GAQM ISO-IEC-LI Exam Questions Instant Access

Question 1

An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry date of a contract with one of the clients is earlier than the start date. What type of measure could prevent this error?

AAvailability measure

BIntegrity measure

COrganizational measure

DTechnical measure

Answer : D

Question 2

Logging in to a computer system is an access-granting process consisting of three steps: identification, authentication and authorization. What occurs during the first step of this process: identification?

AThe first step consists of checking if the user is using the correct certificate.

BThe first step consists of checking if the user appears on the list of authorized users.

CThe first step consists of comparing the password with the registered password.

DThe first step consists of granting access to the information to which the user is authorized.

Answer : B

Question 3

What does the Information Security Policy describe?

Ahow the InfoSec-objectives will be reached

Bwhich InfoSec-controls have been selected and taken

Cwhat the implementation-planning of the information security management system is

Dwhich Information Security-procedures are selected

Answer : A

Question 4

A non-human threat for computer systems is a flood. In which situation is a flood always a relevant threat?

AIf the risk analysis has not been carried out.

BWhen computer systems are kept in a cellar below ground level.

CWhen the computer systems are not insured.

DWhen the organization is located near a river.

Answer : B

Question 5

What do employees need to know to report a security incident?

AHow to report an incident and to whom.

BWhether the incident has occurred before and what was the resulting damage.

CThe measures that should have been taken to prevent the incident in the first place.

DWho is responsible for the incident and whether it was intentional.

Answer : A

Question 6

You are the owner of a growing company, SpeeDelivery, which provides courier services. You decide that it is time to draw up a risk analysis for your information system. This includes an inventory of threats and risks. What is the relation between a threat, risk and risk analysis?

AA risk analysis identifies threats from the known risks.

BA risk analysis is used to clarify which threats are relevant and what risks they involve.

CA risk analysis is used to remove the risk of a threat.

DRisk analyses help to find a balance between threats and risks.

Answer : B

Question 7

What is an example of a security incident?

AThe lighting in the department no longer works.

BA member of staff loses a laptop.

CYou cannot set the correct fonts in your word processing software.

DA file is saved under an incorrect name.

Answer : B

GAQM ISO / IEC 27002 - Lead Implementer ISO-IEC-LI Exam Questions