Updated Oct 03, 2022 Test Engine to Practice Test for ISO-IEC-27001-Lead-Implementer Valid and Updated Dumps [Q28-Q51]

Share

Updated Oct 03, 2022 Test Engine to Practice Test for ISO-IEC-27001-Lead-Implementer Valid and Updated Dumps

Exam Questions for ISO-IEC-27001-Lead-Implementer Updated Versions With Test Engine


Where can I take PECB ISO IEC 27001 Lead Implementer Certification Exam?

You can take PECB ISO IEC 27001 Lead Implementer Certification Exam online, by phone, or at a Pearson VUE office. You will be provided with a testing center of your choice, which you need to specify when registering. The candidates can also concern ISO IEC 27001 Lead Implementer exam dumps to get more info about taking this certification exam. The test center provides an examination room, a network connection, a comfortable environment, and a dedicated exam proctor.

 

NEW QUESTION 28
Midwest Insurance grades the monthly report of all claimed losses per insured as confidential. What is accomplished if all other reports from this insurance office are also assigned the appropriate grading?

  • A. Everyone can easily see how sensitive the reports' contents are by consulting the grading label.
  • B. A determination can be made as to which report should be printed firstand which ones can wait a little longer.
  • C. The costs for automating are easier to charge to the responsible departments.
  • D. Reports can be developed more easily and with fewer errors.

Answer: A

 

NEW QUESTION 29
Which of the following measures is a correctivemeasure?

  • A. Making a backup of the data that has been created or altered that day
  • B. Incorporating an Intrusion Detection System (IDS) in the design of a computer center
  • C. Restoring a backup of the correct database after a corrupt copy of the database was written over the original
  • D. Installing a virus scanner in an information system

Answer: C

 

NEW QUESTION 30
What does the Information Security Policy describe?

  • A. what the implementation-planning of the information security management system is
  • B. how the InfoSec-objectives will be reached
  • C. which Information Security-procedures are selected
  • D. which InfoSec-controls have been selected and taken

Answer: B

 

NEW QUESTION 31
What is the objective of classifying information?

  • A. Creating alabel that indicates how confidential the information is
  • B. Defining different levels of sensitivity into which information may be arranged
  • C. Authorizing the use of an information system
  • D. Displaying on the document who is permitted access

Answer: B

 

NEW QUESTION 32
Who is authorized to change the classification of a document?

  • A. The author of the document
  • B. The administrator of the document
  • C. The manager of the owner of the document
  • D. The owner of the document

Answer: D

 

NEW QUESTION 33
Physical labels and ________ are two common forms of labeling which are mentioned in ISO 27002.

  • A. bridge
  • B. teradata
  • C. metadata

Answer: C

 

NEW QUESTION 34
Select risk control activities for domain "10. Encryption" of ISO / 27002: 2013 (Choose two)

  • A. Work in safe areas
  • B. Cryptographic Controls Use Policy
  • C. Key management
  • D. Physical security perimeter

Answer: B,C

 

NEW QUESTION 35
What is the best way to comply with legislation and regulations for personal data protection?

  • A. Performing a threat analysis
  • B. Maintaining an incident register
  • C. Performing a vulnerability analysis
  • D. Appointing the responsibility to someone

Answer: D

 

NEW QUESTION 36
Logging in to a computer system is an access-granting process consisting of three steps: identification, authentication and authorization. What occurs during the first step of this process: identification?

  • A. The first step consists of checking if the user appears on the list of authorized users.
  • B. The first step consists of comparing the password with the registered password.
  • C. The first step consists of granting access to the information to which the user is authorized.
  • D. Thefirst step consists of checking if the user is using the correct certificate.

Answer: A

 

NEW QUESTION 37
The identified owner of an asset is always an individual

  • A. False
  • B. True

Answer: A

 

NEW QUESTION 38
Select the controls that correspond to thedomain "9. ACCESS CONTROL" of ISO / 27002 (Choose three)

  • A. Return of assets
  • B. Management of access rights with special privileges
  • C. Withdrawal or adaptation of access rights
  • D. Restriction of access to information

Answer: A,C,D

 

NEW QUESTION 39
What is an example of a security incident?

  • A. A member of staff loses a laptop.
  • B. A file is saved under an incorrect name.
  • C. You cannot set the correct fonts in your word processing software.
  • D. The lighting in the department no longer works.

Answer: A

 

NEW QUESTION 40
ISO 27002 provides guidance in the following area

  • A. Information handling recommendations
  • B. Framework for an overall security andcompliance program
  • C. PCI environment scoping
  • D. Detailed lists of required policies and procedures

Answer: B

 

NEW QUESTION 41
What do employees need to know to report a security incident?

  • A. How to report an incident and to whom.
  • B. Whether the incident has occurred before and what was the resulting damage.
  • C. The measures that should have been taken to prevent the incident in the first place.
  • D. Who is responsible for the incident and whether it was intentional.

Answer: A

 

NEW QUESTION 42
What is the greatest risk for an organization ifno information security policy has been defined?

  • A. It is not possible for an organization to implement information security in a consistent manner.
  • B. Too many measures areimplemented.
  • C. If everyone works with the same account, it is impossible to find out who worked on what.
  • D. Information security activities are carried out by only a few people.

Answer: A

 

NEW QUESTION 43
Why is compliance important forthe reliability of the information?

  • A. By meeting the legislative requirements and theregulations of both the government and internal management, an organization shows that it manages its information in a sound manner.
  • B. When an organization employs a standard such as the ISO/IEC 27002 and uses it everywhere, it is compliant and thereforeit guarantees the reliability of its information.
  • C. When an organization is compliant, it meets the requirements of privacy legislation and, in doing so, protects the reliability of its information.
  • D. Compliance is another word for reliability. So, if a company indicates that it is compliant, it means that the information is managed properly.

Answer: A

 

NEW QUESTION 44
You are the owner of a growing company, SpeeDelivery, which provides courier services. You decide that it is time to draw up a risk analysis for your information system. This includes an inventoryof threats and risks.
What is the relation between a threat, risk and risk analysis?

  • A. A risk analysis is used to clarify which threats are relevant and what risks they involve.
  • B. Risk analyses help to find a balance between threats and risks.
  • C. A risk analysis identifies threats from the known risks.
  • D. A riskanalysis is used to remove the risk of a threat.

Answer: A

 

NEW QUESTION 45
In the context ofcontact with special interest groups, any information-sharing agreements should identify requirements for the protection of _________ information.

  • A. Authentic
  • B. Confidential
  • C. Availability
  • D. Authorization

Answer: B

 

NEW QUESTION 46
What is the most important reason for applying the segregation of duties?

  • A. Segregation of duties makes it clear who is responsible for what.
  • B. Segregation of duties makes it easier for a person who is readywith his or her part of the work to take time off or to take over the work of another person.
  • C. Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.
  • D. Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.

Answer: D

 

NEW QUESTION 47
An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry date of a contract with one of theclients is earlier than the start date. What type of measure could prevent this error?

  • A. Availability measure
  • B. Integrity measure
  • C. Organizational measure
  • D. Technical measure

Answer: D

 

NEW QUESTION 48
......

ISO-IEC-27001-Lead-Implementer Exam Dumps - Free Demo & 365 Day Updates: https://www.trainingdump.com/PECB/ISO-IEC-27001-Lead-Implementer-practice-exam-dumps.html

Pass ISO-IEC-27001-Lead-Implementer Exam with Updated ISO-IEC-27001-Lead-Implementer Exam Dumps PDF: https://drive.google.com/open?id=1yk7DqjzJiHmfQM-8c6gbAUIELAEYzYvK

0
0
0
0