nerdexam
PECB

LEAD-AUDITOR · Question #84

LEAD-AUDITOR Question #84: Real Exam Question with Answer & Explanation

The correct answer is E. Raise an opportunity for improvement suggesting cabinet doors are locked whenever clients leave F. Review the CCTV records to ensure that only the client has accessed the cabinet since it was last H. With the permission of the guide, speak to the customer to confirm that they are in the process of. Leaving the cabinet unlocked while the technician is on a lunch break exposes the client's equipment and data to potential physical security risks, such as theft, damage, or tampering. This is a violation of the ISO/IEC 27001:2022 requirements for physical entry (control 7.2) and

Question

You are a certification body auditor, conducting a surveillance audit to ISO/IEC 27001:2022 of a data centre operated by a client who provides hosting services for ICT facilities. You and your guide are currently in one of the private suites that the client rents out to customers. Access to each suite is controlled using a combination lock. CCTV is also installed in every suite. Within each suite are three data cabinets in which the client can locate mission-critical servers and other items of networking equipment such as switches and routers. You notice that whilst two of the cabinets in your suite are locked, the third is unlocked. You ask the guide why. They reply "This is because the client is currently swapping out a hard drive unit. Their technician is currently on a lunch break". What three actions should you undertake next?

Options

  • ADo nothing, the room appears adequately protected so it is unlikely that a security incident has
  • BRaise a nonconformity against control 5.16 'identity management' as it may not be possible to
  • CRaise a nonconformity against control 7.2 'physical entry' as the area where the client's equipment
  • DRaise a nonconformity against control 7.4 'physical security monitoring' as the private suite is not
  • ERaise an opportunity for improvement suggesting cabinet doors are locked whenever clients leave
  • FReview the CCTV records to ensure that only the client has accessed the cabinet since it was last
  • GWhen the technician returns from lunch, reprimand them for leaving the cabinet open.
  • HWith the permission of the guide, speak to the customer to confirm that they are in the process of

Explanation

Leaving the cabinet unlocked while the technician is on a lunch break exposes the client's equipment and data to potential physical security risks, such as theft, damage, or tampering. This is a violation of the ISO/IEC 27001:2022 requirements for physical entry (control 7.2) and physical security monitoring (control 7.4), which aim to prevent unauthorized access to information processing facilities and assets. Therefore, the appropriate actions for the auditor are: Raise an opportunity for improvement (OFI) suggesting that the cabinet doors are locked whenever clients leave their suites, even if they intend to return within a short time. This would enhance the security of the client's equipment and data, and reduce the likelihood of security incidents. Review the CCTV records to ensure that only the client has accessed the cabinet since it was last confirmed as locked. This would verify the integrity and availability of the client's equipment and data, and identify any possible unauthorized access or interference. With the permission of the guide, speak to the customer to confirm that they are in the process of swapping out a drive. This would validate the reason for leaving the cabinet unlocked, and assess the impact and risk of the activity on the client's information security.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full LEAD-AUDITOR Practice