Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. BCS
  5. CISMP-V9

BCS CISMP-V9 Exam
BCS Foundation Certificate in Information Security Management Principles V9.0 (Page 8 )

Updated On: 1-Feb-2026
Page 4 of 21
PDF with 100 Questions

Which term describes a vulnerability that is unknown and therefore has no mitigating control which is immediately and generally available?

  1. Advanced Persistent Threat.
  2. Trojan.
  3. Stealthware.
  4. Zero-day.

Answer(s): D


Reference:

https://en.wikipedia.org/wiki/Zero-day_(computing)



Which of the following is MOST LIKELY to be described as a consequential loss?

  1. Reputation damage.
  2. Monetary theft.
  3. Service disruption.
  4. Processing errors.

Answer(s): A



Which of the following is considered to be the GREATEST risk to information systems that results from deploying end-to-end Internet of Things (IoT) solutions?

  1. Use of 'cheap" microcontroller based sensors.
  2. Much larger attack surface than traditional IT systems.
  3. Use of proprietary networking protocols between nodes.
  4. Use of cloud based systems to collect loT data.

Answer(s): D



Which of the following is NOT an information security specific vulnerability?

  1. Use of HTTP based Apache web server.
  2. Unpatched Windows operating system.
  3. Confidential data stored in a fire safe.
  4. Use of an unlocked filing cabinet.

Answer(s): A



What Is the PRIMARY security concern associated with the practice known as Bring Your Own Device (BYOD) that might affect a large organisation?

  1. Most BYOD involves the use of non-Windows hardware which is intrinsically insecure and open to abuse.
  2. The organisation has significantly less control over the device than over a corporately provided and managed device.
  3. Privately owned end user devices are not provided with the same volume nor frequency of security patch updates as a corporation.
  4. Under GDPR it is illegal for an individual to use a personal device when handling personal information under corporate control.

Answer(s): A



Viewing page 8 of 21
Viewing questions 36 - 40 out of 100 questions



Post your Comments and Discuss BCS CISMP-V9 exam prep with other Community members:

Join the CISMP-V9 Discussion