ISO-IEC-27001-Lead-Auditor Premium PDF & Test Engine Files with 99 Questions & Answers
Get 100% Real ISO-IEC-27001-Lead-Auditor Exam Questions, Accurate & Verified Answers As Seen in the Real Exam!
NEW QUESTION 56
You receive the following mail from the IT support team: Dear User,Starting next week, we will be deleting all inactive email accounts in order to create spaceshare the below details in order to continue using your account. In case of no response, Name:
Email ID:
Password:
DOB:
Kindly contact the webmail team for any further support. Thanks for your attention.
Which of the following is the best response?
- A. Ignore the email
- B. Respond it by saying that one should not share the password with anyone
- C. One should not respond to these mails and report such email to your supervisor
Answer: C
NEW QUESTION 57
In which order is an Information Security Management System set up?
- A. Implementation, operation, improvement, maintenance
- B. Establishment, implementation, operation, maintenance
- C. Establishment, operation, monitoring, improvement
- D. Implementation, operation, maintenance, establishment
Answer: B
NEW QUESTION 58
How are data and information related?
- A. Data is a collection of structured and unstructured information
- B. Information consists of facts and statistics collected together for reference or analysis
- C. When meaning and value are assigned to data, it becomes information
Answer: C
NEW QUESTION 59
A hacker gains access to a webserver and can view a file on the server containing credit card numbers.
Which of the Confidentiality, Integrity, Availability (CIA) principles of the credit card file are violated?
- A. Integrity
- B. Availability
- C. Compliance
- D. Confidentiality
Answer: D
NEW QUESTION 60
Why do we need to test a disaster recovery plan regularly, and keep it up to date?
- A. Otherwise remotely stored backups may no longer be available to the security team
- B. Otherwise it is no longer up to date with the registration of daily occurring faults
- C. Otherwise the measures taken and the incident procedures planned may not be adequate
Answer: C
NEW QUESTION 61
Phishing is what type of Information Security Incident?
- A. Legal Incidents
- B. Technical Vulnerabilities
- C. Cracker/Hacker Attacks
- D. Private Incidents
Answer: C
NEW QUESTION 62
After a fire has occurred, what repressive measure can be taken?
- A. Extinguishing the fire after the fire alarm sounds
- B. Repairing all systems after the fire
- C. Buying in a proper fire insurance policy
Answer: A
NEW QUESTION 63
You work in the office of a large company. You receive a call from a person claiming to be from the Helpdesk. He asks you for your password.
What kind of threat is this?
- A. Organizational threat
- B. Natural threat
- C. Social Engineering
- D. Arason
Answer: C
NEW QUESTION 64
Which is the glue that ties the triad together
- A. Collaboration
- B. Process
- C. People
- D. Technology
Answer: B
NEW QUESTION 65
All are prohibited in acceptable use of information assets, except:
- A. Electronic chain letters
- B. E-mail copies to non-essential readers
- C. Company-wide e-mails with supervisor/TL permission.
- D. Messages with very large attachments or to a large number ofrecipients.
Answer: C
NEW QUESTION 66
What is the standard definition of ISMS?
- A. A company wide business objectives to achieve information security awareness for establishing, implementing, operating, monitoring, reviewing, maintaining and improving
- B. A systematic approach for establishing, implementing, operating,monitoring, reviewing, maintaining and improving an organization's information security to achieve business objectives.
- C. Is an information security systematic approach to achieve business objectives for implementation, establishing, reviewing,operating and maintaining organization's reputation.
- D. A project-based approach to achieve business objectives for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organization's information security
Answer: B
NEW QUESTION 67
A well-executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives.
What is not one of the four main objectives of a risk analysis?
- A. Determining relevant vulnerabilities and threats
- B. Identifying assets and their value
- C. Implementing counter measures
- D. Establishing a balance between the costs of an incident and the costs of a security measure
Answer: C
NEW QUESTION 68
Which of the following is a technical security measure?
- A. Safe storage of backups
- B. Encryption
- C. User role profiles.
- D. Security policy
Answer: B
NEW QUESTION 69
The computer room is protected by a pass reader. Only the System Management department has a pass.
What type of security measure is this?
- A. a physical security measure
- B. a repressive security measure
- C. a logical security measure
- D. a corrective security measure
Answer: A
NEW QUESTION 70
Which of the following is a preventive security measure?
- A. Installing logging and monitoring software
- B. Storing sensitive information in a data save
- C. Shutting down the Internet connection after an attack
Answer: B
NEW QUESTION 71
A fire breaks out in a branch office of a health insurance company. The personnel are transferred to neighboring branches to continue their work.
Where in the incident cycle is moving to a stand-by arrangements found?
- A. between threat and incident
- B. between damage and recovery
- C. between incident and damage
- D. between recovery and threat
Answer: C
NEW QUESTION 72
Does the security have the right to ask you to display your ID badges and check your bags?
- A. False
- B. True
Answer: B
NEW QUESTION 73
......
PECB ISO-IEC-27001-Lead-Auditor Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
ISO-IEC-27001-Lead-Auditor Premium Files Practice Valid Exam Dumps Question: https://actualtorrent.pdfdumps.com/ISO-IEC-27001-Lead-Auditor-valid-exam.html