ISO-IEC-LI Online Practice Questions and Answers

One of the ways Internet of Things (IoT) devices can communicate with each other (or `the outside world') is using a so-called short-range radio protocol. Which kind of short-range radio protocol makes it possible to use your phone as a credit card?

A. Near Field Communication (NFC)

B. Bluetooth

C. Radio Frequency Identification (RFID)

D. The 4G protocol

You are a consultant and are regularly hired by the Ministry of Defense to perform analysis. Since the

assignments are irregular, you outsource the administration of your business to temporary workers. You

don't want the temporary workers to have access to your reports.

Which reliability aspect of the information in your reports must you protect?

A. Availability

B. Integrity

C. Confidentiality

It is allowed that employees and contractors are provided with an anonymous reporting channel to report violations of information security policies or procedures ("whistle blowing")

A. True

B. False

Companies use 27002 for compliance for which of the following reasons:

A. A structured program that helps with security and compliance

B. Explicit requirements for all regulations

C. Compliance with ISO 27002 is sufficient to comply with all regulations

Which is a legislative or regulatory act related to information security that can be imposed upon all organizations?

A. ISO/IEC 27001:2005

B. Intellectual Property Rights

C. ISO/IEC 27002:2005

D. Personal data protection legislation

Logging in to a computer system is an access-granting process consisting of three steps: identification, authentication and authorization.

What occurs during the first step of this process: identification?

A. The first step consists of checking if the user is using the correct certificate.

B. The first step consists of checking if the user appears on the list of authorized users.

C. The first step consists of comparing the password with the registered password.

D. The first step consists of granting access to the information to which the user is authorized.

You apply for a position in another company and get the job. Along with your contract, you are asked to sign a code of conduct. What is a code of conduct?

A. A code of conduct specifies how employees are expected to conduct themselves and is the same for all companies.

B. A code of conduct is a standard part of a labor contract.

C. A code of conduct differs from company to company and specifies, among other things, the rules of behavior with regard to the usage of information systems.

What is an example of a good physical security measure?

A. All employees and visitors carry an access pass.

B. Printers that are defective or have been replaced are immediately removed and given away as garbage for recycling.

C. Maintenance staff can be given quick and unimpeded access to the server area in the event of disaster.

You have just started working at a large organization. You have been asked to sign a code of conduct as well as a contract. What does the organization wish to achieve with this?

A. A code of conduct helps to prevent the misuse of IT facilities.

B. A code of conduct is a legal obligation that organizations have to meet.

C. A code of conduct prevents a virus outbreak.

D. A code of conduct gives staff guidance on how to report suspected misuses of IT facilities.

Which of the following measures is a preventive measure?

A. Installing a logging system that enables changes in a system to be recognized

B. Shutting down all internet traffic after a hacker has gained access to the company systems

C. Putting sensitive information in a safe

D. Classifying a risk as acceptable because the cost of addressing the threat is higher than the value of the information at risk