GAQM ISO27-13-001 Exam Practice Test Instant Access

Question 1

Which of the following is an information security management system standard published by the International Organization for Standardization?

AISO9008

BISO27001

CISO5501

DISO22301

Answer : B

Question 2

Below is Purpose of "Integrity", which is one of the Basic Components of Information Security

Athe property that information is not made available or disclosed to unauthorized individuals

Bthe property of safeguarding the accuracy and completeness of assets.

Cthe property that information is not made available or disclosed to unauthorized individuals

Dthe property of being accessible and usable upon demand by an authorized entity.

Answer : B

Question 3

A well-executed risk analysis provides a great deal of useful information. A risk analysis has four main objectives.

What is not one of the four main objectives of a risk analysis?

AIdentifying assets and their value

BImplementing counter measures

CEstablishing a balance between the costs of an incident and the costs of a security measure

DDetermining relevant vulnerabilities and threats

Answer : B

Question 4

Which of the following is a preventive security measure?

AInstalling logging and monitoring software

BShutting down the Internet connection after an attack

CStoring sensitive information in a data save

Answer : C

Question 5

After a fire has occurred, what repressive measure can be taken?

AExtinguishing the fire after the fire alarm sounds

BBuying in a proper fire insurance policy

CRepairing all systems after the fire

Answer : A

Question 6

Which of the following does a lack of adequate security controls represent?

AAsset

BVulnerability

CImpact

DThreat

Answer : B

Question 7

Why do we need to test a disaster recovery plan regularly, and keep it up to date?

AOtherwise the measures taken and the incident procedures planned may not be adequate

BOtherwise it is no longer up to date with the registration of daily occurring faults

COtherwise remotely stored backups may no longer be available to the security team

Answer : A

GAQM ISO 27001 : 2013 - Certified Lead Auditor ISO27-13-001 Exam Practice Test