ISO/IEC 27001 Foundation Quiz Questions and Answers

Which of the following is defined as the weakness of an asset or control that can be exploited by one or more threats?

Answer :
  • Vulnerability

What type of threat is the “loss of power supply”?

Answer :
  • Loss of essential services

What is the residual risk?

Answer :
  • Risk remaining after the treatment of risk

What does information security deal with?

Answer :
  • The protection of the confidentiality, integrity, and availability of all types of data

Which of the listed below are examples of access controls?

Answer :
  • Both A and B

What type of assets are “business processes and activities”?

Answer :
  • Primary assets

The information security policy should include...

Answer :
  • All of the Above

What does PDCA stand for?

Answer :
  • Plan, Do, Check, and Act

Which of the following ensures that information is not made available or disclosed to unauthorized users?

Answer :
  • Confidentiality

Which property of information security ensures that information is not modified when in storage or transit?

Answer :
  • Integrity