Summer Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: s2p65

Easiest Solution 2 Pass Your Certification Exams

ISO27-13-001 GAQM ISO 27001 : 2013 - Certified Lead Auditor Free Practice Exam Questions (2025 Updated)

Prepare effectively for your GAQM ISO27-13-001 ISO 27001 : 2013 - Certified Lead Auditor certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

GAQM ISO27-13-001 Premium Access     Download Demo    
Page: 1 / 2
Total 100 questions

Backup media is kept in the same secure area as the servers. What risk may the organisation be exposed to?

A.

Unauthorised persons will have access to both the servers and backups

B.

Responsibility for the backups is not defined well

C.

After a fire, the information systems cannot be restored

D.

After a server crash, it will take extra time to bring it back up again

You receive an E-mail from some unknown person claiming to be representative of your bank and asking for your account number and password so that they can fix your account. Such an attempt of social engineering is called

A.

Shoulder Surfing

B.

Mountaineering

C.

Phishing

D.

Spoofing

As a new member of the IT department you have noticed that confidential information has been leaked several times. This may damage the reputation of the company. You have been asked to propose an

organisational measure to protect laptop computers. What is the first step in a structured approach to come up with this measure?

A.

Appoint security staff

B.

Encrypt all sensitive information

C.

Formulate a policy

D.

Set up an access control procedure

A hacker gains access to a web server and reads the credit card numbers stored on that server. Which security principle is violated?

A.

Availability

B.

Confidentiality

C.

Integrity

D.

Authenticity

Which of the following does an Asset Register contain? (Choose two)

A.

Asset Type

B.

Asset Owner

C.

Asset Modifier

D.

Process ID

Phishing is what type of Information Security Incident?

A.

Private Incidents

B.

Cracker/Hacker Attacks

C.

Technical Vulnerabilities

D.

Legal Incidents

Below is Purpose of "Integrity", which is one of the Basic Components of Information Security

A.

the property that information is not made available or disclosed to unauthorized individuals

B.

the property of safeguarding the accuracy and completeness of assets.

C.

the property that information is not made available or disclosed to unauthorized individuals

D.

the property of being accessible and usable upon demand by an authorized entity.

What is a reason for the classification of information?

A.

To provide clear identification tags

B.

To structure the information according to its sensitivity

C.

Creating a manual describing the BYOD policy

__________ is a software used or created by hackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems.

A.

Trojan

B.

Operating System

C.

Virus

D.

Malware

Which of the following is a preventive security measure?

A.

Installing logging and monitoring software

B.

Shutting down the Internet connection after an attack

C.

Storing sensitive information in a data save

What controls can you do to protect sensitive data in your computer when you go out for lunch?

A.

You activate your favorite screen-saver

B.

You are confident to leave your computer screen as is since a password protected screensaver is installed and it is set to activate after 10 minutes of inactivity

C.

You lock your computer by pressing Windows+L or CTRL-ALT-DELETE and then click "Lock Computer".

D.

You turn off the monitor

Availability means

A.

Service should be accessible at the required time and usable by all

B.

Service should be accessible at the required time and usable only by the authorized entity

C.

Service should not be accessible when required

You have a hard copy of a customer design document that you want to dispose off. What would you do

A.

Throw it in any dustbin

B.

Shred it using a shredder

C.

Give it to the office boy to reuse it for other purposes

D.

Be environment friendly and reuse it for writing

What is a repressive measure in case of a fire?

A.

Taking out a fire insurance

B.

Putting out a fire after it has been detected by a fire detector

C.

Repairing damage caused by the fire

What is an example of a human threat?

A.

a lightning strike

B.

fire

C.

phishing

D.

thunderstrom

What is the security management term for establishing whether someone's identity is correct?

A.

Identification

B.

Authentication

C.

Authorisation

D.

Verification

After a fire has occurred, what repressive measure can be taken?

A.

Extinguishing the fire after the fire alarm sounds

B.

Buying in a proper fire insurance policy

C.

Repairing all systems after the fire

Which of the following statements are correct for Clean Desk Policy?

A.

Don't leave confidential documents on your desk.

B.

Don't leave valuable items on your desk if you are not in your work area.

C.

Don't leave highly confidential items.

D.

Don't leave laptops without cable lock.

Which of the following is not a type of Information Security attack?

A.

Legal Incidents

B.

Vehicular Incidents

C.

Technical Vulnerabilities

D.

Privacy Incidents

Who are allowed to access highly confidential files?

A.

Employees with a business need-to-know

B.

Contractors with a business need-to-know

C.

Employees with signed NDA have a business need-to-know

D.

Non-employees designated with approved access and have signed NDA

GAQM ISO27-13-001 Premium Access     Download Demo    
Page: 1 / 2
Total 100 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved