Use this quick start guide to collect all the information about EXIN ISFS Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the EXIN Information Security Foundation based on ISO IEC 27001 (ISFS) exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual EXIN Information Security Foundation based on ISO IEC 27001 certification exam.
The EXIN ISFS certification is mainly targeted to those candidates who want to build their career in Data Protection and Security domain. The EXIN Information Security Foundation based on ISO IEC 27001 exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of EXIN ISFS.
EXIN ISFS Exam Summary:
| Exam Name | EXIN Information Security Foundation based on ISO IEC 27001 |
| Exam Code | ISFS |
| Exam Price | $262 (USD) |
| Duration | 60 mins |
| Number of Questions | 40 |
| Passing Score | 65% |
| Books / Training | EXIN and e-CF Competences |
| Schedule Exam | Pearson VUE |
| Sample Questions | EXIN ISFS Sample Questions |
| Practice Exam | EXIN ISFS Certification Practice Exam |
EXIN ISFS Exam Syllabus Topics:
| Topic | Details | Weights |
|---|---|---|
Information and security - 27.5% |
||
| Concepts relating to information |
The candidate can… - explain the difference between data and information. - explain information security management concepts. |
10% |
| Reliability aspects |
The candidate can… - explain the value of the CIA-triangle. - describe the concepts accountability and auditability. |
7.5% |
| Securing information in the organization |
The candidate can… - outline the objectives and the content of an information security policy. - explain how to ensure information security when working with suppliers. - outline roles and responsibilities relating to information security. |
10% |
Threats and risks - 12.5% |
||
| Threats and risks |
The candidate can… - explain threat, risk, and risk management. - describe types of damage. - describe risk strategies. - describe risk analysis. |
12.5% |
Security controls - 52.5% |
||
| Outlining security controls |
The candidate can… - give examples of each type of security control. |
2.5% |
| Organizational controls |
The candidate can… - explain how to classify information assets. - describe controls to manage access to information. - explain threat and vulnerability management, project management, and incident management in information security. - explain the value of business continuity. - describe the value of audits and reviews. |
15% |
| People controls |
The candidate can… - explain how to enhance information security through contracts and agreements. - explain how to attain awareness regarding information security. |
7.5% |
| Physical controls |
The candidate can… - describe entry controls. - describe how to protect information inside secure areas. - explain how protection rings work. |
10% |
| Technical controls |
The candidate can… - outline how to manage information assets. - describe how to develop systems with information security in mind. - name controls that ensure network security. - describe technical controls to manage access. - describe how to protect information systems against malware, phishing, and spam. - explain how recording and monitoring contribute to information security. |
17.5% |
Legislation, regulations, and standards - 7.5% |
||
| Legislation and regulations |
The candidate can… - give examples of legislation and regulations relating to information security. |
2.5% |
| Standards |
The candidate can… - outline the ISO/IEC 27000, ISO/IEC 27001, and ISO/IEC 27002 standards. - outline other standards relating to information security. |
5% |
To ensure success in EXIN ISFS certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for EXIN Information Security Foundation based on ISO IEC 27001 (ISFS) exam.