You are the lead auditor of the courier company SpeeDelivery. You have carried out a risk analysis and now want to determine your risk strategy. You decide to take measures for the large risks but not for the small risks.
What is this risk strategy called?

• A.Risk avoidance
• B.Risk neutral
• C.Risk bearing
• D.Risk skipping

Comment: *

Name: *

Email: *

Verification: *

You receive an E-mail from some unknown person claiming to be representative of your bank and asking for your account number and password so that they can fix your account. Such an attempt of social engineering is called

• A.Shoulder Surfing
• B.Spoofing
• C.Phishing
• D.Mountaineering

Comment: *

Name: *

Email: *

Verification: *

How is the purpose of information security policy best described?

• A.An information security policy documents the analysis of risks and the search for countermeasures.
• B.An information security policy makes the security plan concrete by providing it with the necessary details.
• C.An information security policy provides insight into threats and the possible consequences.
• D.An information security policy provides direction and support to the management regarding information security.

Comment: *

Name: *

Email: *

Verification: *

What is a repressive measure in case of a fire?

• A.Putting out a fire after it has been detected by a fire detector
• B.Repairing damage caused by the fire
• C.Taking out a fire insurance

Comment: *

Name: *

Email: *

Verification: *

What would be the reference for you to know who should have access to data/document?

• A.Access Control List (ACL)
• B.Masterlist of Project Records (MLPR)
• C.Information Rights Management (IRM)
• D.Data Classification Label

Comment: *

Name: *

Email: *

Verification: *