ISMS

1.

What do persons need to be aware of when doing work under the control of an organization that claims conformity against ISO/IEC 27001?

The implications of not conforming with the ISMS requirements All information security risk treatment actions according to the risk treatment plan Their contribution to the effectiveness of the ISMS

2.

What is correct with respect to the ISO/IEC 27001 standard?

The standard specifies requirements for bodies providing audit and certification of information security

management systems The standard defines requirements for an information security management system (ISMS). The standard is part of a larger family of standards.

3.

Which of the following standards from the ISO/IEC 27000 family contain general, non-sector-specific, guidelines?

ISO/IEC 27006 ISO/IEC 27019 ISO/IEC 27002

4.

Which of the following statements are correct with respect to controls?

All measures formulated in ISO / IEC 27001 Annex A are of a purely organizational nature Controls may cover processes and policies All controls formulated in ISO/IEC 27001 (Annex A) are of a technical nature

5.

According to ISO/IEC 27001, what must an organization do as part of their information security risk reatment process?

Formulate an information security risk treatment plan Evaluate information security risks Determine the controls that are necessary to implement the information security risk

treatment option(s) chosen

6.

Which are the steps that need to be defined and implemented as part of the information security risk ssessment process?

Identify information security risks Avoid information security risks Treat Information security risks

7.

Which of the following steps need to be performed (among others) by an organization to introduce, maintain, and / or improve an ISMS?

Identification of information assets and related information security requirements (required

level of protection) Reporting of serious information security incidents to supervisory authorities Distribution of the risk treatment plan to all interested parties

8.

What should internal ISMS audits provide information about?

Whether the ISMS meets the organization's requirements Whether the ISMS is being effectively implemented and maintained Which information security incidents could have been avoided

9.

What is confidentiality?

Property that information is well-known and communicated Property hat an entity is what it claims to be Property that information is not made available or disclosed to unauthorized individuals

10.

ISO/IEC 27001 defines control objectives and controls for

Asset management Human resource security Physical and environmental security All of these

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Congratulations

COMPANY

Products

OTHERS

Partner

ISMS

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Answer & Solution

Answer: Option B

Solution:

Congratulations

Detail Form

COMPANY

Products

OTHERS

Partner