ISO 27001 (ISMS) Lead Auditor Quiz Questions and Answers

Which of the following is defined as the weakness of an asset or control that can be exploited by one or more threats?

Answer :
  • Vulnerability

What type of threat is the “loss of power supply”?

Answer :
  • Loss of essential services

What type of threat are “theft, fraud, and sabotage”?

Answer :
  • Human factor threats

Determine the function of security control Installation of a wire fence around the company's site.

Answer :
  • Preventive

What does information security deal with?

Answer :
  • The protection of the confidentiality, integrity, and availability of all types of data

Which of the listed below are examples of access controls?

Answer :
  • Both A and B

What type of assets are “business processes and activities”?

Answer :
  • Primary assets

What is the main objective of the monitoring and review phase of the risk management process?

Answer :
  • To assure and improve the quality and effectiveness of process design, implementation, and outcomes

What is the residual risk?

Answer :
  • Risk remaining after the treatment of risk

What does the process of monitoring and measurement include?

Answer :
  • Both A and B