New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Helping Hand Questions for ISO-IEC-27001-Lead-Auditor

PECB Certified ISO/IEC 27001 2022 Lead Auditor exam Questions and Answers

Question 13

Below is Purpose of "Integrity", which is one of the Basic Components of Information Security

Options:

A.

the property that information is not made available or disclosed to unauthorized individuals

B.

the property of safeguarding the accuracy and completeness of assets.

C.

the property that information is not made available or disclosed to unauthorized individuals

D.

the property of being accessible and usable upon demand by an authorized entity.

Question 14

Which two of the following standards are used as ISMS third-party certification audit criteria?

Options:

A.

ISO/IEC 27002

B.

ISO/IEC 20000-1

C.

ISO 19011

D.

ISO/IEC 27001

E.

Relavent legal, statutory, and regulatory requirements

F.

ISO/IEC 17021-1

Question 15

Which two of the following are examples of audit methods that 'do not' involve human interaction?

Options:

A.

Conducting an interview using a teleconferencing platform

B.

Performing a review of auditees procedures in preparation for an audit

C.

Reviewing the auditee's response to an audit finding

D.

Analysing data by remotely accessing the auditee's server

E.

Observing work performed by remote surveillance

F.

Confirming the date and time of the audit

Question 16

You are an experienced audit team leader guiding an auditor in training.

Your team is currently conducting a third-party surveillance audit of an organisation that stores data on behalf of external clients. The auditor in training has been tasked with reviewing the ORGANISATIONAL controls listed in the Statement of Applicability (SoA) and implemented at the site.

Select four controls from the following that would you expect the auditor in training to review.

Options:

A.

Access to and from the loading bay

B.

Confidentiality and nondisclosure agreements

C.

How information security has been addressed within supplier agreements

D.

How power and data cables enter the building

E.

Rules for transferring information within the organisation and to other organisations

F.

The development and maintenance of an information asset inventory

G.

The operation of the site CCTV and door control systems