• Home
  • Articles
  • ISO-IEC-27001-Lead-Implementer Practice Exam Tests Latest Updated on Oct-2021 [Q25-Q45]

ISO-IEC-27001-Lead-Implementer Practice Exam Tests Latest Updated on Oct-2021 [Q25-Q45]

Share

ISO-IEC-27001-Lead-Implementer Practice Exam Tests Latest Updated on Oct-2021

Pass ISO-IEC-27001-Lead-Implementer Exam in First Attempt Guaranteed Dumps!

NEW QUESTION 25
What do employees need to know to report a security incident?

  • A. Whether the incident has occurred before and what was the resulting damage.
  • B. Who is responsible for the incident and whether it was intentional.
  • C. How to report an incident and to whom.
  • D. The measures that should have been taken to prevent the incident in the first place.

Answer: C

 

NEW QUESTION 26
What is the best description of a risk analysis?

  • A. A risk analysis calculates the exact financial consequences of damages.
  • B. A risk analysis helps to estimate the risks and develop the appropriate security measures.
  • C. A risk analysis is a method of mapping risks without looking at company processes.

Answer: B

 

NEW QUESTION 27
Which of the following measures is a preventive measure?

  • A. Shutting down all internet traffic after a hacker has gained access to thecompany systems
  • B. Putting sensitive information in a safe
  • C. Installing a logging system that enables changes in a system to be recognized
  • D. Classifying a risk as acceptable because the cost of addressing the threat is higher than the value of the information at risk

Answer: B

 

NEW QUESTION 28
A company moves into a new building. A few weeks after the move, a visitor appears unannounced in the office of the director. An investigation shows that visitors passes grant the same access as the passes of the company's staff. Which kind of security measure could have prevented this?

  • A. A technical security measure
  • B. physical security measure
  • C. An organizational security measure

Answer: B

 

NEW QUESTION 29
Why is compliance important forthe reliability of the information?

  • A. By meeting the legislative requirements and theregulations of both the government and internal management, an organization shows that it manages its information in a sound manner.
  • B. When an organization employs a standard such as the ISO/IEC 27002 and uses it everywhere, it is compliant and thereforeit guarantees the reliability of its information.
  • C. When an organization is compliant, it meets the requirements of privacy legislation and, in doing so, protects the reliability of its information.
  • D. Compliance is another word for reliability. So, if a company indicates that it is compliant, it means that the information is managed properly.

Answer: A

 

NEW QUESTION 30
Prior to employment, _________ as well as terms & conditions of employment are included as controls in ISO
27002 to ensure that employees and contractors understand their responsibilities and are suitable for the roles for which they are considered.

  • A. authorizing
  • B. screening
  • C. controlling
  • D. flexing

Answer: B

 

NEW QUESTION 31
The company Midwest Insurance has taken many measures to protect its information. It uses an Information Security Management System, the input and output of data in applications is validated, confidential documents are sent in encrypted form and staff use tokens to access information systems. Which of these is not a technical measure?

  • A. Encryption ofinformation
  • B. Validation of input and output data in applications
  • C. The use of tokens to gain access to information systems
  • D. Information Security Management System

Answer: D

 

NEW QUESTION 32
The identified owner of an asset is always an individual

  • A. False
  • B. True

Answer: A

 

NEW QUESTION 33
What is the most important reason for applying the segregation of duties?

  • A. Segregation of duties makes it clear who is responsible for what.
  • B. Segregation of duties makes it easier for a person who is readywith his or her part of the work to take time off or to take over the work of another person.
  • C. Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.
  • D. Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.

Answer: C

 

NEW QUESTION 34
You are a consultant and areregularly hired by the Ministry of Defense to perform analysis. Since the assignments are irregular, you outsource the administration of your business to temporary workers. You don't want the temporary workers to have access to your reports.
Which reliability aspect of the information in your reports must you protect?

  • A. Integrity
  • B. Availability
  • C. Confidentiality

Answer: C

 

NEW QUESTION 35
Select the controls that correspond to thedomain "9. ACCESS CONTROL" of ISO / 27002 (Choose three)

  • A. Restriction of access to information
  • B. Return of assets
  • C. Withdrawal or adaptation of access rights
  • D. Management of access rights with special privileges

Answer: A,B,C

 

NEW QUESTION 36
You apply for a position in another company and get the job. Along with your contract, you are asked to sign a code of conduct. What is a code of conduct?

  • A. A code of conduct is a standard part of a labor contract.
  • B. A code of conduct differs from company to company and specifies, among other things, the rules of behavior with regard to the usage of information systems.
  • C. A code ofconduct specifies how employees are expected to conduct themselves and is the same for all companies.

Answer: B

 

NEW QUESTION 37
Who is authorized to change the classification of a document?

  • A. The owner of the document
  • B. The manager of the owner of the document
  • C. The administrator of the document
  • D. The author of the document

Answer: A

 

NEW QUESTION 38
Physical labels and ________ are two common forms of labeling which are mentioned in ISO 27002.

  • A. metadata
  • B. bridge
  • C. teradata

Answer: A

 

NEW QUESTION 39
Midwest Insurance grades the monthly report of all claimed losses per insured as confidential. What is accomplished if all other reports from this insurance office are also assigned the appropriate grading?

  • A. Everyone can easily see how sensitive the reports' contents are by consulting the grading label.
  • B. A determination can be made as to which report should be printed firstand which ones can wait a little longer.
  • C. The costs for automating are easier to charge to the responsible departments.
  • D. Reports can be developed more easily and with fewer errors.

Answer: A

 

NEW QUESTION 40
One of the ways Internet of Things (IoT) devices can communicate with each other (or 'the outside world') is using a so-called short-range radio protocol. Which kind of short-range radio protocol makes it possible to use your phone as a credit card?

  • A. Radio Frequency Identification (RFID)
  • B. The 4G protocol
  • C. Bluetooth
  • D. Near Field Communication (NFC)

Answer: D

 

NEW QUESTION 41
You have juststarted working at a large organization. You have been asked to sign a code of conduct as well as a contract. What does the organization wish to achieve with this?

  • A. A code of conduct gives staff guidance on how to report suspected misuses of IT facilities.
  • B. A code of conduct prevents a virus outbreak.
  • C. A code of conduct is alegal obligation that organizations have to meet.
  • D. A code of conduct helps to prevent the misuse of IT facilities.

Answer: D

 

NEW QUESTION 42
Susan sends an email to Paul. Who determines the meaning and the value of information in this email?

  • A. Susan, the sender of the information.
  • B. Paul, therecipient of the information.
  • C. Paul and Susan, the sender and the recipient of the information.

Answer: B

 

NEW QUESTION 43
Logging in to a computer system is an access-granting process consisting of three steps: identification, authentication and authorization. What occurs during the first step of this process: identification?

  • A. Thefirst step consists of checking if the user is using the correct certificate.
  • B. The first step consists of granting access to the information to which the user is authorized.
  • C. The first step consists of checking if the user appears on the list of authorized users.
  • D. The first step consists of comparing the password with the registered password.

Answer: C

 

NEW QUESTION 44
What is an example of a security incident?

  • A. The lighting in the department no longer works.
  • B. A file is saved under an incorrect name.
  • C. A member of staff loses a laptop.
  • D. You cannot set the correct fonts in your word processing software.

Answer: C

 

NEW QUESTION 45
......

ISO 27001  Free Certification Exam Material from ActualPDF with 50 Questions: https://www.actualpdf.com/ISO-IEC-27001-Lead-Implementer_exam-dumps.html

ISO-IEC-27001-Lead-Implementer Dumps Full Questions - Exam Study Guide: https://drive.google.com/open?id=1wsppv4MLtC9_gWIkID7hDkdS5ZwgXyXO

Related Articles

more
PECB ISO-IEC-27001-Lead-Implementer Certification Practice Exam