ISO-ISMS-LA無料問題集「GAQM ISO 27001 : 2013 ISMS

質問 1

Which of the following is a possible event that can have a disruptive effect on the reliability of information?

（A）Threat

（B）Risk

（C）Dependency

（D）Vulnerability

正解：A 解答を投票する

質問 2

Why do we need to test a disaster recovery plan regularly, and keep it up to date?

（A）Otherwise it is no longer up to date with the registration of daily occurring faults

（B）Otherwise the measures taken and the incident procedures planned may not be adequate

（C）Otherwise remotely stored backups may no longer be available to the security team

正解：B 解答を投票する

質問 3

What type of measure involves the stopping of possible consequences of security incidents?

（A）Preventive

（B）Corrective

（C）Repressive

（D）Detective

正解：C 解答を投票する

質問 4

As a new member of the IT department you have noticed that confidential information has been leaked several times. This may damage the reputation of the company. You have been asked to propose an organisational measure to protect laptop computers. What is the first step in a structured approach to come up with this measure?

（A）Formulate a policy

（B）Set up an access control procedure

（C）Appoint security staff

（D）Encrypt all sensitive information

正解：A 解答を投票する

質問 5

Which of the following does a lack of adequate security controls represent?

（A）Threat

（B）Impact

（C）Vulnerability

（D）Asset

正解：C 解答を投票する

質問 6

The computer room is protected by a pass reader. Only the System Management department has a pass.
What type of security measure is this?

（A）a physical security measure

（B）a logical security measure

（C）a repressive security measure

（D）a corrective security measure

正解：A 解答を投票する

質問 7

We can leave laptops during weekdays or weekends in locked bins.

（A）False

（B）True

正解：A 解答を投票する

質問 8

Implement plan on a test basis - this comes under which section of PDCA

（A）Act

（B）Check

（C）Do

（D）Plan

正解：C 解答を投票する

質問 9

A couple of years ago you started your company which has now grown from 1 to 20 employees. Your company's information is worth more and more and gone are the days when you could keep control yourself.
You are aware that you have to take measures, but what should they be? You hire a consultant who advises you to start with a qualitative risk analysis.
What is a qualitative risk analysis?

（A）This analysis follows a precise statistical probability calculation in order to calculate exact loss caused by damage.

（B）This analysis is based on scenarios and situations and produces a subjective view of the possible threats.

正解：B 解答を投票する

質問 10

What type of system ensures a coherent Information Security organisation?

（A）Information Security Management System (ISMS)

（B）Information Exchange Data System (IEDS)

（C）Information Technology Service Management System (ITSM)

（D）Federal Information Security Management Act (FISMA)

正解：A 解答を投票する

ISO-ISMS-LA 無料問題集「GAQM ISO 27001 : 2013 ISMS - Certified Lead Auditor」

弊社を連絡する

関連リンク

トップ試験