Exin Information Security Management Professional based on ISO/IEC 27001 Exam Practice Test

Page: 1 / 14
Total 30 questions
Question 1

What is the best way to start setting the information security controls?



Answer : C


Question 2

Security monitoring is an important control measure to make sure that the required security level is maintained. In order to realize 24/7 availability of the service, this service is outsourced to a partner in the cloud.

What should be an important control in the contract?



Answer : D


Question 3

What needs to be decided prior to considering the treatment of risks?



Answer : A


Question 4

The information security manager is writing the Information Security Management System (ISMS) documentation. The controls that are to be implemented must be described in one of the phases of the Plan-Do-

Check-Act (PDCA) cycle of the ISMS.

In which phase should these controls be described?



Answer : A


Question 5

The ambition of the security manager is to certify the organization against ISO/IEC 27001.

What is an activity in the certification program?



Answer : D


Question 6

The Board of Directors of an organization is accountable for obtaining adequate assurance.

Who should be responsible for coordinating the information security awareness campaigns?



Answer : C


Question 7

A protocol to investigate fraud by employees is being designed.

Which measure can be part of this protocol?



Answer : B


Page:    1 / 14   
Total 30 questions