ISO-IEC-27001-LEAD-AUDITOR Online Practice Questions and Answers

Does the security have the right to ask you to display your ID badges and check your bags?

A. True

B. False

Which of the following statements are correct for Clean Desk Policy? (Choose three)

A. Don't leave confidential documents on your desk.

B. Don't leave valuable items on your desk if you are not in your work area.

C. Don't leave highly confidential items.

D. Don't leave laptops without cable lock.

We can leave laptops during weekdays or weekends in locked bins.

A. True

B. False

What is the relationship between data and information?

A. Data is structured information.

B. Information is the meaning and value assigned to a collection of data.

Stages of Information:

A. creation, evolution, maintenance, use, disposition

B. creation, use, disposition, maintenance, evolution

C. creation, distribution, use, maintenance, disposition

D. creation, distribution, maintenance, disposition, use

What controls can you do to protect sensitive data in your computer when you go out for lunch?

A. You activate your favorite screen-saver

B. You are confident to leave your computer screen as is since a password protected screensaver is installed and it is set to activate after 10 minutes of inactivity

C. You lock your computer by pressing Windows+L or CTRL-ALT-DELETE and then click "Lock Computer".

D. You turn off the monitor

In which order is an Information Security Management System set up?

A. Implementation, operation, maintenance, establishment

B. Implementation, operation, improvement, maintenance

C. Establishment, implementation, operation, maintenance

D. Establishment, operation, monitoring, improvement

How is the purpose of information security policy best described?

A. An information security policy documents the analysis of risks and the search for countermeasures.

B. An information security policy provides direction and support to the management regarding information security.

C. An information security policy makes the security plan concrete by providing it with the necessary details.

D. An information security policy provides insight into threats and the possible consequences.

The following are purposes of Information Security, except:

A. Ensure Business Continuity

B. Minimize Business Risk

C. Increase Business Assets

D. Maximize Return on Investment

What is the difference between a restricted and confidential document?

A. Restricted - to be shared among an authorized group Confidential - to be shared among named individuals

B. Restricted - to be shared among named individuals Confidential - to be shared among an authorized group

C. Restricted - to be shared among named individuals Confidential - to be shared across the organization only

D. Restricted - to be shared among named individuals Confidential - to be shared with friends and family