• Home
  • Blogs
  • Get Started ISO-IEC-27001-Lead-Auditor Exam [2022] Dumps PECB PDF Questions [Q20-Q41]

Get Started ISO-IEC-27001-Lead-Auditor Exam [2022] Dumps PECB PDF Questions [Q20-Q41]

Share

Get Started: ISO-IEC-27001-Lead-Auditor Exam [2021] Dumps PECB PDF Questions

ISO-IEC-27001-Lead-Auditor Premium Exam Engine pdf Download

NEW QUESTION 20
In which order is an Information Security Management System set up?

  • A. Establishment, operation, monitoring, improvement
  • B. Implementation, operation, maintenance, establishment
  • C. Implementation, operation, improvement, maintenance
  • D. Establishment, implementation, operation, maintenance

Answer: D

 

NEW QUESTION 21
You have a hard copy of a customer design document that you want to dispose off. What would you do

  • A. Shred it using a shredder
  • B. Be environment friendly and reuse it for writing
  • C. Give it to the office boy to reuse it for other purposes
  • D. Throw it in any dustbin

Answer: A

 

NEW QUESTION 22
What is social engineering?

  • A. The organization planning an activity for welfare of the neighborhood
  • B. A group planning for a social activity in the organization
  • C. Creating a situation wherein a third party gains confidential information from you

Answer: C

 

NEW QUESTION 23
A hacker gains access to a webserver and can view a file on the server containing credit card numbers.
Which of the Confidentiality, Integrity, Availability (CIA) principles of the credit card file are violated?

  • A. Integrity
  • B. Confidentiality
  • C. Availability
  • D. Compliance

Answer: B

 

NEW QUESTION 24
What would be the reference for you to know who should have access to data/document?

  • A. Masterlist of Project Records (MLPR)
  • B. Access Control List (ACL)
  • C. Information Rights Management (IRM)
  • D. Data Classification Label

Answer: B

 

NEW QUESTION 25
What is the standard definition of ISMS?

  • A. Is an information security systematic approach to achieve business objectives for implementation, establishing, reviewing,operating and maintaining organization's reputation.
  • B. A company wide business objectives to achieve information security awareness for establishing, implementing, operating, monitoring, reviewing, maintaining and improving
  • C. A systematic approach for establishing, implementing, operating,monitoring, reviewing, maintaining and improving an organization's information security to achieve business objectives.
  • D. A project-based approach to achieve business objectives for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organization's information security

Answer: C

 

NEW QUESTION 26
An employee caught with offense of abusing the internet, such as P2P file sharing or video/audio streaming, will not receive a warning for committing such act but will directly receive an IR.

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 27
A planning process that introduced the concept of planning as a cycle that forms the basis for continuous improvement is called:

  • A. time based planning.
  • B. plan, do, check, act.
  • C. RACI Matrix
  • D. planning for continuous improvement.

Answer: B

 

NEW QUESTION 28
You work in the office of a large company. You receive a call from a person claiming to be from the Helpdesk. He asks you for your password.
What kind of threat is this?

  • A. Natural threat
  • B. Organizational threat
  • C. Arason
  • D. Social Engineering

Answer: D

 

NEW QUESTION 29
What is the purpose of an Information Security policy?

  • A. An information security policy provides direction and support to the management regarding information security
  • B. An information security policy provides insight into threats and the possible consequences
  • C. An information security policy documents the analysis of risks and the search for countermeasures
  • D. An information security policy makes the security plan concrete by providing the necessary details

Answer: A

 

NEW QUESTION 30
Which reliability aspect of information is compromised when a staff member denies having sent a message?

  • A. Integrity
  • B. Availability
  • C. Confidentiality
  • D. Correctness

Answer: A

 

NEW QUESTION 31
CMM stands for?

  • A. Capacity Maturity Matrix
  • B. Capability Maturity Model
  • C. Capability Maturity Matrix
  • D. Capable Mature Model

Answer: B

 

NEW QUESTION 32
Integrity of data means

  • A. Accuracy and completeness of the data
  • B. Data should be viewable at all times
  • C. Data should be accessed by only the right people

Answer: A

 

NEW QUESTION 33
Which of the following factors does NOT contribute to the value of data for an organisation?

  • A. The indispensability of data
  • B. The correctness of data
  • C. The content of data
  • D. The importance of data for processes

Answer: C

 

NEW QUESTION 34
There was a fire in a branch of the company Midwest Insurance. The fire department quickly arrived at the scene and could extinguish the fire before it spread and burned down the entire premises. The server, however, was destroyed in the fire. The backup tapes kept in another room had melted and many other documents were lost for good.
What is an example of the indirect damage caused by this fire?

  • A. Melted backup tapes
  • B. Burned computer systems
  • C. Burned documents
  • D. Water damage due to the fire extinguishers

Answer: D

 

NEW QUESTION 35
A well-executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives.
What is not one of the four main objectives of a risk analysis?

  • A. Implementing counter measures
  • B. Determining relevant vulnerabilities and threats
  • C. Identifying assets and their value
  • D. Establishing a balance between the costs of an incident and the costs of a security measure

Answer: A

 

NEW QUESTION 36
Someone from a large tech company calls you on behalf of your company to check the health of your PC, and therefore needs your user-id and password. What type of threat is this?

  • A. Organisational threat
  • B. Malware threat
  • C. Technical threat
  • D. Social engineering threat

Answer: D

 

NEW QUESTION 37
Which of the following does a lack of adequate security controls represent?

  • A. Threat
  • B. Asset
  • C. Vulnerability
  • D. Impact

Answer: C

 

NEW QUESTION 38
What is a repressive measure in case of a fire?

  • A. Repairing damage caused by the fire
  • B. Taking out a fire insurance
  • C. Putting out a fire after it has been detected by a fire detector

Answer: C

 

NEW QUESTION 39
All are prohibited in acceptable use of information assets, except:

  • A. Electronic chain letters
  • B. Company-wide e-mails with supervisor/TL permission.
  • C. E-mail copies to non-essential readers
  • D. Messages with very large attachments or to a large number ofrecipients.

Answer: B

 

NEW QUESTION 40
What type of compliancy standard, regulation or legislation provides a code of practice for information security?

  • A. IT Service Management
  • B. ISO/IEC 27002
  • C. Personal data protection act
  • D. Computer criminality act

Answer: B

 

NEW QUESTION 41
......

Pass Your PECB Exam with ISO-IEC-27001-Lead-Auditor Exam Dumps: https://www.topexamcollection.com/ISO-IEC-27001-Lead-Auditor-vce-collection.html

Verified ISO-IEC-27001-Lead-Auditor Bundle Real Exam Dumps PDF: https://drive.google.com/open?id=1wXd2bUghkrKg4X5RcGQTSbM3Pf5wfM8a 

Related Blogs

more
PECB ISO-IEC-27001-Lead-Auditor Certification Practice Exam

TopExamCollection is a professional website offering the top pass-rate Exam Collection materials so that most of candidates feel our exam materials are helpful and help them pass exam casually in first time. If you want to study and prepare efficiently our Exam Collection should be your best products.

Latest Update

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 TOPEXAMCOLLECTION.COM. Privacy Policy

Disclaimer:
TopExamCollection material do not contain actual Business Architecture Guild Exam Questions or materials. TopExamCollection doesn't offer Real Amazon Exam Questions.
CFA Institute does not endorse, promote or warrant the accuracy or quality of these questions. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
TopExamCollection does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. TopExamCollection does not own or claim any ownership on any of the brands.