Available Number of Questions: Maximum of
30 Questions
Exam Name: Information Security Management Professional based on ISO/IEC 27001
Related Certification(s):
Exin Information Security Management Certification
Exin ISMP Exam Topics - You’ll Be Tested in Actual Exam
The EXIN Information Security Management Professional (ISMP) exam is a comprehensive assessment designed to evaluate your knowledge and skills in information security management. This exam covers a wide range of topics, including information security governance, risk management, security architecture, and more. By passing this exam, you can demonstrate your expertise in implementing and maintaining effective information security practices within an organization. The ISMP exam consists of 40 multiple-choice questions, with a time limit of 120 minutes. To prepare effectively, it is essential to understand the key topics covered. These include developing and implementing an information security strategy, identifying and managing risks, establishing security policies and procedures, and ensuring compliance with relevant regulations. Additionally, the exam assesses your ability to select and implement appropriate security controls, monitor and evaluate security measures, and respond to security incidents. By familiarizing yourself with these topics and practicing with sample questions, you can enhance your chances of success.
Exin ISMP Exam Short Quiz
Attempt this Exin ISMP exam quiz to self-assess your preparation for the actual Exin Information Security Management Professional based on ISO/IEC 27001 exam. CertBoosters also provides premium Exin ISMP exam questions to pass the Exin Information Security Management Professional based on ISO/IEC 27001 exam in the shortest possible time. Be sure to try our free practice exam software for the Exin ISMP exam.
1of 0 questions |
Exin ISMP Exam Quiz
✓ 0 answered
🔖 0 bookmarked
ExinISMP
Q1:
What is the best way to start setting the information security controls?
○
AImplement the security measures as prescribed by a risk analysis tool
○
BResort back to the default factory standards
○
CUse a standard security baseline
ExinISMP
Q2:
Security monitoring is an important control measure to make sure that the required security level is maintained. In order to realize 24/7 availability of the service, this service is outsourced to a partner in the cloud.
What should be an important control in the contract?
○
AThe network communication channel is secured by using encryption.
○
BThe third party is certified against ISO/IEC 27001.
○
CThe third party is certified for adhering to privacy protection controls.
○
DYour IT auditor has the right to audit the external party's service management processes.
ExinISMP
Q3:
What needs to be decided prior to considering the treatment of risks?
○
ACriteria for determining whether or not the risk can be accepted
○
BHow to apply appropriate controls to reduce the risks
○
CMitigation plans
○
DThe development of own guidelines
ExinISMP
Q4:
The information security manager is writing the Information Security Management System (ISMS) documentation. The controls that are to be implemented must be described in one of the phases of the Plan-Do-
Check-Act (PDCA) cycle of the ISMS.
In which phase should these controls be described?
○
APlan
○
BDo
○
CCheck
○
DAct
ExinISMP
Q5:
The ambition of the security manager is to certify the organization against ISO/IEC 27001.
What is an activity in the certification program?
○
AFormulate the security requirements in the outsourcing contracts
○
BImplement the security baselines in Secure Systems Development Life Cycle (SecSDLC)
○
CPerform a risk assessment of the secure internet connectivity architecture of the datacenter
○
DProduce a Statement of Applicability based on risk assessments
