無料ダウンロードPECB ISO-IEC-27001-Lead-Auditorリアル試験問題ゲットせよ [Q57-Q82]

Share

無料ダウンロードPECB ISO-IEC-27001-Lead-Auditorリアル試験問題ゲットせよ

最新のPECB ISO-IEC-27001-Lead-Auditorリアル試験問題集PDF

質問 57
Often, people do not pick up their prints from a shared printer. How can this affect the confidentiality of information?

  • A. Confidentiality cannot be guaranteed
  • B. Authenticity cannot be guaranteed
  • C. Availability cannot be guaranteed
  • D. Integrity cannot be guaranteed

正解: A

 

質問 58
Four types of Data Classification (Choose two)

  • A. Financial Data, Highly Confidential Data
  • B. Project Data, Highly Confidential Data
  • C. Restricted Data, Confidential Data
  • D. Unrestricted Data, Highly Confidential Data

正解: C,D

 

質問 59
Someone from a large tech company calls you on behalf of your company to check the health of your PC, and therefore needs your user-id and password. What type of threat is this?

  • A. Malware threat
  • B. Technical threat
  • C. Social engineering threat
  • D. Organisational threat

正解: C

 

質問 60
In which order is an Information Security Management System set up?

  • A. Establishment, operation, monitoring, improvement
  • B. Implementation, operation, improvement, maintenance
  • C. Implementation, operation, maintenance, establishment
  • D. Establishment, implementation, operation, maintenance

正解: D

 

質問 61
The computer room is protected by a pass reader. Only the System Management department has a pass.
What type of security measure is this?

  • A. a repressive security measure
  • B. a logical security measure
  • C. a corrective security measure
  • D. a physical security measure

正解: D

 

質問 62
You are the lead auditor of the courier company SpeeDelivery. You have carried out a risk analysis and now want to determine your risk strategy. You decide to take measures for the large risks but not for the small risks.
What is this risk strategy called?

  • A. Risk bearing
  • B. Risk neutral
  • C. Risk skipping
  • D. Risk avoidance

正解: A

 

質問 63
A decent visitor is roaming around without visitor's ID. As an employee you should do the following, except:

  • A. Call the receptionist and inform about the visitor
  • B. Greet and ask him what is his business
  • C. Escort him to his destination
  • D. Say "hi" and offer coffee

正解: D

 

質問 64
Why do we need to test a disaster recovery plan regularly, and keep it up to date?

  • A. Otherwise the measures taken and the incident procedures planned may not be adequate
  • B. Otherwise it is no longer up to date with the registration of daily occurring faults
  • C. Otherwise remotely stored backups may no longer be available to the security team

正解: A

 

質問 65
What type of compliancy standard, regulation or legislation provides a code of practice for information security?

  • A. IT Service Management
  • B. ISO/IEC 27002
  • C. Personal data protection act
  • D. Computer criminality act

正解: B

 

質問 66
Which department maintain's contacts with law enforcement authorities, regulatory bodies, information service providers and telecommunications service providers depending on the service required.

  • A. COO
  • B. MRO
  • C. CISO
  • D. CSM

正解: C

 

質問 67
What is the security management term for establishing whether someone's identity is correct?

  • A. Identification
  • B. Verification
  • C. Authorisation
  • D. Authentication

正解: D

 

質問 68
Information has a number of reliability aspects. Reliability is constantly being threatened. Examples of threats are: a cable becomes loose, someone alters information by accident, data is used privately or is falsified.
Which of these examples is a threat to integrity?

  • A. accidental alteration of data
  • B. System restart
  • C. a loose cable
  • D. private use of data

正解: A

 

質問 69
All are prohibited in acceptable use of information assets, except:

  • A. Messages with very large attachments or to a large number ofrecipients.
  • B. E-mail copies to non-essential readers
  • C. Company-wide e-mails with supervisor/TL permission.
  • D. Electronic chain letters

正解: C

 

質問 70
What is the name of the system that guarantees the coherence of information security in the organization?

  • A. Information Security Management System (ISMS)
  • B. Rootkit
  • C. Information Technology Service Management (ITSM)
  • D. Security regulations for special information for the government

正解: A

 

質問 71
You receive the following mail from the IT support team: Dear User,Starting next week, we will be deleting all inactive email accounts in order to create spaceshare the below details in order to continue using your account. In case of no response, Name:
Email ID:
Password:
DOB:
Kindly contact the webmail team for any further support. Thanks for your attention.
Which of the following is the best response?

  • A. Respond it by saying that one should not share the password with anyone
  • B. One should not respond to these mails and report such email to your supervisor
  • C. Ignore the email

正解: B

 

質問 72
Which is the glue that ties the triad together

  • A. Technology
  • B. People
  • C. Process
  • D. Collaboration

正解: C

 

質問 73
What is a definition of compliance?

  • A. Laws, considered collectively or the process of making or enacting laws
  • B. A rule or directive made and maintained by an authority.
  • C. The state or fact of according with or meeting rules or standards
  • D. An official or authoritative instruction

正解: C

 

質問 74
A planning process that introduced the concept of planning as a cycle that forms the basis for continuous improvement is called:

  • A. time based planning.
  • B. planning for continuous improvement.
  • C. RACI Matrix
  • D. plan, do, check, act.

正解: D

 

質問 75
__________ is a software used or created by hackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems.

  • A. Virus
  • B. Operating System
  • C. Malware
  • D. Trojan

正解: C

 

質問 76
What is the standard definition of ISMS?

  • A. A project-based approach to achieve business objectives for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organization's information security
  • B. A company wide business objectives to achieve information security awareness for establishing, implementing, operating, monitoring, reviewing, maintaining and improving
  • C. Is an information security systematic approach to achieve business objectives for implementation, establishing, reviewing,operating and maintaining organization's reputation.
  • D. A systematic approach for establishing, implementing, operating,monitoring, reviewing, maintaining and improving an organization's information security to achieve business objectives.

正解: D

 

質問 77
Phishing is what type of Information Security Incident?

  • A. Private Incidents
  • B. Technical Vulnerabilities
  • C. Legal Incidents
  • D. Cracker/Hacker Attacks

正解: D

 

質問 78
There is a scheduled fire drill in your facility. What should you do?

  • A. Participate in the drill
  • B. None of the above
  • C. Call in sick
  • D. Excuse yourself by saying you have an urgent deliverable

正解: A

 

質問 79
As a new member of the IT department you have noticed that confidential information has been leaked several times. This may damage the reputation of the company. You have been asked to propose an organisational measure to protect laptop computers. What is the first step in a structured approach to come up with this measure?

  • A. Appoint security staff
  • B. Encrypt all sensitive information
  • C. Formulate a policy
  • D. Set up an access control procedure

正解: C

 

質問 80
Availability means

  • A. Service should not be accessible when required
  • B. Service should be accessible at the required time and usable by all
  • C. Service should be accessible at the required time and usable only by the authorized entity

正解: C

 

質問 81
Which reliability aspect of information is compromised when a staff member denies having sent a message?

  • A. Confidentiality
  • B. Correctness
  • C. Availability
  • D. Integrity

正解: D

 

質問 82
......


PECB ISO-IEC-27001-Lead-Auditor 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • 基本的な監査の概念と原則
  • 情報セキュリティ管理システム(ISMS)の基本的な原則と概念
トピック 2
  • ISO
  • IEC 27001に基づく情報セキュリティ管理システム(ISMS)の基本的な概念と原則を説明する
トピック 3
  • ISO
  • IEC 27001コンプライアンス監査の計画、実施、および終了
  • ISO
  • IEC27001監査プログラムの管理
トピック 4
  • ISO
  • IEC27001監査プログラムの管理
  • ISO
  • IEC 27001監査の準備、実施、終了
トピック 5
  • 基本的な監査の概念と原則に従って、ISO
  • IEC27001要件へのISMSの適合性を評価します

 

PDF問題(2022年最新)実際のPECB ISO-IEC-27001-Lead-Auditor試験問題:https://jp.fast2test.com/ISO-IEC-27001-Lead-Auditor-premium-file.html

ISO-IEC-27001-Lead-Auditor試験問題集、ISO-IEC-27001-Lead-Auditor練習テスト問題はここ:https://drive.google.com/open?id=11LITbKfqePWSfsJWgdf-bodji_ym7hJl


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어