New Year Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: get65

PECB Updated ISO-IEC-27001-Lead-Implementer Exam Questions and Answers by isobelle

Page: 13 / 13

PECB ISO-IEC-27001-Lead-Implementer Exam Overview :

Exam Name: PECB Certified ISO/IEC 27001 : 2022 Lead Implementer exam
Exam Code: ISO-IEC-27001-Lead-Implementer Dumps
Vendor: PECB Certification: ISO 27001
Questions: 179 Q&A's Shared By: isobelle
Question 52

Scenario 8: SunDee is an American biopharmaceutical company, headquartered in California, the US. It specializes in developing novel human therapeutics, with a focus on cardiovascular diseases, oncology, bone health, and inflammation. The company has had an information security management system (ISMS) based on SO/IEC 27001 in place for the past two years. However, it has not monitored or measured the performance and effectiveness of its ISMS and conducted management reviews regularly

Just before the recertification audit, the company decided to conduct an internal audit. It also asked most of their staff to compile the written individual reports of the past two years for their departments. This left the Production Department with less than the optimum workforce, which decreased the company's stock.

Tessa was SunDee's internal auditor. With multiple reports written by 50 different employees, the internal audit process took much longer than planned, was very inconsistent, and had no qualitative measures whatsoever Tessa concluded that SunDee must evaluate the performance of the ISMS adequately. She defined SunDee's negligence of ISMS performance evaluation as a major nonconformity, so she wrote a nonconformity report including the description of the nonconformity, the audit findings, and recommendations. Additionally, Tessa created a new plan which would enable SunDee to resolve these issues and presented it to the top management

Based on the scenario above, answer the following question:

What caused SunDee's workforce disruption?

Options:

A.

The negligence of performance evaluation and monitoring and measurement procedures

B.

The inconsistency of reports written by different employees

C.

The voluminous written reports

Discussion
Question 53

Scenario 1: HealthGenic is a pediatric clinic that monitors the health and growth of individuals from infancy to early adulthood using a web-based medical software. The software is also used to schedule appointments, create customized medical reports, store patients' data and medical history, and communicate with all the [^involved parties, including parents, other physicians, and the medical laboratory staff.

Last month, HealthGenic experienced a number of service interruptions due to the increased number of users accessing the software Another issue the company faced while using the software was the complicated user interface, which the untrained personnel found challenging to use.

The top management of HealthGenic immediately informed the company that had developed the software about the issue. The software company fixed the issue; however, in the process of doing so, it modified some files that comprised sensitive information related to HealthGenic's patients. The modifications that were made resulted in incomplete and incorrect medical reports and, more importantly, invaded the patients' privacy.

Intrinsic vulnerabilities, such as the______________ are related to the characteristics of the asset. Refer to scenario 1.

Options:

A.

Software malfunction

B.

Service interruptions

C.

Complicated user interface

Discussion
Page: 13 / 13

ISO-IEC-27001-Lead-Implementer
PDF

$36.75  $104.99

ISO-IEC-27001-Lead-Implementer Testing Engine

$43.75  $124.99

ISO-IEC-27001-Lead-Implementer PDF + Testing Engine

$57.75  $164.99