ISO-IEC-27001-Lead-Auditor Certification - The Ultimate Guide [Updated 2023] ISO-IEC-27001-Lead-Auditor Practice Exam and Study Guides - Verified By Exam4Free PECB ISO-IEC-27001-Lead-Auditor Exam Syllabus Topics: TopicDetailsTopic 1Interpret the ISOIEC 27001 requirements for an ISMS from the perspective of an auditor Information Security Management System (ISMS)Topic 2Managing an ISOIEC 27001 audit [...]

[Q58-Q83] ISO-IEC-27001-Lead-Auditor Certification - The Ultimate Guide [Updated 2023]

Share

ISO-IEC-27001-Lead-Auditor Certification - The Ultimate Guide [Updated 2023]

ISO-IEC-27001-Lead-Auditor Practice Exam and Study Guides - Verified By Exam4Free


PECB ISO-IEC-27001-Lead-Auditor Exam Syllabus Topics:

TopicDetails
Topic 1
  • Interpret the ISO
  • IEC 27001 requirements for an ISMS from the perspective of an auditor
  • Information Security Management System (ISMS)
Topic 2
  • Managing an ISO
  • IEC 27001 audit program
  • Preparation, Conducting, Closing of an ISO
  • IEC 27001 audit
Topic 3
  • Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO
  • IEC 27001
Topic 4
  • Plan, conduct, and close an ISO
  • IEC 27001 compliance audit
  • Manage an ISO
  • IEC 27001 audit program
Topic 5
  • Fundamental audit concepts and principles
  • Fundamental principles and concepts of Information Security Management System (ISMS)

 

NEW QUESTION 58
The following are purposes of Information Security, except:

  • A. Increase Business Assets
  • B. Ensure Business Continuity
  • C. Maximize Return on Investment
  • D. Minimize Business Risk

Answer: A

 

NEW QUESTION 59
There was a fire in a branch of the company Midwest Insurance. The fire department quickly arrived at the scene and could extinguish the fire before it spread and burned down the entire premises. The server, however, was destroyed in the fire. The backup tapes kept in another room had melted and many other documents were lost for good.
What is an example of the indirect damage caused by this fire?

  • A. Burned computer systems
  • B. Water damage due to the fire extinguishers
  • C. Burned documents
  • D. Melted backup tapes

Answer: B

 

NEW QUESTION 60
Integrity of data means

  • A. Data should be accessed by only the right people
  • B. Accuracy and completeness of the data
  • C. Data should be viewable at all times

Answer: B

 

NEW QUESTION 61
In which order is an Information Security Management System set up?

  • A. Implementation, operation, improvement, maintenance
  • B. Establishment, operation, monitoring, improvement
  • C. Implementation, operation, maintenance, establishment
  • D. Establishment, implementation, operation, maintenance

Answer: D

 

NEW QUESTION 62
A well-executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives.
What is not one of the four main objectives of a risk analysis?

  • A. Identifying assets and their value
  • B. Implementing counter measures
  • C. Establishing a balance between the costs of an incident and the costs of a security measure
  • D. Determining relevant vulnerabilities and threats

Answer: B

 

NEW QUESTION 63
Who is authorized to change the classification of a document?

  • A. The owner of the document
  • B. The manager of the owner of the document
  • C. The administrator of the document
  • D. The author of the document

Answer: A

 

NEW QUESTION 64
What is the relationship between data and information?

  • A. Information is the meaning and value assigned to a collection of data.
  • B. Data is structured information.

Answer: A

 

NEW QUESTION 65
Changes to the information processing facilities shall be done in controlled manner.

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 66
All are prohibited in acceptable use of information assets, except:

  • A. Company-wide e-mails with supervisor/TL permission.
  • B. Messages with very large attachments or to a large number ofrecipients.
  • C. E-mail copies to non-essential readers
  • D. Electronic chain letters

Answer: A

 

NEW QUESTION 67
Information or data that are classified as ______ do not require labeling.

  • A. Confidential
  • B. Highly Confidential
  • C. Internal
  • D. Public

Answer: D

 

NEW QUESTION 68
In the event of an Information security incident, system users' roles and responsibilities are to be observed, except:

  • A. Preserve evidence if necessary
  • B. Make the information security incident details known to all employees
  • C. Report suspected or known incidents upon discovery through the Servicedesk
  • D. Cooperate with investigative personnel during investigation if needed

Answer: B

 

NEW QUESTION 69
Which measure is a preventive measure?

  • A. Shutting down all internet traffic after a hacker has gained access to the company systems
  • B. Putting sensitive information in a safe
  • C. Installing a logging system that enables changes in a system to be recognized

Answer: B

 

NEW QUESTION 70
There is a network printer in the hallway of the company where you work. Many employees don't pick up their printouts immediately and leave them on the printer.
What are the consequences of this to the reliability of the information?

  • A. The confidentiality of the information is no longer guaranteed.
  • B. The integrity of the information is no longer guaranteed.
  • C. The availability of the information is no longer guaranteed.
  • D. The Security of the information is no longer guaranteed.

Answer: C

 

NEW QUESTION 71
What is the security management term for establishing whether someone's identity is correct?

  • A. Authentication
  • B. Identification
  • C. Authorisation
  • D. Verification

Answer: A

 

NEW QUESTION 72
Someone from a large tech company calls you on behalf of your company to check the health of your PC, and therefore needs your user-id and password. What type of threat is this?

  • A. Organisational threat
  • B. Social engineering threat
  • C. Technical threat
  • D. Malware threat

Answer: B

 

NEW QUESTION 73
What type of system ensures a coherent Information Security organisation?

  • A. Information Security Management System (ISMS)
  • B. Information Technology Service Management System (ITSM)
  • C. Information Exchange Data System (IEDS)
  • D. Federal Information Security Management Act (FISMA)

Answer: A

 

NEW QUESTION 74
Backup media is kept in the same secure area as the servers. What risk may the organisation be exposed to?

  • A. After a server crash, it will take extra time to bring it back up again
  • B. Unauthorised persons will have access to both the servers and backups
  • C. Responsibility for the backups is not defined well
  • D. After a fire, the information systems cannot be restored

Answer: D

 

NEW QUESTION 75
What is social engineering?

  • A. Creating a situation wherein a third party gains confidential information from you
  • B. The organization planning an activity for welfare of the neighborhood
  • C. A group planning for a social activity in the organization

Answer: A

 

NEW QUESTION 76
An administration office is going to determine the dangers to which it is exposed.
What do we call a possible event that can have a disruptive effect on the reliability of information?

  • A. threat
  • B. vulnerability
  • C. dependency
  • D. risk

Answer: A

 

NEW QUESTION 77
A decent visitor is roaming around without visitor's ID. As an employee you should do the following, except:

  • A. Call the receptionist and inform about the visitor
  • B. Escort him to his destination
  • C. Greet and ask him what is his business
  • D. Say "hi" and offer coffee

Answer: D

 

NEW QUESTION 78
You receive the following mail from the IT support team: Dear User,Starting next week, we will be deleting all inactive email accounts in order to create spaceshare the below details in order to continue using your account. In case of no response, Name:
Email ID:
Password:
DOB:
Kindly contact the webmail team for any further support. Thanks for your attention.
Which of the following is the best response?

  • A. Respond it by saying that one should not share the password with anyone
  • B. Ignore the email
  • C. One should not respond to these mails and report such email to your supervisor

Answer: C

 

NEW QUESTION 79
Below is Purpose of "Integrity", which is one of the Basic Components of Information Security

  • A. the property that information is not made available or disclosed to unauthorized individuals
  • B. the property that information is not made available or disclosed to unauthorized individuals
  • C. the property of safeguarding the accuracy and completeness of assets.
  • D. the property of being accessible and usable upon demand by an authorized entity.

Answer: C

 

NEW QUESTION 80
What is the standard definition of ISMS?

  • A. A project-based approach to achieve business objectives for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organization's information security
  • B. A systematic approach for establishing, implementing, operating,monitoring, reviewing, maintaining and improving an organization's information security to achieve business objectives.
  • C. Is an information security systematic approach to achieve business objectives for implementation, establishing, reviewing,operating and maintaining organization's reputation.
  • D. A company wide business objectives to achieve information security awareness for establishing, implementing, operating, monitoring, reviewing, maintaining and improving

Answer: B

 

NEW QUESTION 81
Which of the following is not a type of Information Security attack?

  • A. Privacy Incidents
  • B. Legal Incidents
  • C. Vehicular Incidents
  • D. Technical Vulnerabilities

Answer: C

 

NEW QUESTION 82
Often, people do not pick up their prints from a shared printer. How can this affect the confidentiality of information?

  • A. Integrity cannot be guaranteed
  • B. Authenticity cannot be guaranteed
  • C. Confidentiality cannot be guaranteed
  • D. Availability cannot be guaranteed

Answer: C

 

NEW QUESTION 83
......

Ultimate Guide to the ISO-IEC-27001-Lead-Auditor - Latest Edition Available Now: https://torrentvce.exam4free.com/ISO-IEC-27001-Lead-Auditor-valid-dumps.html