ISO 27001:2013 ISMS - Certified Lead Auditor (ISO-ISMS-LA) Practice Test

Questions # 11:

A couple of years ago you started your company which has now grown from 1 to 20 employees. Your company’s information is worth more and more and gone are the days when you could keep control yourself. You are aware that you have to take measures, but what should they be? You hire a consultant who advises you to start with a qualitative risk analysis.

What is a qualitative risk analysis?

Options:

This analysis follows a precise statistical probability calculation in order to calculate exact loss caused by damage.

This analysis is based on scenarios and situations and produces a subjective view of the possible threats.

Questions # 12:

What is the standard definition of ISMS?

Options:

Is an information security systematic approach to achieve business objectives for implementation, establishing, reviewing,operating and maintaining organization's reputation.

A company wide business objectives to achieve information security awareness for establishing, implementing, operating, monitoring, reviewing, maintaining and improving

A project-based approach to achieve business objectives for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an organization’s information security

A systematic approach for establishing, implementing, operating,monitoring, reviewing, maintaining and improving an organization’s information security to achieve business objectives.

Questions # 13:

We can leave laptops during weekdays or weekends in locked bins.

Options:

True

False

Questions # 14:

In what part of the process to grant access to a system does the user present a token?

Options:

Authorisation

Verification

Authentication

Identification

Questions # 15:

You see a blue color sticker on certain physical assets. What does this signify?

Options:

The asset is very high critical and its failure affects the entire organization

The asset with blue stickers should be kept air conditioned at all times

The asset is high critical and its failure will affect a group/s/project's work in the organization

The asset is critical and the impact is restricted to an employee only

Questions # 16:

Cabling Security is associated with Power, telecommunication and network cabling carrying information are protected from interception and damage.

Options:

True

False

Questions # 17:

Availability means

Options:

Service should be accessible at the required time and usable by all

Service should be accessible at the required time and usable only by the authorized entity

Service should not be accessible when required

Questions # 18:

An employee caught temporarily storing an MP3 file in his workstation will not receive an IR.

Options:

True

False

Questions # 19:

Four types of Data Classification (Choose two)

Options:

Restricted Data, Confidential Data

Project Data, Highly Confidential Data

Financial Data, Highly Confidential Data

Unrestricted Data, Highly Confidential Data

Questions # 20:

What is the purpose of an Information Security policy?

Options:

An information security policy makes the security plan concrete by providing the necessary details

An information security policy provides insight into threats and the possible consequences

An information security policy provides direction and support to the management regarding information security

An information security policy documents the analysis of risks and the search for countermeasures

Viewing page 2 out of 3 pages

Viewing questions 11-20 out of questions

Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Pass the GAQM: ISO ISO-ISMS-LA Questions and answers with ExamsMirror

Exam ISO-ISMS-LA Premium Access

Options:

Options:

Options:

Options:

Options:

Options:

Options:

Options:

Options:

Options:

TOP CODES