McAfee Secure

Certification: Information Security Foundation (based on ISO/IEC 27002)

Certification Full Name: Information Security Foundation (based on ISO/IEC 27002)

Certification Provider: Exin

Pass Your Information Security Foundation (based on ISO/IEC 27002) Exams - 100% Money Back Guarantee!

Get Certified Fast With Latest & Updated Information Security Foundation (based on ISO/IEC 27002) Preparation Materials

Exin ISFS Questions & Answers

Provides a compilation of real ISFS exam questions in a simulation environment that your will experience in testing centre while taking your actual Information Security Foundation (based on ISO/IEC 27002) (EX0-105) exam

All ISFS Questions & Answers have been verified by IT Exin Certification Experts to ensure the industry's highest 99.6% FIRST TIME Pass Rate.

  • 80 real Questions & Answers from the Current pool of questions from actual ISFS exam
  • Accurate Answers Verified by the Leading Exin Certificatio Experts
  • Advanced Testing Engine to simulates actual ISFS exam environment
  • Instructor Led Feedback System for sending your questions to our Exin experts
  • 90 Days Free Updates for immediate update of actual Exin ISFS exam changes

Individual Product

My Study Plan for EXIN Information Security

Globalization of data and networks leads to exchange of information between companies, where the information becomes prey to hackers and fraudsters. EXIN Information Security program aims on increasing security awareness of an organization and increasing sense of responsibility of the management and employees. The qualification program of EXIN Information Security is necessary for any individual who deals with information security and confidentiality. Through this program I have become aware of security risks and abuses.

EXIN Information Security program provides certification on three levels. They are Foundation level, Professional (Advanced) level and Expert level. In this certification course, the candidate learns to promote security-conscious, to handle confidential information, to implement and monitor data security.

Information security Foundation based on ISO/IEC 27002:

In this module the basics concepts of data security and its affiliation is tested. The main objective of this level is to increase data security awareness and to learn the measures necessary to safeguard information. This module is aimed for information security professionals and no prerequisite is needed to attend this course. The exam is for 1 hour with 40 multiple choice questions. The pass score is 65%.

The main topics to be covered for this exam are:

  • Information and Security: This topic covers 10% of the exam. It includes the information concepts, value of data for organizations and how these value of data can influence organization, reliability aspects of data.
  • Threats and risks: This topic covers 30% of the exam. It includes the concepts and relationship between threat, risks and information reliability, the effects of threats on processing information.
  • Approach and organization: This topic covers 10% of the exam. It includes the objectives and contents of Security organization and security policy, the components used for organization security, the importance of security incident management besides escalation effects in organization.
  • Measures: This covers 40% of the exam. It includes the significance of security measures, physical security measure set-up and implementation, implementation of technical security measures, set-up and implementation of organizational security measures.
  • Legislation and regulations: This covers 10% of the exam. It includes the effects and importance of legislation and regulations.

The book I used to cover these topics - 'Foundations of Information Security', Van Haren publishing 2010, written by Hintzbergen. K., Baars. H., Smulders. A.

Information Security Management Advanced based on ISO/IEC 27002:

In this module the organizational aspects of data security is tested. This module is mainly aimed for security professionals such as Information Security Officer, Information security manager, Project security manager. The prerequisite for this course is Information Security Foundation certification. The exam is for 1:30 hours with 30 multiple choice questions and the pass score is 65%.

The topics to be covered for this exam are:

  • Perspectives of Information Security: This covers 10% of the exam which includes business interest of data security, customer perspective on data management, and the responsibilities of supplier in security.
  • Risk Management: This covers 30% of the exam which includes the principles of risk analysis and management, how to categorize controls, and how to distinguish the strategies of remaining risks.
  • Controls of Information Security: This covers 60% of the exam and includes organizational controls, technical controls, physical, business continuity, and employment-related controls.

The books I referred to cover these topics are 'Management of Information Security', Cengage learning, 3rd edition, 2010 written by Whitman. M.E., and Mattord. H.J., 'Information Security management with ITIL V3', Van Haren publishing, 2010 written by Cazemier. J.A., Peters. L., and Overbeek. P.

Information Security Management Expert based on ISO/IEC 27002:

This module tests the skills and knowledge in structuring, maintenance and optimization of information security in an organization. The prerequisites for this certification course are the Foundation and Advanced Level certifications of Information security, and 2 year experience in management. The Expert exam consists of two parts, such as written (practical project) and oral part. The oral part can be taken only after the completion of written part. The exam is for 90 minutes and the pass mark is 55%.

The criteria to be covered for practical project are:

  • Organization: This covers 20% of the project and it includes risk management, roles of data security and reporting system.
  • Policy: This covers 10% of the project and it includes how to establish and promote policy of information security.
  • Risk Analysis: It covers 10% of the project and includes various methods of risk analysis and how to analyse the outcome of risk analysis.
  • Organizational Change: It covers 40% and includes adapting a plan or strategy for change, defend and adjust for change, evaluate interventions.
  • Standards: It covers 10% and includes the process of using relevant standards for particular situations.
  • Audit and certification: It covers 10% of the project and includes execution of audit, review management and documentation of the results.

The books I referred for this exam are 'Information Technology Security techniques - Information technology management systems - Requirements', Switzerland, 2005 and 'Information Technology Security techniques - Code for practice for information security management', Switzerland, 2007.

The oral exam is for 90 minutes and it is done via video web conference. Once the exam is finished, examiners determines the mark and validate the result. I took the sample test available on Exin website before attending the exam.

Melania Crenstword - Web Developer - MelSoft Inc.

Frequently Asked Questions

How can I get the products after purchase?

All products are available for download immediately from your Member's Area. Once you have made the payment, you will be transferred to Member's Area where you can login and download the products you have purchased to your computer.

How long can I use my product? Will it be valid forever?

Test-King products have a validity of 90 days from the date of purchase. This means that any updates to the products, including but not limited to new questions, or updates and changes by our editing team, will be automatically downloaded on to computer to make sure that you get latest exam prep materials during those 90 days.

Can I renew my product if when it's expired?

Yes, when the 90 days of your product validity are over, you have the option of renewing your expired products with a 30% discount. This can be done in your Member's Area.

Please note that you will not be able to use the product after it has expired if you don't renew it.

How often are the questions updated?

We always try to provide the latest pool of questions, Updates in the questions depend on the changes in actual pool of questions by different vendors. As soon as we know about the change in the exam question pool we try our best to update the products as fast as possible.

How many computers I can download Test-King software on?

You can download the Test-King products on the maximum number of 2 (two) computers or devices. If you need to use the software on more than two machines, you can purchase this option separately. Please email if you need to use more than 5 (five) computers.

What is a PDF Version?

PDF Version is a pdf document of Questions & Answers product. The document file has standart .pdf format, which can be easily read by any pdf reader application like Adobe Acrobat Reader, Foxit Reader, OpenOffice, Google Docs and many others.

Can I purchase PDF Version without the Testing Engine?

PDF Version cannot be purchased separately. It is only available as an add-on to main Question & Answer Testing Engine product.

What operating systems are supported by your Testing Engine software?

Our testing engine is supported by Windows. Android and IOS software is currently under development.


Money Back Guarantee

Test-King has a remarkable Exin Candidate Success record. We're confident of our products and provide a no hassle money back guarantee. That's how confident we are!

Was: $137.49
Now: $124.99

Purchase Individually