PECB iso iec 27001 lead auditor practice test

ISO/IEC 27001 Lead Auditor Exam

Last exam update: Mar 11 ,2025
Page 1 out of 7. Viewing questions 1-15 out of 100

Question 1

Below is Purpose of "Integrity", which is one of the Basic Components of Information Security

  • B. the property of safeguarding the accuracy and completeness of assets. Most Votes
  • C. the property that information is not made available or disclosed to unauthorized individuals
  • D. the property of being accessible and usable upon demand by an authorized entity.
Mark Question:
Answer:

B


User Votes:
B 70 votes
50%
C 10 votes
50%
D 8 votes
50%
Discussions
vote your answer:
B
C
D
0 / 1000
ashok
1 year, 1 month ago

the property of safeguarding the accuracy and completeness of assets.

0
ashok
1 year ago

the property of safeguarding the accuracy and completeness of assets

0
ashgu
1 year ago

ddddddddddddddddddddddddddddddddddddddddd

0
Luffy619
11 months, 1 week ago

the property of safeguarding the accuracy and completeness of assets.

0
robdavies66
8 months, 1 week ago

the property of safeguarding the accuracy and completeness of assets.

0
robdavies66
8 months ago

the property of safeguarding the accuracy and completeness of assets.

0
medmond
7 months, 3 weeks ago

the property of safeguarding the accuracy and completeness of assets.

0
medmond
7 months, 3 weeks ago

the property of safeguarding the accuracy and completeness of assets

0
Ndanga
7 months, 2 weeks ago

the property of safeguarding the accuracy and completeness of assets.

0
ASRARMA
7 months, 1 week ago

the property of safeguarding the accuracy and completeness of assets.

0
Mans
7 months ago

the property that information is not made available or disclosed to unauthorized individuals

0
Priyachoudhari
6 months, 3 weeks ago

Safeguarding the accuracy and completeness of the assests

0
ASK
6 months ago

C. the property that information is not made available or disclosed to unauthorized individuals

0
grosso62
2 months, 1 week ago

B. the property of safeguarding the accuracy and completeness of assets.

0
grosso62
1 month, 4 weeks ago

B. the property of safeguarding the accuracy and completeness of assets.

0
cyber-auditor
1 month, 1 week ago

Integrity is the pillar of information security that safeguards the accuracy of the data

0
syma1970
2 weeks, 6 days ago

Integrity in information security focuses on ensuring that data is accurate, consistent, and reliable. It's about preventing unauthorized modifications or corruptions.

0

Question 2

-------------------------is an asset like other important business assets has value to an organization and
consequently needs to be protected.

  • A. Infrastructure
  • B. Data
  • C. Information Most Votes
  • D. Security
Mark Question:
Answer:

C


User Votes:
A 8 votes
50%
B 31 votes
50%
C 52 votes
50%
D 5 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
Abansal
1 year, 4 months ago

Information

0
ashok
1 year ago

Information

0
robdavies66
8 months, 1 week ago

Information

0
robdavies66
8 months ago

Information

0
ASRARMA
7 months, 1 week ago

Information

0
Mans
7 months ago

Data is an asset like other important business assets has value to an organization and consequently needs to be protected

1
Priyachoudhari
6 months, 3 weeks ago

Information

0
grosso62
2 months, 1 week ago

C. Information

0
grosso62
1 month, 4 weeks ago

C. Information

0
syma1970
2 weeks, 6 days ago

All of these are assets that an organization must protect.

0

Question 3

What is we do in ACT - From PDCA cycle

  • B. Take actions to continually improve process performance Most Votes
  • C. Take actions to continually monitor process performance
  • D. Take actions to continually improve people performance
Mark Question:
Answer:

B


User Votes:
B 64 votes
50%
C 11 votes
50%
D 6 votes
50%
Discussions
vote your answer:
B
C
D
0 / 1000
ashok
1 year ago

Take actions to continually improve process performance

0
ashok
1 year ago

Take actions to continually improve process performance

0
robdavies66
8 months, 1 week ago

Take actions to continually improve process performance

0
robdavies66
8 months ago

Take actions to continually improve process performance

0
ASRARMA
7 months, 1 week ago

B. Take actions to continually improve process performance

0
Mans
7 months ago

Take actions to continually improve process performance

0
Priyachoudhari
6 months, 3 weeks ago

Continuly improve process performance

0
grosso62
2 months, 1 week ago

B. Take actions to continually improve process performance

0
grosso62
1 month, 4 weeks ago

B. Take actions to continually improve process performance

0
syma1970
2 weeks, 6 days ago

The "Act" phase is where you standardize successful changes, or take corrective actions if the results were not as expected.

0

Question 4

Implement plan on a test basis - this comes under which section of PDCA

  • A. Plan
  • B. Do Most Votes
  • C. Act
  • D. Check
Mark Question:
Answer:

B


User Votes:
A 14 votes
50%
B 44 votes
50%
C 14 votes
50%
D 5 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
Abansal
1 year, 4 months ago

The answer is "DO"

0
ashok
1 year ago

Do Implement plan on a test basis

0
robdavies66
8 months, 1 week ago

The answer is B:Do

0
robdavies66
8 months ago

B. Do B. Do

0
ASRARMA
7 months, 1 week ago

the answer is B. Do

0
Mans
7 months ago

Check implement plan on a test basis

0
Priyachoudhari
6 months, 3 weeks ago

Do under pdca

0
grosso62
2 months, 1 week ago

This comes under section of PDCA Do

0
syma1970
2 weeks, 6 days ago

When you "implement a plan on a test basis," you are performing the "Do" portion of the PDCA

0

Question 5

Which is the glue that ties the triad together

  • A. Process Most Votes
  • B. People
  • C. Collaboration
  • D. Technology
Mark Question:
Answer:

A


User Votes:
A 37 votes
50%
B 12 votes
50%
C 17 votes
50%
D 10 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
Abansal
1 year, 4 months ago

Process is the glue that triad togather

0
ashok
1 year ago

Process is the glue that ties the triad together

0
robdavies66
8 months, 1 week ago

A Process

0
robdavies66
8 months ago

A, Process

0
ASRARMA
7 months, 1 week ago

A. Process

0
Priyachoudhari
6 months, 3 weeks ago

Process is a triad

0
grosso62
2 months, 1 week ago

A. Process

0
syma1970
2 weeks, 6 days ago

people are the essential element that makes the other parts of an information security system function. They are the "glue" that holds it all together.

0

Question 6

Who are allowed to access highly confidential files?

  • A. Employees with a business need-to-know
  • B. Contractors with a business need-to-know
  • C. Employees with signed NDA have a business need-to-know Most Votes
  • D. Non-employees designated with approved access and have signed NDA
Mark Question:
Answer:

C


User Votes:
A 11 votes
50%
B 2 votes
50%
C 50 votes
50%
D 8 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
Abansal
1 year, 4 months ago

Employee with signed NDA have a business need to know

0
ashok
1 year ago

Employees with signed NDA have a business need-to-know

0
ashok
1 year ago

Employees with signed NDA have a business need-to-know

0
robdavies66
8 months, 1 week ago

Employees with signed NDA have a business need-to-know

0
robdavies66
8 months ago

Employees with signed NDA have a business need-to-know

0
ASRARMA
7 months, 1 week ago

C. Employees with signed NDA have a business need-to-know

0
Priyachoudhari
6 months, 3 weeks ago

Employee with nda

0
grosso62
2 months, 1 week ago

C. Employees with signed NDA have a business need-to-know

0
syma1970
2 weeks, 6 days ago

while contractors and non-employees might have access in some cases, the core of the answer is employees that have a business need to know.

0

Question 7

Which is not a requirement of HR prior to hiring?

  • A. Undergo background verification
  • B. Applicant must complete pre-employment documentation requirements
  • C. Must undergo Awareness training on information security. Most Votes
  • D. Must successfully pass Background Investigation
Mark Question:
Answer:

C


User Votes:
A
50%
B 5 votes
50%
C 43 votes
50%
D 6 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
ashok
1 year ago

Must undergo Awareness training on information security.

0
robdavies66
8 months, 1 week ago

Must undergo Awareness training on information security

0
robdavies66
8 months ago

Must undergo Awareness training on information security.

0
ASRARMA
7 months, 1 week ago

Must undergo Awareness training on information security.

0
grosso62
2 months, 1 week ago

C. Must undergo Awareness training on information security.

0
syma1970
2 weeks, 6 days ago

Awareness training on information security is typically conducted after an individual is hired and becomes an employee.

0

Question 8

CMM stands for?

  • A. Capability Maturity Matrix
  • B. Capacity Maturity Matrix
  • C. Capability Maturity Model Most Votes
  • D. Capable Mature Model
Mark Question:
Answer:

C


User Votes:
A 8 votes
50%
B 5 votes
50%
C 39 votes
50%
D 2 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
Abansal
1 year, 4 months ago

Capacity Maturity Model

0
ashok
1 year ago

Capability Maturity Model

0
robdavies66
8 months, 1 week ago

Capability Maturity Model

0
robdavies66
8 months ago

Capability Maturity Model

0
ASRARMA
7 months, 1 week ago

Capability Maturity Model

0
grosso62
2 months, 1 week ago

C. Capability Maturity Model

0
syma1970
2 weeks, 6 days ago

CMM can also stand for "Coordinate Measuring Machine" in the field of metrology. 1 So the context of the question is very important. But in the context of software development process improvement, it is Capability Maturity Model

0

Question 9

In acceptable use of Information Assets, which is the best practice?

  • A. Access to information and communication systems are provided for business purpose only Most Votes
  • B. Interfering with or denying service to any user other than the employee's host
  • C. Playing any computer games during office hours
  • D. Accessing phone or network transmissions, including wireless or wifi transmissions
Mark Question:
Answer:

A


User Votes:
A 49 votes
50%
B 3 votes
50%
C 2 votes
50%
D 1 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
Abansal
1 year, 4 months ago

A is the answer

0
ashok
1 year ago

Access to information and communication systems are provided for business purpose only

0
robdavies66
8 months, 1 week ago

Access to information and communication systems are provided for business purpose only

0
robdavies66
8 months ago

Access to information and communication systems are provided for business purpose only

0
ASRARMA
7 months, 1 week ago

A. Access to information and communication systems are provided for business purpose only

0
grosso62
2 months, 1 week ago

A. Access to information and communication systems are provided for business purpose only

0
syma1970
2 weeks, 6 days ago

This principle aligns with the core idea of responsible and productive use of company resources. It minimizes risks, maximizes efficiency, and protects sensitive information.

0

Question 10

All are prohibited in acceptable use of information assets, except:

  • A. Electronic chain letters
  • B. E-mail copies to non-essential readers
  • C. Company-wide e-mails with supervisor/TL permission. Most Votes
  • D. Messages with very large attachments or to a large number ofrecipients.
Mark Question:
Answer:

C


User Votes:
A 7 votes
50%
B 10 votes
50%
C 33 votes
50%
D 5 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
ashok
1 year ago

Company-wide e-mails with supervisor/TL permission.

0
ashok
1 year ago

Company-wide e-mails with supervisor/TL permission.

0
robdavies66
8 months, 1 week ago

Company-wide e-mails with supervisor/TL permission

0
robdavies66
8 months ago

Company-wide e-mails with supervisor/TL permission

0
ASRARMA
7 months, 1 week ago

C. Company-wide e-mails with supervisor/TL permission.

0
grosso62
2 months, 1 week ago

C. Company-wide e-mails with supervisor/TL permission.

0
syma1970
2 weeks, 6 days ago

While company-wide emails should be used judiciously, they are sometimes necessary for important announcements or updates. With supervisor/TL permission, there is oversight and control.

0

Question 11

Information Security is a matter of building and maintaining ________ .

  • A. Confidentiality
  • B. Trust Most Votes
  • C. Protection
  • D. Firewalls
Mark Question:
Answer:

B


User Votes:
A 27 votes
50%
B 32 votes
50%
C 9 votes
50%
D 2 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
ashok
1 year ago

Information Security is a matter of building and maintaining Trust

0
robdavies66
8 months, 1 week ago

B. Trust trust

0
robdavies66
8 months ago

B trust b trust

0
robdavies66
8 months ago

B. Trust B. Trust

0
grosso62
2 months, 1 week ago

A. Confidentiality

0
cyber-auditor
1 month, 1 week ago

It has to be trust. If we choose confidentiality then its not only in the CIA TRIAD, rather integrity and availability would also need to be mentioned.

0

Question 12

Phishing is what type of Information Security Incident?

  • A. Private Incidents
  • B. Cracker/Hacker Attacks Most Votes
  • C. Technical Vulnerabilities
  • D. Legal Incidents
Mark Question:
Answer:

B


User Votes:
A 6 votes
50%
B 44 votes
50%
C 10 votes
50%
D 1 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
ashok
1 year ago

Cracker/Hacker Attacks

0
ashok
1 year ago

Cracker/Hacker Attacks

0
robdavies66
8 months, 1 week ago

Cracker/Hacker Attacks

0
robdavies66
8 months ago

Cracker/Hacker Attacks

0
robdavies66
8 months ago

Cracker/Hacker Attacks

0
ASRARMA
7 months, 1 week ago

B. Cracker/Hacker Attacks

0
grosso62
2 months, 1 week ago

B. Cracker/Hacker Attacks

0
syma1970
2 weeks, 6 days ago

Phishing is a social engineering attack used by malicious actors (crackers/hackers) to deceive individuals into revealing sensitive information.1 It's a method they employ to gain unauthorized access

0

Question 13

The following are the guidelines to protect your password, except: 

  • A. Don't use the same password for various company system security access
  • B. Do not share passwords with anyone Most Votes
  • C. For easy recall, use the same password for company and personal accounts Most Votes
  • D. Change a temporary password on first log-on
Mark Question:
Answer:

B,C


User Votes:
A 3 votes
50%
B 16 votes
50%
C 38 votes
50%
D 2 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
ashok
1 year ago

For easy recall, use the same password for company and personal accounts

0
robdavies66
8 months, 1 week ago

For easy recall, use the same password for company and personal accounts

0
robdavies66
8 months ago

For easy recall, use the same password for company and personal accounts

0
robdavies66
8 months ago

For easy recall, use the same password for company and personal accounts

0
maximea
4 months, 1 week ago

Utiliser le même mot de passe pour les comptes de l'entreprise et les comptes personnels n'est pas recommandé car cela augmente le risque de compromission de la sécurité.

0
grosso62
2 months, 1 week ago

D. Change a temporary password on first log-on

0
syma1970
2 weeks, 6 days ago

Using the same password across multiple accounts, especially company and personal, significantly increases the risk. If one account is compromised, all accounts using that password are vulnerable

0

Question 14

The following are purposes of Information Security, except:

  • A. Ensure Business Continuity
  • B. Minimize Business Risk
  • C. Increase Business Assets Most Votes
  • D. Maximize Return on Investment
Mark Question:
Answer:

C


User Votes:
A 1 votes
50%
B 7 votes
50%
C 35 votes
50%
D 24 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
ashok
1 year ago

Increase Business Assets

0
robdavies66
8 months, 1 week ago

Increase Business Assets

0
robdavies66
8 months ago

Increase Business Assets

0
robdavies66
8 months ago

Increase Business Assets

0
robdavies66
8 months ago

Increase Business Assets

0
ASRARMA
7 months, 1 week ago

C. Increase Business Assets

0
maximea
4 months, 1 week ago

n'est pas un objectif direct de la sécurité de l'information

0
grosso62
2 months, 1 week ago

D. Maximize Return on Investment

0

Question 15

Which of the following is not a type of Information Security attack?

  • A. Legal Incidents
  • B. Vehicular Incidents Most Votes
  • C. Technical Vulnerabilities
  • D. Privacy Incidents
Mark Question:
Answer:

B


User Votes:
A 7 votes
50%
B 40 votes
50%
C 4 votes
50%
D 4 votes
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000
Abansal
1 year, 4 months ago

Vehicular incident

0
Abansal
1 year, 4 months ago

Vehicular Incidents

0
ashok
1 year ago

Vehicular Incidents

0
robdavies66
8 months, 1 week ago

Vehicular Incidents

0
robdavies66
8 months, 1 week ago

Vehicular Incidents

0
robdavies66
8 months ago

Vehicular Incidents

0
robdavies66
8 months ago

Vehicular Incidents

0
robdavies66
8 months ago

Vehicular Incidents

0
ASRARMA
7 months, 1 week ago

B. Vehicular Incidents

0
ASK
6 months ago

Vehicular Incidents

0
maximea
4 months, 1 week ago

B. Vehicular Incidents

0
grosso62
2 months, 1 week ago

B. Vehicular Incidents

0
syma1970
2 weeks, 6 days ago

Vehicular incidents, while potentially disruptive, are not directly related to attacks on information systems or data.

0
To page 2