This page was exported from Exam for engine [ http://blog.test4engine.com ] Export date:Mon Nov 18 2:56:34 2024 / +0000 GMT ___________________________________________________ Title: Latest [Jun 01, 2022] ISO-IEC-27001-Lead-Implementer Exam Dumps - Valid and Updated Dumps [Q11-Q30] --------------------------------------------------- Latest [Jun 01, 2022] ISO-IEC-27001-Lead-Implementer Exam Dumps - Valid and Updated Dumps Free Sales Ending Soon - 100% Valid ISO-IEC-27001-Lead-Implementer Exam Dumps with 50 Questions NO.11 You have juststarted working at a large organization. You have been asked to sign a code of conduct as well as a contract. What does the organization wish to achieve with this?  A code of conduct helps to prevent the misuse of IT facilities.  A code of conduct is alegal obligation that organizations have to meet.  A code of conduct prevents a virus outbreak.  A code of conduct gives staff guidance on how to report suspected misuses of IT facilities. NO.12 Companies use 27002 for compliance for which of the following reasons:  A structured program that helps with security and compliance  Explicit requirements for all regulations  Compliance with ISO 27002 is sufficient to comply with all regulations NO.13 Who is authorized to change the classification of a document?  The author of the document  The administrator of the document  The owner of the document  The manager of the owner of the document NO.14 What is the objective of classifying information?  Authorizing the use of an information system  Creating alabel that indicates how confidential the information is  Defining different levels of sensitivity into which information may be arranged  Displaying on the document who is permitted access NO.15 You apply for a position in another company and get the job. Along with your contract, you are asked to sign a code of conduct. What is a code of conduct?  A code ofconduct specifies how employees are expected to conduct themselves and is the same for all companies.  A code of conduct is a standard part of a labor contract.  A code of conduct differs from company to company and specifies, among other things, the rules of behavior with regard to the usage of information systems. NO.16 What is an example of a non-human threat to the physical environment?  Fraudulent transaction  Corrupted file  Storm  Virus NO.17 What sort of security does a Public Key Infrastructure (PKI) offer?  It provides digital certificates that can be used to digitally signdocuments. Such signatures irrefutably determine from whom a document was sent.  Having a PKI shows customers that a web-based business is secure.  By providing agreements, procedures and an organization structure, a PKI defines which person or which system belongs to which specific public key.  A PKI ensures that backups of company data are made on a regular basis. NO.18 Which of the following measures is a preventive measure?  Installing a logging system that enables changes in a system to be recognized  Shutting down all internet traffic after a hacker has gained access to thecompany systems  Putting sensitive information in a safe  Classifying a risk as acceptable because the cost of addressing the threat is higher than the value of the information at risk NO.19 What is an example of a good physical security measure?  All employees and visitors carry an access pass.  Printers that are defective or have been replacedare immediately removed and given away as garbage for recycling.  Maintenance staff can be given quick and unimpeded access to the server area in the event of disaster. NO.20 What is the best description of a risk analysis?  A risk analysis is a method of mapping risks without looking at company processes.  A risk analysis helps to estimate the risks and develop the appropriate security measures.  A risk analysis calculates the exact financial consequences of damages. NO.21 What is the best way to comply with legislation and regulations for personal data protection?  Performing a threat analysis  Maintaining an incident register  Performing a vulnerability analysis  Appointing the responsibility to someone NO.22 You are the owner of the courier company SpeeDelivery. You have carried out a risk analysis and now want to determine your risk strategy. You decide to take measures for the large risks but not for the small risks. What is this risk strategy called?  Risk bearing  Risk avoiding  Risk neutral  Risk passing NO.23 Which of these reliability aspects is “completeness” a part of?  Availability  Exclusivity  Integrity  Confidentiality NO.24 Physical labels and ________ are two common forms of labeling which are mentioned in ISO 27002.  metadata  teradata  bridge NO.25 What is the ISO / IEC 27002 standard?  It is a guide of good practices that describes the controlobjectives and recommended controls regarding information security.  It is a guide that focuses on the critical aspects necessary for the successful design and implementation of an ISMS in accordance with ISO / IEC 27001  It is a guide for the development and use of applicable metrics and measurement techniques to determine the effectiveness of an ISMS and the controls or groups of controls implemented according to ISO / IEC 27001. NO.26 What is the most important reason for applying the segregation of duties?  Segregation of duties makes it clear who is responsible for what.  Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.  Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.  Segregation of duties makes it easier for a person who is readywith his or her part of the work to take time off or to take over the work of another person. NO.27 Why is compliance important forthe reliability of the information?  Compliance is another word for reliability. So, if a company indicates that it is compliant, it means that the information is managed properly.  By meeting the legislative requirements and theregulations of both the government and internal management, an organization shows that it manages its information in a sound manner.  When an organization employs a standard such as the ISO/IEC 27002 and uses it everywhere, it is compliant and thereforeit guarantees the reliability of its information.  When an organization is compliant, it meets the requirements of privacy legislation and, in doing so, protects the reliability of its information. NO.28 The company Midwest Insurance has taken many measures to protect its information. It uses an Information Security Management System, the input and output of data in applications is validated, confidential documents are sent in encrypted form and staff use tokens to access information systems. Which of these is not a technical measure?  Information Security Management System  The use of tokens to gain access to information systems  Validation of input and output data in applications  Encryption ofinformation NO.29 The identified owner of an asset is always an individual  True  False NO.30 A company moves into a new building. A few weeks after the move, a visitor appears unannounced in the office of the director. An investigation shows that visitors passes grant the same access as the passes of the company’s staff. Which kind of security measure could have prevented this?  physical security measure  An organizational security measure  A technical security measure  Loading … ISO-IEC-27001-Lead-Implementer Exam Dumps - 100% Marks In ISO-IEC-27001-Lead-Implementer Exam: https://www.test4engine.com/ISO-IEC-27001-Lead-Implementer_exam-latest-braindumps.html --------------------------------------------------- Images: https://blog.test4engine.com/wp-content/plugins/watu/loading.gif https://blog.test4engine.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2022-06-01 10:31:56 Post date GMT: 2022-06-01 10:31:56 Post modified date: 2022-06-01 10:31:56 Post modified date GMT: 2022-06-01 10:31:56