ISO-IEC-27001-LEAD-AUDITOR Online Practice Questions and Answers

A hacker gains access to a web server and reads the credit card numbers stored on that server. Which security principle is violated?

A. Availability

B. Confidentiality

C. Integrity

D. Authenticity

Cabling Security is associated with Power, telecommunication and network cabling carrying information are protected from interception and damage.

A. True

B. False

Which of the following is a preventive security measure?

A. Installing logging and monitoring software

B. Shutting down the Internet connection after an attack

C. Storing sensitive information in a data save

A well-executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives. What is not one of the four main objectives of a risk analysis?

A. Identifying assets and their value

B. Implementing counter measures

C. Establishing a balance between the costs of an incident and the costs of a security measure

D. Determining relevant vulnerabilities and threats

Who is authorized to change the classification of a document?

A. The author of the document

B. The administrator of the document

C. The owner of the document

D. The manager of the owner of the document

What is a reason for the classification of information?

A. To provide clear identification tags

B. To structure the information according to its sensitivity

C. Creating a manual describing the BYOD policy

You receive the following mail from the IT support team: Dear User,Starting next week, we will be deleting all inactive email accounts in order to create spaceshare the below details in order to continue using your account. In case of no

response,

Name:

Email ID:

Password:

DOB:

Kindly contact the webmail team for any further support. Thanks for your attention.

Which of the following is the best response?

A. Ignore the email

B. Respond it by saying that one should not share the password with anyone

C. One should not respond to these mails and report such email to your supervisor

The following are purposes of Information Security, except:

A. Ensure Business Continuity

B. Minimize Business Risk

C. Increase Business Assets

D. Maximize Return on Investment

What type of measure involves the stopping of possible consequences of security incidents?

A. Corrective

B. Detective

C. Repressive

D. Preventive

Which of the following is a possible event that can have a disruptive effect on the reliability of information?

A. Threat

B. Risk

C. Vulnerability

D. Dependency