Exam Code: ISMP
Exam Name: Information Security Management Professional based on ISO/IEC 27001
Updated: Apr 20, 2024
Q&As: 30
At Passcerty.com, we pride ourselves on the comprehensive nature of our ISMP exam dumps, designed meticulously to encompass all key topics and nuances you might encounter during the real examination. Regular updates are a cornerstone of our service, ensuring that our dedicated users always have their hands on the most recent and relevant Q&A dumps. Behind every meticulously curated question and answer lies the hard work of our seasoned team of experts, who bring years of experience and knowledge into crafting these premium materials. And while we are invested in offering top-notch content, we also believe in empowering our community. As a token of our commitment to your success, we're delighted to offer a substantial portion of our resources for free practice. We invite you to make the most of the following content, and wish you every success in your endeavors.
Experience Passcerty.com exam material in PDF version.
Simply submit your e-mail address below to get started with our PDF real exam demo of your EXIN ISMP exam.
Instant download
Latest update demo according to real exam
The security manager of a global company has decided that a risk assessment needs to be completed across the company.
What is the primary objective of the risk assessment?
A. Identify, quantify and prioritize each of the business-critical assets residing on the corporate infrastructure
B. Identify, quantify and prioritize risks against criteria for risk acceptance
C. Identify, quantify and prioritize the scope of this risk assessment
D. Identify, quantify and prioritize which controls are going to be used to mitigate risk
What is a risk treatment strategy?
A. Mobile updates
B. Risk acceptance
C. Risk exclusion
D. Software installation
The information security manager is writing the Information Security Management System (ISMS) documentation. The controls that are to be implemented must be described in one of the phases of the Plan-Do-Check-Act (PDCA) cycle of the ISMS.
In which phase should these controls be described?
A. Plan
B. Do
C. Check
D. Act
A security manager just finished the final copy of a risk assessment. This assessment contains a list of identified risks and she has to determine how to treat these risks.
What is the best option for the treatment of risks?
A. Begin risk remediation immediately as the organization is currently at risk
B. Decide the criteria for determining if the risk can be accepted
C. Design appropriate controls to reduce the risk
D. Remediate the risk regardless of cost
When is revision of an employee's access rights mandatory?
A. After any position change
B. At hire
C. At least each year
D. At all moments stated in the information security policy
Viewing Page 1 of 3 pages. Download PDF or Software version with 30 questions