ISO-ISMS-LA試験無料問題集（99題）「GAQM ISO 27001 : 2013 ISMS

出題：1

A decent visitor is roaming around without visitor's ID. As an employee you should do the following, except:

A. Greet and ask him what is his business

B. Escort him to his destination

C. Say "hi" and offer coffee

D. Call the receptionist and inform about the visitor

正解：C 解答を投票する

出題：2

A couple of years ago you started your company which has now grown from 1 to 20 employees. Your company's information is worth more and more and gone are the days when you could keep control yourself.
You are aware that you have to take measures, but what should they be? You hire a consultant who advises you to start with a qualitative risk analysis.
What is a qualitative risk analysis?

A. This analysis follows a precise statistical probability calculation in order to calculate exact loss caused by damage.

B. This analysis is based on scenarios and situations and produces a subjective view of the possible threats.

正解：B 解答を投票する

出題：3

What is the name of the system that guarantees the coherence of information security in the organization?

A. Security regulations for special information for the government

B. Rootkit

C. Information Security Management System (ISMS)

D. Information Technology Service Management (ITSM)

正解：C 解答を投票する

出題：4

What is an example of a human threat?

A. thunderstrom

B. fire

C. phishing

D. a lightning strike

正解：C 解答を投票する

出題：5

There is a network printer in the hallway of the company where you work. Many employees don't pick up their printouts immediately and leave them on the printer.
What are the consequences of this to the reliability of the information?

A. The confidentiality of the information is no longer guaranteed.

B. The availability of the information is no longer guaranteed.

C. The integrity of the information is no longer guaranteed.

D. The Security of the information is no longer guaranteed.

正解：B 解答を投票する

出題：6

The following are definitions of Information, except:

A. specific and organized data for a purpose

B. mature and measurable data

C. can lead to understanding and decrease in uncertainty

D. accurate and timely data

正解：B 解答を投票する

出題：7

Which of the following is a technical security measure?

A. User role profiles.

B. Encryption

C. Safe storage of backups

D. Security policy

正解：B 解答を投票する

出題：8

Who is responsible for Initial asset allocation to the user/custodian of the assets?

A. Asset Owner

B. Asset Manager

C. Asset Practitioner

D. Asset Stakeholder

正解：A 解答を投票する

出題：9

What is the standard definition of ISMS?

A. A systematic approach for establishing, implementing, operating,monitoring, reviewing, maintaining and improving an organization's information security to achieve business objectives.

B. A company wide business objectives to achieve information security awareness for establishing, implementing, operating, monitoring, reviewing, maintaining and improving

C. A project-based approach to achieve business objectives for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organization's information security

D. Is an information security systematic approach to achieve business objectives for implementation, establishing, reviewing,operating and maintaining organization's reputation.

正解：A 解答を投票する

出題：10

Someone from a large tech company calls you on behalf of your company to check the health of your PC, and therefore needs your user-id and password. What type of threat is this?

A. Social engineering threat

B. Malware threat

C. Organisational threat

D. Technical threat

正解：A 解答を投票する

ISO-ISMS-LA試験無料問題集「GAQM ISO 27001 : 2013 ISMS - Certified Lead Auditor 認定」