March Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

GAQM ISO27-13-001 ISO 27001 : 2013 - Certified Lead Auditor Exam Practice Test

Demo: 15 questions
Total 100 questions

ISO 27001 : 2013 - Certified Lead Auditor Questions and Answers

Question 1

You receive the following mail from the IT support team: Dear User,Starting next week, we will be deleting all inactive email accounts in order to create spaceshare the below details in order to continue using your account. In case of no response,

Name:

Email ID:

Password:

DOB:

Kindly contact the webmail team for any further support. Thanks for your attention.

Which of the following is the best response?

Options:

A.

Ignore the email

B.

Respond it by saying that one should not share the password with anyone

C.

One should not respond to these mails and report such email to your supervisor

Question 2

Changes to the information processing facilities shall be done in controlled manner.

Options:

A.

True

B.

False

Question 3

Backup media is kept in the same secure area as the servers. What risk may the organisation be exposed to?

Options:

A.

Unauthorised persons will have access to both the servers and backups

B.

Responsibility for the backups is not defined well

C.

After a fire, the information systems cannot be restored

D.

After a server crash, it will take extra time to bring it back up again

Question 4

Which measure is a preventive measure?

Options:

A.

Installing a logging system that enables changes in a system to be recognized

B.

Shutting down all internet traffic after a hacker has gained access to the company systems

C.

Putting sensitive information in a safe

Question 5

The following are definitions of Information, except:

Options:

A.

accurate and timely data

B.

specific and organized data for a purpose

C.

mature and measurable data

D.

can lead to understanding and decrease in uncertainty

Question 6

Why do we need to test a disaster recovery plan regularly, and keep it up to date?

Options:

A.

Otherwise the measures taken and the incident procedures planned may not be adequate

B.

Otherwise it is no longer up to date with the registration of daily occurring faults

C.

Otherwise remotely stored backups may no longer be available to the security team

Question 7

Which of the following is an information security management system standard published by the International Organization for Standardization?

Options:

A.

ISO9008

B.

ISO27001

C.

ISO5501

D.

ISO22301

Question 8

Who is responsible for Initial asset allocation to the user/custodian of the assets?

Options:

A.

Asset Manager

B.

Asset Owner

C.

Asset Practitioner

D.

Asset Stakeholder

Question 9

The computer room is protected by a pass reader. Only the System Management department has a pass.

What type of security measure is this?

Options:

A.

a corrective security measure

B.

a physical security measure

C.

a logical security measure

D.

a repressive security measure

Question 10

You receive an E-mail from some unknown person claiming to be representative of your bank and asking for your account number and password so that they can fix your account. Such an attempt of social engineering is called

Options:

A.

Shoulder Surfing

B.

Mountaineering

C.

Phishing

D.

Spoofing

Question 11

What is an example of a human threat?

Options:

A.

a lightning strike

B.

fire

C.

phishing

D.

thunderstrom

Question 12

Below is Purpose of "Integrity", which is one of the Basic Components of Information Security

Options:

A.

the property that information is not made available or disclosed to unauthorized individuals

B.

the property of safeguarding the accuracy and completeness of assets.

C.

the property that information is not made available or disclosed to unauthorized individuals

D.

the property of being accessible and usable upon demand by an authorized entity.

Question 13

Information has a number of reliability aspects. Reliability is constantly being threatened. Examples of threats are: a cable becomes loose, someone alters information by accident, data is used privately or is falsified.

Which of these examples is a threat to integrity?

Options:

A.

a loose cable

B.

accidental alteration of data

C.

private use of data

D.

System restart

Question 14

Which department maintain's contacts with law enforcement authorities, regulatory bodies, information service providers and telecommunications service providers depending on the service required.

Options:

A.

COO

B.

CISO

C.

CSM

D.

MRO

Question 15

There is a scheduled fire drill in your facility. What should you do?

Options:

A.

Participate in the drill

B.

Excuse yourself by saying you have an urgent deliverable

C.

Call in sick

D.

None of the above

Demo: 15 questions
Total 100 questions