SlideShare a Scribd company logo

SECO 406100422-ISF-Sample-Exam-en-v1-0.pdf

J
JohnRicos

IT ISO

1 of 15
Download to read offline
Sample Exam
Information Security Foundation Sample Exam 1 Sample Exam Information Security Foundation SECO-Institute issues the official Information Security courseware to accredited training centres where students are trained by accredited instructors. Students can take their exams at an accredited exam centre or directly at the SECO-Institute. Attending an official certification course is not a prerequisite for taking an exam. Upon successful completion of a foundation exam (with a passing score of 60%), students can claim their digital badge at the SECO-Institute. This document provides a sample exam for you to familiarise yourself with the structure and topic areas of the current Data Protection Foundation examination. We strongly recommend you to test your knowledge before taking the actual assessment. The results of this test do not count towards your certification assessment. Examination type • Computer-based • 40 Multiple choice: 2,5 points per question Time allotted for examination • 60 minutes Examination details • Pass mark: 60% (out of 100) • Open book/notes: no • Electronic equipment permitted: no • The Rules and Regulations for SECO-Institute examinations apply to this exam
Information Security Foundation Sample Exam 2 Questions Question 1 What type of system ensures a coherent Information Security organisation? A. Federal Information Security Management Act (FISMA) B. Information Technology Service Management System (ITSM) C. Information Security Management System (ISMS) Question 2 Security organisations strive to be compliant with published requirements. For which type of model can non-compliance lead to legal consequences? A. Information security standard B. Information security framework C. Information security code of conduct Question 3 In which order is an Information Security Management System set up? A. Implementation, operation, maintenance, establishment B. Implementation, operation, improvement, maintenance C. Establishment, implementation, operation, maintenance D. Establishment, operation, monitoring, improvement Question 4 The DIKW model is often used to talk about information management and knowledge management. During which stage of this model do we ask ourselves 'What'?" A. Data B. Wisdom C. Information D. Knowledge
Information Security Foundation Sample Exam 3 Question 5 How are data and information related? A. Data is a collection of structured and unstructured information B. Information consists of facts and statistics collected together for reference or analysis C. When meaning and value are assigned to data, it becomes information Question 6 Which of the following factors does NOT contribute to the value of data for an organisation? A. The correctness of data B. The indispensability of data C. The importance of data for processes D. The content of data Question 7 A hacker gains access to a web server and reads the credit card numbers stored on that server. Which security principle is violated? A. Availability B. Confidentiality C. Integrity D. Authenticity Question 8 Often, people do not pick up their prints from a shared printer. How can this affect the confidentiality of information? A. Confidentiality cannot be guaranteed B. Integrity cannot be guaranteed C. Authenticity cannot be guaranteed D. Availability cannot be guaranteed Question 9 Which reliability aspect of information is compromised when a staff member denies having sent a message? A. Confidentiality B. Integrity C. Availability D. Correctness
Information Security Foundation Sample Exam 4 Question 10 Which of the following is a possible event that can have a disruptive effect on the reliability of information? A. Threat B. Risk C. Vulnerability D. Dependency Question 11 What is the purpose of risk management? A. To outline the threats to which IT resources are exposed B. To determine the damage caused by possible security incidents C. To implement measures to reduce risks to an acceptable level D. To determine the probability that a certain risk will occur Question 12 What is a correct description of qualitative risk analysis? A. Use of a set of methods, principles, or rules for assessing risks based on the use of numbers B. Use of a set of methods, principles, or rules for assessing risk based on categories or levels C. A risk assessment process, together with a risk model, assessment approach, and analysis approach Question 13 Backup media is kept in the same secure area as the servers. What risk may the organisation be exposed to? A. Unauthorised persons will have access to both the servers and backups B. Responsibility for the backups is not defined well C. After a fire, the information systems cannot be restored D. After a server crash, it will take extra time to bring it back up again Question 14 Which of the following is a human threat? A. Use of a jump-drive causes a virus infection B. The server room contains too much dust C. Lightning strikes the data centre D. New legislation means that from now on personal data is compromised
Information Security Foundation Sample Exam 5 Question 15 Someone from a large tech company calls you on behalf of your company to check the health of your PC, and therefore needs your user-id and password. What type of threat is this? A. Social engineering threat B. Organisational threat C. Technical threat D. Malware threat Question 16 What type of malware results in a network of contaminated internet connected devices? A. Worm B. Trojan C. Spyware D. Botnet Question 17 Which of the following is an example of indirect damage caused by fire? A. Damage caused by the sprinkler installation B. Burnt computer network equipment C. Melted backup media D. Damage caused by the heat of the fire Question 18 After carrying out risk analysis, you now want to determine your risk strategy. You decide to take measures for the large risks but not for the small risks. What is this risk strategy called? A. Risk neutral B. Risk bearing C. Risk hungry D. Risk avoiding
Information Security Foundation Sample Exam 6 Question 19 What is the purpose of an Information Security policy? A. An information security policy makes the security plan concrete by providing the necessary details B. An information security policy provides insight into threats and the possible consequences C. An information security policy provides direction and support to the management regarding information security D. An information security policy documents the analysis of risks and the search for countermeasures Question 20 A security officer finds a virus-infected workstation. The infection was caused by a targeted phishing mail. How can this type of threat best be avoided in the future? A. By installing MAC-proofing measures on the network. B. By updating the firewall software. C. By introducing a new risk strategy. D. By starting an awareness campaign Question 21 A manager discovers that staff regularly use the corporate email system to send personal messages. How can this type of use best be regulated? A. Implementing a code of practice B. Implementing privacy regulations C. Installing a monitoring system D. Drafting a code of conduct Question 22 After a devastating office fire, all staff are moved to other branches of the company. At what moment in the incident management process is this measure effectuated? A. Between incident and damage B. Between detection and classification C. Between recovery and normal operations D. Between classification and escalation
Information Security Foundation Sample Exam 7 Question 23 A member of staff discovers that unauthorised changes were made to her work. She calls the helpdesk, and is asked to provide the following information: date/time, description of the event, consequences of the event. What essential piece of information is still missing to help solve the incident? A. Name and position B. Name of caller C. PC identification tag D. List of informed people Question 24 What type of measure involves the stopping of possible consequences of security incidents? A. Corrective B. Detective C. Repressive D. Preventive Question 25 What is a reason for the classification of information? A. To provide clear identification tags B. To structure the information according to its sensitivity C. Creating a manual describing the BYOD policy Question 26 Which role is authorised to change the classification of a document? A. Author B. Manager C. Owner D. Administrator Question 27 Which of the following is a preventive security measure? A. Installing logging and monitoring software B. Shutting down the Internet connection after an attack C. Storing sensitive information in a data save
Information Security Foundation Sample Exam 8 Question 28 After a fire has occurred, what repressive measure can be taken? A. Extinguishing the fire after the fire alarm sounds B. Buying in a proper fire insurance policy C. Repairing all systems after the fire Question 29 A computer room is protected by a biometric identity system in which only system administrators are registered. What type of security measure is this? A. Organisational threat B. Physical C. Technical D. Repressive Question 30 In physical security, protection rings with dedicated measures (different levels, etc.) can be applied. Within which ring are the working spaces situated? A. Internal B. Public C. Object D. Sensitive Question 31 As a new member of the IT department you have noticed that confidential information has been leaked several times. This may damage the reputation of the company. You have been asked to propose an organisational measure to protect laptop computers. What is the first step in a structured approach to come up with this measure? A. Appoint security staff B. Encrypt all sensitive information C. Formulate a policy D. Set up an access control procedure Question 32 Which of the following is a technical security measure? A. Encryption B. Security policy C. Safe storage of backups D. User role profiles.
Information Security Foundation Sample Exam 9 Question 33 Which threat could occur if no physical measures are taken? A. Unauthorised persons viewing sensitive files B. Confidential prints being left on the printer C. A server shutting down because of overheating D. Hackers entering the corporate network Question 34 In what part of the process to grant access to a system does the user present a token? A. Authorisation B. Verification C. Authentication D. Identification Question 35 What is the security management term for establishing whether someone's identity is correct? A. Identification B. Authentication C. Authorisation D. Verification Question 36 Why do we need to test a disaster recovery plan regularly, and keep it up to date? A. Otherwise the measures taken and the incident procedures planned may not be adequate B. Otherwise it is no longer up to date with the registration of daily occurring faults C. Otherwise remotely stored backups may no longer be available to the security team Question 37 What type of compliancy standard, regulation or legislation provides a code of practice for information security? A. ISO/IEC 27002 B. Personal data protection act C. Computer criminality act D. IT Service Management
Information Security Foundation Sample Exam 10 Question 38 On the basis of which type of legislation can someone request to inspect the data that has been registered about them?* A. Public records act B. Computer criminality act C. Personal data protection act D. Intellectual property act Question 39 What is a definition of compliance? A. Laws, considered collectively or the process of making or enacting laws B. The state or fact of according with or meeting rules or standards C. An official or authoritative instruction D. A rule or directive made and maintained by an authority. Question 40 What type of legislation requires a proper controlled purchase process? A. Personal data protection act B. Computer criminality act C. Government information act D. Intellectual property rights act
Information Security Foundation Sample Exam 11 Question Answer Explanation 1 C The ISMS is described in ISO/IEC 27001. (Chapter 3) 2 A A standard formulates formal requirements which are sometimes enforced by laws. 3 C ISMS : Establishing , implementing, operating, monitoring , reviewing, maintaining and improving a documented ISMS within the context of the overall business risks to the organization. 4 C Information: Who, what, when, where 5 C Information is data that has a meaning (within a certain context) for its receiver. 6 D The content of data does not determine its value. 7 B The hacker was able to read the file (confidentiality) 8 A The information can be read by non-authorised persons, which means that the confidentiality is compromised. 9 B Denial of sending a message concerns non-repudiation, this is a threat to integrity. 10 A A threat is a possible event that can have a disruptive effect on the reliability of information. 11 C The purpose of risk management is to reduce risks to an acceptable level. 12 B The qualitative approach is non-numerical. 13 C The tapes are secure, but can be lost together with the systems leaving no backup at all. 14 A Using the jump-drive is a human threat. 15 A 16 D The devices become net-enabled robots, hence botnet. 17 A The sprinkler installation going off is a side effect of the fire. 18 B Certain risks are accepted as a fact of life. 19 C 20 D This problem needs an organisational measure. 21 D A code of conduct is how this can be regulated. E.g. permitting use during lunch breaks, or completely banning this type of use. 22 A This measure, stand-by arrangement, is taken to mitigate further damage to the organisation. Staff can now continue their work. 23 A Without logging the caller, no follow-up actions can be taken. The name is connected to other essential information like position, department, authorisations, etc. 24 C Repressive 25 B Classification is used to define different levels within the group. 26 C Only the owner (asset owner) is allowed to do this. 27 C The other two are detective and repressive respectively. 28 A This repressive measure minimizes the damage caused by the fire. Answers
Information Security Foundation Sample Exam 12 29 B This is a physical security measure. 30 D Working spaces are situated within the sensitive ring. 31 C Formulating a policy on the correct use of company computer assets is the first step. 32 A Encryption is a technical measure. 33 C Physical security includes the protection of equipment through climate control. 34 D Identification is the first step in the process to grant access. In identification, the person or system presents a token, for example a key, username or password 35 B Authentication is the process of establishing confidence of authenticity. 36 A Major disruptions need an up-to-date and proven plan to be effective. 37 A ISO/IEC 27002; Information technology -- Security techniques -- Code of practice for information security controls 38 C Personal data protection act(s). 39 B See: ISF module 06, Section ‘Legislation and Regulations’ 40 D IPR controls include: - Policies - Controlled purchase process - Creating and maintaining awareness - Asset registers which include IPR information - Etc.
Information Security Foundation Sample Exam 13 How to book your exam? All our exams are delivered through an online examination system called ProctorU. To enrol for an exam, go to: https://www.seco-institute.org/certification-exams/how-to-book-exam/ Make sure you are fully prepared. Use the ProctorU Preparation checklist to assess whether you are ready to take the exam. Review the examination rules at https://www.seco-institute.org/html/filesystem/storeFolder/10/Rules-and-Regulations-for-SECO- Institute-Examinations-2017-11.pdf Digital badges SECO-Institute and digital badge provider Acclaim have partnered to provide certification holders with a digital badge of their SECO- Institute certification. Digital badges can be used in email signatures as well as on personal websites, social media sites such as LinkedIn and Twitter, and electronic copies of resumes. Digital badges help certification holders convey employers, potential employers and interested parties the skills they have acquired to earn and maintain a specialised certification. SECO-Institute doesn’t issue certification titles for Foundation courses. However, upon successful completion of your Foundation exam, you can claim your digital badge free of charge at the SECO-Institute. https://www.seco-institute.org/claim-your-foundation-badge
Information Security Foundation Sample Exam 14 ISF-Sample Exam-EN-v1.0

Recommended

Chapter 09 security_management_practices
Chapter 09 security_management_practicesChapter 09 security_management_practices
Chapter 09 security_management_practices
husseinalshomali
 
Cissp cbk final_exam-answers_v5.5
Cissp cbk final_exam-answers_v5.5Cissp cbk final_exam-answers_v5.5
Cissp cbk final_exam-answers_v5.5
madunix
 
Certified Data Privacy Solutions Engineer CDPSE Exam Questions
Certified Data Privacy Solutions Engineer CDPSE Exam QuestionsCertified Data Privacy Solutions Engineer CDPSE Exam Questions
Certified Data Privacy Solutions Engineer CDPSE Exam Questions
williamLeo13
 
Chapter 11 personnel_and_security
Chapter 11 personnel_and_securityChapter 11 personnel_and_security
Chapter 11 personnel_and_security
husseinalshomali
 
information security management
information security managementinformation security management
information security management
Gurpreetkaur838
 
Cyber review-guide
Cyber review-guideCyber review-guide
Cyber review-guide
aqazad
 
IS311 questions
IS311 questionsIS311 questions
IS311 questionsDenise Walker
 
ISA.pdf
ISA.pdfISA.pdf
ISA.pdf
timbadiyaved
 

Recommended

Chapter 09 security_management_practices
Chapter 09 security_management_practicesChapter 09 security_management_practices
Chapter 09 security_management_practices
husseinalshomali
 
Cissp cbk final_exam-answers_v5.5
Cissp cbk final_exam-answers_v5.5Cissp cbk final_exam-answers_v5.5
Cissp cbk final_exam-answers_v5.5
madunix
 
Certified Data Privacy Solutions Engineer CDPSE Exam Questions
Certified Data Privacy Solutions Engineer CDPSE Exam QuestionsCertified Data Privacy Solutions Engineer CDPSE Exam Questions
Certified Data Privacy Solutions Engineer CDPSE Exam Questions
williamLeo13
 
Chapter 11 personnel_and_security
Chapter 11 personnel_and_securityChapter 11 personnel_and_security
Chapter 11 personnel_and_security
husseinalshomali
 
information security management
information security managementinformation security management
information security management
Gurpreetkaur838
 
Cyber review-guide
Cyber review-guideCyber review-guide
Cyber review-guide
aqazad
 
IS311 questions
IS311 questionsIS311 questions
IS311 questionsDenise Walker
 
ISA.pdf
ISA.pdfISA.pdf
ISA.pdf
timbadiyaved
 
Top 10 Security Challenges
Top 10 Security ChallengesTop 10 Security Challenges
Top 10 Security Challenges
Jorge Sebastiao
 
312 50-demo
312 50-demo312 50-demo
312 50-demo
Tomas Vileikis
 
Module 2 - Cybersecurity On the Defense.pdf
Module 2 - Cybersecurity On the Defense.pdfModule 2 - Cybersecurity On the Defense.pdf
Module 2 - Cybersecurity On the Defense.pdf
Humphrey Humphrey
 
4_5769479639445540375.pptx
4_5769479639445540375.pptx4_5769479639445540375.pptx
4_5769479639445540375.pptx
HHoko1
 
Csslp
CsslpCsslp
Csslp
Sushil Shakya
 
Chapter 04 information_security_policy
Chapter 04 information_security_policyChapter 04 information_security_policy
Chapter 04 information_security_policy
husseinalshomali
 
Information security foundation based on iso iec 27002
Information security foundation based on iso iec 27002Information security foundation based on iso iec 27002
Information security foundation based on iso iec 27002
Ajay Kumar Gupta
 
000 013
000 013000 013
000 013kemron87
 
Chapter 05 developing_the_security_program
Chapter 05 developing_the_security_programChapter 05 developing_the_security_program
Chapter 05 developing_the_security_program
husseinalshomali
 
Cybersecurity vs Data Science A Roadmap.pptx
Cybersecurity vs Data Science A Roadmap.pptxCybersecurity vs Data Science A Roadmap.pptx
Cybersecurity vs Data Science A Roadmap.pptx
Infosectrain3
 
Cybersecurity vs Data Science A Roadmap.pptx
Cybersecurity vs Data Science A Roadmap.pptxCybersecurity vs Data Science A Roadmap.pptx
Cybersecurity vs Data Science A Roadmap.pptx
Infosectrain3
 
Information Security Assessment Dammam Technical College MSIS .docx
Information Security Assessment Dammam Technical College MSIS .docxInformation Security Assessment Dammam Technical College MSIS .docx
Information Security Assessment Dammam Technical College MSIS .docx
jaggernaoma
 
Top Network Security Interview Questions That You Should Know.pptx
Top Network Security Interview Questions That You Should Know.pptxTop Network Security Interview Questions That You Should Know.pptx
Top Network Security Interview Questions That You Should Know.pptx
Infosectrain3
 
Security Priorities Sample Slides 2023.pdf
Security Priorities Sample Slides 2023.pdfSecurity Priorities Sample Slides 2023.pdf
Security Priorities Sample Slides 2023.pdf
IDG
 
Practical Measures for Measuring Security
Practical Measures for Measuring SecurityPractical Measures for Measuring Security
Practical Measures for Measuring Security
Chris Mullins
 
pic and place.you need in your daily life
pic and place.you need in your daily lifepic and place.you need in your daily life
pic and place.you need in your daily life
muhammadshahbaz66570
 
Chapter 03 governance_and_strategic_planning_for_security
Chapter 03 governance_and_strategic_planning_for_securityChapter 03 governance_and_strategic_planning_for_security
Chapter 03 governance_and_strategic_planning_for_security
husseinalshomali
 
Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES
Priyanka Aash
 
Top_20_Incident_Responder_Interview_Questions_and_Answers_1.pdf
Top_20_Incident_Responder_Interview_Questions_and_Answers_1.pdfTop_20_Incident_Responder_Interview_Questions_and_Answers_1.pdf
Top_20_Incident_Responder_Interview_Questions_and_Answers_1.pdf
infosec train
 
Top 20 Incident Responder Interview Questions and Answers (1).pdf
Top 20 Incident Responder Interview Questions and Answers (1).pdfTop 20 Incident Responder Interview Questions and Answers (1).pdf
Top 20 Incident Responder Interview Questions and Answers (1).pdf
ShivamSharma909
 
The-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementThe-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic management
Bojamma2
 
What are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdfWhat are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdf
HumanResourceDimensi1
 

More Related Content

Similar to SECO 406100422-ISF-Sample-Exam-en-v1-0.pdf

Top 10 Security Challenges
Top 10 Security ChallengesTop 10 Security Challenges
Top 10 Security Challenges
Jorge Sebastiao
 
312 50-demo
312 50-demo312 50-demo
312 50-demo
Tomas Vileikis
 
Module 2 - Cybersecurity On the Defense.pdf
Module 2 - Cybersecurity On the Defense.pdfModule 2 - Cybersecurity On the Defense.pdf
Module 2 - Cybersecurity On the Defense.pdf
Humphrey Humphrey
 
4_5769479639445540375.pptx
4_5769479639445540375.pptx4_5769479639445540375.pptx
4_5769479639445540375.pptx
HHoko1
 
Chapter 04 information_security_policy
Chapter 04 information_security_policyChapter 04 information_security_policy
Chapter 04 information_security_policy
husseinalshomali
 
Information security foundation based on iso iec 27002
Information security foundation based on iso iec 27002Information security foundation based on iso iec 27002
Information security foundation based on iso iec 27002
Ajay Kumar Gupta
 
Chapter 05 developing_the_security_program
Chapter 05 developing_the_security_programChapter 05 developing_the_security_program
Chapter 05 developing_the_security_program
husseinalshomali
 
Cybersecurity vs Data Science A Roadmap.pptx
Cybersecurity vs Data Science A Roadmap.pptxCybersecurity vs Data Science A Roadmap.pptx
Cybersecurity vs Data Science A Roadmap.pptx
Infosectrain3
 
Cybersecurity vs Data Science A Roadmap.pptx
Cybersecurity vs Data Science A Roadmap.pptxCybersecurity vs Data Science A Roadmap.pptx
Cybersecurity vs Data Science A Roadmap.pptx
Infosectrain3
 
Information Security Assessment Dammam Technical College MSIS .docx
Information Security Assessment Dammam Technical College MSIS .docxInformation Security Assessment Dammam Technical College MSIS .docx
Information Security Assessment Dammam Technical College MSIS .docx
jaggernaoma
 
Top Network Security Interview Questions That You Should Know.pptx
Top Network Security Interview Questions That You Should Know.pptxTop Network Security Interview Questions That You Should Know.pptx
Top Network Security Interview Questions That You Should Know.pptx
Infosectrain3
 
Security Priorities Sample Slides 2023.pdf
Security Priorities Sample Slides 2023.pdfSecurity Priorities Sample Slides 2023.pdf
Security Priorities Sample Slides 2023.pdf
IDG
 
Practical Measures for Measuring Security
Practical Measures for Measuring SecurityPractical Measures for Measuring Security
Practical Measures for Measuring Security
Chris Mullins
 
pic and place.you need in your daily life
pic and place.you need in your daily lifepic and place.you need in your daily life
pic and place.you need in your daily life
muhammadshahbaz66570
 
Chapter 03 governance_and_strategic_planning_for_security
Chapter 03 governance_and_strategic_planning_for_securityChapter 03 governance_and_strategic_planning_for_security
Chapter 03 governance_and_strategic_planning_for_security
husseinalshomali
 
Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES
Priyanka Aash
 
Top_20_Incident_Responder_Interview_Questions_and_Answers_1.pdf
Top_20_Incident_Responder_Interview_Questions_and_Answers_1.pdfTop_20_Incident_Responder_Interview_Questions_and_Answers_1.pdf
Top_20_Incident_Responder_Interview_Questions_and_Answers_1.pdf
infosec train
 
Top 20 Incident Responder Interview Questions and Answers (1).pdf
Top 20 Incident Responder Interview Questions and Answers (1).pdfTop 20 Incident Responder Interview Questions and Answers (1).pdf
Top 20 Incident Responder Interview Questions and Answers (1).pdf
ShivamSharma909
 

Similar to SECO 406100422-ISF-Sample-Exam-en-v1-0.pdf (20)

Top 10 Security Challenges
Top 10 Security ChallengesTop 10 Security Challenges
Top 10 Security Challenges
 
312 50-demo
312 50-demo312 50-demo
312 50-demo
 
Module 2 - Cybersecurity On the Defense.pdf
Module 2 - Cybersecurity On the Defense.pdfModule 2 - Cybersecurity On the Defense.pdf
Module 2 - Cybersecurity On the Defense.pdf
 
4_5769479639445540375.pptx
4_5769479639445540375.pptx4_5769479639445540375.pptx
4_5769479639445540375.pptx
 
Csslp
CsslpCsslp
Csslp
 
Chapter 04 information_security_policy
Chapter 04 information_security_policyChapter 04 information_security_policy
Chapter 04 information_security_policy
 
Information security foundation based on iso iec 27002
Information security foundation based on iso iec 27002Information security foundation based on iso iec 27002
Information security foundation based on iso iec 27002
 
000 013
000 013000 013
000 013
 
Chapter 05 developing_the_security_program
Chapter 05 developing_the_security_programChapter 05 developing_the_security_program
Chapter 05 developing_the_security_program
 
Cybersecurity vs Data Science A Roadmap.pptx
Cybersecurity vs Data Science A Roadmap.pptxCybersecurity vs Data Science A Roadmap.pptx
Cybersecurity vs Data Science A Roadmap.pptx
 
Cybersecurity vs Data Science A Roadmap.pptx
Cybersecurity vs Data Science A Roadmap.pptxCybersecurity vs Data Science A Roadmap.pptx
Cybersecurity vs Data Science A Roadmap.pptx
 
Information Security Assessment Dammam Technical College MSIS .docx
Information Security Assessment Dammam Technical College MSIS .docxInformation Security Assessment Dammam Technical College MSIS .docx
Information Security Assessment Dammam Technical College MSIS .docx
 
Top Network Security Interview Questions That You Should Know.pptx
Top Network Security Interview Questions That You Should Know.pptxTop Network Security Interview Questions That You Should Know.pptx
Top Network Security Interview Questions That You Should Know.pptx
 
Security Priorities Sample Slides 2023.pdf
Security Priorities Sample Slides 2023.pdfSecurity Priorities Sample Slides 2023.pdf
Security Priorities Sample Slides 2023.pdf
 
Practical Measures for Measuring Security
Practical Measures for Measuring SecurityPractical Measures for Measuring Security
Practical Measures for Measuring Security
 
pic and place.you need in your daily life
pic and place.you need in your daily lifepic and place.you need in your daily life
pic and place.you need in your daily life
 
Chapter 03 governance_and_strategic_planning_for_security
Chapter 03 governance_and_strategic_planning_for_securityChapter 03 governance_and_strategic_planning_for_security
Chapter 03 governance_and_strategic_planning_for_security
 
Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES Cyber security maturity model- IT/ITES
Cyber security maturity model- IT/ITES
 
Top_20_Incident_Responder_Interview_Questions_and_Answers_1.pdf
Top_20_Incident_Responder_Interview_Questions_and_Answers_1.pdfTop_20_Incident_Responder_Interview_Questions_and_Answers_1.pdf
Top_20_Incident_Responder_Interview_Questions_and_Answers_1.pdf
 
Top 20 Incident Responder Interview Questions and Answers (1).pdf
Top 20 Incident Responder Interview Questions and Answers (1).pdfTop 20 Incident Responder Interview Questions and Answers (1).pdf
Top 20 Incident Responder Interview Questions and Answers (1).pdf
 

Recently uploaded

The-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementThe-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic management
Bojamma2
 
What are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdfWhat are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdf
HumanResourceDimensi1
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134
LR1709MUSIC
 
Role of Remote Sensing and Monitoring in Mining
Role of Remote Sensing and Monitoring in MiningRole of Remote Sensing and Monitoring in Mining
Role of Remote Sensing and Monitoring in Mining
Naaraayani Minerals Pvt.Ltd
 
Enterprise Excellence is Inclusive Excellence.pdf
Enterprise Excellence is Inclusive Excellence.pdfEnterprise Excellence is Inclusive Excellence.pdf
Enterprise Excellence is Inclusive Excellence.pdf
KaiNexus
 
What is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdfWhat is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdf
seoforlegalpillers
 
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
taqyed
 
Buy Verified PayPal Account | Buy Google 5 Star Reviews
Buy Verified PayPal Account | Buy Google 5 Star ReviewsBuy Verified PayPal Account | Buy Google 5 Star Reviews
Buy Verified PayPal Account | Buy Google 5 Star Reviews
usawebmarket
 
3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx
tanyjahb
 
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiafalcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
Falcon Invoice Discounting
 
Exploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social DreamingExploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social Dreaming
Nicola Wreford-Howard
 
Set off and carry forward of losses and assessment of individuals.pptx
Set off and carry forward of losses and assessment of individuals.pptxSet off and carry forward of losses and assessment of individuals.pptx
Set off and carry forward of losses and assessment of individuals.pptx
HARSHITHV26
 
Sustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & EconomySustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & Economy
Operational Excellence Consulting
 
Digital Transformation in PLM - WHAT and HOW - for distribution.pdf
Digital Transformation in PLM - WHAT and HOW - for distribution.pdfDigital Transformation in PLM - WHAT and HOW - for distribution.pdf
Digital Transformation in PLM - WHAT and HOW - for distribution.pdf
Jos Voskuil
 
Premium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern BusinessesPremium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern Businesses
SynapseIndia
 
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdfMeas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
dylandmeas
 
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
PaulBryant58
 
Memorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptMemorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.ppt
seri bangash
 
April 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products NewsletterApril 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products Newsletter
NathanBaughman3
 
Unveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdfUnveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdf
Sam H
 

Recently uploaded (20)

The-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementThe-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic management
 
What are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdfWhat are the main advantages of using HR recruiter services.pdf
What are the main advantages of using HR recruiter services.pdf
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134
 
Role of Remote Sensing and Monitoring in Mining
Role of Remote Sensing and Monitoring in MiningRole of Remote Sensing and Monitoring in Mining
Role of Remote Sensing and Monitoring in Mining
 
Enterprise Excellence is Inclusive Excellence.pdf
Enterprise Excellence is Inclusive Excellence.pdfEnterprise Excellence is Inclusive Excellence.pdf
Enterprise Excellence is Inclusive Excellence.pdf
 
What is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdfWhat is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdf
 
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
一比一原版加拿大渥太华大学毕业证(uottawa毕业证书)如何办理
 
Buy Verified PayPal Account | Buy Google 5 Star Reviews
Buy Verified PayPal Account | Buy Google 5 Star ReviewsBuy Verified PayPal Account | Buy Google 5 Star Reviews
Buy Verified PayPal Account | Buy Google 5 Star Reviews
 
3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx3.0 Project 2_ Developing My Brand Identity Kit.pptx
3.0 Project 2_ Developing My Brand Identity Kit.pptx
 
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiafalcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
 
Exploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social DreamingExploring Patterns of Connection with Social Dreaming
Exploring Patterns of Connection with Social Dreaming
 
Set off and carry forward of losses and assessment of individuals.pptx
Set off and carry forward of losses and assessment of individuals.pptxSet off and carry forward of losses and assessment of individuals.pptx
Set off and carry forward of losses and assessment of individuals.pptx
 
Sustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & EconomySustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & Economy
 
Digital Transformation in PLM - WHAT and HOW - for distribution.pdf
Digital Transformation in PLM - WHAT and HOW - for distribution.pdfDigital Transformation in PLM - WHAT and HOW - for distribution.pdf
Digital Transformation in PLM - WHAT and HOW - for distribution.pdf
 
Premium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern BusinessesPremium MEAN Stack Development Solutions for Modern Businesses
Premium MEAN Stack Development Solutions for Modern Businesses
 
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdfMeas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
Meas_Dylan_DMBS_PB1_2024-05XX_Revised.pdf
 
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
Accpac to QuickBooks Conversion Navigating the Transition with Online Account...
 
Memorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptMemorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.ppt
 
April 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products NewsletterApril 2024 Nostalgia Products Newsletter
April 2024 Nostalgia Products Newsletter
 
Unveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdfUnveiling the Secrets How Does Generative AI Work.pdf
Unveiling the Secrets How Does Generative AI Work.pdf
 

SECO 406100422-ISF-Sample-Exam-en-v1-0.pdf

  • 2. Information Security Foundation Sample Exam 1 Sample Exam Information Security Foundation SECO-Institute issues the official Information Security courseware to accredited training centres where students are trained by accredited instructors. Students can take their exams at an accredited exam centre or directly at the SECO-Institute. Attending an official certification course is not a prerequisite for taking an exam. Upon successful completion of a foundation exam (with a passing score of 60%), students can claim their digital badge at the SECO-Institute. This document provides a sample exam for you to familiarise yourself with the structure and topic areas of the current Data Protection Foundation examination. We strongly recommend you to test your knowledge before taking the actual assessment. The results of this test do not count towards your certification assessment. Examination type • Computer-based • 40 Multiple choice: 2,5 points per question Time allotted for examination • 60 minutes Examination details • Pass mark: 60% (out of 100) • Open book/notes: no • Electronic equipment permitted: no • The Rules and Regulations for SECO-Institute examinations apply to this exam
  • 3. Information Security Foundation Sample Exam 2 Questions Question 1 What type of system ensures a coherent Information Security organisation? A. Federal Information Security Management Act (FISMA) B. Information Technology Service Management System (ITSM) C. Information Security Management System (ISMS) Question 2 Security organisations strive to be compliant with published requirements. For which type of model can non-compliance lead to legal consequences? A. Information security standard B. Information security framework C. Information security code of conduct Question 3 In which order is an Information Security Management System set up? A. Implementation, operation, maintenance, establishment B. Implementation, operation, improvement, maintenance C. Establishment, implementation, operation, maintenance D. Establishment, operation, monitoring, improvement Question 4 The DIKW model is often used to talk about information management and knowledge management. During which stage of this model do we ask ourselves 'What'?" A. Data B. Wisdom C. Information D. Knowledge
  • 4. Information Security Foundation Sample Exam 3 Question 5 How are data and information related? A. Data is a collection of structured and unstructured information B. Information consists of facts and statistics collected together for reference or analysis C. When meaning and value are assigned to data, it becomes information Question 6 Which of the following factors does NOT contribute to the value of data for an organisation? A. The correctness of data B. The indispensability of data C. The importance of data for processes D. The content of data Question 7 A hacker gains access to a web server and reads the credit card numbers stored on that server. Which security principle is violated? A. Availability B. Confidentiality C. Integrity D. Authenticity Question 8 Often, people do not pick up their prints from a shared printer. How can this affect the confidentiality of information? A. Confidentiality cannot be guaranteed B. Integrity cannot be guaranteed C. Authenticity cannot be guaranteed D. Availability cannot be guaranteed Question 9 Which reliability aspect of information is compromised when a staff member denies having sent a message? A. Confidentiality B. Integrity C. Availability D. Correctness
  • 5. Information Security Foundation Sample Exam 4 Question 10 Which of the following is a possible event that can have a disruptive effect on the reliability of information? A. Threat B. Risk C. Vulnerability D. Dependency Question 11 What is the purpose of risk management? A. To outline the threats to which IT resources are exposed B. To determine the damage caused by possible security incidents C. To implement measures to reduce risks to an acceptable level D. To determine the probability that a certain risk will occur Question 12 What is a correct description of qualitative risk analysis? A. Use of a set of methods, principles, or rules for assessing risks based on the use of numbers B. Use of a set of methods, principles, or rules for assessing risk based on categories or levels C. A risk assessment process, together with a risk model, assessment approach, and analysis approach Question 13 Backup media is kept in the same secure area as the servers. What risk may the organisation be exposed to? A. Unauthorised persons will have access to both the servers and backups B. Responsibility for the backups is not defined well C. After a fire, the information systems cannot be restored D. After a server crash, it will take extra time to bring it back up again Question 14 Which of the following is a human threat? A. Use of a jump-drive causes a virus infection B. The server room contains too much dust C. Lightning strikes the data centre D. New legislation means that from now on personal data is compromised
  • 6. Information Security Foundation Sample Exam 5 Question 15 Someone from a large tech company calls you on behalf of your company to check the health of your PC, and therefore needs your user-id and password. What type of threat is this? A. Social engineering threat B. Organisational threat C. Technical threat D. Malware threat Question 16 What type of malware results in a network of contaminated internet connected devices? A. Worm B. Trojan C. Spyware D. Botnet Question 17 Which of the following is an example of indirect damage caused by fire? A. Damage caused by the sprinkler installation B. Burnt computer network equipment C. Melted backup media D. Damage caused by the heat of the fire Question 18 After carrying out risk analysis, you now want to determine your risk strategy. You decide to take measures for the large risks but not for the small risks. What is this risk strategy called? A. Risk neutral B. Risk bearing C. Risk hungry D. Risk avoiding
  • 7. Information Security Foundation Sample Exam 6 Question 19 What is the purpose of an Information Security policy? A. An information security policy makes the security plan concrete by providing the necessary details B. An information security policy provides insight into threats and the possible consequences C. An information security policy provides direction and support to the management regarding information security D. An information security policy documents the analysis of risks and the search for countermeasures Question 20 A security officer finds a virus-infected workstation. The infection was caused by a targeted phishing mail. How can this type of threat best be avoided in the future? A. By installing MAC-proofing measures on the network. B. By updating the firewall software. C. By introducing a new risk strategy. D. By starting an awareness campaign Question 21 A manager discovers that staff regularly use the corporate email system to send personal messages. How can this type of use best be regulated? A. Implementing a code of practice B. Implementing privacy regulations C. Installing a monitoring system D. Drafting a code of conduct Question 22 After a devastating office fire, all staff are moved to other branches of the company. At what moment in the incident management process is this measure effectuated? A. Between incident and damage B. Between detection and classification C. Between recovery and normal operations D. Between classification and escalation
  • 8. Information Security Foundation Sample Exam 7 Question 23 A member of staff discovers that unauthorised changes were made to her work. She calls the helpdesk, and is asked to provide the following information: date/time, description of the event, consequences of the event. What essential piece of information is still missing to help solve the incident? A. Name and position B. Name of caller C. PC identification tag D. List of informed people Question 24 What type of measure involves the stopping of possible consequences of security incidents? A. Corrective B. Detective C. Repressive D. Preventive Question 25 What is a reason for the classification of information? A. To provide clear identification tags B. To structure the information according to its sensitivity C. Creating a manual describing the BYOD policy Question 26 Which role is authorised to change the classification of a document? A. Author B. Manager C. Owner D. Administrator Question 27 Which of the following is a preventive security measure? A. Installing logging and monitoring software B. Shutting down the Internet connection after an attack C. Storing sensitive information in a data save
  • 9. Information Security Foundation Sample Exam 8 Question 28 After a fire has occurred, what repressive measure can be taken? A. Extinguishing the fire after the fire alarm sounds B. Buying in a proper fire insurance policy C. Repairing all systems after the fire Question 29 A computer room is protected by a biometric identity system in which only system administrators are registered. What type of security measure is this? A. Organisational threat B. Physical C. Technical D. Repressive Question 30 In physical security, protection rings with dedicated measures (different levels, etc.) can be applied. Within which ring are the working spaces situated? A. Internal B. Public C. Object D. Sensitive Question 31 As a new member of the IT department you have noticed that confidential information has been leaked several times. This may damage the reputation of the company. You have been asked to propose an organisational measure to protect laptop computers. What is the first step in a structured approach to come up with this measure? A. Appoint security staff B. Encrypt all sensitive information C. Formulate a policy D. Set up an access control procedure Question 32 Which of the following is a technical security measure? A. Encryption B. Security policy C. Safe storage of backups D. User role profiles.
  • 10. Information Security Foundation Sample Exam 9 Question 33 Which threat could occur if no physical measures are taken? A. Unauthorised persons viewing sensitive files B. Confidential prints being left on the printer C. A server shutting down because of overheating D. Hackers entering the corporate network Question 34 In what part of the process to grant access to a system does the user present a token? A. Authorisation B. Verification C. Authentication D. Identification Question 35 What is the security management term for establishing whether someone's identity is correct? A. Identification B. Authentication C. Authorisation D. Verification Question 36 Why do we need to test a disaster recovery plan regularly, and keep it up to date? A. Otherwise the measures taken and the incident procedures planned may not be adequate B. Otherwise it is no longer up to date with the registration of daily occurring faults C. Otherwise remotely stored backups may no longer be available to the security team Question 37 What type of compliancy standard, regulation or legislation provides a code of practice for information security? A. ISO/IEC 27002 B. Personal data protection act C. Computer criminality act D. IT Service Management
  • 11. Information Security Foundation Sample Exam 10 Question 38 On the basis of which type of legislation can someone request to inspect the data that has been registered about them?* A. Public records act B. Computer criminality act C. Personal data protection act D. Intellectual property act Question 39 What is a definition of compliance? A. Laws, considered collectively or the process of making or enacting laws B. The state or fact of according with or meeting rules or standards C. An official or authoritative instruction D. A rule or directive made and maintained by an authority. Question 40 What type of legislation requires a proper controlled purchase process? A. Personal data protection act B. Computer criminality act C. Government information act D. Intellectual property rights act
  • 12. Information Security Foundation Sample Exam 11 Question Answer Explanation 1 C The ISMS is described in ISO/IEC 27001. (Chapter 3) 2 A A standard formulates formal requirements which are sometimes enforced by laws. 3 C ISMS : Establishing , implementing, operating, monitoring , reviewing, maintaining and improving a documented ISMS within the context of the overall business risks to the organization. 4 C Information: Who, what, when, where 5 C Information is data that has a meaning (within a certain context) for its receiver. 6 D The content of data does not determine its value. 7 B The hacker was able to read the file (confidentiality) 8 A The information can be read by non-authorised persons, which means that the confidentiality is compromised. 9 B Denial of sending a message concerns non-repudiation, this is a threat to integrity. 10 A A threat is a possible event that can have a disruptive effect on the reliability of information. 11 C The purpose of risk management is to reduce risks to an acceptable level. 12 B The qualitative approach is non-numerical. 13 C The tapes are secure, but can be lost together with the systems leaving no backup at all. 14 A Using the jump-drive is a human threat. 15 A 16 D The devices become net-enabled robots, hence botnet. 17 A The sprinkler installation going off is a side effect of the fire. 18 B Certain risks are accepted as a fact of life. 19 C 20 D This problem needs an organisational measure. 21 D A code of conduct is how this can be regulated. E.g. permitting use during lunch breaks, or completely banning this type of use. 22 A This measure, stand-by arrangement, is taken to mitigate further damage to the organisation. Staff can now continue their work. 23 A Without logging the caller, no follow-up actions can be taken. The name is connected to other essential information like position, department, authorisations, etc. 24 C Repressive 25 B Classification is used to define different levels within the group. 26 C Only the owner (asset owner) is allowed to do this. 27 C The other two are detective and repressive respectively. 28 A This repressive measure minimizes the damage caused by the fire. Answers
  • 13. Information Security Foundation Sample Exam 12 29 B This is a physical security measure. 30 D Working spaces are situated within the sensitive ring. 31 C Formulating a policy on the correct use of company computer assets is the first step. 32 A Encryption is a technical measure. 33 C Physical security includes the protection of equipment through climate control. 34 D Identification is the first step in the process to grant access. In identification, the person or system presents a token, for example a key, username or password 35 B Authentication is the process of establishing confidence of authenticity. 36 A Major disruptions need an up-to-date and proven plan to be effective. 37 A ISO/IEC 27002; Information technology -- Security techniques -- Code of practice for information security controls 38 C Personal data protection act(s). 39 B See: ISF module 06, Section ‘Legislation and Regulations’ 40 D IPR controls include: - Policies - Controlled purchase process - Creating and maintaining awareness - Asset registers which include IPR information - Etc.
  • 14. Information Security Foundation Sample Exam 13 How to book your exam? All our exams are delivered through an online examination system called ProctorU. To enrol for an exam, go to: https://www.seco-institute.org/certification-exams/how-to-book-exam/ Make sure you are fully prepared. Use the ProctorU Preparation checklist to assess whether you are ready to take the exam. Review the examination rules at https://www.seco-institute.org/html/filesystem/storeFolder/10/Rules-and-Regulations-for-SECO- Institute-Examinations-2017-11.pdf Digital badges SECO-Institute and digital badge provider Acclaim have partnered to provide certification holders with a digital badge of their SECO- Institute certification. Digital badges can be used in email signatures as well as on personal websites, social media sites such as LinkedIn and Twitter, and electronic copies of resumes. Digital badges help certification holders convey employers, potential employers and interested parties the skills they have acquired to earn and maintain a specialised certification. SECO-Institute doesn’t issue certification titles for Foundation courses. However, upon successful completion of your Foundation exam, you can claim your digital badge free of charge at the SECO-Institute. https://www.seco-institute.org/claim-your-foundation-badge
  • 15. Information Security Foundation Sample Exam 14 ISF-Sample Exam-EN-v1.0