- Home
- PECB
- PECB Certified ISO/IEC 27001 Lead Auditor exam
- PECB.ISO-IEC-27001-Lead-Auditor.v2024-07-22.q94
- Question 37
Valid ISO-IEC-27001-Lead-Auditor Dumps shared by ExamDiscuss.com for Helping Passing ISO-IEC-27001-Lead-Auditor Exam! ExamDiscuss.com now offer the newest ISO-IEC-27001-Lead-Auditor exam dumps, the ExamDiscuss.com ISO-IEC-27001-Lead-Auditor exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com ISO-IEC-27001-Lead-Auditor dumps with Test Engine here:
Access ISO-IEC-27001-Lead-Auditor Dumps Premium Version
(368 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 37/94
What would be the reference for you to know who should have access to data/document?
Correct Answer: B
Explanation
The reference for you to know who should have access to data/document is the Access Control List (ACL), which is a list of users or groups who are authorized to access a specific data/document and their respective access rights (such as read, write, modify, delete, etc.). The ACL is a tool for implementing the access control policy of the organization, which is defined in accordance with ISO/IEC 27001:2022 clause 9.4.1. The ACL should be maintained and updated regularly to ensure that only authorized users can access the data/document. References: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course],
[ISO/IEC 27001:2022 Information technology - Security techniques - Information security management systems - Requirements]
The reference for you to know who should have access to data/document is the Access Control List (ACL), which is a list of users or groups who are authorized to access a specific data/document and their respective access rights (such as read, write, modify, delete, etc.). The ACL is a tool for implementing the access control policy of the organization, which is defined in accordance with ISO/IEC 27001:2022 clause 9.4.1. The ACL should be maintained and updated regularly to ensure that only authorized users can access the data/document. References: [CQI & IRCA Certified ISO/IEC 27001:2022 Lead Auditor Training Course],
[ISO/IEC 27001:2022 Information technology - Security techniques - Information security management systems - Requirements]
- Question List (94q)
- Question 1: You are performing an ISMS audit at a nursing home where res...
- Question 2: Which two of the following phrases are 'objectives' in relat...
- Question 3: During discussions with the individual(s) managing the audit...
- Question 4: What controls can you do to protect sensitive data in your c...
- Question 5: You are an experienced ISMS audit team leader, assisting an ...
- Question 6: CMM stands for?
- Question 7: You are an experienced ISMS audit team leader. During the co...
- Question 8: You are an experienced ISMS auditor conducting a third-party...
- Question 9: In the context of a management system audit, please identify...
- Question 10: Often, people do not pick up their prints from a shared prin...
- Question 11: There is a scheduled fire drill in your facility. What shoul...
- Question 12: Which of the following does a lack of adequate security cont...
- Question 13: You are carrying out a third-party surveillance audit of a c...
- Question 14: Stages of Information
- Question 15: How is the purpose of information security policy best descr...
- 1 commentQuestion 16: What is the difference between a restricted and confidential...
- Question 17: A planning process that introduced the concept of planning a...
- Question 18: What type of measure involves the stopping of possible conse...
- Question 19: You are performing an ISMS audit at a residential nursing ho...
- Question 20: Select the words that best complete the sentence: (Exhibit)...
- Question 21: Does the security have the right to ask you to display your ...
- Question 22: You are performing an ISO 27001 ISMS surveillance audit at a...
- Question 23: You are conducting an ISMS audit in the despatch department ...
- Question 24: Select the words that best complete the sentence: To complet...
- Question 25: Which two of the following are valid audit conclusions?...
- Question 26: Which three of the following options are an advantage of usi...
- Question 27: You are an experienced ISMS audit team leader conducting a t...
- Question 28: Which is the glue that ties the triad together...
- Question 29: In what part of the process to grant access to a system does...
- Question 30: Which of the following factors does NOT contribute to the va...
- Question 31: Select the correct sequence for the information security ris...
- Question 32: Match the correct responsibility with each participant of a ...
- Question 33: Which two of the following options for information are not r...
- Question 34: You are an ISMS audit team leader assigned by your certifica...
- Question 35: You are preparing the audit findings. Select two options tha...
- Question 36: You receive an E-mail from some unknown person claiming to b...
- Question 37: What would be the reference for you to know who should have ...
- Question 38: The following are purposes of Information Security, except:...
- Question 39: You are an experienced audit team leader guiding an auditor ...
- Question 40: An employee caught with offense of abusing the internet, suc...
- Question 41: Which of the following is a preventive security measure?...
- Question 42: Which one of the following options is the definition of the ...
- Question 43: Phishing is what type of Information Security Incident?...
- Question 44: You are an experienced ISMS audit team leader guiding an aud...
- Question 45: You are an experienced ISMS audit team leader who is current...
- Question 46: What is the worst possible action that an employee may recei...
- Question 47: You receive the following mail from the IT support team: Dea...
- Question 48: You are an experienced ISMS audit team leader guiding an aud...
- Question 49: You are conducting an ISMS audit in the despatch department ...
- Question 50: You are an audit team leader conducting a third-party survei...
- Question 51: You are an experienced audit team leader guiding an auditor ...
- Question 52: You are performing an ISO 27001 ISMS surveillance audit at a...
- Question 53: In acceptable use of Information Assets, which is the best p...
- Question 54: Please match the following situations to the type of audit r...
- Question 55: You are a certification body auditor, conducting a surveilla...
- Question 56: Changes on project-managed applications or database should u...
- Question 57: What is a repressive measure in case of a fire?...
- Question 58: Which of the following is not a type of Information Security...
- Question 59: Which of the following does an Asset Register contain? (Choo...
- Question 60: Which is not a requirement of HR prior to hiring?...
- Question 61: You are the person responsible for managing the audit progra...
- Question 62: Which two of the following statements are true?...
- Question 63: During a third-party certification audit, you are presented ...
- Question 64: You are conducting an ISMS audit in the despatch department ...
- Question 65: Who is responsible for Initial asset allocation to the user/...
- Question 66: You are performing an ISMS audit at a residential nursing ho...
- Question 67: Which two of the following actions are the individual(s) man...
- Question 68: Auditor competence is a combination of knowledge and skills....
- Question 69: Review the following statements and determine which two are ...
- Question 70: You are performing an ISMS audit at a European-based residen...
- Question 71: Which two of the following phrases would apply to "act" in r...
- Question 72: Your organisation is currently seeking ISO/IEC27001:2022 cer...
- Question 73: You are performing an ISMS audit at a residential nursing ho...
- Question 74: You are an experienced ISMS audit team leader. You are provi...
- Question 75: The following options are key actions involved in a first-pa...
- Question 76: Who is authorized to change the classification of a document...
- Question 77: Select the words that best complete the sentence below to de...
- Question 78: There was a fire in a branch of the company Midwest Insuranc...
- Question 79: Which two of the following options are an advantage of using...
- Question 80: What is social engineering?
- Question 81: What is the security management term for establishing whethe...
- Question 82: Four types of Data Classification (Choose two)...
- Question 83: Audit methods can be either with or without interaction with...
- Question 84: Which two of the following phrases are 'objectives' in relat...
- Question 85: In the context of a third-party certification audit, confide...
- Question 86: After a devastating office fire, all staff are moved to othe...
- Question 87: Select the words that best complete the sentence: (Exhibit)...
- Question 88: You are an ISMS audit team leader who has been assigned by y...
- Question 89: As a new member of the IT department you have noticed that c...
- Question 90: Auditors need to communicate effectively with auditees. Ther...
- Question 91: You are an experienced ISMS audit team leader guiding an aud...
- Question 92: You are the audit team leader conducting a third-party audit...
- Question 93: Which one of the following statements best describes the pur...
- Question 94: Which department maintain's contacts with law enforcement au...
[×]
Download PDF File
Enter your email address to download PECB.ISO-IEC-27001-Lead-Auditor.v2024-07-22.q94.pdf