[Oct 14, 2022] ISO-IEC-27001-Lead-Auditor PDF Dumps is essential on your ISO-IEC-27001-Lead-Auditor Exam Questions Certain Success!
ISO-IEC-27001-Lead-Auditor PDF Questions - Perfect Prospect To Go With ISO-IEC-27001-Lead-Auditor Practice Exam
PECB ISO-IEC-27001-Lead-Auditor Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
NEW QUESTION 18
A hacker gains access to a web server and reads the credit card numbers stored on that server. Which security principle is violated?
- A. Authenticity
- B. Integrity
- C. Confidentiality
- D. Availability
Answer: C
NEW QUESTION 19
You are the lead auditor of the courier company SpeeDelivery. You have carried out a risk analysis and now want to determine your risk strategy. You decide to take measures for the large risks but not for the small risks.
What is this risk strategy called?
- A. Risk skipping
- B. Risk avoidance
- C. Risk bearing
- D. Risk neutral
Answer: C
NEW QUESTION 20
Which is the glue that ties the triad together
- A. Technology
- B. Collaboration
- C. Process
- D. People
Answer: C
NEW QUESTION 21
Which of the following is an information security management system standard published by the International Organization for Standardization?
- A. ISO5501
- B. ISO22301
- C. ISO9008
- D. ISO27001
Answer: D
NEW QUESTION 22
What is the relationship between data and information?
- A. Data is structured information.
- B. Information is the meaning and value assigned to a collection of data.
Answer: B
NEW QUESTION 23
Integrity of data means
- A. Accuracy and completeness of the data
- B. Data should be viewable at all times
- C. Data should be accessed by only the right people
Answer: A
NEW QUESTION 24
Four types of Data Classification (Choose two)
- A. Restricted Data, Confidential Data
- B. Unrestricted Data, Highly Confidential Data
- C. Project Data, Highly Confidential Data
- D. Financial Data, Highly Confidential Data
Answer: A,B
NEW QUESTION 25
What is the standard definition of ISMS?
- A. A company wide business objectives to achieve information security awareness for establishing, implementing, operating, monitoring, reviewing, maintaining and improving
- B. A project-based approach to achieve business objectives for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organization's information security
- C. Is an information security systematic approach to achieve business objectives for implementation, establishing, reviewing,operating and maintaining organization's reputation.
- D. A systematic approach for establishing, implementing, operating,monitoring, reviewing, maintaining and improving an organization's information security to achieve business objectives.
Answer: D
NEW QUESTION 26
Which is not a requirement of HR prior to hiring?
- A. Must undergo Awareness training on information security.
- B. Undergo background verification
- C. Applicant must complete pre-employment documentation requirements
- D. Must successfully pass Background Investigation
Answer: A
NEW QUESTION 27
You have a hard copy of a customer design document that you want to dispose off. What would you do
- A. Shred it using a shredder
- B. Throw it in any dustbin
- C. Be environment friendly and reuse it for writing
- D. Give it to the office boy to reuse it for other purposes
Answer: A
NEW QUESTION 28
CMM stands for?
- A. Capability Maturity Model
- B. Capacity Maturity Matrix
- C. Capability Maturity Matrix
- D. Capable Mature Model
Answer: A
NEW QUESTION 29
In what part of the process to grant access to a system does the user present a token?
- A. Authentication
- B. Identification
- C. Verification
- D. Authorisation
Answer: B
NEW QUESTION 30
The following are purposes of Information Security, except:
- A. Minimize Business Risk
- B. Ensure Business Continuity
- C. Increase Business Assets
- D. Maximize Return on Investment
Answer: C
NEW QUESTION 31
Which department maintain's contacts with law enforcement authorities, regulatory bodies, information service providers and telecommunications service providers depending on the service required.
- A. CISO
- B. CSM
- C. COO
- D. MRO
Answer: A
NEW QUESTION 32
What type of compliancy standard, regulation or legislation provides a code of practice for information security?
- A. Computer criminality act
- B. IT Service Management
- C. ISO/IEC 27002
- D. Personal data protection act
Answer: C
NEW QUESTION 33
Cabling Security is associated with Power, telecommunication and network cabling carrying information are protected from interception and damage.
- A. True
- B. False
Answer: A
NEW QUESTION 34
In the event of an Information security incident, system users' roles and responsibilities are to be observed, except:
- A. Preserve evidence if necessary
- B. Cooperate with investigative personnel during investigation if needed
- C. Make the information security incident details known to all employees
- D. Report suspected or known incidents upon discovery through the Servicedesk
Answer: C
NEW QUESTION 35
You see a blue color sticker on certain physical assets. What does this signify?
- A. The asset is critical and the impact is restricted to an employee only
- B. The asset is very high critical and its failure affects the entire organization
- C. The asset with blue stickers should be kept air conditioned at all times
- D. The asset is high critical and its failure will affect a group/s/project's work in the organization
Answer: D
NEW QUESTION 36
In order to take out a fire insurance policy, an administration office must determine the value of the data that it manages.
Which factor is [b]not[/b] important for determining the value of data for an organization?
- A. The indispensability of data for the business processes.
- B. The importance of the business processes that make use of the data.
- C. The content of data.
- D. The degree to which missing, incomplete or incorrect data can be recovered.
Answer: C
NEW QUESTION 37
What is an example of a human threat?
- A. phishing
- B. fire
- C. a lightning strike
- D. thunderstrom
Answer: A
NEW QUESTION 38
An administration office is going to determine the dangers to which it is exposed.
What do we call a possible event that can have a disruptive effect on the reliability of information?
- A. threat
- B. vulnerability
- C. risk
- D. dependency
Answer: A
NEW QUESTION 39
A scenario wherein the city or location where the building(s) reside is / are not accessible.
- A. Country
- B. Component
- C. Facility
- D. City
Answer: D
NEW QUESTION 40
There is a network printer in the hallway of the company where you work. Many employees don't pick up their printouts immediately and leave them on the printer.
What are the consequences of this to the reliability of the information?
- A. The confidentiality of the information is no longer guaranteed.
- B. The integrity of the information is no longer guaranteed.
- C. The availability of the information is no longer guaranteed.
- D. The Security of the information is no longer guaranteed.
Answer: C
NEW QUESTION 41
In which order is an Information Security Management System set up?
- A. Implementation, operation, improvement, maintenance
- B. Establishment, operation, monitoring, improvement
- C. Establishment, implementation, operation, maintenance
- D. Implementation, operation, maintenance, establishment
Answer: C
NEW QUESTION 42
What is a definition of compliance?
- A. An official or authoritative instruction
- B. Laws, considered collectively or the process of making or enacting laws
- C. The state or fact of according with or meeting rules or standards
- D. A rule or directive made and maintained by an authority.
Answer: C
NEW QUESTION 43
......
ISO-IEC-27001-Lead-Auditor Exam with Accurate PECB Certified ISO/IEC 27001 Lead Auditor exam PDF Questions: https://actual4test.practicetorrent.com/ISO-IEC-27001-Lead-Auditor-practice-exam-torrent.html