GAQM ISO-IEC-LI Exam Practice Test Instant Access

Question 1

What is an example of a good physical security measure?

AAll employees and visitors carry an access pass.

BPrinters that are defective or have been replaced are immediately removed and given away as garbage for recycling.

CMaintenance staff can be given quick and unimpeded access to the server area in the event of disaster.

Answer : A

Question 2

You apply for a position in another company and get the job. Along with your contract, you are asked to sign a code of conduct. What is a code of conduct?

AA code of conduct specifies how employees are expected to conduct themselves and is the same for all companies.

BA code of conduct is a standard part of a labor contract.

CA code of conduct differs from company to company and specifies, among other things, the rules of behavior with regard to the usage of information systems.

Answer : C

Question 3

A company moves into a new building. A few weeks after the move, a visitor appears unannounced in the office of the director. An investigation shows that visitors passes grant the same access as the passes of the company's staff. Which kind of security measure could have prevented this?

Aphysical security measure

BAn organizational security measure

CA technical security measure

Answer : A

Question 4

Logging in to a computer system is an access-granting process consisting of three steps: identification, authentication and authorization. What occurs during the first step of this process: identification?

AThe first step consists of checking if the user is using the correct certificate.

BThe first step consists of checking if the user appears on the list of authorized users.

CThe first step consists of comparing the password with the registered password.

DThe first step consists of granting access to the information to which the user is authorized.

Answer : B

Question 5

ISO 27002 provides guidance in the following area

APCI environment scoping

BInformation handling recommendations

CFramework for an overall security and compliance program

DDetailed lists of required policies and procedures

Answer : C

Question 6

Select the controls that correspond to the domain "9. ACCESS CONTROL" of ISO / 27002 (Choose three)

ARestriction of access to information

BReturn of assets

CManagement of access rights with special privileges

DWithdrawal or adaptation of access rights

Answer : A, B, D

Question 7

What is the ISO / IEC 27002 standard?

AIt is a guide of good practices that describes the control objectives and recommended controls regarding information security.

BIt is a guide that focuses on the critical aspects necessary for the successful design and implementation of an ISMS in accordance with ISO / IEC 27001

CIt is a guide for the development and use of applicable metrics and measurement techniques to determine the effectiveness of an ISMS and the controls or groups of controls implemented according to ISO / IEC 27001.

Answer : A

GAQM ISO / IEC 27002 - Lead Implementer Exam Practice Test