PECB ISO IEC 27001 LEAD IMPLEMENTER Exam Questions
Questions for the ISO IEC 27001 LEAD IMPLEMENTER were updated on : Jul 20 ,2024
Page 1 out of 4. Viewing questions 1-15 out of 50
Question 1
Which of these reliability aspects is "completeness" a part of?
A. Availability
B. Exclusivity
C. Integrity
D. Confidentiality
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 2
What are the data protection principles set out in the GDPR?
A. Purpose limitation, proportionality, availability, data minimisation
B. Purpose limitation, proportionality, data minimisation, transparency
C. Target group, proportionality, transparency, data minimisation
D. Purpose limitation, pudicity, transparency, data minimisation
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 3
One of the ways Internet of Things (IoT) devices can communicate with each other (or the outside world) is using a so-called short-range radio protocol. Which kind of short-range radio protocol makes it possible to use your phone as a credit card?
A. Near Field Communication (NFC)
B. Bluetooth
C. Radio Frequency Identification (RFID)
D. The 4G protocol
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 4
What is the most important reason for applying the segregation of duties?
A. Segregation of duties makes it clear who is responsible for what.
B. Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.
C. Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.
D. Segregation of duties makes it easier for a person who is ready with his or her part of the work to take time off or to take over the work of another person.
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 5
A non-human threat for computer systems is a flood. In which situation is a flood always a relevant threat?
A. If the risk analysis has not been carried out.
B. When computer systems are kept in a cellar below ground level.
C. When the computer systems are not insured.
D. When the organization is located near a river.
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 6
Why is compliance important for the reliability of the information?
A. Compliance is another word for reliability. So, if a company indicates that it is compliant, it means that the information is managed properly.
B. By meeting the legislative requirements and the regulations of both the government and internal management, an organization shows that it manages its information in a sound manner.
C. When an organization employs a standard such as the ISO/IEC 27002 and uses it everywhere, it is compliant and therefore it guarantees the reliability of its information.
D. When an organization is compliant, it meets the requirements of privacy legislation and, in doing so, protects the reliability of its information.
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 7
You are a consultant and are regularly hired by the Ministry of Defense to perform analysis. Since the assignments are irregular, you outsource the administration of your business to temporary workers. You don't want the temporary workers to have access to your reports. Which reliability aspect of the information in your reports must you protect?
A. Availability
B. Integrity
C. Confidentiality
Answer:
C
User Votes:
A
50%
B
50%
C
50%
Discussions
0/ 1000
Question 8
What is the best way to comply with legislation and regulations for personal data protection?
A. Performing a threat analysis
B. Maintaining an incident register
C. Performing a vulnerability analysis
D. Appointing the responsibility to someone
Answer:
D
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 9
What does the Information Security Policy describe?
A. how the InfoSec-objectives will be reached
B. which InfoSec-controls have been selected and taken
C. what the implementation-planning of the information security management system is
D. which Information Security-procedures are selected
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 10
In the context of contact with special interest groups, any information-sharing agreements should identify requirements for the protection of _________ information.
A. Availability
B. Confidential
C. Authentic
D. Authorization
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 11
Responsibilities for information security in projects should be defined and allocated to:
A. the project manager
B. specified roles defined in the used project management method of the organization
C. the InfoSec officer
D. the owner of the involved asset
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 12
True or False: Organizations allowing teleworking activities, the physical security of the building and the local environment of the teleworking site should be considered
A. True
B. False
Answer:
A
User Votes:
A
50%
B
50%
Discussions
0/ 1000
Question 13
Prior to employment, _________ as well as terms & conditions of employment are included as controls in ISO 27002 to ensure that employees and contractors understand their responsibilities and are suitable for the roles for which they are considered.
A. screening
B. authorizing
C. controlling
D. flexing
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 14
It is allowed that employees and contractors are provided with an anonymous reporting channel to report violations of information security policies or procedures (whistle blowing)
A. True
B. False
Answer:
A
User Votes:
A
50%
B
50%
Discussions
0/ 1000
Question 15
The identified owner of an asset is always an individual