ISO-IEC-27001 Lead Implementer V1

What is the main purpose of Annex A 7.1 Physical security perimeters of ISO/IEC 27001?A . To prevent unauthorized physical access, damage, and interference to the organization's information and other associated assetsB . To maintain the confidentiality of information that is accessible by personnel or external partiesC . To ensure...

FinanceX, a well-known financial institution, uses an online banking platform that enables clients to easily and securely access their bank accounts. To log in, clients are required to enter the one-lime authorization code sent to their smartphone. What can be concluded from this scenario?A . FinanceX has implemented a securityControl...

An organization documented each security control that it Implemented by describing their functions in detail. Is this compliant with ISO/IEC 27001?A . No, the standard requires to document only the operation of processes and controls, so no description of each security control is neededB . No, because the documented information...

Scenario 4: TradeB. a commercial bank that has just entered the market, accepts deposits from its clients and offers basic financial services and loans for investments. TradeB has decided to implement an information security management system (ISMS) based on ISO/IEC 27001 Having no experience of a management [^system implementation, TradeB's...

Which tool is used to identify, analyze, and manage interested parties?A . The probability/impact matrixB . The power/interest matrixC . The likelihood/severity matrixView AnswerAnswer: B Explanation: The power/interest matrix is a tool that can be used to identify, analyze, and manage interested parties according to ISO/IEC 27001:2022. The power/interest matrix...

Scenario 5: Operaze is a small software development company that develops applications for various companies around the world. Recently, the company conducted a risk assessment to assess the information security risks that could arise from operating in a digital landscape. Using different testing methods, including penetration Resting and code review,...

Scenario 4: TradeB. a commercial bank that has just entered the market, accepts deposits from its clients and offers basic financial services and loans for investments. TradeB has decided to implement an information security management system (ISMS) based on ISO/IEC 27001 Having no experience of a management [^system implementation, TradeB's...

Scenario 5: Operaze is a small software development company that develops applications for various companies around the world. Recently, the company conducted a risk assessment to assess the information security risks that could arise from operating in a digital landscape. Using different testing methods, including penetration Resting and code review,...

Scenario 4: TradeB. a commercial bank that has just entered the market, accepts deposits from its clients and offers basic financial services and loans for investments. TradeB has decided to implement an information security management system (ISMS) based on ISO/IEC 27001 Having no experience of a management [^system implementation, TradeB's...

Scenario 3: Socket Inc is a telecommunications company offering mainly wireless products and services. It uses MongoDB. a document model database that offers high availability, scalability, and flexibility. Last month, Socket Inc. reported an information security incident. A group of hackers compromised its MongoDB database, because the database administrators did...