GAQM ISO 27001:2013 Certified Lead Auditor ISO-ISMS-LA ISO27-13-001 ISO-CLA Exam Questions and Answers – Page 1

Exam Question 71

What is the name of the system that guarantees the coherence of information security in the organization?

A. Security regulations for special information for the government
B. Rootkit
C. Information Security Management System (ISMS)
D. Information Technology Service Management (ITSM)
Correct Answer:
C. Information Security Management System (ISMS)

Exam Question 72

What is the difference between a restricted and confidential document?

A. Restricted – to be shared among an authorized group
Confidential – to be shared among named individuals
B. Restricted – to be shared among named individuals
Confidential – to be shared among an authorized group
C. Restricted – to be shared among named individuals
Confidential – to be shared with friends and family
D. Restricted – to be shared among named individuals
Confidential – to be shared across the organization only
Correct Answer:
B. Restricted – to be shared among named individuals
Confidential – to be shared among an authorized group

Exam Question 73

What is a definition of compliance?

A. A rule or directive made and maintained by an authority.
B. The state or fact of according with or meeting rules or standards
C. An official or authoritative instruction
D. Laws, considered collectively or the process of making or enacting laws
Correct Answer:
B. The state or fact of according with or meeting rules or standards

Exam Question 74

A property of Information that has the ability to prove occurrence of a claimed event.

A. Availability
B. Electronic chain letters
C. Accessibility
D. Integrity
Correct Answer:
D. Integrity

Exam Question 75

Does the security have the right to ask you to display your ID badges and check your bags?

A. False
B. True
Correct Answer:
B. True

Exam Question 76

Which of the following is an information security management system standard published by the International Organization for Standardization?

A. ISO9008
B. ISO27001
C. ISO5501
D. ISO22301
Correct Answer:
B. ISO27001

Exam Question 77

How are data and information related?

A. Information consists of facts and statistics collected together for reference or analysis
B. Data is a collection of structured and unstructured information
C. When meaning and value are assigned to data, it becomes information
Correct Answer:
C. When meaning and value are assigned to data, it becomes information

Exam Question 78

What is social engineering?

A. A group planning for a social activity in the organization
B. The organization planning an activity for welfare of the neighborhood
C. Creating a situation wherein a third party gains confidential information from you
Correct Answer:
C. Creating a situation wherein a third party gains confidential information from you

Exam Question 79

A member of staff denies sending a particular message.
Which reliability aspect of information is in danger here?

A. confidentiality
B. integrity
C. availability
D. correctness
Correct Answer:
B. integrity

Exam Question 80

An administration office is going to determine the dangers to which it is exposed.
What do we call a possible event that can have a disruptive effect on the reliability of information?

A. dependency
B. threat
C. risk
D. vulnerability
Correct Answer:
B. threat