• Home
  • Articles
  • [Dec 01, 2021] Free ISO 27001 ISO-IEC-27001-Lead-Implementer Official Cert Guide PDF Download [Q12-Q32]

[Dec 01, 2021] Free ISO 27001 ISO-IEC-27001-Lead-Implementer Official Cert Guide PDF Download [Q12-Q32]

Share

[Dec 01, 2021] Free ISO 27001 ISO-IEC-27001-Lead-Implementer Official Cert Guide PDF Download

PECB ISO-IEC-27001-Lead-Implementer Official Cert Guide PDF

NEW QUESTION 12
Companies use 27002 for compliance for which of the following reasons:

  • A. A structured program that helps with security and compliance
  • B. Explicit requirements for all regulations
  • C. Compliance with ISO 27002 is sufficient to comply with all regulations

Answer: A

 

NEW QUESTION 13
In the context ofcontact with special interest groups, any information-sharing agreements should identify requirements for the protection of _________ information.

  • A. Confidential
  • B. Availability
  • C. Authentic
  • D. Authorization

Answer: A

 

NEW QUESTION 14
We can acquire and supply information in various ways. The value of the information depends on whether it is reliable. What are the reliability aspects of information?

  • A. Availability, Information Value and Confidentiality
  • B. Availability, Integrity and Completeness
  • C. Availability, Integrity and Confidentiality
  • D. Timeliness, Accuracy and Completeness

Answer: C

 

NEW QUESTION 15
Which of these control objectives are NOT in the domain "12.OPERATIONAL SAFETY"?

  • A. Protection against malicious code
  • B. Redundancies
  • C. Technical vulnerability management
  • D. Test data

Answer: B

 

NEW QUESTION 16
It is allowed that employees and contractors are provided with an anonymous reporting channel to report violations of information security policies or procedures ("whistle blowing")

  • A. False
  • B. True

Answer: B

 

NEW QUESTION 17
Midwest Insurance grades the monthly report of all claimed losses per insured as confidential. What is accomplished if all other reports from this insurance office are also assigned the appropriate grading?

  • A. Everyone can easily see how sensitive the reports' contents are by consulting the grading label.
  • B. The costs for automating are easier to charge to the responsible departments.
  • C. A determination can be made as to which report should be printed firstand which ones can wait a little longer.
  • D. Reports can be developed more easily and with fewer errors.

Answer: A

 

NEW QUESTION 18
A non-human threat for computer systems is a flood. In which situation is a flood always a relevant threat?

  • A. When the organization is located near a river.
  • B. When computer systems are kept in a cellar below ground level.
  • C. If the riskanalysis has not been carried out.
  • D. When the computer systems are not insured.

Answer: B

 

NEW QUESTION 19
An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry date of a contract with one of theclients is earlier than the start date. What type of measure could prevent this error?

  • A. Organizational measure
  • B. Availability measure
  • C. Integrity measure
  • D. Technical measure

Answer: D

 

NEW QUESTION 20
Peter works at the company Midwest Insurance. His manager, Linda, asks him to send the terms and conditions for a life insurance policy to Rachel, a client. Who determines the value of the information in the insurance terms and conditions document?

  • A. The recipient, Rachel
  • B. The person who drafted the insurance terms and conditions
  • C. The sender, Peter
  • D. The manager, Linda

Answer: A

 

NEW QUESTION 21
Which of these reliability aspects is "completeness" a part of?

  • A. Confidentiality
  • B. Availability
  • C. Integrity
  • D. Exclusivity

Answer: C

 

NEW QUESTION 22
A company moves into a new building. A few weeks after the move, a visitor appears unannounced in the office of the director. An investigation shows that visitors passes grant the same access as the passes of the company's staff. Which kind of security measure could have prevented this?

  • A. physical security measure
  • B. A technical security measure
  • C. An organizational security measure

Answer: A

 

NEW QUESTION 23
You are the owner of a growing company, SpeeDelivery, which provides courier services. You decide that it is time to draw up a risk analysis for your information system. This includes an inventoryof threats and risks.
What is the relation between a threat, risk and risk analysis?

  • A. A riskanalysis is used to remove the risk of a threat.
  • B. A risk analysis identifies threats from the known risks.
  • C. A risk analysis is used to clarify which threats are relevant and what risks they involve.
  • D. Risk analyses help to find a balance between threats and risks.

Answer: C

 

NEW QUESTION 24
You are the owner of the courier company SpeeDelivery. You have carried out a risk analysis and now want to determine your risk strategy. You decide to take measures for the large risks but not for the small risks. What is this risk strategy called?

  • A. Risk passing
  • B. Risk neutral
  • C. Risk avoiding
  • D. Risk bearing

Answer: B

 

NEW QUESTION 25
What is the objective of classifying information?

  • A. Defining different levels of sensitivity into which information may be arranged
  • B. Authorizing the use of an information system
  • C. Creating alabel that indicates how confidential the information is
  • D. Displaying on the document who is permitted access

Answer: A

 

NEW QUESTION 26
The identified owner of an asset is always an individual

  • A. False
  • B. True

Answer: A

 

NEW QUESTION 27
What is the best way to comply with legislation and regulations for personal data protection?

  • A. Performing a threat analysis
  • B. Performing a vulnerability analysis
  • C. Maintaining an incident register
  • D. Appointing the responsibility to someone

Answer: D

 

NEW QUESTION 28
What does the Information Security Policy describe?

  • A. which InfoSec-controls have been selected and taken
  • B. how the InfoSec-objectives will be reached
  • C. what the implementation-planning of the information security management system is
  • D. which Information Security-procedures are selected

Answer: B

 

NEW QUESTION 29
Select the controls that correspond to thedomain "9. ACCESS CONTROL" of ISO / 27002 (Choose three)

  • A. Restriction of access to information
  • B. Management of access rights with special privileges
  • C. Withdrawal or adaptation of access rights
  • D. Return of assets

Answer: A,C,D

 

NEW QUESTION 30
Logging in to a computer system is an access-granting process consisting of three steps: identification, authentication and authorization. What occurs during the first step of this process: identification?

  • A. The first step consists of comparing the password with the registered password.
  • B. The first step consists of granting access to the information to which the user is authorized.
  • C. Thefirst step consists of checking if the user is using the correct certificate.
  • D. The first step consists of checking if the user appears on the list of authorized users.

Answer: D

 

NEW QUESTION 31
Which is a legislative or regulatory act related to information security that can be imposed upon all organizations?

  • A. Personal data protection legislation
  • B. Intellectual Property Rights
  • C. ISO/IEC 27002:2005
  • D. ISO/IEC 27001:2005

Answer: A

 

NEW QUESTION 32
......

Free ISO-IEC-27001-Lead-Implementer Exam Dumps to Improve Exam Score: https://www.testpassking.com/ISO-IEC-27001-Lead-Implementer-exam-testking-pass.html

Exam ISO-IEC-27001-Lead-Implementer: New Brain Dump Professional - TestPassKing: https://drive.google.com/open?id=1Sox0jEyoyMYVPuxugoISOzsUqg8GQQvc 

Related Articles

more
PECB ISO-IEC-27001-Lead-Implementer Certification Practice Exam

Copyright © 2026 TestPassKing NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy