ISO/IEC 27001 Foundation Quiz Questions and Answers

What does information security deal with?

Answer :
  • The protection of the confidentiality, integrity, and availability of all types of data

Which of the following ensures that information is not made available or disclosed to unauthorized users?

Answer :
  • Confidentiality

Which of the listed below are examples of access controls?

Answer :
  • Both A and B

Which property of information security ensures that information is not modified when in storage or transit?

Answer :
  • Integrity

Under which category of vulnerability does “unstable power grid” fall?

Answer :
  • Site vulnerability

What type of threat is the “loss of power supply”?

Answer :
  • Loss of essential services

What is an asset?

Answer :
  • Anything that has value to the organization and that, therefore, requires protection

What type of assets are “business processes and activities”?

Answer :
  • Primary assets

What is the main objective of the monitoring and review phase of the risk management process?

Answer :
  • To assure and improve the quality and effectiveness of process design, implementation, and outcomes

What does monitoring refer to?

Answer :
  • The process of determining the status of a system, process, or activity