Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

Midwest Insurance grades the monthly report of all claimed losses per insured as confidential. What is accomplished if all other reports from this insurance office are also assigned the appropriate grading?

A.

The costs for automating are easier to charge to the responsible departments.

B.

A determination can be made as to which report should be printed first and which ones can wait a little longer.

C.

Everyone can easily see how sensitive the reports' contents are by consulting the grading label.

D.

Reports can be developed more easily and with fewer errors.

You are the owner of a growing company, SpeeDelivery, which provides courier services. You decide that it is time to draw up a risk analysis for your information system. This includes an inventory of threats and risks. What is the relation between a threat, risk and risk analysis?

A.

A risk analysis identifies threats from the known risks.

B.

A risk analysis is used to clarify which threats are relevant and what risks they involve.

C.

A risk analysis is used to remove the risk of a threat.

D.

Risk analyses help to find a balance between threats and risks.

What is the greatest risk for an organization if no information security policy has been defined?

A.

If everyone works with the same account, it is impossible to find out who worked on what.

B.

Information security activities are carried out by only a few people.

C.

Too many measures are implemented.

D.

It is not possible for an organization to implement information security in a consistent manner.

Select risk control activities for domain "10. Encryption" of ISO / 27002: 2013 (Choose two)

A.

Work in safe areas

B.

Cryptographic Controls Use Policy

C.

Physical security perimeter

D.

Key management

Select the controls that correspond to the domain "9. ACCESS CONTROL" of ISO / 27002 (Choose three)

A.

Restriction of access to information

B.

Return of assets

C.

Management of access rights with special privileges

D.

Withdrawal or adaptation of access rights