Enhance your career with ISO-IEC-27001-Lead-Implementer PDF Dumps - True PECB Exam Questions [Q27-Q44]

Rate this post

Enhance your career with ISO-IEC-27001-Lead-Implementer PDF Dumps – True PECB Exam Questions

New (2023) Download free ISO-IEC-27001-Lead-Implementer PDF for PECB Practice Tests

QUESTION 27
In the context ofcontact with special interest groups, any information-sharing agreements should identify requirements for the protection of _________ information.

Availability

Confidential

Authentic

Authorization

QUESTION 28
A company moves into a new building. A few weeks after the move, a visitor appears unannounced in the office of the director. An investigation shows that visitors passes grant the same access as the passes of the company’s staff. Which kind of security measure could have prevented this?

physical security measure

An organizational security measure

A technical security measure

QUESTION 29
Susan sends an email to Paul. Who determines the meaning and the value of information in this email?

Paul, therecipient of the information.

Paul and Susan, the sender and the recipient of the information.

Susan, the sender of the information.

QUESTION 30
Prior to employment, _________ as well as terms & conditions of employment are included as controls in ISO
27002 to ensure that employees and contractors understand their responsibilities and are suitable for the roles for which they are considered.

screening

authorizing

controlling

flexing

QUESTION 31
What is the most important reason for applying the segregation of duties?

Segregation of duties makes it clear who is responsible for what.

Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.

Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.

Segregation of duties makes it easier for a person who is readywith his or her part of the work to take time off or to take over the work of another person.

QUESTION 32
Responsibilities for information security in projects should be defined and allocated to:

the project manager

specified roles defined in the used project management method of the organization

the InfoSec officer

the owner of the involved asset

QUESTION 33
What is the best description of a risk analysis?

A risk analysis is a method of mapping risks without looking at company processes.

A risk analysis helps to estimate the risks and develop the appropriate security measures.

A risk analysis calculates the exact financial consequences of damages.

QUESTION 34
You are the owner of the courier company SpeeDelivery. You have carried out a risk analysis and now want to determine your risk strategy. You decide to take measures for the large risks but not for the small risks. What is this risk strategy called?

Risk bearing

Risk avoiding

Risk neutral

Risk passing

QUESTION 35
Peter works at the company Midwest Insurance. His manager, Linda, asks him to send the terms and conditions for a life insurance policy to Rachel, a client. Who determines the value of the information in the insurance terms and conditions document?

The recipient, Rachel

The person who drafted the insurance terms and conditions

The manager, Linda

The sender, Peter

QUESTION 36
You are the owner of a growing company, SpeeDelivery, which provides courier services. You decide that it is time to draw up a risk analysis for your information system. This includes an inventoryof threats and risks.
What is the relation between a threat, risk and risk analysis?

A risk analysis identifies threats from the known risks.

A risk analysis is used to clarify which threats are relevant and what risks they involve.

A riskanalysis is used to remove the risk of a threat.

Risk analyses help to find a balance between threats and risks.

QUESTION 37
Which of these reliability aspects is “completeness” a part of?

Availability

Exclusivity

Integrity

Confidentiality

QUESTION 38
What does the Information Security Policy describe?

how the InfoSec-objectives will be reached

which InfoSec-controls have been selected and taken

what the implementation-planning of the information security management system is

which Information Security-procedures are selected

QUESTION 39
A non-human threat for computer systems is a flood. In which situation is a flood always a relevant threat?

If the riskanalysis has not been carried out.

When computer systems are kept in a cellar below ground level.

When the computer systems are not insured.

When the organization is located near a river.

QUESTION 40
We can acquire and supply information in various ways. The value of the information depends on whether it is reliable. What are the reliability aspects of information?

Availability, Information Value and Confidentiality

Availability, Integrity and Confidentiality

Availability, Integrity and Completeness

Timeliness, Accuracy and Completeness

QUESTION 41
One of the ways Internet of Things (IoT) devices can communicate with each other (or ‘the outside world’) is using a so-called short-range radio protocol. Which kind of short-range radio protocol makes it possible to use your phone as a credit card?

Near Field Communication (NFC)

Bluetooth

Radio Frequency Identification (RFID)

The 4G protocol

QUESTION 42
Which is a legislative or regulatory act related to information security that can be imposed upon all organizations?

ISO/IEC 27001:2005

Intellectual Property Rights

ISO/IEC 27002:2005

Personal data protection legislation

QUESTION 43
Which of the following measures is a preventive measure?

Installing a logging system that enables changes in a system to be recognized

Shutting down all internet traffic after a hacker has gained access to thecompany systems

Putting sensitive information in a safe

Classifying a risk as acceptable because the cost of addressing the threat is higher than the value of the information at risk

QUESTION 44
What is the objective of classifying information?

Authorizing the use of an information system

Creating alabel that indicates how confidential the information is

Defining different levels of sensitivity into which information may be arranged

Displaying on the document who is permitted access

Loading …

100% Free ISO-IEC-27001-Lead-Implementer Files For passing the exam Quickly: https://www.real4dumps.com/ISO-IEC-27001-Lead-Implementer_examcollection.html

Enhance your career with ISO-IEC-27001-Lead-Implementer PDF Dumps – True PECB Exam Questions [Q27-Q44]

Leave a Reply Cancel reply

Enhance your career with ISO-IEC-27001-Lead-Implementer PDF Dumps – True PECB Exam Questions [Q27-Q44]

Leave a Reply Cancel reply

Related Posts

Sep-2024 Pass Your ISO-IEC-27001-Lead-Implementer Exam at the First Try with 100% Real Exam [Q34-Q54]

Jul 13, 2024 Detailed New ISO-9001-Lead-Auditor Exam Questions for Concept Clearance [Q20-Q43]