
最新のISO-IEC-27001-Lead-Auditor学習ガイド2022年最新の- 提供するのはテストエンジンとPDF
最新版を今すぐ試そうISO-IEC-27001-Lead-Auditor練習テスト問題解答が待ってます
PECB ISO-IEC-27001-Lead-Auditor 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
質問 37
What is the relationship between data and information?
- A. Information is the meaning and value assigned to a collection of data.
- B. Data is structured information.
正解: A
質問 38
What would be the reference for you to know who should have access to data/document?
- A. Data Classification Label
- B. Masterlist of Project Records (MLPR)
- C. Access Control List (ACL)
- D. Information Rights Management (IRM)
正解: C
質問 39
A well-executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives.
What is not one of the four main objectives of a risk analysis?
- A. Establishing a balance between the costs of an incident and the costs of a security measure
- B. Identifying assets and their value
- C. Determining relevant vulnerabilities and threats
- D. Implementing counter measures
正解: D
質問 40
What controls can you do to protect sensitive data in your computer when you go out for lunch?
- A. You are confident to leave your computer screen as is since a password protected screensaver is installed and it is set to activate after 10 minutes of inactivity
- B. You activate your favorite screen-saver
- C. You turn off the monitor
- D. You lock your computer by pressing Windows+L or CTRL-ALT-DELETE and then click "Lock Computer".
正解: D
質問 41
There is a scheduled fire drill in your facility. What should you do?
- A. None of the above
- B. Participate in the drill
- C. Excuse yourself by saying you have an urgent deliverable
- D. Call in sick
正解: B
質問 42
You have a hard copy of a customer design document that you want to dispose off. What would you do
- A. Shred it using a shredder
- B. Give it to the office boy to reuse it for other purposes
- C. Throw it in any dustbin
- D. Be environment friendly and reuse it for writing
正解: A
質問 43
You receive an E-mail from some unknown person claiming to be representative of your bank and asking for your account number and password so that they can fix your account. Such an attempt of social engineering is called
- A. Spoofing
- B. Phishing
- C. Mountaineering
- D. Shoulder Surfing
正解: B
質問 44
How is the purpose of information security policy best described?
- A. An information security policy provides direction and support to the management regarding information security.
- B. An information security policy provides insight into threats and the possible consequences.
- C. An information security policy documents the analysis of risks and the search for countermeasures.
- D. An information security policy makes the security plan concrete by providing it with the necessary details.
正解: A
質問 45
Information or data that are classified as ______ do not require labeling.
- A. Public
- B. Internal
- C. Confidential
- D. Highly Confidential
正解: A
質問 46
In the event of an Information security incident, system users' roles and responsibilities are to be observed, except:
- A. Cooperate with investigative personnel during investigation if needed
- B. Report suspected or known incidents upon discovery through the Servicedesk
- C. Make the information security incident details known to all employees
- D. Preserve evidence if necessary
正解: C
質問 47
Which measure is a preventive measure?
- A. Installing a logging system that enables changes in a system to be recognized
- B. Putting sensitive information in a safe
- C. Shutting down all internet traffic after a hacker has gained access to the company systems
正解: B
質問 48
You receive the following mail from the IT support team: Dear User,Starting next week, we will be deleting all inactive email accounts in order to create spaceshare the below details in order to continue using your account. In case of no response, Name:
Email ID:
Password:
DOB:
Kindly contact the webmail team for any further support. Thanks for your attention.
Which of the following is the best response?
- A. One should not respond to these mails and report such email to your supervisor
- B. Ignore the email
- C. Respond it by saying that one should not share the password with anyone
正解: A
質問 49
A hacker gains access to a web server and reads the credit card numbers stored on that server. Which security principle is violated?
- A. Authenticity
- B. Integrity
- C. Availability
- D. Confidentiality
正解: D
質問 50
Often, people do not pick up their prints from a shared printer. How can this affect the confidentiality of information?
- A. Availability cannot be guaranteed
- B. Authenticity cannot be guaranteed
- C. Confidentiality cannot be guaranteed
- D. Integrity cannot be guaranteed
正解: C
質問 51
There is a network printer in the hallway of the company where you work. Many employees don't pick up their printouts immediately and leave them on the printer.
What are the consequences of this to the reliability of the information?
- A. The integrity of the information is no longer guaranteed.
- B. The availability of the information is no longer guaranteed.
- C. The confidentiality of the information is no longer guaranteed.
- D. The Security of the information is no longer guaranteed.
正解: B
質問 52
You work in the office of a large company. You receive a call from a person claiming to be from the Helpdesk. He asks you for your password.
What kind of threat is this?
- A. Natural threat
- B. Organizational threat
- C. Arason
- D. Social Engineering
正解: D
質問 53
-------------------------is an asset like other important business assets has value to an organization and consequently needs to be protected.
- A. Infrastructure
- B. Information
- C. Data
- D. Security
正解: B
質問 54
In what part of the process to grant access to a system does the user present a token?
- A. Authorisation
- B. Identification
- C. Authentication
- D. Verification
正解: B
質問 55
Which is not a requirement of HR prior to hiring?
- A. Must undergo Awareness training on information security.
- B. Must successfully pass Background Investigation
- C. Applicant must complete pre-employment documentation requirements
- D. Undergo background verification
正解: A
質問 56
A fire breaks out in a branch office of a health insurance company. The personnel are transferred to neighboring branches to continue their work.
Where in the incident cycle is moving to a stand-by arrangements found?
- A. between recovery and threat
- B. between threat and incident
- C. between incident and damage
- D. between damage and recovery
正解: C
質問 57
......
ISO-IEC-27001-Lead-Auditor問題集と試験テストエンジン:https://jp.fast2test.com/ISO-IEC-27001-Lead-Auditor-premium-file.html
PECB ISO-IEC-27001-Lead-Auditor問題集にはリアル試験問題解答:https://drive.google.com/open?id=11LITbKfqePWSfsJWgdf-bodji_ym7hJl