ISO 27001 (ISMS) Lead Auditor Quiz Questions and Answers

Which of the following is defined as the weakness of an asset or control that can be exploited by one or more threats?

Answer :
  • Vulnerability

What type of threat is the “loss of power supply”?

Answer :
  • Loss of essential services

What type of threat are “theft, fraud, and sabotage”?

Answer :
  • Human factor threats

What is the residual risk?

Answer :
  • Risk remaining after the treatment of risk

Determine the function of security control Installation of a wire fence around the company's site.

Answer :
  • Preventive

Determine the type of security control "Encryption of electronic messaging".

Answer :
  • Technical

Determine the type of security control consideration of applicable legislation.

Answer :
  • Legal

What does information security deal with?

Answer :
  • The protection of the confidentiality, integrity, and availability of all types of data

Which of the listed below are examples of access controls?

Answer :
  • Both A and B

What type of assets are “business processes and activities”?

Answer :
  • Primary assets