Create Next App

pecb LEAD_IMPLEMENTER

Exam contains 66 questions

Page 7 of 11

Question 37 🔥

“The ISMS covers all departments within Company XYZ that have access to customers’ data. The purpose of the ISMS is to ensure the confidentiality, integrity, and availability of customers’ data, and ensure compliance with the applicable regulatory requirements regarding information security.” What does this statement describe?

Which database solution meets these requirements?

B. The organizational boundaries of the ISMS scope

Highly voted

C. The physical boundary of the ISMS scope

Highly voted

A. The information systems boundary of the ISMS scope

Highly voted

Discussion of the question

Question 38 🔥

An organization has justified the exclusion of control 5.18 Access rights of ISO/IEC 27001 in the Statement of Applicability (SoA) as follows: “An access control reader is already installed at the main entrance of the building.” Which statement is correct?

Which database solution meets these requirements?

B. The justification is not acceptable, because it does not reflect the purpose of control 5.18

Highly voted

C. The justification is not acceptable because it does not indicate that it has been selected based on the risk assessment results

Highly voted

A. The justification for the exclusion of a control is not required to be included in the SoA

Highly voted

Discussion of the question

Question 39 🔥

Which statement is an example of risk retention?

Which database solution meets these requirements?

A. An organization has decided to release the software even though some minor bugs have not been fixed yet

Highly voted

B. An organization has implemented a data loss protection software

Highly voted

C. An organization terminates work in the construction site during a severe storm

Highly voted

Discussion of the question

Question 40 🔥

Which option below should be addressed in an information security policy?

Which database solution meets these requirements?

A. Actions to be performed after an information security incident

Highly voted

B. Legal and regulatory obligations imposed upon the organization

Highly voted

C. The complexity of information security processes and their interactions

Highly voted

Discussion of the question

Question 41 🔥

Which approach should organizations use to implement an ISMS based on ISO/IEC 27001?

Which database solution meets these requirements?

A. An approach that is suitable for organization’s scope

Highly voted

B. Any approach that enables the ISMS implementation within the 12 month period

Highly voted

C. Only the approach provided by the standard

Highly voted

Discussion of the question

Question 42 🔥

What risk treatment option has Company A implemented if it has required from its employees the change of email passwords at least once every 60 days?

Which database solution meets these requirements?

A. Risk modification

Highly voted

B. Risk avoidance

Highly voted

C. Risk retention

Highly voted

Discussion of the question

Ready to Pass Your Certification Test

pecb LEAD_IMPLEMENTER

Exam contains 66 questions

Lorem ipsum dolor sit amet consectetur. Eget sed turpis aenean sit aenean. Integer at nam ullamcorper a.

Company

Product

Resources

Follow us