ISO-IEC-27001-LEAD-AUDITOR Exam Questions

Which one of the following conclusions in the audit report is not required by the certification body when deciding to grant certification?

You are performing an ISMS audit at a residential nursing home called ABC that provides healthcare services. You find all nursing home residents wear an electronic wristband for mo...

You are an experienced audit team leader guiding an auditor in training. Your team is currently conducting a third-party surveillance audit of an organisation that stores data on b...

You are an experienced audit team leader guiding an auditor in training. Your team is currently conducting a third-party surveillance audit of an organisation that stores data on b...

The data centre at which you work is currently seeking ISO/IEC27001:2022 certification. In preparation for your initial certification visit, several internal audits have been carri...

You are performing an ISMS audit at a residential nursing home that provides healthcare services. The next step in your audit plan is to verify the information security incident ma...

You are an experience ISMS audit team leader carrying out a third-party certification audit of an organization specialising in the secure disposal of confidential documents and rem...

You are performing an ISMS audit at a residential nursing home that provides healthcare services. The next step in your audit plan is to verify the information security of the busi...

You are conducting an Information Security Management System audit in the despatch department of an international logistics organisation that provides shipping services to large or...

Select the option which best describes how Information Security Management System audits should be conducted:

The purpose of a management system audit is to?

When preparing for an audit, which of the following statements is false?

You are an ISMS auditor conducting a third-party surveillance audit of a telecom's provider. You are in the equipment staging room where network switches are pre-programmed before...

You are carrying out your first third-party ISMS surveillance audit as an audit team leader. You are presently in the auditee's data centre with another member of your audit team a...

You are an experienced ISMS auditor conducting a third-party surveillance audit at an organisation which offers ICT reclamation services. ICT equipment which companies no longer re...

You are an experienced ISMS audit team leader. You are currently conducting a third-party surveillance audit of an international haulage organisation. You have sampled four interna...

As the Information Security Management System audit team leader, you are conducting a second- party audit of an international logistics company on behalf of an online retailer. Dur...

Scenario 1: Fintive is a distinguished security provider for online payments and protection solutions. Founded in 1999 by Thomas Fin in San Jose, California, Fintive offers service...

Scenario 1: Fintive is a distinguished security provider for online payments and protection solutions. Founded in 1999 by Thomas Fin in San Jose, California, Fintive offers service...

Scenario 1: Fintive is a distinguished security provider for online payments and protection solutions. Founded in 1999 by Thomas Fin in San Jose, California, Fintive offers service...

Scenario 1: Fintive is a distinguished security provider for online payments and protection solutions. Founded in 1999 by Thomas Fin in San Jose, California, Fintive offers service...

Scenario 1: Fintive is a distinguished security provider for online payments and protection solutions. Founded in 1999 by Thomas Fin in San Jose, California, Fintive offers service...

Which situation presented below represents a threat?

An organization does not check the source code of the updated version of an application when it is updated automatically. Thus, the application may be open to unauthorized modifica...

A telecommunications company uses the AES method for ensuring that confidential information is protected. This means that they use a single key to encrypt and decrypt the informati...

You received an email requiring you to send information such as name, email, and password in order to continue using your email account. If you do not send such information, your e...

Which statement below best describes the relationship between information security aspects?

Which of the options below is a control related to the management of personnel that aims to avoid the occurrence of incidents?

A data processing tool crashed when a user added more data in the buffer than its storage capacity allows. The incident was caused by the tool's inability to bound check arrays. Wh...

PayBell, a finance corporation, is using an accounting software to track financial transactions. The software can be accessed from anywhere with an internet connection. It also ena...

Scenario 2: Knight is an electronics company from Northern California, US that develops video game consoles. Knight has more than 300 employees worldwide. On the fifth anniversary...

Scenario 2: Knight is an electronics company from Northern California, US that develops video game consoles. Knight has more than 300 employees worldwide. On the fifth anniversary...

Scenario 2: Knight is an electronics company from Northern California, US that develops video game consoles. Knight has more than 300 employees worldwide. On the fifth anniversary...

Scenario 2: Knight is an electronics company from Northern California, US that develops video game consoles. Knight has more than 300 employees worldwide. On the fifth anniversary...

Scenario 2: Knight is an electronics company from Northern California, US that develops video game consoles. Knight has more than 300 employees worldwide. On the fifth anniversary...

A marketing agency has developed its own risk assessment approach as part of the ISMS implementation. Is this acceptable?

ISMS (1)---------------helps determine (2)--------------.

Which option below about the ISMS scope is correct?

Scenario 3: NightCore is a multinational technology company based in the United States that focuses on e-commerce, cloud computing, digital streaming, and artificial intelligence....

Scenario 3: NightCore is a multinational technology company based in the United States that focuses on e-commerce, cloud computing, digital streaming, and artificial intelligence....

Scenario 3: NightCore is a multinational technology company based in the United States that focuses on e-commerce, cloud computing, digital streaming, and artificial intelligence....

Scenario 3: NightCore is a multinational technology company based in the United States that focuses on e-commerce, cloud computing, digital streaming, and artificial intelligence....

Scenario 3: NightCore is a multinational technology company based in the United States that focuses on e-commerce, cloud computing, digital streaming, and artificial intelligence....

Scenario 4: SendPay is a financial company that provides its services through a network of agents and financial institutions. One of their main services is transferring money world...

Scenario 4: SendPay is a financial company that provides its services through a network of agents and financial institutions. One of their main services is transferring money world...

Scenario 4: SendPay is a financial company that provides its services through a network of agents and financial institutions. One of their main services is transferring money world...

Scenario 4: SendPay is a financial company that provides its services through a network of agents and financial institutions. One of their main services is transferring money world...

Scenario 4: SendPay is a financial company that provides its services through a network of agents and financial institutions. One of their main services is transferring money world...

Which is an example of a qualitative evidence?

Finnco, a subsidiary of a certification body, provided ISMS consultancy services to an organization. Considering this scenario, when can the certification body certify the organiza...