Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

GAQM ISO-IEC-LI - ISO / IEC 27002 - Lead Implementer

GAQM ISO-IEC-LI Premium Access     Download Demo    
Page: 2 / 2
Total 50 questions

The company Midwest Insurance has taken many measures to protect its information. It uses an Information Security Management System, the input and output of data in applications is validated, confidential documents are sent in encrypted form and staff use tokens to access information systems. Which of these is not a technical measure?

A.

Information Security Management System

B.

The use of tokens to gain access to information systems

C.

Validation of input and output data in applications

D.

Encryption of information

What is the most important reason for applying the segregation of duties?

A.

Segregation of duties makes it clear who is responsible for what.

B.

Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.

C.

Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.

D.

Segregation of duties makes it easier for a person who is ready with his or her part of the work to take time off or to take over the work of another person.

What is the best description of a risk analysis?

A.

A risk analysis is a method of mapping risks without looking at company processes.

B.

A risk analysis helps to estimate the risks and develop the appropriate security measures.

C.

A risk analysis calculates the exact financial consequences of damages.

What should be used to protect data on removable media if data confidentiality or integrity are important considerations?

A.

backup on another removable medium

B.

cryptographic techniques

C.

a password

D.

logging

Midwest Insurance grades the monthly report of all claimed losses per insured as confidential. What is accomplished if all other reports from this insurance office are also assigned the appropriate grading?

A.

The costs for automating are easier to charge to the responsible departments.

B.

A determination can be made as to which report should be printed first and which ones can wait a little longer.

C.

Everyone can easily see how sensitive the reports' contents are by consulting the grading label.

D.

Reports can be developed more easily and with fewer errors.