ISO 27001 : 2013 – Certified Lead Auditor ISO27-13-001 Real Exam Dumps

1. Which of the following statements are correct for Clean Desk Policy?

2. Changes on project-managed applications or database should undergo the change control process as documented.

3. What type of legislation requires a proper controlled purchase process?

4. Which is not a requirement of HR prior to hiring?

5. Information or data that are classified as ______ do not require labeling.

6. What is a repressive measure in case of a fire?

7. What type of measure involves the stopping of possible consequences of security incidents?

8. Access Control System, CCTV and security guards are form of:

9. -------------------------is an asset like other important business assets has value to an organization and consequently needs to be protected.

10. Implement plan on a test basis - this comes under which section of PDCA

11. Why do we need to test a disaster recovery plan regularly, and keep it up to date?

12. Phishing is what type of Information Security Incident?

13. CEO sends a mail giving his views on the status of the company and the company’s future strategy and the CEO's vision and the employee's part in it. The mail should be classified as

14. A member of staff denies sending a particular message.

Which reliability aspect of information is in danger here?

15. What is social engineering?

16. What is the goal of classification of information?

17. You have a hard copy of a customer design document that you want to dispose off.

What would you do

18. You receive the following mail from the IT support team: Dear User, Starting next week, we will be deleting all inactive email accounts in order to create spaceshare the below details in order to continue using your account.

In case of no response,

Name:

Email ID:

Password:

DOB:

Kindly contact the webmail team for any further support. Thanks for your attention.

Which of the following is the best response?

19. As a new member of the IT department you have noticed that confidential information has been leaked several times. This may damage the reputation of the company. You have been asked to propose an

organisational measure to protect laptop computers.

What is the first step in a structured approach to come up with this measure?

20. An administration office is going to determine the dangers to which it is exposed.

What do we call a possible event that can have a disruptive effect on the reliability of information?

21. A well-executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives.

What is not one of the four main objectives of a risk analysis?

22. You see a blue color sticker on certain physical assets.

What does this signify?

23. How are data and information related?

24. CMM stands for?

25. Who are allowed to access highly confidential files?

26. What is an example of a human threat?

27. A property of Information that has the ability to prove occurrence of a claimed event.

28. An employee caught temporarily storing an MP3 file in his workstation will not receive an IR.

29. Which reliability aspect of information is compromised when a staff member denies having sent a message?

30. What type of compliancy standard, regulation or legislation provides a code of practice for information security?