New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

PECB ISO-IEC-27001-Lead-Auditor Actual Questions

Page: 8 / 20
Question 32

You are carrying out your first third-party ISMS surveillance audit as an Audit Team Leader. You are presently in the auditee's data centre with another member of your audit team.

You are currently in a large room that is subdivided into several smaller rooms, each of which has a numeric combination lock and swipe card reader on the door. You notice two external contractors using a swipe card and combination number provided by the centre's reception desk to gain access to a client's suite to carry out authorised electrical repairs.

You go to reception and ask to see the door access record for the client's suite. This indicates only one card was swiped. You ask the receptionist and they reply, "yes it's a common problem. We ask everyone to swipe their cards but with contractors especially, one tends to swipe and the rest simply 'tailgate' their way in" but we know who they are from the reception sign-in.

Based on the scenario above which one of the following actions would you now take?

Options:

A.

Take no action. Irrespective of any recommendations, contractors will always act in this way

B.

Raise a nonconformity against control A.5.20 'addressing information security in supplier relationships' as information security requirements have not been agreed upon with the supplier

C.

Raise a nonconformity against control A.7.6 'working in secure areas' as security measures for working in secure areas have not been defined

D.

Determine whether any additional effective arrangements are in place to verify individual access to secure areas e.g. CCTV

E.

Raise an opportunity for improvement that contractors must be accompanied at all times when accessing secure facilities

F.

Raise an opportunity for improvement to have a large sign in reception reminding everyone requiring access must use their swipe card at all times

G.

Raise a nonconformity against control A.7.2 'physical entry' as a secure area is not adequately protected

Question 33

You are performing an ISMS audit at a residential nursing home that provides healthcare services. The next step in your audit plan is to verify the information security incident management process. The IT Security Manager presents the information security incident management procedure and explains that the process is based on ISO/IEC 27035-1:2016.

You review the document and notice a statement "any information security weakness, event, and incident should be reported to the Point of Contact (PoC) within 1 hour after identification". When interviewing staff, you found that there were differences in the understanding of the meaning of "weakness, event, and incident".

You sample incident report records from the event tracking system for the last 6 months with summarized results in the following table.

You would like to further investigate other areas to collect more audit evidence. Select two options that will not be in your audit trail.

Options:

A.

Collect more evidence on how and when the Human Resources manager pays the ransom fee to unlock personal mobile data, i.e., credit card, and bank transfer. (Relevant to control A.5.26)

B.

Collect more evidence on what the service requirements of healthcare monitoring are. (Relevant to clause 4.2)

C.

Collect more evidence on how the organization determined no further action was needed after the incident. (Relevant to control A.5.26)

D.

Collect more evidence on how the organisation determined the incident recovery time. (Relevant to control A.5.27)

E.

Collect more evidence on the incident recovery procedures. (Relevant to control A.5.26)

F.

Collect more evidence by interviewing more staff about their understanding of the reporting process. (Relevant to control A.6.8)

G.

Collect more evidence on how and when the company pays the ransom fee to unlock the company's mobile phone and data, i.e., credit card, and bank transfer. (Relevant to control A.5.26)

Question 34

You are an experienced ISMS audit team leader providing instruction to an auditor in training. They are unclear in their understanding of risk processes and ask you to provide them with an example of each of the processes detailed below.

Match each of the descriptions provided to one of the following risk management processes.

To complete the table click on the blank section you want to complete so that it is highlighted in red, and then click on the applicable text from the options below. Alternatively, you may drag and drop each option to the appropriate blank section.

Options:

Question 35

You received an email requiring you to send information such as name, email, and password in order to continue using your email account. If you do not send such

information, your email account will be disabled. What does this scenario present?

Options:

A.

A personnel type of vulnerability

B.

An unauthorized action type of threat

C.

A compromise of information type of threat

Page: 8 / 20
Exam Name: PECB Certified ISO/IEC 27001 2022 Lead Auditor exam
Last Update: Dec 22, 2024
Questions: 289
ISO-IEC-27001-Lead-Auditor pdf

ISO-IEC-27001-Lead-Auditor PDF

$25.5  $84.99
ISO-IEC-27001-Lead-Auditor Engine

ISO-IEC-27001-Lead-Auditor Testing Engine

$28.5  $94.99
ISO-IEC-27001-Lead-Auditor PDF + Engine

ISO-IEC-27001-Lead-Auditor PDF + Testing Engine

$40.5  $134.99