• Home
  • Articles
  • Get Latest Oct-2021 Conduct effective penetration tests using VCETorrent ISO-IEC-LI exam [Q19-Q41]

Get Latest Oct-2021 Conduct effective penetration tests using VCETorrent ISO-IEC-LI exam [Q19-Q41]

Share

Get Latest [Oct-2021] Conduct effective penetration tests using  VCETorrent ISO-IEC-LI

Penetration testers simulate ISO-IEC-LI exam PDF

NEW QUESTION 19
Peter works at the company Midwest Insurance. His manager, Linda, asks him to send the terms and conditions for a life insurance policy to Rachel, a client. Who determines the value of the information in the insurance terms and conditions document?

  • A. The person who drafted the insurance terms and conditions
  • B. The manager, Linda
  • C. The recipient, Rachel
  • D. The sender, Peter

Answer: C

 

NEW QUESTION 20
An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry date of a contract with one of the clients is earlier than the start date. What type of measure could prevent this error?

  • A. Integrity measure
  • B. Availability measure
  • C. Technical measure
  • D. Organizational measure

Answer: C

 

NEW QUESTION 21
Which of the following measures is a corrective measure?

  • A. Restoring a backup of the correct database after a corrupt copy of the database was written over the original
  • B. Installing a virus scanner in an information system
  • C. Incorporating an Intrusion Detection System (IDS) in the design of a computer center
  • D. Making a backup of the data that has been created or altered that day

Answer: A

 

NEW QUESTION 22
Physical labels and ________ are two common forms of labeling which are mentioned in ISO 27002.

  • A. metadata
  • B. bridge
  • C. teradata

Answer: A

 

NEW QUESTION 23
One of the ways Internet of Things (IoT) devices can communicate with each other (or 'the outside world') is using a so-called short-range radio protocol. Which kind of short-range radio protocol makes it possible to use your phone as a credit card?

  • A. Radio Frequency Identification (RFID)
  • B. The 4G protocol
  • C. Bluetooth
  • D. Near Field Communication (NFC)

Answer: D

 

NEW QUESTION 24
Select risk control activities for domain "10. Encryption" of ISO / 27002: 2013 (Choose two)

  • A. Physical security perimeter
  • B. Work in safe areas
  • C. Cryptographic Controls Use Policy
  • D. Key management

Answer: C,D

 

NEW QUESTION 25
The identified owner of an asset is always an individual

  • A. False
  • B. True

Answer: A

 

NEW QUESTION 26
Which of the following measures is a preventive measure?

  • A. Putting sensitive information in a safe
  • B. Installing a logging system that enables changes in a system to be recognized
  • C. Classifying a risk as acceptable because the cost of addressing the threat is higher than the value of the information at risk
  • D. Shutting down all internet traffic after a hacker has gained access to the company systems

Answer: A

 

NEW QUESTION 27
Who is accountable to classify information assets?

  • A. the asset owner
  • B. the CISO
  • C. the CEO
  • D. the Information Security Team

Answer: A

 

NEW QUESTION 28
What do employees need to know to report a security incident?

  • A. Whether the incident has occurred before and what was the resulting damage.
  • B. Who is responsible for the incident and whether it was intentional.
  • C. How to report an incident and to whom.
  • D. The measures that should have been taken to prevent the incident in the first place.

Answer: C

 

NEW QUESTION 29
Companies use 27002 for compliance for which of the following reasons:

  • A. Compliance with ISO 27002 is sufficient to comply with all regulations
  • B. A structured program that helps with security and compliance
  • C. Explicit requirements for all regulations

Answer: B

 

NEW QUESTION 30
ISO 27002 provides guidance in the following area

  • A. Detailed lists of required policies and procedures
  • B. Information handling recommendations
  • C. PCI environment scoping
  • D. Framework for an overall security and compliance program

Answer: D

 

NEW QUESTION 31
What is an example of a security incident?

  • A. The lighting in the department no longer works.
  • B. A file is saved under an incorrect name.
  • C. A member of staff loses a laptop.
  • D. You cannot set the correct fonts in your word processing software.

Answer: C

 

NEW QUESTION 32
Select the controls that correspond to the domain "9. ACCESS CONTROL" of ISO / 27002 (Choose three)

  • A. Restriction of access to information
  • B. Return of assets
  • C. Withdrawal or adaptation of access rights
  • D. Management of access rights with special privileges

Answer: A,B,C

 

NEW QUESTION 33
You are the owner of a growing company, SpeeDelivery, which provides courier services. You decide that it is time to draw up a risk analysis for your information system. This includes an inventory of threats and risks.
What is the relation between a threat, risk and risk analysis?

  • A. A risk analysis is used to clarify which threats are relevant and what risks they involve.
  • B. A risk analysis identifies threats from the known risks.
  • C. A risk analysis is used to remove the risk of a threat.
  • D. Risk analyses help to find a balance between threats and risks.

Answer: A

 

NEW QUESTION 34
You are the owner of the courier company SpeeDelivery. You have carried out a risk analysis and now want to determine your risk strategy. You decide to take measures for the large risks but not for the small risks. What is this risk strategy called?

  • A. Risk passing
  • B. Risk bearing
  • C. Risk avoiding
  • D. Risk neutral

Answer: D

 

NEW QUESTION 35
What is the most important reason for applying the segregation of duties?

  • A. Segregation of duties makes it easier for a person who is ready with his or her part of the work to take time off or to take over the work of another person.
  • B. Segregation of duties makes it clear who is responsible for what.
  • C. Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.
  • D. Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.

Answer: C

 

NEW QUESTION 36
Midwest Insurance grades the monthly report of all claimed losses per insured as confidential. What is accomplished if all other reports from this insurance office are also assigned the appropriate grading?

  • A. Everyone can easily see how sensitive the reports' contents are by consulting the grading label.
  • B. A determination can be made as to which report should be printed first and which ones can wait a little longer.
  • C. The costs for automating are easier to charge to the responsible departments.
  • D. Reports can be developed more easily and with fewer errors.

Answer: A

 

NEW QUESTION 37
What is the best way to comply with legislation and regulations for personal data protection?

  • A. Maintaining an incident register
  • B. Appointing the responsibility to someone
  • C. Performing a vulnerability analysis
  • D. Performing a threat analysis

Answer: B

 

NEW QUESTION 38
You apply for a position in another company and get the job. Along with your contract, you are asked to sign a code of conduct. What is a code of conduct?

  • A. A code of conduct is a standard part of a labor contract.
  • B. A code of conduct differs from company to company and specifies, among other things, the rules of behavior with regard to the usage of information systems.
  • C. A code of conduct specifies how employees are expected to conduct themselves and is the same for all companies.

Answer: B

 

NEW QUESTION 39
......

Tested Material Used To ISO-IEC-LI Test Engine: https://www.vcetorrent.com/ISO-IEC-LI-valid-vce-torrent.html

 

Related Articles

more
GAQM ISO-IEC-LI Certification Practice Exam

Contact Us

Our Working Time: ( GMT 0:00-15:00 )   From Monday to Saturday

Contact now

Our high-quality valid VCE PDF materials & dumps torrent files guarantee you pass exam 100% for sure. Our reliable exam torrent will be the best help for your exams and will give you a new start, a new life.

Disclaimer:
VCETorrent doesn't offer Real Lenovo Exam Questions.
VCETorrent does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. VCETorrent does not own or claim any ownership on any of the brands.

Copyright © 2026 VCETorrent NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy