This page was exported from Latest Exam Prep [ http://certify.vceprep.com ] Export date:Sat Sep 21 11:53:51 2024 / +0000 GMT ___________________________________________________ Title: [Nov-2022] ISO-IEC-27001-Lead-Auditor Exam Dumps - Free Demo & 365 Day Updates [Q49-Q68] --------------------------------------------------- [Nov-2022] ISO-IEC-27001-Lead-Auditor Exam Dumps - Free Demo & 365 Day Updates Free Sales Ending Soon - Use Real ISO-IEC-27001-Lead-Auditor PDF Questions PECB ISO-IEC-27001-Lead-Auditor Exam Syllabus Topics: TopicDetailsTopic 1Managing an ISOIEC 27001 audit program Preparation, Conducting, Closing of an ISOIEC 27001 auditTopic 2Interpret the ISOIEC 27001 requirements for an ISMS from the perspective of an auditor Information Security Management System (ISMS)Topic 3Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISOIEC 27001Topic 4Plan, conduct, and close an ISOIEC 27001 compliance audit Manage an ISOIEC 27001 audit program   Q49. You are the lead auditor of the courier company SpeeDelivery. You have carried out a risk analysis and now want to determine your risk strategy. You decide to take measures for the large risks but not for the small risks.What is this risk strategy called?  Risk bearing  Risk avoidance  Risk neutral  Risk skipping Q50. Which of the following does an Asset Register contain? (Choose two)  Asset Type  Asset Owner  Asset Modifier  Process ID Q51. An employee caught temporarily storing an MP3 file in his workstation will not receive an IR.  True  False Q52. What is the worst possible action that an employee may receive for sharing his or her password or access with others?  Forced roll off from the project  The lowest rating on his or her performance assessment  Three days suspension from work  Termination Q53. Which reliability aspect of information is compromised when a staff member denies having sent a message?  Confidentiality  Integrity  Availability  Correctness Q54. As a new member of the IT department you have noticed that confidential information has been leaked several times. This may damage the reputation of the company. You have been asked to propose an organisational measure to protect laptop computers. What is the first step in a structured approach to come up with this measure?  Appoint security staff  Encrypt all sensitive information  Formulate a policy  Set up an access control procedure Q55. Access Control System, CCTV and security guards are form of:  Environment Security  Access Control  Physical Security  Compliance Q56. What is social engineering?  A group planning for a social activity in the organization  Creating a situation wherein a third party gains confidential information from you  The organization planning an activity for welfare of the neighborhood Q57. Often, people do not pick up their prints from a shared printer. How can this affect the confidentiality of information?  Confidentiality cannot be guaranteed  Integrity cannot be guaranteed  Authenticity cannot be guaranteed  Availability cannot be guaranteed Q58. What type of compliancy standard, regulation or legislation provides a code of practice for information security?  ISO/IEC 27002  Personal data protection act  Computer criminality act  IT Service Management Q59. Who are allowed to access highly confidential files?  Employees with a business need-to-know  Contractors with a business need-to-know  Employees with signed NDA have a business need-to-know  Non-employees designated with approved access and have signed NDA Q60. Information or data that are classified as ______ do not require labeling.  Public  Internal  Confidential  Highly Confidential Q61. Which is the glue that ties the triad together  Process  People  Collaboration  Technology Q62. There was a fire in a branch of the company Midwest Insurance. The fire department quickly arrived at the scene and could extinguish the fire before it spread and burned down the entire premises. The server, however, was destroyed in the fire. The backup tapes kept in another room had melted and many other documents were lost for good.What is an example of the indirect damage caused by this fire?  Melted backup tapes  Burned computer systems  Burned documents  Water damage due to the fire extinguishers Q63. What is the relationship between data and information?  Data is structured information.  Information is the meaning and value assigned to a collection of data. Q64. Backup media is kept in the same secure area as the servers. What risk may the organisation be exposed to?  Unauthorised persons will have access to both the servers and backups  Responsibility for the backups is not defined well  After a fire, the information systems cannot be restored  After a server crash, it will take extra time to bring it back up again Q65. What type of system ensures a coherent Information Security organisation?  Federal Information Security Management Act (FISMA)  Information Technology Service Management System (ITSM)  Information Security Management System (ISMS)  Information Exchange Data System (IEDS) Q66. Someone from a large tech company calls you on behalf of your company to check the health of your PC, and therefore needs your user-id and password. What type of threat is this?  Social engineering threat  Organisational threat  Technical threat  Malware threat Q67. Which of the following is a technical security measure?  Encryption  Security policy  Safe storage of backups  User role profiles. Q68. Does the security have the right to ask you to display your ID badges and check your bags?  True  False  Loading … ISO-IEC-27001-Lead-Auditor Dumps - Pass Your Certification Exam: https://www.vceprep.com/ISO-IEC-27001-Lead-Auditor-latest-vce-prep.html --------------------------------------------------- Images: https://certify.vceprep.com/wp-content/plugins/watu/loading.gif https://certify.vceprep.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2022-11-10 12:37:21 Post date GMT: 2022-11-10 12:37:21 Post modified date: 2022-11-10 12:37:21 Post modified date GMT: 2022-11-10 12:37:21