• Home
  • Articles
  • [2022] Use Valid ISO-IEC-27001-Lead-Implementer Exam - Actual Exam Question & Answer [Q20-Q45]

[2022] Use Valid ISO-IEC-27001-Lead-Implementer Exam - Actual Exam Question & Answer [Q20-Q45]

Share

[2022] Use Valid ISO-IEC-27001-Lead-Implementer Exam - Actual Exam Question & Answer

Test Engine to Practice ISO-IEC-27001-Lead-Implementer Test Questions

NEW QUESTION 20
Logging in to a computer system is an access-granting process consisting of three steps: identification, authentication and authorization. What occurs during the first step of this process: identification?

  • A. The first step consists of checking if the user appears on the list of authorized users.
  • B. The first step consists of comparing the password with the registered password.
  • C. The first step consists of granting access to the information to which the user is authorized.
  • D. Thefirst step consists of checking if the user is using the correct certificate.

Answer: A

 

NEW QUESTION 21
A company moves into a new building. A few weeks after the move, a visitor appears unannounced in the office of the director. An investigation shows that visitors passes grant the same access as the passes of the company's staff. Which kind of security measure could have prevented this?

  • A. An organizational security measure
  • B. A technical security measure
  • C. physical security measure

Answer: C

 

NEW QUESTION 22
Select the controls that correspond to thedomain "9. ACCESS CONTROL" of ISO / 27002 (Choose three)

  • A. Withdrawal or adaptation of access rights
  • B. Restriction of access to information
  • C. Return of assets
  • D. Management of access rights with special privileges

Answer: A,B,C

 

NEW QUESTION 23
You are a consultant and areregularly hired by the Ministry of Defense to perform analysis. Since the assignments are irregular, you outsource the administration of your business to temporary workers. You don't want the temporary workers to have access to your reports.
Which reliability aspect of the information in your reports must you protect?

  • A. Confidentiality
  • B. Integrity
  • C. Availability

Answer: A

 

NEW QUESTION 24
What is the greatest risk for an organization ifno information security policy has been defined?

  • A. Too many measures areimplemented.
  • B. It is not possible for an organization to implement information security in a consistent manner.
  • C. If everyone works with the same account, it is impossible to find out who worked on what.
  • D. Information security activities are carried out by only a few people.

Answer: B

 

NEW QUESTION 25
What should be used to protect data on removable media ifdata confidentiality or integrity are important considerations?

  • A. a password
  • B. logging
  • C. backup on another removable medium
  • D. cryptographic techniques

Answer: D

 

NEW QUESTION 26
You have juststarted working at a large organization. You have been asked to sign a code of conduct as well as a contract. What does the organization wish to achieve with this?

  • A. A code of conduct prevents a virus outbreak.
  • B. A code of conduct gives staff guidance on how to report suspected misuses of IT facilities.
  • C. A code of conduct is alegal obligation that organizations have to meet.
  • D. A code of conduct helps to prevent the misuse of IT facilities.

Answer: D

 

NEW QUESTION 27
You are the owner of a growing company, SpeeDelivery, which provides courier services. You decide that it is time to draw up a risk analysis for your information system. This includes an inventoryof threats and risks.
What is the relation between a threat, risk and risk analysis?

  • A. A riskanalysis is used to remove the risk of a threat.
  • B. A risk analysis identifies threats from the known risks.
  • C. Risk analyses help to find a balance between threats and risks.
  • D. A risk analysis is used to clarify which threats are relevant and what risks they involve.

Answer: D

 

NEW QUESTION 28
What is the ISO / IEC 27002 standard?

  • A. It is a guide that focuses on the critical aspects necessary for the successful design and implementation of an ISMS in accordance with ISO / IEC 27001
  • B. It is a guide of good practices that describes the controlobjectives and recommended controls regarding information security.
  • C. It is a guide for the development and use of applicable metrics and measurement techniques to determine the effectiveness of an ISMS and the controls or groups of controls implemented according to ISO / IEC 27001.

Answer: B

 

NEW QUESTION 29
Physical labels and ________ are two common forms of labeling which are mentioned in ISO 27002.

  • A. teradata
  • B. metadata
  • C. bridge

Answer: B

 

NEW QUESTION 30
Peter works at the company Midwest Insurance. His manager, Linda, asks him to send the terms and conditions for a life insurance policy to Rachel, a client. Who determines the value of the information in the insurance terms and conditions document?

  • A. The recipient, Rachel
  • B. The sender, Peter
  • C. The person who drafted the insurance terms and conditions
  • D. The manager, Linda

Answer: A

 

NEW QUESTION 31
In the context ofcontact with special interest groups, any information-sharing agreements should identify requirements for the protection of _________ information.

  • A. Confidential
  • B. Authorization
  • C. Authentic
  • D. Availability

Answer: A

 

NEW QUESTION 32
Of the following, which is the best organization or set of organizations to contribute to compliance?

  • A. IT and management
  • B. IT and legal
  • C. IT,business management, HR and legal
  • D. IT only

Answer: C

 

NEW QUESTION 33
Companies use 27002 for compliance for which of the following reasons:

  • A. Explicit requirements for all regulations
  • B. Compliance with ISO 27002 is sufficient to comply with all regulations
  • C. A structured program that helps with security and compliance

Answer: C

 

NEW QUESTION 34
An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry date of a contract with one of theclients is earlier than the start date. What type of measure could prevent this error?

  • A. Technical measure
  • B. Integrity measure
  • C. Availability measure
  • D. Organizational measure

Answer: A

 

NEW QUESTION 35
Why is compliance important forthe reliability of the information?

  • A. When an organization is compliant, it meets the requirements of privacy legislation and, in doing so, protects the reliability of its information.
  • B. By meeting the legislative requirements and theregulations of both the government and internal management, an organization shows that it manages its information in a sound manner.
  • C. When an organization employs a standard such as the ISO/IEC 27002 and uses it everywhere, it is compliant and thereforeit guarantees the reliability of its information.
  • D. Compliance is another word for reliability. So, if a company indicates that it is compliant, it means that the information is managed properly.

Answer: B

 

NEW QUESTION 36
It is allowed that employees and contractors are provided with an anonymous reporting channel to report violations of information security policies or procedures ("whistle blowing")

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 37
Which is a legislative or regulatory act related to information security that can be imposed upon all organizations?

  • A. Personal data protection legislation
  • B. Intellectual Property Rights
  • C. ISO/IEC 27001:2005
  • D. ISO/IEC 27002:2005

Answer: A

 

NEW QUESTION 38
What sort of security does a Public Key Infrastructure (PKI) offer?

  • A. By providing agreements, procedures and an organization structure, a PKI defines which person or which system belongs to which specific public key.
  • B. It provides digital certificates that can be used to digitally signdocuments. Such signatures irrefutably determine from whom a document was sent.
  • C. Having a PKI shows customers that a web-based business is secure.
  • D. A PKI ensures that backups of company data are made on a regular basis.

Answer: D

 

NEW QUESTION 39
True or False: Organizations allowing teleworking activities, the physical security of the building and the local environment of the teleworking site should be considered

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 40
......

ISO-IEC-27001-Lead-Implementer Actual Questions Answers PDF 100% Cover Real Exam Questions: https://pass4sure.examcost.com/ISO-IEC-27001-Lead-Implementer-practice-exam.html

Related Articles

more
PECB ISO-IEC-27001-Lead-Implementer Certification Practice Exam

ExamCost provides valid exam collection to help you pass exam once and help you waste more exam cost. If you choose our ExamCost exam collection we guarantee you pass exam surely.

Latest Test Cost

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 ExamCost NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy