
ISO-IEC-27001-Lead-Implementer Dumps - Grab Out For [NEW-2022] PECB Exam
ISO-IEC-27001-Lead-Implementer Exam Dumps PDF Guaranteed Success with Accurate & Updated Questions
NEW QUESTION 13
What is the best description of a risk analysis?
- A. A risk analysis calculates the exact financial consequences of damages.
- B. A risk analysis helps to estimate the risks and develop the appropriate security measures.
- C. A risk analysis is a method of mapping risks without looking at company processes.
Answer: B
NEW QUESTION 14
You have juststarted working at a large organization. You have been asked to sign a code of conduct as well as a contract. What does the organization wish to achieve with this?
- A. A code of conduct is alegal obligation that organizations have to meet.
- B. A code of conduct gives staff guidance on how to report suspected misuses of IT facilities.
- C. A code of conduct prevents a virus outbreak.
- D. A code of conduct helps to prevent the misuse of IT facilities.
Answer: D
NEW QUESTION 15
Of the following, which is the best organization or set of organizations to contribute to compliance?
- A. IT and legal
- B. IT,business management, HR and legal
- C. IT and management
- D. IT only
Answer: B
NEW QUESTION 16
Which of the following measures is a correctivemeasure?
- A. Installing a virus scanner in an information system
- B. Restoring a backup of the correct database after a corrupt copy of the database was written over the original
- C. Making a backup of the data that has been created or altered that day
- D. Incorporating an Intrusion Detection System (IDS) in the design of a computer center
Answer: B
NEW QUESTION 17
Peter works at the company Midwest Insurance. His manager, Linda, asks him to send the terms and conditions for a life insurance policy to Rachel, a client. Who determines the value of the information in the insurance terms and conditions document?
- A. The recipient, Rachel
- B. The person who drafted the insurance terms and conditions
- C. The sender, Peter
- D. The manager, Linda
Answer: A
NEW QUESTION 18
Which of these control objectives are NOT in the domain "12.OPERATIONAL SAFETY"?
- A. Redundancies
- B. Test data
- C. Protection against malicious code
- D. Technical vulnerability management
Answer: A
NEW QUESTION 19
What is an example of a security incident?
- A. A member of staff loses a laptop.
- B. You cannot set the correct fonts in your word processing software.
- C. A file is saved under an incorrect name.
- D. The lighting in the department no longer works.
Answer: A
NEW QUESTION 20
True or False: Organizations allowing teleworking activities, the physical security of the building and the local environment of the teleworking site should be considered
- A. True
- B. False
Answer: A
NEW QUESTION 21
Logging in to a computer system is an access-granting process consisting of three steps: identification, authentication and authorization. What occurs during the first step of this process: identification?
- A. Thefirst step consists of checking if the user is using the correct certificate.
- B. The first step consists of granting access to the information to which the user is authorized.
- C. The first step consists of comparing the password with the registered password.
- D. The first step consists of checking if the user appears on the list of authorized users.
Answer: D
NEW QUESTION 22
What is the ISO / IEC 27002 standard?
- A. It is a guide for the development and use of applicable metrics and measurement techniques to determine the effectiveness of an ISMS and the controls or groups of controls implemented according to ISO / IEC 27001.
- B. It is a guide of good practices that describes the controlobjectives and recommended controls regarding information security.
- C. It is a guide that focuses on the critical aspects necessary for the successful design and implementation of an ISMS in accordance with ISO / IEC 27001
Answer: B
NEW QUESTION 23
Midwest Insurance grades the monthly report of all claimed losses per insured as confidential. What is accomplished if all other reports from this insurance office are also assigned the appropriate grading?
- A. Everyone can easily see how sensitive the reports' contents are by consulting the grading label.
- B. A determination can be made as to which report should be printed firstand which ones can wait a little longer.
- C. The costs for automating are easier to charge to the responsible departments.
- D. Reports can be developed more easily and with fewer errors.
Answer: A
NEW QUESTION 24
What is the objective of classifying information?
- A. Creating alabel that indicates how confidential the information is
- B. Displaying on the document who is permitted access
- C. Authorizing the use of an information system
- D. Defining different levels of sensitivity into which information may be arranged
Answer: D
NEW QUESTION 25
What is the greatest risk for an organization ifno information security policy has been defined?
- A. It is not possible for an organization to implement information security in a consistent manner.
- B. Information security activities are carried out by only a few people.
- C. Too many measures areimplemented.
- D. If everyone works with the same account, it is impossible to find out who worked on what.
Answer: A
NEW QUESTION 26
ISO 27002 provides guidance in the following area
- A. PCI environment scoping
- B. Information handling recommendations
- C. Framework for an overall security andcompliance program
- D. Detailed lists of required policies and procedures
Answer: C
NEW QUESTION 27
One of the ways Internet of Things (IoT) devices can communicate with each other (or 'the outside world') is using a so-called short-range radio protocol. Which kind of short-range radio protocol makes it possible to use your phone as a credit card?
- A. Radio Frequency Identification (RFID)
- B. Near Field Communication (NFC)
- C. The 4G protocol
- D. Bluetooth
Answer: B
NEW QUESTION 28
Physical labels and ________ are two common forms of labeling which are mentioned in ISO 27002.
- A. bridge
- B. metadata
- C. teradata
Answer: B
NEW QUESTION 29
Companies use 27002 for compliance for which of the following reasons:
- A. Explicit requirements for all regulations
- B. A structured program that helps with security and compliance
- C. Compliance with ISO 27002 is sufficient to comply with all regulations
Answer: B
NEW QUESTION 30
You apply for a position in another company and get the job. Along with your contract, you are asked to sign a code of conduct. What is a code of conduct?
- A. A code of conduct is a standard part of a labor contract.
- B. A code of conduct differs from company to company and specifies, among other things, the rules of behavior with regard to the usage of information systems.
- C. A code ofconduct specifies how employees are expected to conduct themselves and is the same for all companies.
Answer: B
NEW QUESTION 31
In the context ofcontact with special interest groups, any information-sharing agreements should identify requirements for the protection of _________ information.
- A. Availability
- B. Authentic
- C. Authorization
- D. Confidential
Answer: D
NEW QUESTION 32
Why is compliance important forthe reliability of the information?
- A. Compliance is another word for reliability. So, if a company indicates that it is compliant, it means that the information is managed properly.
- B. By meeting the legislative requirements and theregulations of both the government and internal management, an organization shows that it manages its information in a sound manner.
- C. When an organization employs a standard such as the ISO/IEC 27002 and uses it everywhere, it is compliant and thereforeit guarantees the reliability of its information.
- D. When an organization is compliant, it meets the requirements of privacy legislation and, in doing so, protects the reliability of its information.
Answer: B
NEW QUESTION 33
......
Get New ISO-IEC-27001-Lead-Implementer Certification Practice Test Questions Exam Dumps: https://www.certkingdompdf.com/ISO-IEC-27001-Lead-Implementer-latest-certkingdom-dumps.html
Pass ISO-IEC-27001-Lead-Implementer Exam - Real Test Engine PDF with 50 Questions: https://drive.google.com/open?id=1w83V3xdSpnzsIcfAxOjUd22DU3AyHgfq