Exam Code: ISMP
Exam Name: Information Security Management Professional based on ISO/IEC 27001
Updated: Apr 28, 2024
Q&As: 30
At Passcerty.com, we pride ourselves on the comprehensive nature of our ISMP exam dumps, designed meticulously to encompass all key topics and nuances you might encounter during the real examination. Regular updates are a cornerstone of our service, ensuring that our dedicated users always have their hands on the most recent and relevant Q&A dumps. Behind every meticulously curated question and answer lies the hard work of our seasoned team of experts, who bring years of experience and knowledge into crafting these premium materials. And while we are invested in offering top-notch content, we also believe in empowering our community. As a token of our commitment to your success, we're delighted to offer a substantial portion of our resources for free practice. We invite you to make the most of the following content, and wish you every success in your endeavors.
Experience Passcerty.com exam material in PDF version.
Simply submit your e-mail address below to get started with our PDF real exam demo of your EXIN ISMP exam.
Instant download
Latest update demo according to real exam
Security monitoring is an important control measure to make sure that the required security level is maintained. In order to realize 24/7 availability of the service, this service is outsourced to a partner in the cloud.
What should be an important control in the contract?
A. The network communication channel is secured by using encryption.
B. The third party is certified against ISO/IEC 27001.
C. The third party is certified for adhering to privacy protection controls.
D. Your IT auditor has the right to audit the external party's service management processes.
What is a risk treatment strategy?
A. Mobile updates
B. Risk acceptance
C. Risk exclusion
D. Software installation
The information security manager is writing the Information Security Management System (ISMS) documentation. The controls that are to be implemented must be described in one of the phases of the Plan-Do-Check-Act (PDCA) cycle of the ISMS.
In which phase should these controls be described?
A. Plan
B. Do
C. Check
D. Act
A security manager just finished the final copy of a risk assessment. This assessment contains a list of identified risks and she has to determine how to treat these risks.
What is the best option for the treatment of risks?
A. Begin risk remediation immediately as the organization is currently at risk
B. Decide the criteria for determining if the risk can be accepted
C. Design appropriate controls to reduce the risk
D. Remediate the risk regardless of cost
When is revision of an employee's access rights mandatory?
A. After any position change
B. At hire
C. At least each year
D. At all moments stated in the information security policy
Viewing Page 2 of 3 pages. Download PDF or Software version with 30 questions