最新のISO-IEC-27001-Lead-Auditor学習ガイド2022年最新の- 提供するのはテストエンジンとPDF [Q37-Q57]

Share

最新のISO-IEC-27001-Lead-Auditor学習ガイド2022年最新の- 提供するのはテストエンジンとPDF

最新版を今すぐ試そうISO-IEC-27001-Lead-Auditor練習テスト問題解答が待ってます


PECB ISO-IEC-27001-Lead-Auditor 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • 監査人
  • 情報セキュリティ管理システム(ISMS)の観点からISMSのISO
  • IEC27001要件を解釈する
トピック 2
  • 基本的な監査の概念と原則
  • 情報セキュリティ管理システム(ISMS)の基本的な原則と概念
トピック 3
  • ISO
  • IEC27001監査プログラムの管理
  • ISO
  • IEC 27001監査の準備、実施、終了

 

質問 37
What is the relationship between data and information?

  • A. Information is the meaning and value assigned to a collection of data.
  • B. Data is structured information.

正解: A

 

質問 38
What would be the reference for you to know who should have access to data/document?

  • A. Data Classification Label
  • B. Masterlist of Project Records (MLPR)
  • C. Access Control List (ACL)
  • D. Information Rights Management (IRM)

正解: C

 

質問 39
A well-executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives.
What is not one of the four main objectives of a risk analysis?

  • A. Establishing a balance between the costs of an incident and the costs of a security measure
  • B. Identifying assets and their value
  • C. Determining relevant vulnerabilities and threats
  • D. Implementing counter measures

正解: D

 

質問 40
What controls can you do to protect sensitive data in your computer when you go out for lunch?

  • A. You are confident to leave your computer screen as is since a password protected screensaver is installed and it is set to activate after 10 minutes of inactivity
  • B. You activate your favorite screen-saver
  • C. You turn off the monitor
  • D. You lock your computer by pressing Windows+L or CTRL-ALT-DELETE and then click "Lock Computer".

正解: D

 

質問 41
There is a scheduled fire drill in your facility. What should you do?

  • A. None of the above
  • B. Participate in the drill
  • C. Excuse yourself by saying you have an urgent deliverable
  • D. Call in sick

正解: B

 

質問 42
You have a hard copy of a customer design document that you want to dispose off. What would you do

  • A. Shred it using a shredder
  • B. Give it to the office boy to reuse it for other purposes
  • C. Throw it in any dustbin
  • D. Be environment friendly and reuse it for writing

正解: A

 

質問 43
You receive an E-mail from some unknown person claiming to be representative of your bank and asking for your account number and password so that they can fix your account. Such an attempt of social engineering is called

  • A. Spoofing
  • B. Phishing
  • C. Mountaineering
  • D. Shoulder Surfing

正解: B

 

質問 44
How is the purpose of information security policy best described?

  • A. An information security policy provides direction and support to the management regarding information security.
  • B. An information security policy provides insight into threats and the possible consequences.
  • C. An information security policy documents the analysis of risks and the search for countermeasures.
  • D. An information security policy makes the security plan concrete by providing it with the necessary details.

正解: A

 

質問 45
Information or data that are classified as ______ do not require labeling.

  • A. Public
  • B. Internal
  • C. Confidential
  • D. Highly Confidential

正解: A

 

質問 46
In the event of an Information security incident, system users' roles and responsibilities are to be observed, except:

  • A. Cooperate with investigative personnel during investigation if needed
  • B. Report suspected or known incidents upon discovery through the Servicedesk
  • C. Make the information security incident details known to all employees
  • D. Preserve evidence if necessary

正解: C

 

質問 47
Which measure is a preventive measure?

  • A. Installing a logging system that enables changes in a system to be recognized
  • B. Putting sensitive information in a safe
  • C. Shutting down all internet traffic after a hacker has gained access to the company systems

正解: B

 

質問 48
You receive the following mail from the IT support team: Dear User,Starting next week, we will be deleting all inactive email accounts in order to create spaceshare the below details in order to continue using your account. In case of no response, Name:
Email ID:
Password:
DOB:
Kindly contact the webmail team for any further support. Thanks for your attention.
Which of the following is the best response?

  • A. One should not respond to these mails and report such email to your supervisor
  • B. Ignore the email
  • C. Respond it by saying that one should not share the password with anyone

正解: A

 

質問 49
A hacker gains access to a web server and reads the credit card numbers stored on that server. Which security principle is violated?

  • A. Authenticity
  • B. Integrity
  • C. Availability
  • D. Confidentiality

正解: D

 

質問 50
Often, people do not pick up their prints from a shared printer. How can this affect the confidentiality of information?

  • A. Availability cannot be guaranteed
  • B. Authenticity cannot be guaranteed
  • C. Confidentiality cannot be guaranteed
  • D. Integrity cannot be guaranteed

正解: C

 

質問 51
There is a network printer in the hallway of the company where you work. Many employees don't pick up their printouts immediately and leave them on the printer.
What are the consequences of this to the reliability of the information?

  • A. The integrity of the information is no longer guaranteed.
  • B. The availability of the information is no longer guaranteed.
  • C. The confidentiality of the information is no longer guaranteed.
  • D. The Security of the information is no longer guaranteed.

正解: B

 

質問 52
You work in the office of a large company. You receive a call from a person claiming to be from the Helpdesk. He asks you for your password.
What kind of threat is this?

  • A. Natural threat
  • B. Organizational threat
  • C. Arason
  • D. Social Engineering

正解: D

 

質問 53
-------------------------is an asset like other important business assets has value to an organization and consequently needs to be protected.

  • A. Infrastructure
  • B. Information
  • C. Data
  • D. Security

正解: B

 

質問 54
In what part of the process to grant access to a system does the user present a token?

  • A. Authorisation
  • B. Identification
  • C. Authentication
  • D. Verification

正解: B

 

質問 55
Which is not a requirement of HR prior to hiring?

  • A. Must undergo Awareness training on information security.
  • B. Must successfully pass Background Investigation
  • C. Applicant must complete pre-employment documentation requirements
  • D. Undergo background verification

正解: A

 

質問 56
A fire breaks out in a branch office of a health insurance company. The personnel are transferred to neighboring branches to continue their work.
Where in the incident cycle is moving to a stand-by arrangements found?

  • A. between recovery and threat
  • B. between threat and incident
  • C. between incident and damage
  • D. between damage and recovery

正解: C

 

質問 57
......

ISO-IEC-27001-Lead-Auditor問題集と試験テストエンジン:https://jp.fast2test.com/ISO-IEC-27001-Lead-Auditor-premium-file.html

PECB ISO-IEC-27001-Lead-Auditor問題集にはリアル試験問題解答:https://drive.google.com/open?id=11LITbKfqePWSfsJWgdf-bodji_ym7hJl


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어