How To Become An ISO-IEC-27001 Lead Auditor?

How To Become An ISO-IEC-27001 Lead Auditor? You can sit for the exam and apply for a “PECB Certified ISO/IEC 27001 Lead Auditor” credential. By holding a PECB Lead Auditor Certificate, you will demonstrate that you have the capabilities and competencies to audit organizations based on best practices. We have prepared SO-IEC-27001 Lead Auditor sample questions to assist you in properly preparing for the test. If you want to pass the ISO-IEC-27001 Lead Auditor exam in the 1st try, FreeTestShare ISO-IEC-27001 Lead Auditor dumps are the best study materials for your preparation.

Now is the time to put your skills to the test with these online practice exams!

Page 1 of 3

1. How is the purpose of information security policy best described?

An information security policy documents the analysis of risks and the search for countermeasures.

An information security policy provides direction and support to the management regarding information security.

An information security policy makes the security plan concrete by providing it with the necessary details.

An information security policy provides insight into threats and the possible consequences.

 Loading...

2. Which of the following is a possible event that can have a disruptive effect on the reliability of information?

Threat

Risk

Vulnerability

Dependency

 Loading...

3. __________ is a software used or created by hackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems.

Trojan

Operating System

Virus

Malware

 Loading...

4. An employee caught with offense of abusing the internet, such as P2P file sharing or video/audio streaming, will not receive a warning for committing such act but will directly receive an IR.

True

False

 Loading...

5. In what part of the process to grant access to a system does the user present a token?

Authorisation

Verification

Authentication

Identification

 Loading...

6. Information Security is a matter of building and maintaining ________ .

Confidentiality

Trust

Protection

Firewalls

 Loading...

7. A decent visitor is roaming around without visitor's ID. As an employee you should do the following, except:

Say "hi" and offer coffee

Call the receptionist and inform about the visitor

Greet and ask him what is his business

Escort him to his destination

 Loading...

8. Which of the following does a lack of adequate security controls represent?

Asset

Vulnerability

Impact

Threat

 Loading...

9. A hacker gains access to a webserver and can view a file on the server containing credit card numbers.

Which of the Confidentiality, Integrity, Availability (CIA) principles of the credit card file are violated?

Availability

Confidentiality

Integrity

Compliance

 Loading...

10. The following are the guidelines to protect your password, except:

Don't use the same password for various company system security access

Do not share passwords with anyone

For easy recall, use the same password for company and personal accounts

Change a temporary password on first log-on

 Loading...

Page 2 of 3

11. There is a network printer in the hallway of the company where you work. Many employees don’t pick up their printouts immediately and leave them on the printer.

What are the consequences of this to the reliability of the information?

The integrity of the information is no longer guaranteed.

The availability of the information is no longer guaranteed.

The confidentiality of the information is no longer guaranteed.

The Security of the information is no longer guaranteed.

 Loading...

12. Below is Purpose of "Integrity", which is one of the Basic Components of Information Security

the property that information is not made available or disclosed to unauthorized individuals

the property of safeguarding the accuracy and completeness of assets.

the property that information is not made available or disclosed to unauthorized individuals

the property of being accessible and usable upon demand by an authorized entity.

 Loading...

13. What is the relationship between data and information?

Data is structured information.

Information is the meaning and value assigned to a collection of data.

 Loading...

14. Information has a number of reliability aspects. Reliability is constantly being threatened. Examples of threats are: a cable becomes loose, someone alters information by accident, data is used privately or is falsified.

Which of these examples is a threat to integrity?

a loose cable

accidental alteration of data

private use of data

System restart

 Loading...

15. You see a blue color sticker on certain physical assets.

What does this signify?

The asset is very high critical and its failure affects the entire organization

The asset with blue stickers should be kept air conditioned at all times

The asset is high critical and its failure will affect a group/s/project's work in the organization

The asset is critical and the impact is restricted to an employee only

 Loading...

16. As a new member of the IT department you have noticed that confidential information has been leaked several times. This may damage the reputation of the company. You have been asked to propose an organisational measure to protect laptop computers.

What is the first step in a structured approach to come up with this measure?

Appoint security staff

Encrypt all sensitive information

Formulate a policy

Set up an access control procedure

 Loading...

17. After a devastating office fire, all staff are moved to other branches of the company. At what moment in the incident management process is this measure effectuated?

Between incident and damage

Between detection and classification

Between recovery and normal operations

Between classification and escalation

 Loading...

18. What is the difference between a restricted and confidential document?

Restricted - to be shared among an authorized group Confidential - to be shared among named individuals

Restricted - to be shared among named individuals Confidential - to be shared among an authorized group

Restricted - to be shared among named individuals Confidential - to be shared across the organization only

Restricted - to be shared among named individuals Confidential - to be shared with friends and family

 Loading...

19. There is a scheduled fire drill in your facility.

What should you do?

Participate in the drill

Excuse yourself by saying you have an urgent deliverable

Call in sick

None of the above

 Loading...

20. Which reliability aspect of information is compromised when a staff member denies having sent a message?

Confidentiality

Integrity

Availability

Correctness

 Loading...

Page 3 of 3

21. We can leave laptops during weekdays or weekends in locked bins.

True

False

 Loading...

22. Which of the following is a technical security measure?

Encryption

Security policy

Safe storage of backups

User role profiles.

 Loading...

23. A fire breaks out in a branch office of a health insurance company. The personnel are transferred to neighboring branches to continue their work.

Where in the incident cycle is moving to a stand-by arrangements found?

between threat and incident

between recovery and threat

between damage and recovery

between incident and damage

 Loading...

24. What is a definition of compliance?

Laws, considered collectively or the process of making or enacting laws

The state or fact of according with or meeting rules or standards

An official or authoritative instruction

A rule or directive made and maintained by an authority.

 Loading...

25. A member of staff denies sending a particular message.

Which reliability aspect of information is in danger here?

availability

correctness

integrity

confidentiality

 Loading...

 Loading...