PECB iso iec 27001 lead auditor practice test

Exam Title: ISO/IEC 27001 Lead Auditor Exam

Last update: Dec 29 ,2025
Question 1

An employee caught with offense of abusing the internet, such as P2P file sharing or video/audio
streaming, will not receive a warning for committing such act but will directly receive an IR.

  • A. True
  • B. False
Answer:

A


vote your answer:
A
B
A 1 B 1
Comments
Question 2

We can leave laptops during weekdays or weekends in locked bins.

  • A. True
  • B. False
Answer:

B


vote your answer:
A
B
A 1 B 1
Comments
Question 3

Access Control System, CCTV and security guards are form of:

  • A. Environment Security
  • B. Access Control
  • C. Physical Security
  • D. Compliance
Answer:

C


vote your answer:
A
B
C
D
A 0 B 0 C 1 D 0
Comments
Question 4

Which of the following does a lack of adequate security controls represent?

  • A. Asset
  • B. Vulnerability
  • C. Impact
  • D. Threat
Answer:

B


vote your answer:
A
B
C
D
A 0 B 1 C 0 D 1
Comments
Question 5

Four types of Data Classification (Choose two)

  • A. Restricted Data, Confidential Data
  • B. Project Data, Highly Confidential Data
  • C. Financial Data, Highly Confidential Data
  • D. Unrestricted Data, Highly Confidential Data
Answer:

A,D


vote your answer:
A
B
C
D
A 1 B 0 C 0 D 1
Comments
Question 6

Which of the following is an information security management system standard published by the
International Organization for Standardization?

  • A. ISO9008
  • B. ISO27001
  • C. ISO5501
  • D. ISO22301
Answer:

B


vote your answer:
A
B
C
D
A 0 B 1 C 0 D 0
Comments
Question 7

What type of legislation requires a proper controlled purchase process?

  • A. Personal data protection act 
  • B. Computer criminality act 
  • C. Government information act 
  • D. Intellectual property rights act
Answer:

D


vote your answer:
A
B
C
D
A 0 B 0 C 0 D 1
Comments
Question 8

What is a definition of compliance? 

  • A. Laws, considered collectively or the process of making or enacting laws 
  • B. The state or fact of according with or meeting rules or standards
  • C. An official or authoritative instruction 
  • D. A rule or directive made and maintained by an authority.
Answer:

B


vote your answer:
A
B
C
D
A 0 B 1 C 0 D 1
Comments
Question 9

What type of compliancy standard, regulation or legislation provides a code of practice for
information security?

  • A. ISO/IEC 27002 
  • B. Personal data protection act
  • C. Computer criminality act
  • D. IT Service Management
Answer:

A


vote your answer:
A
B
C
D
A 1 B 0 C 0 D 0
Comments
Question 10

Why do we need to test a disaster recovery plan regularly, and keep it up to date?

  • A. Otherwise the measures taken and the incident procedures planned may not be adequate
  • B. Otherwise it is no longer up to date with the registration of daily occurring faults
  • C. Otherwise remotely stored backups may no longer be available to the security team 
Answer:

A


vote your answer:
A
B
C
A 1 B 1 C 0
Comments
Page 1 out of 9
Viewing questions 1-10 out of 100
Go To
page 2