- Home
- PECB
- PECB Certified ISO/IEC 27001 Lead Auditor exam
- PECB.ISO-IEC-27001-Lead-Auditor.v2024-02-23.q93
- Question 26
Valid ISO-IEC-27001-Lead-Auditor Dumps shared by ExamDiscuss.com for Helping Passing ISO-IEC-27001-Lead-Auditor Exam! ExamDiscuss.com now offer the newest ISO-IEC-27001-Lead-Auditor exam dumps, the ExamDiscuss.com ISO-IEC-27001-Lead-Auditor exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com ISO-IEC-27001-Lead-Auditor dumps with Test Engine here:
Access ISO-IEC-27001-Lead-Auditor Dumps Premium Version
(368 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 26/93
You receive an E-mail from some unknown person claiming to be representative of your bank and asking for your account number and password so that they can fix your account. Such an attempt of social engineering is called
Correct Answer: C
Explanation
An email from some unknown person claiming to be a representative of your bank and asking for your account number and password so that they can fix your account is an example of social engineering called phishing.
Phishing is a form of fraud that uses deceptive emails or other messages to trick recipients into revealing sensitive information, such as passwords, credit card numbers, bank account details, etc. Phishing emails often impersonate legitimate organizations or individuals and create a sense of urgency or curiosity to lure the victims into clicking on malicious links, opening malicious attachments or providing personal information.
ISO/IEC 27001:2022 requires the organization to implement awareness and training programs to make users aware of the risks of social engineering attacks, such as phishing, and how to avoid them (see clause A.7.2.2).
References: CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course, ISO/IEC
27001:2022 Information technology - Security techniques - Information security management systems - Requirements, What is Phishing?
An email from some unknown person claiming to be a representative of your bank and asking for your account number and password so that they can fix your account is an example of social engineering called phishing.
Phishing is a form of fraud that uses deceptive emails or other messages to trick recipients into revealing sensitive information, such as passwords, credit card numbers, bank account details, etc. Phishing emails often impersonate legitimate organizations or individuals and create a sense of urgency or curiosity to lure the victims into clicking on malicious links, opening malicious attachments or providing personal information.
ISO/IEC 27001:2022 requires the organization to implement awareness and training programs to make users aware of the risks of social engineering attacks, such as phishing, and how to avoid them (see clause A.7.2.2).
References: CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course, ISO/IEC
27001:2022 Information technology - Security techniques - Information security management systems - Requirements, What is Phishing?
- Question List (93q)
- Question 1: You are performing an ISO 27001 ISMS surveillance audit at a...
- Question 2: There was a fire in a branch of the company Midwest Insuranc...
- Question 3: Which of the following is an information security management...
- Question 4: During a Stage 1 audit opening meeting, the Management Syste...
- Question 5: During a third-party certification audit, you are presented ...
- Question 6: Which three of the following options are an advantage of usi...
- Question 7: Which threat could occur if no physical measures are taken?...
- Question 8: Information or data that are classified as ______ do not req...
- Question 9: Which one of the following options is the definition of an i...
- Question 10: A property of Information that has the ability to prove occu...
- Question 11: Which two of the following statements are true?...
- Question 12: A couple of years ago you started your company which has now...
- Question 13: Select the words that best complete the sentence: To complet...
- Question 14: Select two of the following options that are the responsibil...
- Question 15: An employee caught with offense of abusing the internet, suc...
- Question 16: You are performing an ISMS audit at a residential nursing ho...
- Question 17: Please match the roles to the following descriptions: (Exhib...
- Question 18: The audit lifecycle describes the ISO 19011 process for cond...
- Question 19: What would be the reference for you to know who should have ...
- Question 20: Which two of the following phrases would apply to 'check' in...
- Question 21: A scenario wherein the city or location where the building(s...
- Question 22: Information has a number of reliability aspects. Reliability...
- Question 23: A well-executed risk analysis provides a great deal of usefu...
- Question 24: You are an experienced ISMS audit team leader guiding an aud...
- Question 25: You are an experienced audit team leader guiding an auditor ...
- Question 26: You receive an E-mail from some unknown person claiming to b...
- Question 27: You are performing an ISMS audit at a residential nursing ho...
- Question 28: During an opening meeting of a Stage 2 audit, the Managing D...
- Question 29: What is the standard definition of ISMS?...
- Question 30: You receive the following mail from the IT support team: Dea...
- Question 31: You are performing an ISMS audit at a nursing home where res...
- Question 32: Select two options that describe an advantage of using a che...
- Question 33: You are carrying out your first third-party ISMS surveillanc...
- Question 34: What is the relationship between data and information?...
- Question 35: The audit team leader prepares the audit plan for an initial...
- Question 36: What type of measure involves the stopping of possible conse...
- Question 37: Someone from a large tech company calls you on behalf of you...
- Question 38: How is the purpose of information security policy best descr...
- Question 39: (Exhibit)
- Question 40: During discussions with the individual(s) managing the audit...
- Question 41: You are performing an ISMS audit at a residential nursing ho...
- Question 42: CEO sends a mail giving his views on the status of the compa...
- Question 43: Information Security is a matter of building and maintaining...
- Question 44: What is the security management term for establishing whethe...
- Question 45: In acceptable use of Information Assets, which is the best p...
- Question 46: Which one of the following statements best describes the pur...
- Question 47: Which two of the following phrases would apply to "plan" in ...
- Question 48: You are performing an ISMS audit at a residential nursing ho...
- Question 49: Auditors need to communicate effectively with auditees. Ther...
- Question 50: Cabling Security is associated with Power, telecommunication...
- Question 51: You are preparing the audit findings. Select two options tha...
- Question 52: Which two of the following are examples of audit methods tha...
- Question 53: All are prohibited in acceptable use of information assets, ...
- Question 54: Four types of Data Classification (Choose two)...
- Question 55: A decent visitor is roaming around without visitor's ID. As ...
- Question 56: Phishing is what type of Information Security Incident?...
- Question 57: You are an experienced ISMS audit team leader. During the co...
- Question 58: What is a repressive measure in case of a fire?...
- Question 59: Which six of the following actions are the individual(s) man...
- Question 60: You see a blue color sticker on certain physical assets. Wha...
- Question 61: You are performing an ISMS audit at a residential nursing ho...
- Question 62: What is an example of a human threat?...
- Question 63: What is a repressive measure in case of a fire?...
- Question 64: Which of the following statements are correct for Clean Desk...
- Question 65: What type of system ensures a coherent Information Security ...
- Question 66: What is a definition of compliance?...
- Question 67: Your organisation is currently seeking ISO/IEC27001:2022 cer...
- Question 68: A hacker gains access to a webserver and can view a file on ...
- Question 69: What is the name of the system that guarantees the coherence...
- Question 70: You have just completed a scheduled information security aud...
- Question 71: Below is Purpose of "Integrity", which is one of the Basic C...
- Question 72: You are an ISMS auditor conducting a third-party surveillanc...
- Question 73: Match the correct responsibility with each participant of a ...
- Question 74: You are performing an ISMS audit at a residential nursing ho...
- Question 75: Select the words that best complete the sentence: (Exhibit)...
- Question 76: Who is authorized to change the classification of a document...
- Question 77: You are an experienced ISMS audit team leader guiding an aud...
- Question 78: You are carrying out your first third-party ISMS surveillanc...
- Question 79: As the ISMS audit team leader, you are conducting a second-p...
- Question 80: Implement plan on a test basis - this comes under which sect...
- Question 81: As a new member of the IT department you have noticed that c...
- Question 82: The following are purposes of Information Security, except:...
- Question 83: You are preparing the audit findings. Select two options tha...
- Question 84: You are an audit team leader conducting a third-party survei...
- Question 85: -------------------------is an asset like other important bu...
- Question 86: An administration office is going to determine the dangers t...
- Question 87: You are the person responsible for managing the audit progra...
- Question 88: You are performing an ISMS audit at a residential nursing ho...
- Question 89: Integrity of data means
- Question 90: What is the goal of classification of information?...
- Question 91: You are an experienced ISMS audit team leader who is current...
- Question 92: Objectives, criteria, and scope are critical features of a t...
- Question 93: Which measure is a preventive measure?...
[×]
Download PDF File
Enter your email address to download PECB.ISO-IEC-27001-Lead-Auditor.v2024-02-23.q93.pdf