
最新の2023年04月試験ISO-IEC-27001-Lead-Auditor問題集で合格させる認証試験合格させます
最新でリアルなPECB ISO-IEC-27001-Lead-Auditor試験問題集解答があります
PECB ISO-IEC-27001-Lead-Auditor試験は、ISO / IEC 27001標準のリード監査員として認定を受けたいプロフェッショナル向けに設計されています。この認定は国際的に認められ、個人が組織の情報セキュリティ管理システム(ISMS)の効果的な監査を実行するために必要な知識とスキルを持っていることを示しています。試験は、情報セキュリティ管理の原則と概念、リスク評価、監査計画と準備、監査の実施、報告とフォローアップなど、広範なトピックをカバーしています。
質問 # 43
Which of the following is not a type of Information Security attack?
- A. Vehicular Incidents
- B. Privacy Incidents
- C. Legal Incidents
- D. Technical Vulnerabilities
正解:A
質問 # 44
The computer room is protected by a pass reader. Only the System Management department has a pass.
What type of security measure is this?
- A. a physical security measure
- B. a corrective security measure
- C. a repressive security measure
- D. a logical security measure
正解:A
質問 # 45
What is a reason for the classification of information?
- A. Creating a manual describing the BYOD policy
- B. To provide clear identification tags
- C. To structure the information according to its sensitivity
正解:C
質問 # 46
Which reliability aspect of information is compromised when a staff member denies having sent a message?
- A. Confidentiality
- B. Availability
- C. Integrity
- D. Correctness
正解:C
質問 # 47
Often, people do not pick up their prints from a shared printer. How can this affect the confidentiality of information?
- A. Availability cannot be guaranteed
- B. Confidentiality cannot be guaranteed
- C. Integrity cannot be guaranteed
- D. Authenticity cannot be guaranteed
正解:B
質問 # 48
Which threat could occur if no physical measures are taken?
- A. A server shutting down because of overheating
- B. Confidential prints being left on the printer
- C. Hackers entering the corporate network
- D. Unauthorised persons viewing sensitive files
正解:A
質問 # 49
Why do we need to test a disaster recovery plan regularly, and keep it up to date?
- A. Otherwise remotely stored backups may no longer be available to the security team
- B. Otherwise it is no longer up to date with the registration of daily occurring faults
- C. Otherwise the measures taken and the incident procedures planned may not be adequate
正解:C
質問 # 50
There was a fire in a branch of the company Midwest Insurance. The fire department quickly arrived at the scene and could extinguish the fire before it spread and burned down the entire premises. The server, however, was destroyed in the fire. The backup tapes kept in another room had melted and many other documents were lost for good.
What is an example of the indirect damage caused by this fire?
- A. Water damage due to the fire extinguishers
- B. Burned computer systems
- C. Melted backup tapes
- D. Burned documents
正解:A
質問 # 51
Which department maintain's contacts with law enforcement authorities, regulatory bodies, information service providers and telecommunications service providers depending on the service required.
- A. COO
- B. CSM
- C. CISO
- D. MRO
正解:C
質問 # 52
What is the goal of classification of information?
- A. Structuring information according to its sensitivity
- B. To create a manual about how to handle mobile devices
- C. Applying labels making the information easier to recognize
正解:A
質問 # 53
You have a hard copy of a customer design document that you want to dispose off. What would you do
- A. Throw it in any dustbin
- B. Give it to the office boy to reuse it for other purposes
- C. Shred it using a shredder
- D. Be environment friendly and reuse it for writing
正解:C
質問 # 54
What would be the reference for you to know who should have access to data/document?
- A. Masterlist of Project Records (MLPR)
- B. Information Rights Management (IRM)
- C. Data Classification Label
- D. Access Control List (ACL)
正解:D
質問 # 55
In order to take out a fire insurance policy, an administration office must determine the value of the data that it manages.
Which factor is [b]not[/b] important for determining the value of data for an organization?
- A. The indispensability of data for the business processes.
- B. The content of data.
- C. The importance of the business processes that make use of the data.
- D. The degree to which missing, incomplete or incorrect data can be recovered.
正解:B
質問 # 56
Which of the following is a preventive security measure?
- A. Installing logging and monitoring software
- B. Shutting down the Internet connection after an attack
- C. Storing sensitive information in a data save
正解:C
質問 # 57
A couple of years ago you started your company which has now grown from 1 to 20 employees. Your company's information is worth more and more and gone are the days when you could keep control yourself.
You are aware that you have to take measures, but what should they be? You hire a consultant who advises you to start with a qualitative risk analysis.
What is a qualitative risk analysis?
- A. This analysis is based on scenarios and situations and produces a subjective view of the possible threats.
- B. This analysis follows a precise statistical probability calculation in order to calculate exact loss caused by damage.
正解:A
質問 # 58
After a devastating office fire, all staff are moved to other branches of the company. At what moment in the incident management process is this measure effectuated?
- A. Between incident and damage
- B. Between detection and classification
- C. Between recovery and normal operations
- D. Between classification and escalation
正解:A
質問 # 59
Who is responsible for Initial asset allocation to the user/custodian of the assets?
- A. Asset Stakeholder
- B. Asset Practitioner
- C. Asset Owner
- D. Asset Manager
正解:C
質問 # 60
Which of the following factors does NOT contribute to the value of data for an organisation?
- A. The importance of data for processes
- B. The content of data
- C. The correctness of data
- D. The indispensability of data
正解:B
質問 # 61
What is a definition of compliance?
- A. Laws, considered collectively or the process of making or enacting laws
- B. An official or authoritative instruction
- C. The state or fact of according with or meeting rules or standards
- D. A rule or directive made and maintained by an authority.
正解:C
質問 # 62
Information Security is a matter of building and maintaining ________ .
- A. Confidentiality
- B. Firewalls
- C. Trust
- D. Protection
正解:C
質問 # 63
There is a scheduled fire drill in your facility. What should you do?
- A. Participate in the drill
- B. None of the above
- C. Excuse yourself by saying you have an urgent deliverable
- D. Call in sick
正解:A
質問 # 64
The following are purposes of Information Security, except:
- A. Increase Business Assets
- B. Minimize Business Risk
- C. Maximize Return on Investment
- D. Ensure Business Continuity
正解:A
質問 # 65
Which of the following is a possible event that can have a disruptive effect on the reliability of information?
- A. Risk
- B. Dependency
- C. Threat
- D. Vulnerability
正解:C
質問 # 66
An employee caught with offense of abusing the internet, such as P2P file sharing or video/audio streaming, will not receive a warning for committing such act but will directly receive an IR.
- A. True
- B. False
正解:A
質問 # 67
......
ISO-IEC-27001-Lead-Auditor問題集を使って一日でISO 27001試験最速合格:https://jp.fast2test.com/ISO-IEC-27001-Lead-Auditor-premium-file.html
100% 高得点合格保証されるISO-IEC-27001-Lead-Auditor無制限99解答:https://drive.google.com/open?id=1MgSOeBUg_d7__0LVvQtT6xvxqKUmVX63