[Q47-Q71] Pass Your ISO 27001 ISO-IEC-27001-Lead-Implementer Exam Easily with Accurate PDF Questions [Jul 12, 2024]

Pass Your ISO 27001 ISO-IEC-27001-Lead-Implementer Exam Easily with Accurate PDF Questions [Jul 12, 2024]

ISO-IEC-27001-Lead-Implementer Certification Exam Dumps Questions in here

NEW QUESTION # 47
What do employees need to know to report a security incident?

• A. Who is responsible for the incident and whether it was intentional.
• B. Whether the incident has occurred before and what was the resulting damage.
• C. The measures that should have been taken to prevent the incident in the first place.
• D. How to report an incident and to whom.

Answer: D

NEW QUESTION # 48
Who is authorized to change the classification of a document?

• A. The author of the document
• B. The manager of the owner of the document
• C. The administrator of the document
• D. The owner of the document

Answer: D

NEW QUESTION # 49
An organization has decided to conduct information security awareness and training sessions on a monthly basis for all employees. Only 45% of employees who attended these sessions were able to pass the exam.
What does the percentage represent?

• A. Measurement objective
• B. Attribute
• C. Performance indicator

Answer: C

NEW QUESTION # 50
A company moves into a new building. A few weeks after the move, a visitor appears unannounced in the office of the director. An investigation shows that visitors passes grant the same access as the passes of the company's staff. Which kind of security measure could have prevented this?

• A. An organizational security measure
• B. A technical security measure
• C. physical security measure

Answer: C

NEW QUESTION # 51
An organization has implemented a control that enables the company to manage storage media through their life cycle of use. acquisition, transportation and disposal. Which control category does this control belong to?

• A. Technological
• B. Organizational
• C. Physical

Answer: C

Explanation:
According to ISO/IEC 27001:2022, the control that enables the organization to manage storage media through their life cycle of use, acquisition, transportation and disposal belongs to the category of physical and environmental security. This category covers the controls that prevent unauthorized physical access, damage and interference to the organization's information and information processing facilities. The specific control objective for this control is A.11.2.7 Secure disposal or reuse of equipment1, which states that "equipment containing storage media shall be checked to ensure that any sensitive data and licensed software has been removed or securely overwritten prior to disposal or reuse."2 References:
* ISO/IEC 27001:2022, Annex A
* ISO/IEC 27002:2022, clause 11.2.7

NEW QUESTION # 52
Scenario 7: InfoSec is a multinational corporation headquartered in Boston, MA, which provides professional electronics, gaming, and entertainment services. After facing numerous information security incidents, InfoSec has decided to establish teams and implement measures to prevent potential incidents in the future Emma, Bob. and Anna were hired as the new members of InfoSec's information security team, which consists of a security architecture team, an incident response team (IRT) and a forensics team Emma's job is to create information security plans, policies, protocols, and training to prepare InfoSec to respond to incidents effectively Emma and Bob would be full-time employees of InfoSec, whereas Anna was contracted as an external consultant.
Bob, a network expert, will deploy a screened subnet network architecture This architecture will isolate the demilitarized zone (OMZ) to which hosted public services are attached and InfoSec's publicly accessible resources from their private network Thus, InfoSec will be able to block potential attackers from causing unwanted events inside the company's network. Bob is also responsible for ensuring that a thorough evaluation of the nature of an unexpected event is conducted, including the details on how the event happened and what or whom it might affect.
Anna will create records of the data, reviews, analysis, and reports in order to keep evidence for the purpose of disciplinary and legal action, and use them to prevent future incidents. To do the work accordingly, she should be aware of the company's information security incident management policy beforehand Among others, this policy specifies the type of records to be created, the place where they should be kept, and the format and content that specific record types should have.
Why did InfoSec establish an IRT? Refer to scenario 7.

• A. To assess, respond to, and learn from information security incidents
• B. To comply with the ISO/IEC 27001 requirements related to incident management
• C. To collect, preserve, and analyze the information security incidents

Answer: A

Explanation:
Explanation
Based on his tasks, Bob is part of the incident response team (IRT) of InfoSec. According to the ISO/IEC
27001:2022 standard, an IRT is a group of individuals who are responsible for responding to information security incidents in a timely and effective manner. The IRT should have the authority, skills, and resources to perform the following activities:
Identify and analyze information security incidents and their impact
Contain, eradicate, and recover from information security incidents
Communicate with relevant stakeholders and authorities
Document and report on information security incidents and their outcomes Review and improve the information security incident management process and controls Bob's job is to deploy a network architecture that can prevent potential attackers from accessing InfoSec's private network, and to conduct a thorough evaluation of the nature and impact of any unexpected events that might occur. These tasks are aligned with the objectives and responsibilities of an IRT, as defined by the ISO/IEC 27001:2022 standard.
References:
ISO/IEC 27001:2022, Information technology - Security techniques - Information security management systems - Requirements, Clause 10.2, Information security incident management ISO/IEC 27035-1:2023, Information technology - Information security incident management - Part
1: Principles of incident management
ISO/IEC 27035-2:2023, Information technology - Information security incident management - Part
2: Guidelines to plan and prepare for incident response
PECB, ISO/IEC 27001 Lead Implementer Course, Module 10, Information security incident management

NEW QUESTION # 53
Of the following, which is the best organization or set of organizations to contribute to compliance?

• A. IT,business management, HR and legal
• B. IT and management
• C. IT only
• D. IT and legal

Answer: A

NEW QUESTION # 54
Scenario 3: Socket Inc is a telecommunications company offering mainly wireless products and services. It uses MongoDB. a document model database that offers high availability, scalability, and flexibility.
Last month, Socket Inc. reported an information security incident. A group of hackers compromised its MongoDB database, because the database administrators did not change its default settings, leaving it without a password and publicly accessible.
Fortunately. Socket Inc. performed regular information backups in their MongoDB database, so no information was lost during the incident. In addition, a syslog server allowed Socket Inc. to centralize all logs in one server. The company found out that no persistent backdoor was placed and that the attack was not initiated from an employee inside the company by reviewing the event logs that record user faults and exceptions.
To prevent similar incidents in the future, Socket Inc. decided to use an access control system that grants access to authorized personnel only. The company also implemented a control in order to define and implement rules for the effective use of cryptography, including cryptographic key management, to protect the database from unauthorized access The implementation was based on all relevant agreements, legislation, and regulations, and the information classification scheme. To improve security and reduce the administrative efforts, network segregation using VPNs was proposed.
Lastly, Socket Inc. implemented a new system to maintain, collect, and analyze information related to information security threats, and integrate information security into project management.
Based on the scenario above, answer the following question:
Which security control does NOT prevent information security incidents from recurring?

• A. Segregation of networks
• B. Information backup
• C. Privileged access rights

Answer: B

Explanation:
Information backup is a corrective control that aims to restore the information in case of data loss, corruption, or deletion. It does not prevent information security incidents from recurring, but rather mitigates their impact.
The other options are preventive controls that reduce the likelihood of information security incidents by limiting the access to authorized personnel, segregating the networks, and using cryptography. These controls can help Socket Inc. avoid future attacks on its MongoDB database by addressing the vulnerabilities that were exploited by the hackers.
References:
* ISO 27001:2022 Annex A 8.13 - Information Backup1
* ISO 27001:2022 Annex A 8.1 - Access Control Policy2
* ISO 27001:2022 Annex A 8.2 - User Access Management3
* ISO 27001:2022 Annex A 8.3 - User Responsibilities4
* ISO 27001:2022 Annex A 8.4 - System and Application Access Control
* ISO 27001:2022 Annex A 8.5 - Cryptography
* ISO 27001:2022 Annex A 8.6 - Network Security Management

NEW QUESTION # 55
Which situation described in scenario 1 represents a threat to HealthGenic?

• A. HealthGenic did not train its personnel to use the software
• B. HealthGenic used a web-based medical software for storing patients' confidential information
• C. The software company modified information related to HealthGenic's patients

Answer: C

NEW QUESTION # 56
What should be used to protect data on removable media ifdata confidentiality or integrity are important considerations?

• A. backup on another removable medium
• B. logging
• C. a password
• D. cryptographic techniques

Answer: D

NEW QUESTION # 57
Scenario 2: Beauty is a cosmetics company that has recently switched to an e-commerce model, leaving the traditional retail. The top management has decided to build their own custom platform in-house and outsource the payment process to an external provider operating online payments systems that support online money transfers.
Due to this transformation of the business model, a number of security controls were implemented based on the identified threats and vulnerabilities associated to critical assets. To protect customers' information.
Beauty's employees had to sign a confidentiality agreement. In addition, the company reviewed all user access rights so that only authorized personnel can have access to sensitive files and drafted a new segregation of duties chart.
However, the transition was difficult for the IT team, who had to deal with a security incident not long after transitioning to the e commerce model. After investigating the incident, the team concluded that due to the out-of-date anti-malware software, an attacker gamed access to their files and exposed customers' information, including their names and home addresses.
The IT team decided to stop using the old anti-malware software and install a new one which would automatically remove malicious code in case of similar incidents. The new software was installed in every workstation within the company. After installing the new software, the team updated it with the latest malware definitions and enabled the automatic update feature to keep it up to date at all times. Additionally, they established an authentication process that requires a user identification and password when accessing sensitive information.
In addition, Beauty conducted a number of information security awareness sessions for the IT team and other employees that have access to confidential information in order to raise awareness on the importance of system and network security.
Based on the scenario above, answer the following question:
After investigating the incident. Beauty decided to install a new anti-malware software. What type of security control has been implemented in this case?

• A. Corrective
• B. Preventive
• C. Detective

Answer: A

Explanation:
Explanation
A corrective security control is a type of control that is implemented to restore the normal operations of a system or network after a security incident or breach has occurred. Corrective controls aim to mitigate the impact of the incident, prevent further damage, and restore the confidentiality, integrity, and availability of the information and assets affected by the incident. Examples of corrective controls include backup and recovery, disaster recovery plans, incident response teams, and anti-malware software.
In this case, Beauty decided to install a new anti-malware software after investigating the incident that exposed customers' information due to the out-of-date anti-malware software. The new anti-malware software is a corrective control because it is intended to remove the malicious code that compromised the system and prevent similar incidents from happening again. The new anti-malware software also helps to restore the trust and confidence of the customers and the reputation of the company.
References:
ISO/IEC 27001:2022 Lead Implementer Course Guide1
ISO/IEC 27001:2022 Lead Implementer Info Kit2
ISO/IEC 27001:2022 Information Security Management Systems - Requirements3 ISO/IEC 27002:2022 Code of Practice for Information Security Controls4 What are Security Controls? | IBM3 What Are Security Controls? - F54

NEW QUESTION # 58
Scenario 1: HealthGenic is a pediatric clinic that monitors the health and growth of individuals from infancy to early adulthood using a web-based medical software. The software is also used to schedule appointments, create customized medical reports, store patients' data and medical history, and communicate with all the
[^involved parties, including parents, other physicians, and the medical laboratory staff.
Last month, HealthGenic experienced a number of service interruptions due to the increased number of users accessing the software Another issue the company faced while using the software was the complicated user interface, which the untrained personnel found challenging to use.
The top management of HealthGenic immediately informed the company that had developed the software about the issue. The software company fixed the issue; however, in the process of doing so, it modified some files that comprised sensitive information related to HealthGenic's patients. The modifications that were made resulted in incomplete and incorrect medical reports and, more importantly, invaded the patients' privacy.
Based on scenario 1. what is a potential impact of the loss of integrity of information in HealthGenic?

• A. Incomplete and incorrect medical reports
• B. Service interruptions and complicated user interface
• C. Disruption of operations and performance degradation

Answer: A

Explanation:
The loss of integrity of information in HealthGenic means that the information was modified or corrupted in an unauthorized or improper way, resulting in inaccurate, incomplete, or unreliable data. This can have a serious impact on the quality and safety of the medical services provided by HealthGenic, as well as the trust and satisfaction of the patients and their families. In particular, incomplete and incorrect medical reports can lead to:
* Misdiagnosis or delayed diagnosis of the patients' conditions, which can affect their treatment and recovery.
* Prescription of wrong or inappropriate medications or dosages, which can cause adverse effects or interactions.
* Violation of the patients' privacy and confidentiality, which can expose them to identity theft, fraud, or discrimination.
* Legal liability and reputational damage for HealthGenic, which can result in lawsuits, fines, or loss of customers.
Therefore, it is essential for HealthGenic to ensure the integrity of its information by implementing appropriate security controls and measures, such as encryption, authentication, backup, audit, and incident response.
References:
* ISO/IEC 27001:2022 Lead Implementer Course Guide1
* ISO/IEC 27001:2022 Lead Implementer Info Kit2
* ISO/IEC 27001:2022 Information Security Management Systems - Requirements3
* ISO/IEC 27002:2022 Code of Practice for Information Security Controls4

NEW QUESTION # 59
A small organization that is implementing an ISMS based on ISO/lEC 27001 has decided to outsource the internal audit function to a third party. Is this acceptable?

• A. No, the organizations cannot outsource the internal audit function to a third party because during internal audit, the organization audits its own system
• B. Yes, outsourcing the internal audit function to a third party is often a better option for small organizations to demonstrate independence and impartiality
• C. No, the outsourcing of the internal audit function may compromise the independence and impartiality of the internal audit team

Answer: B

NEW QUESTION # 60
Which statement is an example of risk retention?

• A. An organization has decided to release the software even though some minor bugs have not been fixed yet
• B. An organization terminates work in the construction site during a severe storm
• C. An organization has implemented a data loss protection software

Answer: A

Explanation:
According to ISO/IEC 27001 : 2022 Lead Implementer, risk retention is one of the four risk treatment options that an organization can choose to deal with unacceptable risks. Risk retention means that the organization accepts the risk without taking any action to reduce its likelihood or impact. It applies to risks that are either too costly or impractical to address, or that have a low probability or impact. Therefore, an example of risk retention is when an organization decides to release the software even though some minor bugs have not been fixed yet. This implies that the organization has assessed the risk of releasing the software with bugs and has determined that it is acceptable, either because the bugs are not critical or because the cost of fixing them would outweigh the benefits.
References:
* ISO/IEC 27001 : 2022 Lead Implementer Study guide and documents, section 8.3.2 Risk treatment
* ISO/IEC 27001 : 2022 Lead Implementer Info Kit, page 14, Risk management process
* 3, ISO 27001: Top risk treatment options and controls explained

NEW QUESTION # 61
What should an organization allocate to ensure the maintenance and improvement of the information security management system?

• A. Sufficient resources, such as the budget, qualified personnel, and required tools
• B. The documented information required by ISO/IEC 27001
• C. The appropriate transfer to operations

Answer: A

Explanation:
Explanation
According to ISO/IEC 27001:2022, clause 10.2.2, the organization shall define and apply an information security incident management process that includes the following activities:
reporting information security events and weaknesses;
assessing information security events and classifying them as information security incidents; responding to information security incidents according to their classification; learning from information security incidents, including identifying causes, taking corrective actions and preventive actions, and communicating the results and actions taken; collecting evidence, where applicable.
The standard does not specify who should perform these activities, as long as they are done in a consistent and effective manner. Therefore, the organization may choose to conduct forensic investigation internally or by using external consultants, depending on its needs, resources, and capabilities. However, the organization should ensure that the external consultants are competent, trustworthy, and comply with the organization's policies and procedures.
References: ISO/IEC 27001:2022, Information security, cybersecurity and privacy protection - Information security management systems - Requirements, clause 10.2.2; PECB ISO/IEC 27001 Lead Implementer Course, Module 10: Incident Management.

NEW QUESTION # 62
Scenario 10: NetworkFuse develops, manufactures, and sells network hardware. The company has had an operational information security management system (ISMS) based on ISO/IEC 27001 requirements and a quality management system (QMS) based on ISO 9001 for approximately two years. Recently, it has applied for a j^ombined certification audit in order to obtain certification against ISO/IEC 27001 and ISO 9001.
After selecting the certification body, NetworkFuse prepared the employees for the audit The company decided to not conduct a self-evaluation before the audit since, according to the top management, it was not necessary. In addition, it ensured the availability of documented information, including internal audit reports and management reviews, technologies in place, and the general operations of the ISMS and the QMS.
However, the company requested from the certification body that the documentation could not be carried off-site However, the audit was not performed within the scheduled days because NetworkFuse rejected the audit team leader assigned and requested their replacement The company asserted that the same audit team leader issued a recommendation for certification to its main competitor, which, for the company's top management, was a potential conflict of interest. The request was not accepted by the certification body Based on the scenario above, answer the following question:
Does NetworkFuse fulfill the prerequisites for a certification audit?

• A. Yes, because internal audits and management reviews have been performed
• B. Yes, because the ISMS must be operational for at least one year prior to the certification audit
• C. Yes, because the certification body has been selected

Answer: A

Explanation:
According to ISO/IEC 27006:2015, the prerequisites for a certification audit are:
* The ISMS must be operational for a period of time that is sufficient to demonstrate its effectiveness and performance.
* The organization must have conducted at least one internal audit and one management review of the ISMS prior to the certification audit.
* The organization must provide the certification body with access to all the relevant documented information, records, personnel, and facilities related to the ISMS.
In the scenario, NetworkFuse has fulfilled these prerequisites, as it has had an operational ISMS for approximately two years, and it has performed internal audits and management reviews. Therefore, the correct answer is B.
References: ISO/IEC 27006:2015, clauses 9.1.1, 9.1.2, and 9.2.1.

NEW QUESTION # 63
Diana works as a customer service representative for a large e-commerce company. One day, she accidently modified the order details of a customer without their permission Due to this error, the customer received an incorrect product. Which information security principle was breached in this case7

• A. Integrity
• B. Confidentiality
• C. Availability

Answer: A

Explanation:
According to ISO/IEC 27001:2022, information security controls are measures that are implemented to protect the confidentiality, integrity, and availability of information assets1. Controls can be preventive, detective, or corrective, depending on their purpose and nature2. Preventive controls aim to prevent or deter the occurrence of a security incident or reduce its likelihood. Detective controls aim to detect or discover the occurrence of a security incident or its symptoms. Corrective controls aim to correct or restore the normal state of an asset or a process after a security incident or mitigate its impact2.
In this scenario, Socket Inc. implemented several security controls to prevent information security incidents from recurring, such as:
* Segregation of networks: This is a preventive and technical control that involves separating different parts of a network into smaller segments, using devices such as routers, firewalls, or VPNs, to limit the access and communication between them3. This can enhance the security and performance of the network, as well as reduce the administrative efforts and costs3.
* Privileged access rights: This is a preventive and administrative control that involves granting access to information assets or systems only to authorized personnel who have a legitimate need to access them, based on their roles and responsibilities4. This can reduce the risk of unauthorized access, misuse, or modification of information assets or systems4.
* Cryptographic controls: This is a preventive and technical control that involves the use of cryptography, which is the science of protecting information by transforming it into an unreadable format, to protect the confidentiality, integrity, and authenticity of information assets or systems. This can prevent unauthorized access, modification, or disclosure of information assets or systems.
* Information security threat management: This is a preventive and administrative control that involves
* the identification, analysis, and response to information security threats, which are any incidents that could negatively affect the confidentiality, integrity, or availability of information assets or systems.
This can help the organization to anticipate, prevent, or mitigate the impact of information security threats.
* Information security integration into project management: This is a preventive and administrative control that involves the incorporation of information security requirements and controls into the planning, execution, and closure of projects, which are temporary endeavors undertaken to create a unique product, service, or result. This can ensure that information security risks and opportunities are identified and addressed throughout the project life cycle.
However, information backup is not a preventive control, but a corrective control. Information backup is a corrective and technical control that involves the creation and maintenance of copies of information assets or systems, using dedicated software and utilities, to ensure that they can be recovered in case of data loss, corruption, accidental deletion, or cyber incidents. This can help the organization to restore the normal state of information assets or systems after a security incident or mitigate its impact. Therefore,information backup does not prevent information security incidents from recurring, but rather helps the organization to recover from them.
References:
* ISO/IEC 27001:2022 - Information security, cybersecurity and privacy protection - Information security management systems - Requirements
* ISO 27001 Key Terms - PJR
* Network Segmentation: What It Is and How It Works | Imperva
* ISO 27001:2022 Annex A 8.2 - Privileged Access Rights - ISMS.online
* [ISO 27001:2022 Annex A 8.3 - Cryptographic Controls - ISMS.online]
* [ISO 27001:2022 Annex A 5.30 - Information Security Threat Management - ISMS.online]
* [ISO 27001:2022 Annex A 5.31 - Information Security Integration into Project Management - ISMS.online]
* [ISO 27001:2022 Annex A 8.13 - Information Backup - ISMS.online]

NEW QUESTION # 64
Scenario 3: Socket Inc is a telecommunications company offering mainly wireless products and services. It uses MongoDB. a document model database that offers high availability, scalability, and flexibility.
Last month, Socket Inc. reported an information security incident. A group of hackers compromised its MongoDB database, because the database administrators did not change its default settings, leaving it without a password and publicly accessible.
Fortunately. Socket Inc. performed regular information backups in their MongoDB database, so no information was lost during the incident. In addition, a syslog server allowed Socket Inc. to centralize all logs in one server. The company found out that no persistent backdoor was placed and that the attack was not initiated from an employee inside the company by reviewing the event logs that record user faults and exceptions.
To prevent similar incidents in the future, Socket Inc. decided to use an access control system that grants access to authorized personnel only. The company also implemented a control in order to define and implement rules for the effective use of cryptography, including cryptographic key management, to protect the database from unauthorized access The implementation was based on all relevant agreements, legislation, and regulations, and the information classification scheme. To improve security and reduce the administrative efforts, network segregation using VPNs was proposed.
Lastly, Socket Inc. implemented a new system to maintain, collect, and analyze information related to information security threats, and integrate information security into project management.
Can Socket Inc. find out that no persistent backdoor was placed and that the attack was initiated from an employee inside the company by reviewing event logs that record user faults and exceptions? Refer to scenario
3.

• A. No, Socket Inc should also have reviewed event logs that record user activities
• B. No, Socket Inc. should have reviewed all the logs on the syslog server
• C. Yes. Socket Inc. can find out that no persistent backdoor was placed by only reviewing user faults and exceptions logs

Answer: A

Explanation:
Event logs are records of events that occur in a system or network, such as user actions, faults, exceptions, errors, warnings, or security incidents. They can provide valuable information for monitoring, auditing, and troubleshooting purposes. Event logs can be categorized into different types, depending on the source and nature of the events. For example, user activity logs record the actions performed by users, such as login, logout, file access, or command execution. User fault and exception logs record the errors or anomalies that occur due to user input or behavior, such as invalid data entry, unauthorized access attempts, or system crashes. In scenario 3, Socket Inc. used a syslog server to centralize all logs in one server, which is a good practice for log management. However, to find out that no persistent backdoor was placed and that the attack was not initiated from an employee inside the company, Socket Inc. should have reviewed not only the user fault and exception logs, but also the user activity logs. The user activity logs could reveal any suspicious or malicious actions performed by the hackers or the employees, such as creating, modifying, or deleting files, executing commands, or installing software. By reviewing both types of logs, Socket Inc. could have a more complete picture of the incident and its root cause. Reviewing all the logs on the syslog server might not be necessary or feasible, as some logs might be irrelevant or too voluminous to analyze.
References: ISO/IEC 27001:2022 Lead Implementer Course Content, Module 8: Performance Evaluation, Monitoring and Measurement of an ISMS based on ISO/IEC 27001:20221; ISO/IEC 27001:2022 Information Security, Cybersecurity and PrivacyProtection, Clause 9.1: Monitoring, measurement, analysis and evaluation2; ISO/IEC 27002:2022 Code of practice for information security controls, Clause 12.4: Logging and monitoring3

NEW QUESTION # 65
What is the main purpose of Annex A 7.1 Physical security perimeters of ISO/IEC 27001?

• A. To ensure access to information and other associated assets is defined and authorized
• B. To prevent unauthorized physical access, damage, and interference to the organization's information and other associated assets
• C. To maintain the confidentiality of information that is accessible by personnel or external parties

Answer: B

NEW QUESTION # 66
An organization documented each security control that it Implemented by describing their functions in detail.
Is this compliant with ISO/IEC 27001?

• A. Yes, but documenting each security control and not the process in general will make it difficult to review the documented information
• B. No, the standard requires to document only the operation of processes and controls, so no description of each security control is needed
• C. No, because the documented information should have a strict format, including the date, version number and author identification

Answer: A

NEW QUESTION # 67
Scenario 7: InfoSec is a multinational corporation headquartered in Boston, MA, which provides professional electronics, gaming, and entertainment services. After facing numerous information security incidents, InfoSec has decided to establish teams and implement measures to prevent potential incidents in the future Emma, Bob. and Anna were hired as the new members of InfoSec's information security team, which consists of a security architecture team, an incident response team (IRT) and a forensics team Emma's job is to create information security plans, policies, protocols, and training to prepare InfoSec to respond to incidents effectively Emma and Bob would be full-time employees of InfoSec, whereas Anna was contracted as an external consultant.
Bob, a network expert, will deploy a screened subnet network architecture This architecture will isolate the demilitarized zone (OMZ) to which hosted public services are attached and InfoSec's publicly accessible resources from their private network Thus, InfoSec will be able to block potential attackers from causing unwanted events inside the company's network. Bob is also responsible for ensuring that a thorough evaluation of the nature of an unexpected event is conducted, including the details on how the event happened and what or whom it might affect.
Anna will create records of the data, reviews, analysis, and reports in order to keep evidence for the purpose of disciplinary and legal action, and use them to prevent future incidents. To do the workaccordingly, she should be aware of the company's information security incident management policy beforehand Among others, this policy specifies the type of records to be created, the place where they should be kept, and the format and content that specific record types should have.
According to scenario 7, a demilitarized zone (DMZ) is deployed within InfoSec's network. What type of control has InfoSec implemented in this case?

• A. Detective
• B. Preventive
• C. Corrective

Answer: B

Explanation:
A demilitarized zone (DMZ) is a network segment that separates the internal network from the external network, such as the Internet. It is used to host public services that need to be accessible from outside the organization, such as web servers, email servers, or DNS servers. A DMZ provides a layer of protection for the internal network by limiting the exposure of the public services and preventing unauthorized access from the external network. A DMZ is an example of a preventive control, which is a type of control that aims to prevent or deter the occurrence of an information security incident. Preventive controls reduce the likelihood of a threat exploiting a vulnerability and causing harm to the organization's information assets. Other examples of preventive controls are encryption, authentication, firewalls, antivirus software, and security awareness training.
References:
* ISO/IEC 27001 : 2022 Lead Implementer Study Guide, Section 8.2.3.2.1, page 162
* ISO/IEC 27001 : 2022 Lead Implementer Info Kit, page 13
* ISO/IEC 27002 : 2022, Section 13.1.3, page 66

NEW QUESTION # 68
Which of the following is NOT part of the steps required by ISO/IEC 27001 that an organization must take when a nonconformity is detected?

• A. React to the nonconformity, take action to control and correct it. and deal with its consequences
• B. Communicate the details of the nonconformity to every employee of the organization and suspend the employee that caused the nonconformity
• C. Evaluate the need for action to eliminate the causes of the nonconformity so that it does not recur or occur elsewhere

Answer: B

NEW QUESTION # 69
Based on scenario 9. did the ISMS project manager complete the corrective action process appropriately?

• A. No, the corrective action process should also include the review of the implementation of the selected actions
• B. No, the corrective action did not address the root cause of the nonconformity
• C. Yes, the corrective action process should include the identification of the nonconformity, situation analysis, and implementation of corrective actions

Answer: B

NEW QUESTION # 70
An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry date of a contract with one of theclients is earlier than the start date. What type of measure could prevent this error?

• A. Availability measure
• B. Technical measure
• C. Integrity measure
• D. Organizational measure

Answer: B

NEW QUESTION # 71
......

PECB ISO-IEC-27001-Lead-Implementer certification is recognized globally and is highly valued by organizations that aim to protect their information assets and comply with regulatory requirements. Certified professionals can demonstrate their expertise in implementing effective information security management systems that meet the ISO/IEC 27001 standard and can help their organizations to achieve their business objectives. PECB Certified ISO/IEC 27001 Lead Implementer Exam certification also provides a competitive advantage in the job market and can lead to career advancement opportunities.

 

Updated ISO-IEC-27001-Lead-Implementer Exam Practice Test Questions: https://prep4sure.pdf4test.com/ISO-IEC-27001-Lead-Implementer-actual-dumps.html