Free Access To ISO-IEC-27001 Lead Implementer Exam Questions and Answers

test2022-03-04T06:43:05+00:00

How to pass your SO-IEC-27001 Lead Implementer Exam? If you can achieve PECB Certified ISO/IEC 27001 Lead Implementer credential, it demonstrates your ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001. FreeTestShare will help you quickly pass the ISO-IEC-27001 Lead Implementer Exam with actual questions and answers. Download 100 percent precise updated and latest ISO-IEC-27001 Lead Implementer Exam dumps and a success rate of 100 percent in the first attempt with high marks.

Free Access To ISO-IEC-27001 Lead Implementer Exam Questions and Answers

Page 1 of 2

1. What is the most important reason for applying the segregation of duties?

Segregation of duties makes it clear who is responsible for what.

Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.

Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.

Segregation of duties makes it easier for a person who is ready with his or her part of the work to take time off or to take over the work of another person.

2. What is the best way to comply with legislation and regulations for personal data protection?

Performing a threat analysis

Maintaining an incident register

Performing a vulnerability analysis

Appointing the responsibility to someone

3. Of the following, which is the best organization or set of organizations to contribute to compliance?

IT only

IT, business management, HR and legal

IT and management

IT and legal

4. It is allowed that employees and contractors are provided with an anonymous reporting channel to report violations of information security policies or procedures (“whistle blowing”)

True

False

5. The identified owner of an asset is always an individual

True

False

6. Midwest Insurance grades the monthly report of all claimed losses per insured as confidential.

What is accomplished if all other reports from this insurance office are also assigned the appropriate grading?

The costs for automating are easier to charge to the responsible departments.

A determination can be made as to which report should be printed first and which ones can wait a little longer.

Everyone can easily see how sensitive the reports' contents are by consulting the grading label.

Reports can be developed more easily and with fewer errors.

7. Select risk control activities for domain "10. Encryption" of ISO / 27002: 2013 (Choose two)

Work in safe areas

Cryptographic Controls Use Policy

Physical security perimeter

Key management

8. ISO 27002 provides guidance in the following area

PCI environment scoping

Information handling recommendations

Framework for an overall security and compliance program

Detailed lists of required policies and procedures

9. Why is compliance important for the reliability of the information?

Compliance is another word for reliability. So, if a company indicates that it is compliant, it means that the information is managed properly.

By meeting the legislative requirements and the regulations of both the government and internal management, an organization shows that it manages its information in a sound manner.

When an organization employs a standard such as the ISO/IEC 27002 and uses it everywhere, it is compliant and therefore it guarantees the reliability of its information.

When an organization is compliant, it meets the requirements of privacy legislation and, in doing so, protects the reliability of its information.

10. What is an example of a good physical security measure?

All employees and visitors carry an access pass.

Printers that are defective or have been replacedare immediately removed and given away as garbage for recycling.

Maintenance staff can be given quick and unimpeded access to the server area in the event of disaster.

Page 2 of 2

11. 1.True or False: Organizations allowing teleworking activities, the physical security of the building and the local environment of the teleworking site should be considered

True

False

12. What is the ISO / IEC 27002 standard?

It is a guide of good practices that describes the control objectives and recommended controls regarding information security.

It is a guide that focuses on the critical aspects necessary for the successful design and implementation of an ISMS in accordance with ISO / IEC 27001

It is a guide for the development and use of applicable metrics and measurement techniques to determine the effectiveness of an ISMS and the controls or groups of controls implemented according to ISO / IEC 27001.

13. What sort of security does a Public Key Infrastructure (PKI) offer?

It provides digital certificates that can be used to digitally sign documents. Such signatures irrefutably determine from whom a document was sent.

Having a PKI shows customers that a web-based business is secure.

By providing agreements, procedures and an organization structure, a PKI defines which person or which system belongs to which specific public key.

A PKI ensures that backups of company data are made on a regular basis.