ISO-IEC-27001 Lead Auditor exam

In what part of the process to grant access to a system does the user present a token?A . AuthorisationB . VerificationC . AuthenticationD . IdentificationView AnswerAnswer: D Explanation: In what part of the process to grant access to a system does the user present a token? The user presents...

An administration office is going to determine the dangers to which it is exposed. What do we call a possible event that can have a disruptive effect on the reliability of information?A . dependencyB . threatC . vulnerabilityD . riskView AnswerAnswer: B Explanation: A possible event that can have a...

What is the security management term for establishing whether someone's identity is correct?A . IdentificationB . AuthenticationC . AuthorisationD . VerificationView AnswerAnswer: B Explanation: Authentication is the security management term for establishing whether someone’s identity is correct. Authentication is the process of verifying the identity of a person or entity...

What type of system ensures a coherent Information Security organisation?A . Federal Information Security Management Act (FISMA)B . Information Technology Service Management System (ITSM)C . Information Security Management System (ISMS)D . Information Exchange Data System (IEDS)View AnswerAnswer: C Explanation: An Information Security Management System (ISMS) is a systematic approach to...

What type of measure involves the stopping of possible consequences of security incidents?A . CorrectiveB . DetectiveC . RepressiveD . PreventiveView AnswerAnswer: C Explanation: A repressive measure is a type of measure that involves the stopping of possible consequences of security incidents. A security incident is an event that compromises...

Which of the following factors does NOT contribute to the value of data for an organisation?A . The correctness of dataB . The indispensability of dataC . The importance of data for processesD . The content of dataView AnswerAnswer: D Explanation: The value of data for an organisation depends on...

As a new member of the IT department you have noticed that confidential information has been leaked several times. This may damage the reputation of the company. You have been asked to propose an organisational measure to protect laptop computers. What is the first step in a structured approach to...

Which of the following is a technical security measure?A . EncryptionB . Security policyC . Safe storage of backupsD . User role profiles.View AnswerAnswer: A Explanation: A technical security measure is a measure that uses technology to protect information assets from unauthorized access, modification, disclosure, or destruction. Examples of technical...

Which of the following statements are correct for Clean Desk Policy?A . Don't leave confidential documents on your desk.B . Don't leave valuable items on your desk if you are not in your work area.C . Don't leave highly confidential items.D . Don't leave laptops without cable lock.View AnswerAnswer: A,B,C...

Which of the following is a possible event that can have a disruptive effect on the reliability of information?A . ThreatB . RiskC . VulnerabilityD . DependencyView AnswerAnswer: A Explanation: A possible event that can have a disruptive effect on the reliability of information is a threat. A threat is...