Winter Special Sale - Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 575363r9

Welcome To DumpsPedia
  1. Home
  2. GAQM
  3. GAQM: ISO
  4. ISO27-13-001
  5. ISO 27001 : 2013 - Certified Lead Auditor Questions and Answers

ISO27-13-001 Sample Questions Answers

Questions 4

Information or data that are classified as ______ do not require labeling.

Options:

A.

Public

B.

Internal

C.

Confidential

D.

Highly Confidential

Buy Now
Questions 5

Availability means

Options:

A.

Service should be accessible at the required time and usable by all

B.

Service should be accessible at the required time and usable only by the authorized entity

C.

Service should not be accessible when required

Buy Now
Questions 6

Which of the following is a technical security measure?

Options:

A.

Encryption

B.

Security policy

C.

Safe storage of backups

D.

User role profiles.

Buy Now
Questions 7

What is the relationship between data and information?

Options:

A.

Data is structured information.

B.

Information is the meaning and value assigned to a collection of data.

Buy Now
Questions 8

You receive the following mail from the IT support team: Dear User,Starting next week, we will be deleting all inactive email accounts in order to create spaceshare the below details in order to continue using your account. In case of no response,

Name:

Email ID:

Password:

DOB:

Kindly contact the webmail team for any further support. Thanks for your attention.

Which of the following is the best response?

Options:

A.

Ignore the email

B.

Respond it by saying that one should not share the password with anyone

C.

One should not respond to these mails and report such email to your supervisor

Buy Now
Questions 9

A well-executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives.

What is not one of the four main objectives of a risk analysis?

Options:

A.

Identifying assets and their value

B.

Implementing counter measures

C.

Establishing a balance between the costs of an incident and the costs of a security measure

D.

Determining relevant vulnerabilities and threats

Buy Now
Questions 10

You have a hard copy of a customer design document that you want to dispose off. What would you do

Options:

A.

Throw it in any dustbin

B.

Shred it using a shredder

C.

Give it to the office boy to reuse it for other purposes

D.

Be environment friendly and reuse it for writing

Buy Now
Questions 11

What is the standard definition of ISMS?

Options:

A.

Is an information security systematic approach to achieve business objectives for implementation, establishing, reviewing,operating and maintaining organization's reputation.

B.

A company wide business objectives to achieve information security awareness for establishing, implementing, operating, monitoring, reviewing, maintaining and improving

C.

A project-based approach to achieve business objectives for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organization’s information security

D.

A systematic approach for establishing, implementing,operating,monitoring, reviewing, maintaining and improving an organization’s information security to achieve business objectives.

Buy Now
Questions 12

All are prohibited in acceptable use of information assets, except:

Options:

A.

Electronic chain letters

B.

E-mail copies to non-essential readers

C.

Company-wide e-mails with supervisor/TL permission.

D.

Messages with very large attachments or to a large number ofrecipients.

Buy Now
Questions 13

What type of system ensures a coherent Information Security organisation?

Options:

A.

Federal Information Security Management Act (FISMA)

B.

Information Technology Service Management System (ITSM)

C.

Information Security Management System (ISMS)

D.

Information Exchange Data System (IEDS)

Buy Now
Questions 14

Which measure is a preventive measure?

Options:

A.

Installing a logging system that enables changes in a system to be recognized

B.

Shutting down all internet traffic after a hacker has gained access to the company systems

C.

Putting sensitive information in a safe

Buy Now
Questions 15

-------------------------is an asset like other important business assets has value to an organization and consequently needs to be protected.

Options:

A.

Infrastructure

B.

Data

C.

Information

D.

Security

Buy Now
Questions 16

Who is authorized to change the classification of a document?

Options:

A.

The author of the document

B.

The administrator of the document

C.

The owner of the document

D.

The manager of the owner of the document

Buy Now
Questions 17

The following are the guidelines to protect your password, except:

Options:

A.

Don't use the same password for various company system security access

B.

Do not share passwords with anyone

C.

For easy recall, use the same password for company and personal accounts

D.

Change a temporary password on first log-on

Buy Now
Questions 18

A scenario wherein the city or location where the building(s) reside is / are not accessible.

Options:

A.

Component

B.

Facility

C.

City

D.

Country

Buy Now
Questions 19

What is the difference between a restricted and confidential document?

Options:

A.

Restricted - to be shared among an authorized group

Confidential - to be shared among named individuals

B.

Restricted - to be shared among named individuals

Confidential - to be shared among an authorized group

C.

Restricted - to be shared among named individuals

Confidential - to be shared across the organization only

D.

Restricted - to be shared among named individuals

Confidential - to be shared with friends and family

Buy Now
Questions 20

Which of the following does a lack of adequate security controls represent?

Options:

A.

Asset

B.

Vulnerability

C.

Impact

D.

Threat

Buy Now
Questions 21

Backup media is kept in the same secure area as the servers. What risk may the organisation be exposed to?

Options:

A.

Unauthorised persons will have access to both the servers and backups

B.

Responsibility for the backups is not defined well

C.

After a fire, the information systems cannot be restored

D.

After a server crash, it will take extra time to bring it back up again

Buy Now
Questions 22

A property of Information that has the ability to prove occurrence of a claimed event.

Options:

A.

Electronic chain letters

B.

Integrity

C.

Availability

D.

Accessibility

Buy Now
Questions 23

Below is Purpose of "Integrity", which is one of the Basic Components of Information Security

Options:

A.

the property that information is not made available or disclosed to unauthorized individuals

B.

the property of safeguarding the accuracy and completeness of assets.

C.

the property that information is not made available or disclosed to unauthorized individuals

D.

the property of being accessible and usable upon demand by an authorized entity.

Buy Now
Questions 24

Which of the following is an information security management system standard published by the International Organization for Standardization?

Options:

A.

ISO9008

B.

ISO27001

C.

ISO5501

D.

ISO22301

Buy Now
Questions 25

An employee caught temporarily storing an MP3 file in his workstation will not receive an IR.

Options:

A.

True

B.

False

Buy Now
Questions 26

In the event of an Information security incident, system users' roles and responsibilities are to be observed, except:

Options:

A.

Report suspected or known incidents upon discovery through the Servicedesk

B.

Preserve evidence if necessary

C.

Cooperate with investigative personnel during investigation if needed

D.

Make the information security incident details known to all employees

Buy Now
Questions 27

Which of the following statements are correct for Clean Desk Policy?

Options:

A.

Don't leave confidential documents on your desk.

B.

Don't leave valuable items on your desk if you are not in your work area.

C.

Don't leave highly confidential items.

D.

Don't leave laptops without cable lock.

Buy Now
Questions 28

Implement plan on a test basis - this comes under which section of PDCA

Options:

A.

Plan

B.

Do

C.

Act

D.

Check

Buy Now
Questions 29

The computer room is protected by a pass reader. Only the System Management department has a pass.

What type of security measure is this?

Options:

A.

a corrective security measure

B.

a physical security measure

C.

a logical security measure

D.

a repressive security measure

Buy Now
Questions 30

After a fire has occurred, what repressive measure can be taken?

Options:

A.

Extinguishing the fire after the fire alarm sounds

B.

Buying in a proper fire insurance policy

C.

Repairing all systems after the fire

Buy Now
Exam Code: ISO27-13-001
Exam Name: ISO 27001 : 2013 - Certified Lead Auditor
Last Update: Dec 1, 2024
Questions: 100
$66  $164.99
$50  $124.99
$42  $104.99
buy now ISO27-13-001