Uploaded by lenardforkan

PECB Certified ISOIEC 27001 Lead Auditor exam Questions

advertisement
Pass PECB ISO-IEC-27001 Lead Auditor Exam with Real Questions
PECB ISO-IEC-27001 Lead Auditor Exam
PECB Certified ISO/IEC 27001 Lead Auditor exam
https://www.passquestion.com/ISO-IEC-27001-Lead-Auditor.html
35% OFF on All, Including ISO-IEC-27001 Lead Auditor Questions and Answers
Pass ISO-IEC-27001 Lead Auditor Exam with PassQuestion
ISO-IEC-27001 Lead Auditor questions and answers in the first
attempt.
https://www.passquestion.com/
1/6
1.Changes on project-managed applications or database should undergo the change control process as
documented.
A. True
B. False
Answer: A
Explanation:
Changes on project-managed applications or database should undergo the change control process as
documented, because this is a requirement of ISO/IEC 27001:2022 clause 12.1.2, which states that “the
organization shall define and apply a change management process for changes to systems and
applications within the scope of the information security management system”. The change management
process should ensure that changes are recorded, assessed, authorized, prioritized, planned, tested,
implemented, documented and reviewed in a controlled manner.
Reference: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course], [ISO/IEC
27001:2022 Information technology — Security techniques — Information security management systems
— Requirements]
2.A scenario wherein the city or location where the building(s) reside is / are not accessible.
A. Component
B. Facility
C. City
D. Country
Answer: C
Explanation:
A scenario wherein the city or location where the building(s) reside is / are not accessible is called a city
disaster scenario, according to the CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training
Course. This scenario is one of the four types of disaster scenarios that should be considered in the
business continuity planning process, along with component, facility and country scenarios. A city
scenario may be caused by events such as natural disasters, civil unrest, terrorist attacks or pandemic
outbreaks that affect the entire city or region where the organization operates.
Reference: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course]
3.What would be the reference for you to know who should have access to data/document?
A. Data Classification Label
B. Access Control List (ACL)
C. Masterlist of Project Records (MLPR)
D. Information Rights Management (IRM)
Answer: B
Explanation:
The reference for you to know who should have access to data/document is the Access Control List (ACL),
which is a list of users or groups who are authorized to access a specific data/document and their
respective access rights (such as read, write, modify, delete, etc.). The ACL is a tool for implementing the
access control policy of the organization, which is defined in accordance with ISO/IEC 27001:2022 clause
9.4.1. The ACL should be maintained and updated regularly to ensure that only authorized users can
access the data/document.
2/6
Reference: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course], [ISO/IEC
27001:2022 Information technology — Security techniques — Information security management systems
— Requirements]
4.An employee caught with offense of abusing the internet, such as P2P file sharing or video/audio
streaming, will not receive a warning for committing such act but will directly receive an IR.
A. True
B. False
Answer: A
Explanation:
An employee caught with offense of abusing the internet, such as P2P file sharing or video/audio
streaming, will not receive a warning for committing such act but will directly receive an IR, because this is
a violation of the organization’s information security policy and acceptable use policy. An IR (incident
report) is a formal document that records the details of an information security incident and the actions
taken to resolve it. An IR may also trigger disciplinary actions against the employee, depending on the
severity and impact of the incident.
Reference: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course], [ISO/IEC
27001:2022 Information technology — Security techniques — Information security management systems
— Requirements], Example of an information security policy, Example of an acceptable use policy
5.An employee caught temporarily storing an MP3 file in his workstation will not receive an IR.
A. True
B. False
Answer: B
Explanation:
An employee caught temporarily storing an MP3 file in his workstation will receive an IR, because this is
also a violation of the organization’s information security policy and acceptable use policy. An MP3 file is a
type of media file that may contain copyrighted or illegal content, or may introduce malware or viruses into
the organization’s network. The employee should not store any unauthorized or personal files in his
workstation, as this may compromise the confidentiality, integrity and availability of the organization’s
information assets.
Reference: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course], [ISO/IEC
27001:2022 Information technology — Security techniques — Information security management systems
— Requirements], Example of an information security policy, Example of an acceptable use policy
6.What is the worst possible action that an employee may receive for sharing his or her password or
access with others?
A. Forced roll off from the project
B. The lowest rating on his or her performance assessment
C. Three days suspension from work
D. Termination
Answer: D
Explanation:
The worst possible action that an employee may receive for sharing his or her password or access with
3/6
others is termination, because this is a serious breach of the organization’s information security policy and
access control policy. Sharing password or access with others may allow unauthorized users to access
sensitive or confidential information, or to perform malicious or fraudulent activities on behalf of the
employee. The employee should keep his or her password or access confidential and secure, and should
not disclose it to anyone under any circumstances.
Reference: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course], [ISO/IEC
27001:2022 Information technology — Security techniques — Information security management systems
— Requirements], Example of an information security policy, Example of an access control policy
7.Which of the following statements are correct for Clean Desk Policy?
A. Don't leave confidential documents on your desk.
B. Don't leave valuable items on your desk if you are not in your work area.
C. Don't leave highly confidential items.
D. Don't leave laptops without cable lock.
Answer: A,B,C
Explanation:
8.__________ is a software used or created by hackers to disrupt computer operation, gather sensitive
information, or gain access to private computer systems.
A. Trojan
B. Operating System
C. Virus
D. Malware
Answer: D
Explanation:
Malware is a software used or created by hackers to disrupt computer operation, gather sensitive
information, or gain access to private computer systems. Malware is a general term that covers various
types of malicious software, such as viruses, worms, trojans, ransomware, spyware, adware, etc.
Malware can cause serious damage to the organization’s information assets and reputation, and may
lead to legal or regulatory consequences. Therefore, the organization should implement appropriate
controls to prevent, detect and remove malware, as specified in ISO/IEC 27001:2022 clause 12.2.1.
Reference: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course], ISO/IEC
27001:2022 Information technology — Security techniques — Information security management systems
— Requirements, What is malware?
9.There is a scheduled fire drill in your facility.
What should you do?
A. Participate in the drill
B. Excuse yourself by saying you have an urgent deliverable
C. Call in sick
D. None of the above
Answer: A
Explanation:
You should participate in the drill, because this is part of the organization’s business continuity plan and
4/6
emergency response procedures. The drill is intended to test the effectiveness and efficiency of the
organization’s preparedness for fire incidents, and to ensure the safety and security of the personnel and
assets. By participating in the drill, you are demonstrating your compliance with the organization’s
information security policy and culture, as well as your awareness of the potential risks and impacts of fire
incidents. The drill is also an opportunity for you to learn and improve your skills and knowledge on how to
respond to fire emergencies.
Reference: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course], ISO/IEC
27001:2022 Information technology — Security techniques — Information security management systems
— Requirements, Why fire drills are important
10.What controls can you do to protect sensitive data in your computer when you go out for lunch?
A. You activate your favorite screen-saver
B. You are confident to leave your computer screen as is since a password protected screensaver is
installed and it is set to activate after 10 minutes of inactivity
C. You lock your computer by pressing Windows+L or CTRL-ALT-DELETE and then click "Lock
Computer".
D. You turn off the monitor
Answer: C
Explanation:
You should lock your computer by pressing Windows+L or CTRL-ALT-DELETE and then click “Lock
Computer”, because this is the most effective way to protect sensitive data in your computer when you go
out for lunch. By locking your computer, you are preventing unauthorized access to your computer and its
contents, as well as complying with the organization’s access control policy and information security
policy. Locking your computer requires a password or a biometric authentication to unlock it, which adds a
layer of security to your data. The other options are not sufficient or reliable, as they do not prevent
someone from accessing your computer or viewing your screen.
Reference: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course], ISO/IEC
27001:2022 Information technology — Security techniques — Information security management systems
— Requirements, How to lock your PC
11.An employee caught with offense of abusing the internet, such as P2P file sharing or video/audio
streaming, will not receive a warning for committing such act but will directly receive an IR.
A. True
B. False
Answer: A
Explanation:
According to ISO/IEC 27001:2022, clause A.8.1.5, the organization should establish and implement a
clear policy on the acceptable use of information assets, including the internet. The policy should define
the rules and consequences for violating them, such as disciplinary actions or legal sanctions. The policy
should also be communicated to all users and relevant parties. Therefore, if an employee is caught
abusing the internet, such as P2P file sharing or video/audio streaming, they will not receive a warning but
will directly receive an IR (incident report), which is a formal record of the incident and its impact, as well
as the corrective actions taken or planned.
Reference: CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor (Information Security Management
5/6
Systems) Course Handbook, page 54; [ISO/IEC 27001:2022], clause A.8.1.5.
12.We can leave laptops during weekdays or weekends in locked bins.
A. True
B. False
Answer: B
Explanation:
According to ISO/IEC 27001:2022, clause A.11.2.9, the organization should protect mobile devices and
media containing sensitive information from unauthorized access, loss or theft. The organization should
also implement appropriate encryption techniques and backup procedures for such devices and media.
Therefore, leaving laptops in locked bins during weekdays or weekends is not a secure practice, as it
exposes them to potential theft or damage. Laptops should be stored in a safe location when not in use,
such as a locked cabinet or drawer, and should be protected by passwords or biometric authentication.
Reference: CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor (Information Security Management
Systems) Course Handbook, page 58; [ISO/IEC 27001:2022], clause A.11.2.9.
13.Access Control System, CCTV and security guards are form of:
A. Environment Security
B. Access Control
C. Physical Security
D. Compliance
Answer: C
Explanation:
According to ISO/IEC 27001:2022, clause A.11.1.1, the organization should implement physical and
environmental security measures to prevent unauthorized access, damage or interference to the
premises and information assets. Such measures include access control systems, CCTV cameras and
security guards, which are forms of physical security. Physical security is different from environment
security, which refers to the protection of information assets from natural disasters, fire, water, dust, etc.,
and from access control, which refers to the restriction of access rights to information assets based on
business needs and security policies.
Reference: CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor (Information Security Management
Systems) Course Handbook, page 57; [ISO/IEC 27001:2022], clause A.11.1.1.
14.Which of the following does a lack of adequate security controls represent?
A. Asset
B. Vulnerability
C. Impact
D. Threat
Answer: B
6/6
Download