PECB
LEAD-AUDITOR · Question #155
LEAD-AUDITOR Question #155: Real Exam Question with Answer & Explanation
Sign in or unlock LEAD-AUDITOR to reveal the answer and full explanation for question #155. The question stem and answer options stay visible for context.
Question
You are an experienced ISMS auditor conducting a third-party surveillance audit at an organisation which offers ICT reclamation services. ICT equipment which companies no longer require is processed by the organisation. It is either recommissioned and reused or is securely destroyed. You notice two servers on a bench in the corner of the room. Both have stickers on them with the server's name, IP address and admin password. You ask the ICT Manager about them, and he tells you they were part of a shipment received yesterday from a regular customer. Which one action should you take?
Options
- AAsk the auditee to remove the labels, then carry on with the audit
- BAsk the ICT Manager to record an information security incident and initiate the information security
- CNote the audit finding and check the process for dealing with incoming shipments relating to
- DRaise a nonconformity against control 5.31 'Legal, staturary, regulatory and contractual
- ERaise a nonconformity against control 8.20 'network security' (networks and network devices shall
- FRecord what you have seen in your audit findings, but take no further action
Unlock LEAD-AUDITOR to see the answer
You've previewed enough free LEAD-AUDITOR questions. Unlock LEAD-AUDITOR for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.