New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

GAQM ISO27-13-001 ISO 27001 : 2013 - Certified Lead Auditor Exam Practice Test

Page: 1 / 10
Total 100 questions

ISO 27001 : 2013 - Certified Lead Auditor Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$37.5  $124.99

PDF Study Guide

  • Product Type: PDF Study Guide
$33  $109.99
Question 1

What is the goal of classification of information?

Options:

A.

To create a manual about how to handle mobile devices

B.

Applying labels making the information easier to recognize

C.

Structuring information according to its sensitivity

Question 2

An employee caught with offense of abusing the internet, such as P2P file sharing or video/audio streaming, will not receive a warning for committing such act but will directly receive an IR.

Options:

A.

True

B.

False

Question 3

Why do we need to test a disaster recovery plan regularly, and keep it up to date?

Options:

A.

Otherwise the measures taken and the incident procedures planned may not be adequate

B.

Otherwise it is no longer up to date with the registration of daily occurring faults

C.

Otherwise remotely stored backups may no longer be available to the security team

Question 4

What is social engineering?

Options:

A.

A group planning for a social activity in the organization

B.

Creating a situation wherein a third party gains confidential information from you

C.

The organization planning an activity for welfare of the neighborhood

Question 5

The following are purposes of Information Security, except:

Options:

A.

Ensure Business Continuity

B.

Minimize Business Risk

C.

Increase Business Assets

D.

Maximize Return on Investment

Question 6

What is the standard definition of ISMS?

Options:

A.

Is an information security systematic approach to achieve business objectives for implementation, establishing, reviewing,operating and maintaining organization's reputation.

B.

A company wide business objectives to achieve information security awareness for establishing, implementing, operating, monitoring, reviewing, maintaining and improving

C.

A project-based approach to achieve business objectives for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organization’s information security

D.

A systematic approach for establishing, implementing,operating,monitoring, reviewing, maintaining and improving an organization’s information security to achieve business objectives.

Question 7

Which of the following statements are correct for Clean Desk Policy?

Options:

A.

Don't leave confidential documents on your desk.

B.

Don't leave valuable items on your desk if you are not in your work area.

C.

Don't leave highly confidential items.

D.

Don't leave laptops without cable lock.

Question 8

You see a blue color sticker on certain physical assets. What does this signify?

Options:

A.

The asset is very high critical and its failure affects the entire organization

B.

The asset with blue stickers should be kept air conditioned at all times

C.

The asset is high critical and its failure will affect a group/s/project's work in the organization

D.

The asset is critical and the impact is restricted to an employee only

Question 9

The following are definitions of Information, except:

Options:

A.

accurate and timely data

B.

specific and organized data for a purpose

C.

mature and measurable data

D.

can lead to understanding and decrease in uncertainty

Question 10

Changes to the information processing facilities shall be done in controlled manner.

Options:

A.

True

B.

False

Question 11

As a new member of the IT department you have noticed that confidential information has been leaked several times. This may damage the reputation of the company. You have been asked to propose an

organisational measure to protect laptop computers. What is the first step in a structured approach to come up with this measure?

Options:

A.

Appoint security staff

B.

Encrypt all sensitive information

C.

Formulate a policy

D.

Set up an access control procedure

Question 12

Does the security have the right to ask you to display your ID badges and check your bags?

Options:

A.

True

B.

False

Question 13

Which of the following factors does NOT contribute to the value of data for an organisation?

Options:

A.

The correctness of data

B.

The indispensability of data

C.

The importance of data for processes

D.

The content of data

Question 14

What is the difference between a restricted and confidential document?

Options:

A.

Restricted - to be shared among an authorized group

Confidential - to be shared among named individuals

B.

Restricted - to be shared among named individuals

Confidential - to be shared among an authorized group

C.

Restricted - to be shared among named individuals

Confidential - to be shared across the organization only

D.

Restricted - to be shared among named individuals

Confidential - to be shared with friends and family

Question 15

Who is responsible for Initial asset allocation to the user/custodian of the assets?

Options:

A.

Asset Manager

B.

Asset Owner

C.

Asset Practitioner

D.

Asset Stakeholder

Page: 1 / 10
Total 100 questions