ISO/IEC 27001 Foundation Quiz Questions and Answers

Which of the following is defined as the weakness of an asset or control that can be exploited by one or more threats?

Answer :
  • Vulnerability

What type of threat is the “loss of power supply”?

Answer :
  • Loss of essential services

What is the residual risk?

Answer :
  • Risk remaining after the treatment of risk

What does information security deal with?

Answer :
  • The protection of the confidentiality, integrity, and availability of all types of data

Which of the listed below are examples of access controls?

Answer :
  • Both A and B

What type of assets are “business processes and activities”?

Answer :
  • Primary assets

What does the process of monitoring and measurement include?

Answer :
  • Both A and B

The information security policy should include which one of the following?

Answer :
  • <p>All of the above</p>

What does PDCA stand for?

Answer :
  • Plan, Do, Check, and Act

Which of the following ensures that information is not made available or disclosed to unauthorized users?

Answer :
  • Confidentiality