What is the objective of classifying information?
C
What is the greatest risk for an organization if no information security policy has been defined?
D
An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry
date of a contract with one of the clients is earlier than the start date. What type of measure could
prevent this error?
D
We can acquire and supply information in various ways. The value of the information depends on
whether it is reliable. What are the reliability aspects of information?
B
What is an example of a security incident?
B
Which of the following measures is a preventive measure?
C
Who is authorized to change the classification of a document?
C
Peter works at the company Midwest Insurance. His manager, Linda, asks him to send the terms and
conditions for a life insurance policy to Rachel, a client. Who determines the value of the information
in the insurance terms and conditions document?
A
You are the owner of a growing company, SpeeDelivery, which provides courier services. You decide
that it is time to draw up a risk analysis for your information system. This includes an inventory of
threats and risks. What is the relation between a threat, risk and risk analysis?
B
You are the owner of the courier company SpeeDelivery. You have carried out a risk analysis and now
want to determine your risk strategy. You decide to take measures for the large risks but not for the
small risks. What is this risk strategy called?
C