PECB ISO-IEC-27001-Lead-Implementer Exam Practice Test Instant Access

Question 1

What should an organization demonstrate through documentation?

AThat the complexity of processes and their interactions is documented

BThat the distribution of paper copies is regularly complete

CThat Its security controls are implemented based on risk scenarios

Answer : C

Question 2

Following a repotted event, an Information security event ticket has been completed and its priority has been assigned. Then, the event has been evaluated to determine If it is an information security incident, which phase of the incident management has been completed?

Ainitial assessment and decision

BDetection and reporting

CEvaluation and confirmation

Answer : C

Question 3

Which situation described in scenario 7 Indicates that Texas H&H Inc. implemented a detective control?

ATexas H&H Inc. integrated the incident management policy in Its information security policy

BTexas H&H Inc. tested its system for malicious activity and checked cloud based email settings

CTexas H&H Inc. hired an expert to conduct a forensic analysis

Answer : C

Question 4

Based on scenario 7. what else should Texas H&H Inc. do when responding to the incident?

ADecide to stop using cloud services in order to eliminate the risk of similar incidents happening in the future

BRecord and document the incident which serves as input for future corrective actions

CCommunicate the updated Information security policy only to the top management of the company

Answer : B

Question 5

According to scenario 7, the team prevented a potential attack based on knowledge gained from previous incidents. Is this acceptable?

ANo, before responding to an information security incident, an information security incident management policy must be established

BNo, every information security incident is different, hence knowledge gained from previous incidents cannot prevent potential attacks

CYes, in the absence of an information security incident management policy, lessons learned can be applied

Answer : C

Question 6

Texas H&H Inc. decided to assign an internal expert for their forensic analysis. Is this acceptable? Refer lo scenario 7.

AYes. forensic analysis can be done by cither an internal or external expert

BYes. hiring an external expert for forensic analysis Is a requirement of the standard

CNo. the company's forensic analysis should be based on the conclusion of Its cloud storage provide investigation

Answer : A

Question 7

Once they made sure that the attackers do not have access in their system, the security administrators decided to proceed with the forensic analysis. They concluded that their access security system was not designed tor threat detection, including the detection of malicious files which could be the cause of possible future attacks.

Based on these findings. Texas H$H inc, decided to modify its access security system to avoid future incidents and integrate an incident management policy in their Information security policy that could serve as guidance for employees on how to respond to similar incidents.

Based on the scenario above, answer the following question:

Texas M&H Inc. decided to integrate the incident management policy to the existent information security policy. How do you define this situation?

AAcceptable, the incident management policy may be integrated into the overall information security policy of the organization

BAcceptable, but only if the incident management policy addresses environmental, or health and safety issues

CUnacceptable, the incident management policy should be drafted as a separate document in order to be clear and effective

Answer : A

PECB ISO/IEC 27001 Lead Implementer Exam Practice Test