PECB
LEAD-AUDITOR · Question #39
LEAD-AUDITOR Question #39: Real Exam Question with Answer & Explanation
Sign in or unlock LEAD-AUDITOR to reveal the answer and full explanation for question #39. The question stem and answer options stay visible for context.
Question
You are performing an ISMS audit at a nursing home where residents always wear an electronic wristband for monitoring their location, heartbeat, and blood pressure. The wristband automatically uploads this data to a cloud server for healthcare monitoring and analysis by staff. You now wish to verify that the information security policy and objectives have been established by top management. You are sampling the mobile device policy and identify a security objective of this policy is "to ensure the security of teleworking and use of mobile devices" The policy states the following controls will be applied in order to achieve this. Personal mobile devices are prohibited from connecting to the nursing home network, processing, and storing residents' data. The company's mobile devices within the ISMS scope shall be registered in the asset register. The company's mobile devices shall implement or enable physical protection, i.e., pin-code protected screen lock/unlock, facial or fingerprint to unlock the device. The company's mobile devices shall have a regular backup. To verify that the mobile device policy and objectives are implemented and effective, select three options for your audit trail.
Options
- AInterview the reception personnel to make sure all visitor and employee bags are checked before
- BReview visitors' register book to make sure no visitor can have their personal mobile phone in the
- CReview the internal audit report to make sure the IT department has been audited
- DReview the asset register to make sure all personal mobile devices are registered
- ESampling some mobile devices from on-duty medical staff and validate the mobile device
- FReview the asset register to make sure all company's mobile devices are registered
- GInterview the supplier of the devices to make sure they are aware of the ISMS policy
- HInterview top management to verify their involvement in establishing the information security policy
Unlock LEAD-AUDITOR to see the answer
You've previewed enough free LEAD-AUDITOR questions. Unlock LEAD-AUDITOR for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.