2023年最新のISO-IEC-27001-Lead-Implementerプレミアム資料テストPDFの無料問題集お試しセット [Q10-Q27]

Share

2023年最新のISO-IEC-27001-Lead-Implementerプレミアム資料テストPDFの無料問題集お試しセット

試験合格を向けてISO-IEC-27001-Lead-Implementer今すぐ弊社のISO 27001試験パッケージを使おう


PECB ISO-IEC-27001-Lead-Implementer 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • ISO
  • IEC 27001に基づく情報セキュリティ管理システム(ISMS)の基本的な概念と原則を説明する
トピック 2
  • 実装者
  • 情報セキュリティ管理システム(ISMS)の観点からISMSのISO
  • IEC27001要件を解釈する
トピック 3
  • ISO
  • IEC 27001に基づくISMSの運用、保守、および継続的な改善において組織をサポートします
  • ISO
  • IEC27001に基づくISMSの実装
トピック 4
  • ISO
  • IEC27001に基づくISMSの監視と測定および継続的改善
  • 実装者の観点からISMSのISO
  • IEC27001要件を解釈する

 

質問 10
Which of these reliability aspects is "completeness" a part of?

  • A. Confidentiality
  • B. Exclusivity
  • C. Availability
  • D. Integrity

正解: D

 

質問 11
What is the ISO / IEC 27002 standard?

  • A. It is a guide for the development and use of applicable metrics and measurement techniques to determine the effectiveness of an ISMS and the controls or groups of controls implemented according to ISO / IEC 27001.
  • B. It is a guide of good practices that describes the controlobjectives and recommended controls regarding information security.
  • C. It is a guide that focuses on the critical aspects necessary for the successful design and implementation of an ISMS in accordance with ISO / IEC 27001

正解: B

 

質問 12
What sort of security does a Public Key Infrastructure (PKI) offer?

  • A. It provides digital certificates that can be used to digitally signdocuments. Such signatures irrefutably determine from whom a document was sent.
  • B. A PKI ensures that backups of company data are made on a regular basis.
  • C. Having a PKI shows customers that a web-based business is secure.
  • D. By providing agreements, procedures and an organization structure, a PKI defines which person or which system belongs to which specific public key.

正解: B

 

質問 13
What is the objective of classifying information?

  • A. Defining different levels of sensitivity into which information may be arranged
  • B. Authorizing the use of an information system
  • C. Displaying on the document who is permitted access
  • D. Creating alabel that indicates how confidential the information is

正解: A

 

質問 14
An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry date of a contract with one of theclients is earlier than the start date. What type of measure could prevent this error?

  • A. Integrity measure
  • B. Organizational measure
  • C. Technical measure
  • D. Availability measure

正解: C

 

質問 15
Of the following, which is the best organization or set of organizations to contribute to compliance?

  • A. IT only
  • B. IT and legal
  • C. IT,business management, HR and legal
  • D. IT and management

正解: C

 

質問 16
A company moves into a new building. A few weeks after the move, a visitor appears unannounced in the office of the director. An investigation shows that visitors passes grant the same access as the passes of the company's staff. Which kind of security measure could have prevented this?

  • A. A technical security measure
  • B. An organizational security measure
  • C. physical security measure

正解: C

 

質問 17
What does the Information Security Policy describe?

  • A. which InfoSec-controls have been selected and taken
  • B. which Information Security-procedures are selected
  • C. what the implementation-planning of the information security management system is
  • D. how the InfoSec-objectives will be reached

正解: D

 

質問 18
What is the greatest risk for an organization ifno information security policy has been defined?

  • A. It is not possible for an organization to implement information security in a consistent manner.
  • B. Information security activities are carried out by only a few people.
  • C. Too many measures areimplemented.
  • D. If everyone works with the same account, it is impossible to find out who worked on what.

正解: A

 

質問 19
The company Midwest Insurance has taken many measures to protect its information. It uses an Information Security Management System, the input and output of data in applications is validated, confidential documents are sent in encrypted form and staff use tokens to access information systems. Which of these is not a technical measure?

  • A. Validation of input and output data in applications
  • B. The use of tokens to gain access to information systems
  • C. Information Security Management System
  • D. Encryption ofinformation

正解: C

 

質問 20
What are the data protection principles set out in the GDPR?

  • A. Purpose limitation, proportionality, data minimisation, transparency
  • B. Purpose limitation, proportionality, availability, data minimisation
  • C. Target group, proportionality, transparency, data minimisation
  • D. Purpose limitation, pudicity, transparency, data minimisation

正解: A

 

質問 21
Select risk control activities for domain "10. Encryption" of ISO / 27002: 2013 (Choose two)

  • A. Physical security perimeter
  • B. Key management
  • C. Work in safe areas
  • D. Cryptographic Controls Use Policy

正解: B,D

 

質問 22
ISO 27002 provides guidance in the following area

  • A. PCI environment scoping
  • B. Detailed lists of required policies and procedures
  • C. Framework for an overall security andcompliance program
  • D. Information handling recommendations

正解: C

 

質問 23
Why is compliance important forthe reliability of the information?

  • A. Compliance is another word for reliability. So, if a company indicates that it is compliant, it means that the information is managed properly.
  • B. By meeting the legislative requirements and theregulations of both the government and internal management, an organization shows that it manages its information in a sound manner.
  • C. When an organization is compliant, it meets the requirements of privacy legislation and, in doing so, protects the reliability of its information.
  • D. When an organization employs a standard such as the ISO/IEC 27002 and uses it everywhere, it is compliant and thereforeit guarantees the reliability of its information.

正解: B

 

質問 24
You are the owner of a growing company, SpeeDelivery, which provides courier services. You decide that it is time to draw up a risk analysis for your information system. This includes an inventoryof threats and risks.
What is the relation between a threat, risk and risk analysis?

  • A. Risk analyses help to find a balance between threats and risks.
  • B. A risk analysis is used to clarify which threats are relevant and what risks they involve.
  • C. A risk analysis identifies threats from the known risks.
  • D. A riskanalysis is used to remove the risk of a threat.

正解: B

 

質問 25
You apply for a position in another company and get the job. Along with your contract, you are asked to sign a code of conduct. What is a code of conduct?

  • A. A code of conduct is a standard part of a labor contract.
  • B. A code of conduct differs from company to company and specifies, among other things, the rules of behavior with regard to the usage of information systems.
  • C. A code ofconduct specifies how employees are expected to conduct themselves and is the same for all companies.

正解: B

 

質問 26
What is an example of a non-human threat to the physical environment?

  • A. Corrupted file
  • B. Virus
  • C. Storm
  • D. Fraudulent transaction

正解: C

 

質問 27
......

2023年最新の問題をマスターISO 27001合格目指してISO-IEC-27001-Lead-Implementerリアル試験!:https://jp.fast2test.com/ISO-IEC-27001-Lead-Implementer-premium-file.html

完全版は2023年最新のISO-IEC-27001-Lead-Implementer試験問題集ガイドはトレーニング専門Fast2test:https://drive.google.com/open?id=1EVrd9Lt658zNZXoh3K6Qvlbb--9aY2Gq


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어