- Home
- PECB
- PECB Certified ISO/IEC 27001 Lead Auditor exam (ISO-IEC-27001-Lead-Auditor中文版)
- PECB.ISO-IEC-27001-Lead-Auditor-CN.v2025-05-29.q147
- Question 50
Valid ISO-IEC-27001-Lead-Auditor-CN Dumps shared by ExamDiscuss.com for Helping Passing ISO-IEC-27001-Lead-Auditor-CN Exam! ExamDiscuss.com now offer the newest ISO-IEC-27001-Lead-Auditor-CN exam dumps, the ExamDiscuss.com ISO-IEC-27001-Lead-Auditor-CN exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com ISO-IEC-27001-Lead-Auditor-CN dumps with Test Engine here:
Access ISO-IEC-27001-Lead-Auditor-CN Dumps Premium Version
(368 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 50/147
您正在對提供醫療保健服務的住宅療養院進行 ISMS 審核。審計計劃的下一步是驗證資訊安全事件管理流程。 IT 安全經理介紹資訊安全事件管理程序(文件參考 ID:ISMS_L2_16,版本 4)。
您查看了文件並注意到一條聲明「任何資訊安全漏洞、事件和事故應在發現後 1 小時內報告給聯絡點 (PoC)」。在訪談員工時,您發現對「弱點、事件和事故」一詞的含義的理解存在差異。
IT安全經理解釋說,6個月前曾舉辦過一次線上「資訊安全處理」培訓研討會。所有受訪的人都參加並通過了報告練習和課程考核。
您想進一步調查其他領域以收集更多審計證據。選擇三個不是有效審計追蹤的選項。
您查看了文件並注意到一條聲明「任何資訊安全漏洞、事件和事故應在發現後 1 小時內報告給聯絡點 (PoC)」。在訪談員工時,您發現對「弱點、事件和事故」一詞的含義的理解存在差異。
IT安全經理解釋說,6個月前曾舉辦過一次線上「資訊安全處理」培訓研討會。所有受訪的人都參加並通過了報告練習和課程考核。
您想進一步調查其他領域以收集更多審計證據。選擇三個不是有效審計追蹤的選項。
Correct Answer: E,G,H
a. (Relevant to clause 8.13)
Explanation:
The three options that would not be valid audit trails are:
* Collect more evidence on how the organisation manages the Point of Contact (PoC) which monitors vulnerabilities. (Relevant to clause 8.1)
* Collect more evidence on whether terms and definitions are contained in the information security policy. (Relevant to control 5.32)
* Collect more evidence to determine if ISO 27035 (Information security incident management) is used as internal audit criteria. (Relevant to clause 8.13) These options are not valid audit trails because they are not directly related to the information security incident management process, which is the focus of the audit. The audit trails should be relevant to the objectives, scope, and criteria of the audit, and should provide sufficient and reliable evidence to support the audit findings and conclusions1.
Option E is not valid because the PoC is not a part of the information security incident management process, but rather a role that is responsible for reporting and escalating information security incidents to the appropriate authorities2. The audit trail should focus on how the PoC performs this function, not how the organisation manages the PoC.
Option G is not valid because the terms and definitions are not a part of the information security incident management process, but rather a part of the information security policy, which is a high-level document that defines the organisation's information security objectives, principles, and responsibilities3. The audit trail should focus on how the information security policy is communicated, implemented, and reviewed, not whether it contains terms and definitions.
Option H is not valid because ISO 27035 is not a part of the information security incident management process, but rather a guidance document that provides best practices for managing information security incidents4. The audit trail should focus on how the organisation follows the requirements of ISO/IEC 27001:2022 for information security incident management, not whether it uses ISO 27035 as an internal audit criteria.
The other options are valid audit trails because they are related to the information security incident management process, and they can provide useful evidence to evaluate the conformity and effectiveness of the process. For example:
* Option A is valid because it relates to control A.5.29, which requires the organisation to establish procedures to isolate and quarantine areas subject to information security incidents, in order to prevent further damage and preserve evidence5. The audit trail should collect evidence on how the organisation implements and tests these procedures, and how they ensure the continuity of information security during disruption.
* Option B is valid because it relates to control A.6.8, which requires the organisation to establish mechanisms for reporting information security events and weaknesses, and to ensure that they are communicated in a timely manner to the appropriate levels within the organisation6. The audit trail should collect evidence on how the organisation defines and uses these mechanisms, and how they monitor and review the reporting process.
* Option C is valid because it relates to clause 7.2, which requires the organisation to provide information security awareness, education, and training to all persons under its control, and to evaluate the effectiveness of these activities7. The audit trail should collect evidence on how the organisation identifies the information security training needs, how they deliver and record the training, and how they measure the learning outcomes and feedback.
* Option D is valid because it relates to control A.5.27, which requires the organisation to learn from information security incidents and to implement corrective actions to prevent recurrence or reduce impact8. The audit trail should collect evidence on how the organisation analyses and documents the root causes and consequences of information security incidents, how they identify and implement corrective actions, and how they verify the effectiveness of these actions.
* Option F is valid because it relates to control A.5.30, which requires the organisation to establish and maintain a business continuity plan to ensure the availability of information and information processing facilities in the event of a severe information security incident9. The audit trail should collect evidence on how the organisation develops and updates the business continuity plan, how they test and review the plan, and how they communicate and train the relevant personnel on the plan.
Explanation:
The three options that would not be valid audit trails are:
* Collect more evidence on how the organisation manages the Point of Contact (PoC) which monitors vulnerabilities. (Relevant to clause 8.1)
* Collect more evidence on whether terms and definitions are contained in the information security policy. (Relevant to control 5.32)
* Collect more evidence to determine if ISO 27035 (Information security incident management) is used as internal audit criteria. (Relevant to clause 8.13) These options are not valid audit trails because they are not directly related to the information security incident management process, which is the focus of the audit. The audit trails should be relevant to the objectives, scope, and criteria of the audit, and should provide sufficient and reliable evidence to support the audit findings and conclusions1.
Option E is not valid because the PoC is not a part of the information security incident management process, but rather a role that is responsible for reporting and escalating information security incidents to the appropriate authorities2. The audit trail should focus on how the PoC performs this function, not how the organisation manages the PoC.
Option G is not valid because the terms and definitions are not a part of the information security incident management process, but rather a part of the information security policy, which is a high-level document that defines the organisation's information security objectives, principles, and responsibilities3. The audit trail should focus on how the information security policy is communicated, implemented, and reviewed, not whether it contains terms and definitions.
Option H is not valid because ISO 27035 is not a part of the information security incident management process, but rather a guidance document that provides best practices for managing information security incidents4. The audit trail should focus on how the organisation follows the requirements of ISO/IEC 27001:2022 for information security incident management, not whether it uses ISO 27035 as an internal audit criteria.
The other options are valid audit trails because they are related to the information security incident management process, and they can provide useful evidence to evaluate the conformity and effectiveness of the process. For example:
* Option A is valid because it relates to control A.5.29, which requires the organisation to establish procedures to isolate and quarantine areas subject to information security incidents, in order to prevent further damage and preserve evidence5. The audit trail should collect evidence on how the organisation implements and tests these procedures, and how they ensure the continuity of information security during disruption.
* Option B is valid because it relates to control A.6.8, which requires the organisation to establish mechanisms for reporting information security events and weaknesses, and to ensure that they are communicated in a timely manner to the appropriate levels within the organisation6. The audit trail should collect evidence on how the organisation defines and uses these mechanisms, and how they monitor and review the reporting process.
* Option C is valid because it relates to clause 7.2, which requires the organisation to provide information security awareness, education, and training to all persons under its control, and to evaluate the effectiveness of these activities7. The audit trail should collect evidence on how the organisation identifies the information security training needs, how they deliver and record the training, and how they measure the learning outcomes and feedback.
* Option D is valid because it relates to control A.5.27, which requires the organisation to learn from information security incidents and to implement corrective actions to prevent recurrence or reduce impact8. The audit trail should collect evidence on how the organisation analyses and documents the root causes and consequences of information security incidents, how they identify and implement corrective actions, and how they verify the effectiveness of these actions.
* Option F is valid because it relates to control A.5.30, which requires the organisation to establish and maintain a business continuity plan to ensure the availability of information and information processing facilities in the event of a severe information security incident9. The audit trail should collect evidence on how the organisation develops and updates the business continuity plan, how they test and review the plan, and how they communicate and train the relevant personnel on the plan.
- Question List (147q)
- Question 1: 您正在一家提供醫療保健服務的住宅療養院進行 ISMS 審核。審核計...
- Question 2: 在第三方認證審核期間,受審核方會提供您問題清單。下列哪四項構
- Question 3: 下列哪一項敘述最精確地描述了資訊安全面之間的關係?
- Question 4: 場景 2:Knight 是一家來自美國北加州的電子公司,開發電玩遊戲...
- Question 5: 您正在一家提供醫療保健服務的住宅療養院進行 ISMS 初始認證審核...
- Question 6: 在第二階段審核的開幕會議上,客戶組織的總經理邀請審核團隊觀看
- Question 7: 下列哪一項最能定義管理控制?
- Question 8: 起草審核結論後,審核組長的工作文件由認證機構選定的另一位審核
- Question 9: 您詢問 IT 經理,為什麼組織仍在使用行動應用程序,而個人資料加...
- Question 10: 場景 5:Cobt。位於倫敦的保險公司,提供各種商業、工業和人壽保...
- Question 11: 「糾正措施」一詞是什麼意思?選擇一項
- Question 12: 情境 6:Sinvestment 是一家提供家庭保險、商業保險和人壽保險的...
- Question 13: 選出最能完成句子的單字: (Exhibit)
- Question 14: 您正在一家提供醫療保健服務的住宅療養院進行 ISMS 審核。審核計...
- Question 15: 審核方法可以與代表受審核方的個人互動,也可以不互動。下列哪兩
- Question 16: 在可接受的資訊資產使用中,哪一個是最佳實務?
- Question 17: 您是一位經驗豐富的 ISMS 審核團隊負責人,負責對網路服務供應商...
- Question 18: 您是一位經驗豐富的 ISMS 審核團隊負責人,正在與分配給您的審核...
- Question 19: 場景3:NightCore是一家總部位於美國的跨國科技公司,專注於電子...
- Question 20: 設想: 當使用者向緩衝區添加的資料超過其儲存容量允許的數量時
- Question 21: 您工作的資料中心目前正在尋求 ISO/IEC27001:2022 認證。在為您...
- Question 22: 進行認證審核的審核員在製定審核計畫時不需要下列哪一份工作文件
- Question 23: 情境 8:EsBank 自 9 月起為愛沙尼亞銀行業提供銀行和金融解決方...
- Question 24: 下列哪兩項敘述是正確的?
- Question 25: ------------- 與其他重要業務資產一樣,該資產對組織有價值,因...
- Question 26: 外部審計師收到了對研究開發公司進行 ISMS 審計的邀請。在接受之...
- Question 27: 設想: Northstorm 是一家線上零售商店,提供獨特的復古和現代配...
- Question 28: 以下是資訊安全的目的,但以下情況除外:
- Question 29: 下列哪兩項敘述是正確的?
- Question 30: 請將角色與以下描述配對: (Exhibit)
- Question 31: 場景 9:Techmanic 是一家比利時公司,成立於 1995 年,目前在布...
- Question 32: 您是 ISMS 審計團隊負責人,負責在客戶的資料中心進行後續審計。...
- Question 33: 您工作的資料中心目前正在尋求 ISO/IEC27001:2022 認證。在為您...
- Question 34: 情境 4:SendPay 是一家金融公司,透過代理商和金融機構網路提供...
- Question 35: 審核組組長決定聘請技術專家作為審核小組的一部分,這樣他們就可
- Question 36: 場景 2: Clinic 成立於 20 世紀 90 年代,是一家專門治療心臟相...
- Question 37: 某組織正在尋求管理系統初始認證。請確定組織將進行的活動的順序
- Question 38: 場景 2:Knight 是一家來自美國北加州的電子公司,開發電玩遊戲...
- Question 39: 您正在一家提供醫療保健服務的住宅療養院 (ABC) 進行 ISMS 審核...
- Question 40: 您是經驗豐富的 ISMS 審核團隊領導,指導審核員進行培訓。她詢問...
- Question 41: 場景 8:苔絲 一個。 Malik 和 Michael 是一個由安全、合規以及...
- Question 42: 場景9:UpNet是一家網路公司,已通過ISO/IEC 27001認證。 自從獲...
- Question 43: 您正在一家提供醫療保健服務的住宅療養院進行 ISMS 審核。審核計...
- Question 44: 設想: Northstorm 是一家線上零售商店,提供獨特的復古和現代配...
- Question 45: 您是經驗豐富的審核團隊領導,指導審核員進行培訓。 您的團隊目
- Question 46: 場景 3:Rebuildy 是一家位於泰國曼谷的建築公司,專門從事住宅...
- Question 47: 場景 3:Rebuildy 是一家位於泰國曼谷的建築公司,專門從事住宅...
- Question 48: 在第一階段審核開幕會議上,管理系統代表 (MSR) 要求擴大審核範...
- Question 49: 一家電信公司使用 AES 方法來確保機密資訊受到保護。 這意味著他...
- Question 50: 您正在對提供醫療保健服務的住宅療養院進行 ISMS 審核。審計計劃...
- Question 51: 情境 8:EsBank 自 9 月起為愛沙尼亞銀行業提供銀行和金融解決方...
- Question 52: 您會在某些實體資產上看到藍色貼紙。這意味著什麼?
- Question 53: 情境 8:EsBank 自 9 月起為愛沙尼亞銀行業提供銀行和金融解決方...
- Question 54: 場景 8:苔絲 一個。 Malik 和 Michael 是一個由安全、合規以及...
- Question 55: 下列哪一項關於資訊安全威脅和漏洞的敘述是不正確的?
- Question 56: 您正在 ABC Healthcare Services 的療養院執行 ISO 27001 ISMS ...
- Question 57: 使用審計測試計劃組合的目的是什麼?
- Question 58: 三名審核員被指派到 X 公司進行認證審核。這可以接受嗎?
- Question 59: 誰可以存取高度機密的文件?
- Question 60: 身為資訊安全管理系統審核小組組長,您正在代表一家線上零售商對
- Question 61: 場景 3:Rebuildy 是一家位於泰國曼谷的建築公司,專門從事住宅...
- Question 62: 選擇最能描述如何進行資訊安全管理系統審核的選項:
- Question 63: 場景 6:Cyber ACrypt 是一家網路安全公司,透過提供反惡意...
- Question 64: 在分析審核結論後,X 公司決定接受與其中一項發現的不合格項相關...
- Question 65: 從以下選項中選擇一個最能完成句子的單字: 要用單字完成句子,
- Question 66: 您正在一家受 ABC 監管、提供醫療保健服務的住宅療養院進行 ISMS...
- Question 67: 您是 ISMS 審核小組組長,準備在第三方監督審核後主持閉幕會議。...
- Question 68: 情境 8:EsBank 自 9 月起為愛沙尼亞銀行業提供銀行和金融解決方...
- Question 69: 您收到一封電子郵件,要求您發送姓名、電子郵件和密碼等訊息,才
- Question 70: 在發生資訊安全事件時,應遵守系統使用者的角色和責任,但以下情
- Question 71: 在測試的基礎上實施計劃 - 這屬於 PDCA 的哪一部分
- Question 72: 網路釣魚屬於什麼類型的資訊安全事件?
- Question 73: 場景 3:Rebuildy 是一家位於泰國曼谷的建築公司,專門從事住宅...
- Question 74: 場景七:Webvue。總部位於日本,是一家專門從事電腦軟體開發、支...
- Question 75: 場景3:NightCore是一家總部位於美國的跨國科技公司,專注於電子...
- Question 76: 您是一位經驗豐富的 ISMS 審核團隊領導,協助審核員接受培訓,撰...
- Question 77: 設想: 資訊安全事件發生後,組織創建了一套全面的備份程序,包
- Question 78: 場景 6:Cyber ACrypt 是一家網路安全公司,透過提供反惡意...
- Question 79: 下列哪兩項敘述是正確的?
- Question 80: 場景 2:Knight 是一家來自美國北加州的電子公司,開發電玩遊戲...
- Question 81: 場景9:UpNet是一家網路公司,已通過ISO/IEC 27001認證。 自從獲...
- Question 82: 場景 6:Cyber ACrypt 是一家網路安全公司,透過提供反惡意...
- Question 83: 您正在一家提供醫療保健服務的住宅療養院進行 ISMS 初始認證審核...
- Question 84: 審核生命週期描述了進行單獨審核的 ISO 19011 流程。將審核生命...
- Question 85: 下列哪一個選項不是審核組組長的角色?
- Question 86: 身為稽核員,您注意到 ABC Inc. 已經建立了管理可移動儲存媒體的...
- Question 87: 當您正在進行第三方監督審計時,審計團隊的另一位成員找到您並尋
- Question 88: 在第三方認證審核的背景下,哪兩個選項規定了審核組長在管理審核
- Question 89: 本組織擁有第三方認證機構核發的 ISO/IEC 27001 資訊安全管理系...
- Question 90: 通過 ISO/IEC 27001 認證的組織範圍規定,他們提供編輯和網站託...
- Question 91: 能夠證明所聲稱事件發生的資訊屬性。
- Question 92: 下列哪一項關於組織 ISMS 中文件化資訊的敘述是不正確的?
- Question 93: 情境 4:SendPay 是一家金融公司,透過代理商和金融機構網路提供...
- Question 94: 以下是資訊的定義,但以下情況除外:
- Question 95: 風險評估過程中滲透測試的目標是什麼?
- Question 96: 為什麼在初次接觸時要考慮重要性?
- Question 97: 一個組織正在評估其 ISMS 中不同流程的重要性。它正在評估與人員...
- Question 98: 身為 ISMS 審核小組組長,您正在代表一家線上零售商對一家國際物...
- Question 99: 場景 6:Cyber ACrypt 是一家網路安全公司,透過提供反惡意...
- Question 100: 資訊安全是建立和維護 ________ 的問題。
- Question 101: 下列哪一項描述了第一階段審核的主要目的?
- Question 102: 預測分析如何幫助審計師識別潛在風險?
- Question 103: 審計結果是根據審計標準對收集的審計證據進行評估的結果。評估以
- Question 104: 您是經驗豐富的 ISMS 審核團隊負責人,負責進行第三方監督訪問。...
- Question 105: 下列哪一個是定性證據的例子?
- Question 106: 場景 9:Techmanic 是一家比利時公司,成立於 1995 年,目前在布...
- Question 107: 下列哪兩個短語適用於與業務流程的計劃-執行-檢查-行動週期相關...
- Question 108: 下列哪兩個選項是使用抽樣計畫進行審核的優點?
- Question 109: 您正在一家提供醫療保健服務的住宅療養院執行 ISMS 審核,並審查...
- Question 110: 在後續審核期間,您注意到在後續審核之前確定要完成的不合格項仍
- Question 111: 選出最能完成句子的單字: 要使用最佳單字完成句子,請按一下要
- Question 112: 情境 6:Sinvestment 是一家提供家庭保險、商業保險和人壽保險的...
- Question 113: 您是一位經驗豐富的 ISMS 審核團隊負責人,負責對專門從事機密文...
- Question 114: 在管理系統審核的背景下,請確定收集和驗證資訊的典型流程的順序
- Question 115: 場景 8:苔絲 一個。 Malik 和 Michael 是一個由安全、合規以及...
- Question 116: 根據 ISO/IEC 27001 第 5.1 條(領導與承諾),下列何者不是高階...
- Question 117: 審計員發現,IT 部門 15 名員工中有兩人沒有接受足夠的資訊安全...
- Question 118: 我們在 ACT 中做什麼 - 來自 PDCA 循環
- Question 119: 您是一位經驗豐富的 ISMS 審核員,在一家提供 ICT 回收服務的組...
- Question 120: 在啟動審計活動之前,審計員會考慮被審計方的背景、關鍵流程和期
- Question 121: 下列哪兩項敘述是正確的?
- Question 122: 作為 ISMS 實施的一部分,行銷機構開發了自己的風險評估方法。這...
- Question 123: 在準備審計時,下列哪一項敘述是錯誤的?
- Question 124: 您正在一家提供醫療保健服務的住宅療養院進行 ISMS 審核。審核計...
- Question 125: 審核小組負責人為 ISO/IEC 27001:2022 的初始認證第 2 階段審核...
- Question 126: 您正在準備審計結果。選擇兩個正確的選項。
- Question 127: 選出最能完整描述審計結果的句子的單字。 (Exhibit)
- Question 128: 您是一位經驗豐富的 ISMS 審核員,在一家提供 ICT 回收服務的組...
- Question 129: 您是經驗豐富的 ISMS 審核團隊領導,指導審核員進行培訓。您的團...
- Question 130: 進行外部審核後,審核員決定內部審核員將追蹤糾正措施的實施情況
- Question 131: 場景 2: Clinic 成立於 20 世紀 90 年代,是一家專門治療心臟相...
- Question 132: 場景七:Webvue。總部位於日本,是一家專門從事電腦軟體開發、支...
- Question 133: 哪些控制與 ISO/IEC 27001 附件 A 控制相關,並且通常從其他指南...
- Question 134: 為 ISMS 中的資訊安全風險評估流程選擇正確的順序。 要完成序列...
- Question 135: ISMS的標準定義是什麼?
- Question 136: 下列哪一項最能描述第二階段審核的目的?
- Question 137: 您是一位經驗豐富的 ISMS 審核團隊領導者。受訓的審核員已與您聯...
- Question 138: 大數據等新科技的使用對審計有何影響?
- Question 139: 您是一位經驗豐富的 ISMS 審核團隊領導者。您目前正在對國際運輸...
- Question 140: 哪一項不是 HR 在招募前的要求?
- Question 141: Finnco 是一家認證機構的子公司,為某組織提供 ISMS 諮詢服務。...
- Question 142: 場景 1:Fintive 是一家傑出的線上支付和保護解決方案安全提供者...
- Question 143: 您是認證機構審核員,負責對為 ICT 設施提供託管服務的客戶營運...
- Question 144: 您正在作為審核組組長進行您的第一次第三方 ISMS 監督審核。您目...
- Question 145: 根據 ISO/IEC 27001,資訊安全管理系統旨在保護下列哪兩項?...
- Question 146: 下列哪兩個短語適用於與業務流程的計劃-實施-檢查-行動週期相關...
- Question 147: 場景 8:苔絲 一個。 Malik 和 Michael 是一個由安全、合規以及...
[×]
Download PDF File
Enter your email address to download PECB.ISO-IEC-27001-Lead-Auditor-CN.v2025-05-29.q147.pdf