Available Number of Questions: Maximum of
40 Questions
Exam Name: ISO/IEC 27002 Foundation Exam
Related Certification(s):
PECB ISO/IEC 27002 Certification Certification
PECB ISO-IEC-27002-Foundation Exam Topics - You’ll Be Tested in Actual Exam
I can tell you what surprises people on this exam. It is not a memory contest. It keeps pushing you to show you understand the intent of ISO IEC 27002 controls and when a given control theme is the right answer, especially when the scenario is worded to tempt you into picking a tool or a policy that sounds familiar. You are tested on the structure of the guidance and the way control topics fit together, so you need to recognize how organizational and people related controls connect to physical and technological controls when risk shows up in a real work setting. Some questions feel like common sense, but they are really checking whether you can separate governance level choices from day to day operational actions and whether you can spot the difference between preventive, detective, and corrective thinking without being handed those labels. Candidates often trip up when two answers are both true in general, yet only one matches the control objective that ISO IEC 27002 is pointing at, so reading for scope matters more than speed. If you prepare by practicing short justifications in your head for why a control belongs to a theme and what problem it addresses, you will start seeing the pattern in the distractors and you will answer with more confidence under time pressure.
PECB ISO-IEC-27002-Foundation Exam Short Quiz
Attempt this PECB ISO-IEC-27002-Foundation exam quiz to self-assess your preparation for the actual PECB ISO/IEC 27002 Foundation Exam . CertBoosters also provides premium PECB ISO-IEC-27002-Foundation exam questions to pass the PECB ISO/IEC 27002 Foundation Exam in the shortest possible time. Be sure to try our free practice exam software for the PECB ISO-IEC-27002-Foundation exam.
Some employees of an organization find the data processing procedures complicated and have been struggling to follow them effectively. Which of the following threats is the organization facing in this case?
○
AData input error by employees
○
BHacking
○
CInformation theft
PECBISO-IEC-27002-Foundation
Q2:
According to Control 5.27 Learning from information security incidents, how can organizations use the information gained from the evaluation of information security incidents?
○
ATo enhance user awareness and training
○
BBoth A and C
○
CTo enhance the incident management plan
PECBISO-IEC-27002-Foundation
Q3:
How can organizations manage the security of large networks?
○
ABy dividing networks into separate network domains and separating them from the public network
○
BBy dividing networks into separate network domains and including them into the public network
○
CBy avoiding the integration of information services, users, and information systems into large networks
PECBISO-IEC-27002-Foundation
Q4:
According to Control 5.1 Policies for information security, regarding which of the following, among others, should an information security policy contain statements?
○
ARegarding the procedures for recovering from a data breach
○
BRegarding the procedures for handling exemptions and exceptions
○
CRegarding the procedures for using automated information systems
PECBISO-IEC-27002-Foundation
Q5:
Company A has configured its employees' browsers to block the IP address of malicious websites. Which information security control has been implemented by Company A?
