Guaranteed Accomplishment with Newest Aug-2022 FREE PECB ISO-IEC-27001-Lead-Auditor
Use Valid New Free ISO-IEC-27001-Lead-Auditor Exam Dumps & Answers
PECB ISO-IEC-27001-Lead-Auditor Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
NEW QUESTION 54
What is the goal of classification of information?
- A. To create a manual about how to handle mobile devices
- B. Structuring information according to its sensitivity
- C. Applying labels making the information easier to recognize
Answer: B
NEW QUESTION 55
Which of the following factors does NOT contribute to the value of data for an organisation?
- A. The indispensability of data
- B. The importance of data for processes
- C. The content of data
- D. The correctness of data
Answer: C
NEW QUESTION 56
You receive an E-mail from some unknown person claiming to be representative of your bank and asking for your account number and password so that they can fix your account. Such an attempt of social engineering is called
- A. Phishing
- B. Spoofing
- C. Shoulder Surfing
- D. Mountaineering
Answer: A
NEW QUESTION 57
Which measure is a preventive measure?
- A. Shutting down all internet traffic after a hacker has gained access to the company systems
- B. Installing a logging system that enables changes in a system to be recognized
- C. Putting sensitive information in a safe
Answer: C
NEW QUESTION 58
Implement plan on a test basis - this comes under which section of PDCA
- A. Do
- B. Plan
- C. Check
- D. Act
Answer: A
NEW QUESTION 59
A decent visitor is roaming around without visitor's ID. As an employee you should do the following, except:
- A. Call the receptionist and inform about the visitor
- B. Say "hi" and offer coffee
- C. Escort him to his destination
- D. Greet and ask him what is his business
Answer: B
NEW QUESTION 60
Availability means
- A. Service should not be accessible when required
- B. Service should be accessible at the required time and usable by all
- C. Service should be accessible at the required time and usable only by the authorized entity
Answer: C
NEW QUESTION 61
Someone from a large tech company calls you on behalf of your company to check the health of your PC, and therefore needs your user-id and password. What type of threat is this?
- A. Social engineering threat
- B. Organisational threat
- C. Technical threat
- D. Malware threat
Answer: A
NEW QUESTION 62
Who are allowed to access highly confidential files?
- A. Employees with a business need-to-know
- B. Employees with signed NDA have a business need-to-know
- C. Contractors with a business need-to-know
- D. Non-employees designated with approved access and have signed NDA
Answer: B
NEW QUESTION 63
Backup media is kept in the same secure area as the servers. What risk may the organisation be exposed to?
- A. Unauthorised persons will have access to both the servers and backups
- B. After a server crash, it will take extra time to bring it back up again
- C. After a fire, the information systems cannot be restored
- D. Responsibility for the backups is not defined well
Answer: C
NEW QUESTION 64
Which is the glue that ties the triad together
- A. Technology
- B. People
- C. Process
- D. Collaboration
Answer: C
NEW QUESTION 65
What is the difference between a restricted and confidential document?
- A. Restricted - to be shared among an authorized group
Confidential - to be shared among named individuals - B. Restricted - to be shared among named individuals
Confidential - to be shared with friends and family - C. Restricted - to be shared among named individuals
Confidential - to be shared among an authorized group - D. Restricted - to be shared among named individuals
Confidential - to be shared across the organization only
Answer: C
NEW QUESTION 66
Which of the following is a technical security measure?
- A. Security policy
- B. Safe storage of backups
- C. Encryption
- D. User role profiles.
Answer: C
NEW QUESTION 67
Which of the following does an Asset Register contain? (Choose two)
- A. Asset Type
- B. Process ID
- C. Asset Owner
- D. Asset Modifier
Answer: A,C
NEW QUESTION 68
All are prohibited in acceptable use of information assets, except:
- A. Messages with very large attachments or to a large number ofrecipients.
- B. Electronic chain letters
- C. Company-wide e-mails with supervisor/TL permission.
- D. E-mail copies to non-essential readers
Answer: C
NEW QUESTION 69
A couple of years ago you started your company which has now grown from 1 to 20 employees. Your company's information is worth more and more and gone are the days when you could keep control yourself.
You are aware that you have to take measures, but what should they be? You hire a consultant who advises you to start with a qualitative risk analysis.
What is a qualitative risk analysis?
- A. This analysis is based on scenarios and situations and produces a subjective view of the possible threats.
- B. This analysis follows a precise statistical probability calculation in order to calculate exact loss caused by damage.
Answer: A
NEW QUESTION 70
There is a scheduled fire drill in your facility. What should you do?
- A. None of the above
- B. Participate in the drill
- C. Call in sick
- D. Excuse yourself by saying you have an urgent deliverable
Answer: B
NEW QUESTION 71
You are the lead auditor of the courier company SpeeDelivery. You have carried out a risk analysis and now want to determine your risk strategy. You decide to take measures for the large risks but not for the small risks.
What is this risk strategy called?
- A. Risk bearing
- B. Risk skipping
- C. Risk avoidance
- D. Risk neutral
Answer: A
NEW QUESTION 72
In the event of an Information security incident, system users' roles and responsibilities are to be observed, except:
- A. Make the information security incident details known to all employees
- B. Cooperate with investigative personnel during investigation if needed
- C. Preserve evidence if necessary
- D. Report suspected or known incidents upon discovery through the Servicedesk
Answer: A
NEW QUESTION 73
Cabling Security is associated with Power, telecommunication and network cabling carrying information are protected from interception and damage.
- A. False
- B. True
Answer: B
NEW QUESTION 74
What is a definition of compliance?
- A. A rule or directive made and maintained by an authority.
- B. An official or authoritative instruction
- C. Laws, considered collectively or the process of making or enacting laws
- D. The state or fact of according with or meeting rules or standards
Answer: D
NEW QUESTION 75
......
ISO-IEC-27001-Lead-Auditor Braindumps PDF, PECB ISO-IEC-27001-Lead-Auditor Exam Cram: https://actualtorrent.pdfdumps.com/ISO-IEC-27001-Lead-Auditor-valid-exam.html