CertiProf Certified ISO/IEC 27001:2022 Foundation

QUESTION NO: 1
What does ISO/IEC 27001:2022 require in order for top management to demonstrate leadership and commitment with respect to the Information Security Management System?

A. Hiring a consultancy to determine the best way to do it B. Appointing a volunteer to be responsible for the Information Security Management System C. Nothing is required D. Ensuring that the information security policy and information security objectives are established and are compatible with the strategic direction of the organization

Correct Answer: D

QUESTION NO: 2
Which of the following must be included in the ISMS policy?

A. A commitment to continual improvement of the ISMS B. The result of a gap analysis C. The certificate from previous audits D. The deadline for ISMS implementation

Correct Answer: A

Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).

QUESTION NO: 3
In ISO/IEC 27001:2022, what does the information security risk assessment process refer to?

A. Identifying risk owners B. Identifying information security risks C. Establishing and maintaining information security risk criteria D. All of the above

Correct Answer: D

Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).

QUESTION NO: 4
Which statement describes the difference between ISO/IEC 27001:2022 and ISO/IEC 27002:2022?

A. ISO/IEC 27001:2022 contains mandatory requirements, while ISO/IEC 27002:2022 provides guidance on information security controls B. ISO/IEC 27002:2022 provides guidance on measurement, and ISO/IEC 27001:2022 provides guidance on information security controls C. ISO/IEC 27002:2022 contains mandatory requirements, while ISO/IEC 27001:2022 provides guidance on information security controls D. ISO/IEC 27002:2022 provides mandatory requirements for a risk management approach, and ISO/IEC
27001:2022 contains mandatory requirements for an ISMS

Correct Answer: A

Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).

QUESTION NO: 5
What are the phases of the PDCA cycle?

A. Plan, Validate, Verify, Act B. Plan, Do, Check, Act C. Propose, Do, Validate, Act D. Plan, Do, Verify, Assure

Correct Answer: B

Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).

CertiProf Certified ISO/IEC 27001:2022 Foundation - I27001F Exam Questions