ISO-IEC-27001
Lead Implementer
https://www.certspots.com/exam/iso-iec-27001-lead-implementer/
ISO-IEC-27001 Lead Implementer Dumps
1. What is an example of a good physical security measure?
A. All employees and visitors carry an access pass.
B. Printers that are defective or have been replaced are immediately
removed and given away as garbage for recycling.
C. Maintenance staff can be given quick and unimpeded access to
the server area in the event of disaster.
Answer: A
ISO-IEC-27001 Lead Implementer Dumps
2. The company Midwest Insurance has taken many measures to protect its
information. It uses an Information Security Management System, the input
and output of data in applications is validated, confidential documents are
sent in encrypted form and staff use tokens to access information systems.
Which of these is not a technical measure?
A. Information Security Management System
B. The use of tokens to gain access to information systems
C. Validation of input and output data in applications
D. Encryption of information
Answer: A
ISO-IEC-27001 Lead Implementer Dumps
3. Which of these control objectives are NOT in the domain "12.
OPERATIONAL SAFETY"?
A. Protection against malicious code
B. Redundancies
C. Test data
D. Technical vulnerability management
Answer: B
ISO-IEC-27001 Lead Implementer Dumps
4. What should be used to protect data on removable media if data
confidentiality or integrity are important considerations?
A. backup on another removable medium
B. cryptographic techniques
C. a password
D. logging
Answer: B
ISO-IEC-27001 Lead Implementer Dumps
5. Which security controls must be implemented to comply with
ISO/IEC 27001?
A. Those designed by the organization only
B. Those included in the risk treatment plan
C. Those listed in Annex A of ISO/IEC 27001, without any exception
Answer: B
ISO-IEC-27001 Lead Implementer Dumps
6. How can Invalid Electric's ensure that Us employees are prepared
for the audit?
A. By conducting practice Interviews with the employees
B. By allowing the employees to observe the technologies used
C. By showing the employees the internal audit reports so they can
anticipate the questions asked by the auditor
Answer: A
ISO-IEC-27001 Lead Implementer Dumps
7. An organization has established a policy that provides the
personnel with the information required to effectively deploy
encryption solutions in order to protect organizational confidential
data. What type of policy is this?
A. High-level general policy
B. High-level topic-specific policy
C. Topic-specific policy
Answer: A
ISO-IEC-27001 Lead Implementer Dumps
8. Which situation presented in scenario 8 is not in compliance with
ISO/IEC 27001 requirements?
A. Emma has an operational role in the HealthGenic's management
system
B. The recodification audit Is planned to be conducted two years
after HealthGenic implemented the ISMS
C. Emma had access to all offices and documentation of HealthGenic
Answer: A
ISO-IEC-27001 Lead Implementer Dumps
9. An organization documented each security control that it Implemented
by describing their functions in detail. Is this compliant with ISO/IEC 27001?
A. No, the standard requires to document only the operation of processes
and controls, so no description of each security control is needed
B. No, because the documented information should have a strict format,
including the date, version number and author identification
C. Yes, but documenting each security control and not the process in
general will make it difficult to review the documented information
Answer: C
ISO-IEC-27001 Lead Implementer Dumps
10. You are the owner of a growing company, SpeeDelivery, which provides
courier services. You decide that it is time to draw up a risk analysis for your
information system. This includes an inventory of threats and risks. What is
the relation between a threat, risk and risk analysis?
A. A risk analysis identifies threats from the known risks.
B. A risk analysis is used to clarify which threats are relevant and what risks
they involve.
C. A risk analysis is used to remove the risk of a threat.
D. Risk analyses help to find a balance between threats and risks.
Answer: B