW QUESTION 20
The security manager of a global company has decided that a risk assessment needs to be completed across the company.
What is the primary objective of the risk assessment?

  • A. Identify, quantify and prioritize which controls are going to be used to mitigate risk
  • B. Identify, quantify and prioritize risks against criteria for risk acceptance
  • C. Identify, quantify and prioritize each of the business-critical assets residing on the corporate infrastructure
  • D. Identify, quantify and prioritize the scope of this risk assessment

Answer: B

 

NEW QUESTION 21
Zoning is a security control to separate physical areas with different security levels. Zones with higher security levels can be secured by more controls. The facility manager of a conference center is responsible for security.
What combination of business functions should be combined into one security zone?

  • A. Meeting rooms and Human Resource rooms
  • B. Computer room and storage facility
  • C. Boardroom and general office space
  • D. Lobby and public restaurant

Answer: D

 

NEW QUESTION 22
When should information security controls be considered?

  • A. After the risk assessment
  • B. At the kick-off meeting
  • C. During the risk assessment work
  • D. As part of the scoping meeting

Answer: A

 

NEW QUESTION 23
......

ISMP dumps review - Professional Quiz Study Materials: https://freedumps.validvce.com/ISMP-exam-collection.html

Related Articles

more
EXIN ISMP Certification Practice Exam

We are dedicated in providing the most reliable and latest vce dumps for certification exam, our valid dumps and free vce files will guarantee you pass test 100%.

Latest VCE Dumps

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 ValidVCE NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy