Select the controls that correspond to the domain "9. ACCESS CONTROL" of ISO / 27002 (Choose three)

A. Restriction of access to information

B. Return of assets

C. Management of access rights with special privileges

D. Withdrawal or adaptation of access rights

A company moves into a new building. A few weeks after the move, a visitor appears unannounced in the

office of the director. An investigation shows that visitors passes grant the same access as the passes of

the company's staff.

Which kind of security measure could have prevented this?

A. physical security measure

B. An organizational security measure

C. A technical security measure

What is the best description of a risk analysis?

A. A risk analysis is a method of mapping risks without looking at company processes.

B. A risk analysis helps to estimate the risks and develop the appropriate security measures.

C. A risk analysis calculates the exact financial consequences of damages.

Which of the following measures is a corrective measure?

A. Incorporating an Intrusion Detection System (IDS) in the design of a computer center

B. Installing a virus scanner in an information system

C. Making a backup of the data that has been created or altered that day

D. Restoring a backup of the correct database after a corrupt copy of the database was written over the original

Which of the following measures is a preventive measure?

A. Installing a logging system that enables changes in a system to be recognized

B. Shutting down all internet traffic after a hacker has gained access to the company systems

C. Putting sensitive information in a safe

D. Classifying a risk as acceptable because the cost of addressing the threat is higher than the value of the information at risk