PECB
ISO-IEC-27001-LEAD-AUDITOR · Question #112
ISO-IEC-27001-LEAD-AUDITOR Question #112: Real Exam Question with Answer & Explanation
Sign in or unlock ISO-IEC-27001-LEAD-AUDITOR to reveal the answer and full explanation for question #112. The question stem and answer options stay visible for context.
Question
You are a certification body auditor, conducting a surveillance audit to ISO/IEC 27001:2022 of a data centre operated by a client who provides hosting services for ICT facilities. You and your guide are currently in one of the private suites that the client rents out to customers. Access to each suite is controlled using a combination lock. CCTV is also installed in every suite. Within each suite are three data cabinets in which the client can locate mission-critical servers and other items of networking equipment such as switches and routers. You notice that whilst two of the cabinets in your suite are locked, the third is unlocked. You ask the guide why. They reply "This is because the client is currently swapping out a hard drive unit. Their technician is currently on a lunch break". What three actions should you undertake next?
Options
- ADo nothing, the room appears adequately protected so it is unlikely that a security incident has
- BRaise a nonconformity against control 5.16 'identity management' as it may not be possible to
- CRaise a nonconformity against control 7.2 'physical entry' as the area where the client's
- DRaise a nonconformity against control 7.4 'physical security monitoring' as the private suite is not
- ERaise an opportunity for improvement suggesting cabinet doors are locked whenever clients
- FReview the CCTV records to ensure that only the client has accessed the cabinet since it was last
- GWhen the technician returns from lunch, reprimand them for leaving the cabinet open.
- HWith the permission of the guide, speak to the customer to confirm that they are in the process of
Unlock ISO-IEC-27001-LEAD-AUDITOR to see the answer
You've previewed enough free ISO-IEC-27001-LEAD-AUDITOR questions. Unlock ISO-IEC-27001-LEAD-AUDITOR for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.