ISO-IEC-27001-Lead-Auditor Actual Questions Answers PDF 100% Cover Real Exam Questions
ISO-IEC-27001-Lead-Auditor Exam questions and answers
NEW QUESTION 14
What is we do in ACT - From PDCA cycle
- A. Take actions to continually monitor process performance
- B. Take actions to continually improve process performance
- C. Take actions to continually improve people performance
- D. Take actions to continually monitor process performance
Answer: B
NEW QUESTION 15
An employee caught temporarily storing an MP3 file in his workstation will not receive an IR.
- A. True
- B. False
Answer: B
NEW QUESTION 16
Which of the following is a technical security measure?
- A. User role profiles.
- B. Safe storage of backups
- C. Security policy
- D. Encryption
Answer: D
NEW QUESTION 17
An administration office is going to determine the dangers to which it is exposed.
What do we call a possible event that can have a disruptive effect on the reliability of information?
- A. vulnerability
- B. threat
- C. risk
- D. dependency
Answer: B
NEW QUESTION 18
A hacker gains access to a webserver and can view a file on the server containing credit card numbers.
Which of the Confidentiality, Integrity, Availability (CIA) principles of the credit card file are violated?
- A. Integrity
- B. Confidentiality
- C. Availability
- D. Compliance
Answer: B
NEW QUESTION 19
Does the security have the right to ask you to display your ID badges and check your bags?
- A. True
- B. False
Answer: A
NEW QUESTION 20
A planning process that introduced the concept of planning as a cycle that forms the basis for continuous improvement is called:
- A. time based planning.
- B. plan, do, check, act.
- C. RACI Matrix
- D. planning for continuous improvement.
Answer: B
NEW QUESTION 21
In the event of an Information security incident, system users' roles and responsibilities are to be observed, except:
- A. Cooperate with investigative personnel during investigation if needed
- B. Make the information security incident details known to all employees
- C. Report suspected or known incidents upon discovery through the Servicedesk
- D. Preserve evidence if necessary
Answer: B
NEW QUESTION 22
As a new member of the IT department you have noticed that confidential information has been leaked several times. This may damage the reputation of the company. You have been asked to propose an organisational measure to protect laptop computers. What is the first step in a structured approach to come up with this measure?
- A. Formulate a policy
- B. Encrypt all sensitive information
- C. Appoint security staff
- D. Set up an access control procedure
Answer: A
NEW QUESTION 23
We can leave laptops during weekdays or weekends in locked bins.
- A. True
- B. False
Answer: B
NEW QUESTION 24
CEO sends a mail giving his views on the status of the company and the company's future strategy and the CEO's vision and the employee's part in it. The mail should be classified as
- A. Public Mail
- B. Restricted Mail
- C. Confidential Mail
- D. Internal Mail
Answer: D
NEW QUESTION 25
Implement plan on a test basis - this comes under which section of PDCA
- A. Act
- B. Do
- C. Check
- D. Plan
Answer: B
NEW QUESTION 26
A member of staff denies sending a particular message.
Which reliability aspect of information is in danger here?
- A. integrity
- B. availability
- C. confidentiality
- D. correctness
Answer: A
NEW QUESTION 27
What is the purpose of an Information Security policy?
- A. An information security policy provides direction and support to the management regarding information security
- B. An information security policy provides insight into threats and the possible consequences
- C. An information security policy documents the analysis of risks and the search for countermeasures
- D. An information security policy makes the security plan concrete by providing the necessary details
Answer: A
NEW QUESTION 28
Someone from a large tech company calls you on behalf of your company to check the health of your PC, and therefore needs your user-id and password. What type of threat is this?
- A. Organisational threat
- B. Malware threat
- C. Technical threat
- D. Social engineering threat
Answer: D
NEW QUESTION 29
After a fire has occurred, what repressive measure can be taken?
- A. Buying in a proper fire insurance policy
- B. Extinguishing the fire after the fire alarm sounds
- C. Repairing all systems after the fire
Answer: B
NEW QUESTION 30
The computer room is protected by a pass reader. Only the System Management department has a pass.
What type of security measure is this?
- A. a physical security measure
- B. a corrective security measure
- C. a logical security measure
- D. a repressive security measure
Answer: A
NEW QUESTION 31
How is the purpose of information security policy best described?
- A. An information security policy makes the security plan concrete by providing it with the necessary details.
- B. An information security policy documents the analysis of risks and the search for countermeasures.
- C. An information security policy provides direction and support to the management regarding information security.
- D. An information security policy provides insight into threats and the possible consequences.
Answer: C
NEW QUESTION 32
Integrity of data means
- A. Accuracy and completeness of the data
- B. Data should be viewable at all times
- C. Data should be accessed by only the right people
Answer: A
NEW QUESTION 33
Which of the following is a possible event that can have a disruptive effect on the reliability of information?
- A. Vulnerability
- B. Risk
- C. Threat
- D. Dependency
Answer: C
NEW QUESTION 34
......
ExamsTorrent ISO-IEC-27001-Lead-Auditor Exam Practice Test Questions : https://www.examstorrent.com/ISO-IEC-27001-Lead-Auditor-exam-dumps-torrent.html
Pass ISO-IEC-27001-Lead-Auditor Exam Info and Free Practice Test : https://drive.google.com/open?id=1QUm0SvxyddqtpFI3C5Su5Q5pqzw0QZMV