Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

GAQM ISO27-13-001 - ISO 27001 : 2013 - Certified Lead Auditor

GAQM ISO27-13-001 Premium Access     Download Demo    
Page: 3 / 3
Total 100 questions

What is the goal of classification of information?

A.

To create a manual about how to handle mobile devices

B.

Applying labels making the information easier to recognize

C.

Structuring information according to its sensitivity

As a new member of the IT department you have noticed that confidential information has been leaked several times. This may damage the reputation of the company. You have been asked to propose an

organisational measure to protect laptop computers. What is the first step in a structured approach to come up with this measure?

A.

Appoint security staff

B.

Encrypt all sensitive information

C.

Formulate a policy

D.

Set up an access control procedure

In acceptable use of Information Assets, which is the best practice?

A.

Access to information and communication systems are provided for business purpose only

B.

Interfering with or denying service to any user other than the employee's host

C.

Playing any computer games during office hours

D.

Accessing phone or network transmissions, including wireless or wifi transmissions

A hacker gains access to a webserver and can view a file on the server containing credit card numbers.

Which of the Confidentiality, Integrity, Availability (CIA) principles of the credit card file are violated?

A.

Availability

B.

Confidentiality

C.

Integrity

D.

Compliance

A property of Information that has the ability to prove occurrence of a claimed event.

A.

Electronic chain letters

B.

Integrity

C.

Availability

D.

Accessibility

The following are definitions of Information, except:

A.

accurate and timely data

B.

specific and organized data for a purpose

C.

mature and measurable data

D.

can lead to understanding and decrease in uncertainty

What is the purpose of an Information Security policy?

A.

An information security policy makes the security plan concrete by providing the necessary details

B.

An information security policy provides insight into threats and the possible consequences

C.

An information security policy provides direction and support to the management regarding information security

D.

An information security policy documents the analysis of risks and the search for countermeasures

There is a scheduled fire drill in your facility. What should you do?

A.

Participate in the drill

B.

Excuse yourself by saying you have an urgent deliverable

C.

Call in sick

D.

None of the above

Access Control System, CCTV and security guards are form of:

A.

Environment Security

B.

Access Control

C.

Physical Security

D.

Compliance

There was a fire in a branch of the company Midwest Insurance. The fire department quickly arrived at the scene and could extinguish the fire before it spread and burned down the entire premises. The server, however, was destroyed in the fire. The backup tapes kept in another room had melted and many other documents were lost for good.

What is an example of the indirect damage caused by this fire?

A.

Melted backup tapes

B.

Burned computer systems

C.

Burned documents

D.

Water damage due to the fire extinguishers