ISO 27001 Quiz

TRUE

FALSE

TRUE

FALSE

TRUE

FALSE

TRUE

FALSE

A. A document presenting results to be achieved in information security

B. Intentions and direction of an organization about information security, as formally expressed by its top management

C. A high level document that affects the whole organization and defines security roles and responsibilities

D. A set of information security procedures that work together to address risks

A. Identification, Evaluation, Analysis, Treatment

B. Identification, Analysis, Evaluation

C. Identification, Response, Evaluation

D. Identification, Analysis, Evaluation, Treatment

A. A strong password compliant with NIST’s recommendations

B. A passphrase in more than 22 characters

C. Something biometric, no matter what

D. A password and your finger, for instance

A. Always

B. When the related area contains either sensitive or critical information and information processing facilities

C. When the related area contains sensitive information and information processing facilities

D. When the related area contains critical information and information processing facilities

A. Security through environmental design

B. Security through behavior

C. Security through controls

D. Security through prevention, protection and resilience

A. The information security policy

B. Their role during an information security incident impacting their own availability

C. Their roles and responsibilities

D. The nature and importance of the risk assessment result