New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Certensure Logo
  1. Home
  2. GAQM
  3. GAQM: ISO | ISO Certifications
  4. ISO-IEC-LI - ISO / IEC 27002 - Lead Implementer

GAQM ISO-IEC-LI ISO / IEC 27002 - Lead Implementer Exam Practice Test

Demo: 7 questions
Total 50 questions
Get ISO-IEC-LI Full Access Download ISO-IEC-LI PDF

ISO / IEC 27002 - Lead Implementer Questions and Answers

Question 1

What is the ISO / IEC 27002 standard?

Options:

A.

It is a guide of good practices that describes the control objectives and recommended controls regarding information security.

B.

It is a guide that focuses on the critical aspects necessary for the successful design and implementation of an ISMS in accordance with ISO / IEC 27001

C.

It is a guide for the development and use of applicable metrics and measurement techniques to determine the effectiveness of an ISMS and the controls or groups of controls implemented according to ISO / IEC 27001.

Question 2

You are a consultant and are regularly hired by the Ministry of Defense to perform analysis. Since the assignments are irregular, you outsource the administration of your business to temporary workers. You don't want the temporary workers to have access to your reports.

Which reliability aspect of the information in your reports must you protect?

Options:

A.

Availability

B.

Integrity

C.

Confidentiality

Question 3

The company Midwest Insurance has taken many measures to protect its information. It uses an Information Security Management System, the input and output of data in applications is validated, confidential documents are sent in encrypted form and staff use tokens to access information systems. Which of these is not a technical measure?

Options:

A.

Information Security Management System

B.

The use of tokens to gain access to information systems

C.

Validation of input and output data in applications

D.

Encryption of information

Question 4

Companies use 27002 for compliance for which of the following reasons:

Options:

A.

A structured program that helps with security and compliance

B.

Explicit requirements for all regulations

C.

Compliance with ISO 27002 is sufficient to comply with all regulations

Question 5

What is the greatest risk for an organization if no information security policy has been defined?

Options:

A.

If everyone works with the same account, it is impossible to find out who worked on what.

B.

Information security activities are carried out by only a few people.

C.

Too many measures are implemented.

D.

It is not possible for an organization to implement information security in a consistent manner.

Question 6

Who is accountable to classify information assets?

Options:

A.

the CEO

B.

the CISO

C.

the Information Security Team

D.

the asset owner

Question 7

What is the best description of a risk analysis?

Options:

A.

A risk analysis is a method of mapping risks without looking at company processes.

B.

A risk analysis helps to estimate the risks and develop the appropriate security measures.

C.

A risk analysis calculates the exact financial consequences of damages.

Load More ISO-IEC-LI Questions
Demo: 7 questions
Total 50 questions
Get ISO-IEC-LI Full Access Download ISO-IEC-LI PDF