ISO27-13-001 Dumps
ISO27-13-001 Braindumps ISO27-13-001 Real Questions ISO27-13-001 Practice Test ISO27-13-001 Actual Questions
ISO 27001:2023 - Certified Lead Auditor
https://killexams.com/pass4sure/exam-detail/ISO27-13-001
What is the goal of classification of information?
To create a manual about how to handle mobile devices
Applying labels making the information easier to recognize
Structuring information according to its sensitivity
You have a hard copy of a customer design document that you want to dispose off. What would you do
Throw it in any dustbin
Shred it using a shredder
Give it to the office boy to reuse it for other purposes
Be environment friendly and reuse it for writing
You receive the following mail from the IT support team: Dear User, Starting next week, we will be deleting all inactive email accounts in order to create spaceshare the below details in order to continue using your account.
In case of no response, Name:
Email ID: Password: DOB:
Kindly contact the webmail team for any further support. Thanks for your attention. Which of the following is the best response?
Ignore the email
Respond it by saying that one should not share the password with anyone
One should not respond to these mails and report such email to your supervisor
As a new member of the IT department you have noticed that confidential information has been leaked several times.
This may damage the reputation of the company. You have been asked to propose an
organisational measure to protect laptop computers.
What is the first step in a structured approach to come up with this measure?
Appoint security staff
Encrypt all sensitive information
Formulate a policy
Set up an access control procedure
An administration office is going to determine the dangers to which it is exposed.
What do we call a possible event that can have a disruptive effect on the reliability of information?
dependency
threat
vulnerability
risk
A well-executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives. What is not one of the four main objectives of a risk analysis?
Identifying assets and their value
Implementing counter measures
Establishing a balance between the costs of an incident and the costs of a security measure
Determining relevant vulnerabilities and threats
You see a blue color sticker on certain physical assets. What does this signify?
The asset is very high critical and its failure affects the entire organization
The asset with blue stickers should be kept air conditioned at all times
The asset is high critical and its failure will affect a group/s/project's work in the organization
The asset is critical and the impact is restricted to an employee only
How are data and information related?
Data is a collection of structured and unstructured information
Information consists of facts and statistics collected together for reference or analysis
When meaning and value are assigned to data, it becomes information
Capability Maturity Matrix
Capacity Maturity Matrix
Capability Maturity Model
Capable Mature Model
Who are allowed to access highly confidential files?
Employees with a business need-to-know
Contractors with a business need-to-know
Employees with signed NDA have a business need-to-know
Non-employees designated with approved access and have signed NDA
What is an example of a human threat?
a lightning strike
fire
phishing
thunderstrom
A property of Information that has the ability to prove occurrence of a claimed event.
Electronic chain letters
Integrity
Availability
Accessibility
An employee caught temporarily storing an MP3 file in his workstation will not receive an IR.
True
False
Which reliability aspect of information is compromised when a staff member denies having sent a message?
Confidentiality
Integrity
Availability
Correctness
What type of compliancy standard, regulation or legislation provides a code of practice for information security?
ISO/IEC 27002
Personal data protection act
Computer criminality act
IT Service Management