New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

PECB ISO-IEC-27001-Lead-Implementer Exam - Topic 4 Question 29 Discussion

Actual exam question for PECB's ISO-IEC-27001-Lead-Implementer exam
Question #: 29
Topic #: 4
[All ISO-IEC-27001-Lead-Implementer Questions]

Scenario 2: Beauty is a cosmetics company that has recently switched to an e-commerce model, leaving the traditional retail. The top management has decided to build their own custom platform in-house and outsource the payment process to an external provider operating online payments systems that support online money transfers.

Due to this transformation of the business model, a number of security controls were implemented based on the identified threats and vulnerabilities associated to critical assets. To protect customers' information. Beauty's employees had to sign a confidentiality agreement. In addition, the company reviewed all user access rights so that only authorized personnel can have access to sensitive files and drafted a new segregation of duties chart.

However, the transition was difficult for the IT team, who had to deal with a security incident not long after transitioning to the e commerce model. After investigating the incident, the team concluded that due to the out-of-date anti-malware software, an attacker gamed access to their files and exposed customers' information, including their names and home addresses.

The IT team decided to stop using the old anti-malware software and install a new one which would automatically remove malicious code in case of similar incidents. The new software was installed in every workstation within the company. After installing the new software, the team updated it with the latest malware definitions and enabled the automatic update feature to keep it up to date at all times. Additionally, they established an authentication process that requires a user identification and password when accessing sensitive information.

In addition, Beauty conducted a number of information security awareness sessions for the IT team and other employees that have access to confidential information in order to raise awareness on the importance of system and network security.

Based on the scenario above, answer the following question:

Which situation described in scenario 2 Indicates service unavailability?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Helene at Feb 07, 2024, 02:57 PM

Limited Time Offer

25%

Off

Get Premium ISO-IEC-27001-Lead-Implementer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Cletus
3 months ago
Wow, I didn't expect outdated software to cause such a big mess!
upvoted 0 times
...
Jeanice
3 months ago
Changing passwords weekly seems excessive, not a service outage though.
upvoted 0 times
...
Cecilia
3 months ago
I agree, option A shows service unavailability for sure.
upvoted 0 times
...
Dianne
4 months ago
Wait, are we sure it was just a password problem?
upvoted 0 times
...
Sherill
4 months ago
Sounds like Lucas couldn't log in, that's a clear service issue.
upvoted 0 times
...
Talia
4 months ago
I feel like option C is more about security protocols rather than unavailability, but I could be wrong.
upvoted 0 times
...
Dexter
4 months ago
I practiced a similar question about user access issues, and I think option A makes the most sense for service unavailability.
upvoted 0 times
...
Pansy
4 months ago
I'm not entirely sure, but option B might indicate a problem too, since if attackers had access, it could mean the service was compromised.
upvoted 0 times
...
Quentin
5 months ago
I remember discussing service unavailability in class, and it seems like option A could be a good choice since Lucas couldn't access the website.
upvoted 0 times
...
Zack
5 months ago
Okay, I think I've got it. The scenario mentions that the IT team had to deal with a security incident not long after transitioning to the e-commerce model. That disruption to their systems and services is likely the situation they're asking about.
upvoted 0 times
...
Estrella
5 months ago
I'm a bit confused by the wording of the answer choices. None of them seem to directly match the details in the scenario. I'll need to carefully re-read and think through how the different events could relate to service unavailability.
upvoted 0 times
...
Cordell
5 months ago
The scenario also talks about implementing new security controls like confidentiality agreements and access restrictions. I wonder if any of those changes could have caused service issues for customers or employees.
upvoted 0 times
...
Corinne
5 months ago
Hmm, the scenario mentions a security incident where an attacker gained access to customer information due to outdated anti-malware software. That sounds like a potential service disruption, but I'm not sure if that's the right answer.
upvoted 0 times
...
Elke
5 months ago
This question is asking about service unavailability, so I'll need to look for any situations in the scenario that indicate the service was not available to users.
upvoted 0 times
...
Cyndy
5 months ago
Okay, I think I've got a handle on this. Based on the information provided, Hank's assurances about the project timescales seem to be a clear case of fraudulent misrepresentation. He made claims without any real investigation into their viability, which is a classic example of this legal concept.
upvoted 0 times
...
Stefan
5 months ago
Okay, I've got this. The question is asking about what can be added to the software model lifecycle, so I'll need to pick the option that best describes that. I think I know the right answer here.
upvoted 0 times
...
Carlee
5 months ago
This seems like a straightforward question about the purpose of key risk indicators. I'll focus on identifying the primary purpose, which is likely to detect potential future risks.
upvoted 0 times
...
Nadine
10 months ago
Haha, Lucas better not be changing his password weekly. That's just a recipe for post-it note chaos! But in all seriousness, this question is testing our understanding of the security measures, not service availability.
upvoted 0 times
Freeman
9 months ago
C) Lucas was asked to change his password weekly
upvoted 0 times
...
Laticia
9 months ago
I agree, that situation indicates a breach in security rather than service unavailability.
upvoted 0 times
...
Marcelle
9 months ago
B) Attackers still had access to the data when Solena delivered a press release
upvoted 0 times
...
Lacey
9 months ago
Yeah, changing passwords weekly can be a hassle. But I think the answer is B) Attackers still had access to the data when Solena delivered a press release.
upvoted 0 times
...
Portia
9 months ago
A) Lucas was no! able to access the website with his credentials
upvoted 0 times
...
Lajuana
10 months ago
C) Lucas was asked to change his password weekly
upvoted 0 times
...
Margot
10 months ago
B) Attackers still had access to the data when Solena delivered a press release
upvoted 0 times
...
Deandrea
10 months ago
A) Lucas was no! able to access the website with his credentials
upvoted 0 times
...
...
Lou
10 months ago
Hmm, this is a tricky one. I don't see any mention of service unavailability in the scenario. It's all about data protection and security controls. The answers seem to be focused on other security-related issues.
upvoted 0 times
...
Deja
11 months ago
I'm not sure about that. Maybe situation B also indicates service unavailability because attackers still had access to the data.
upvoted 0 times
...
Joseph
11 months ago
You're right, this question doesn't seem to be about service availability. It's more about the security measures put in place and the security incident that occurred. None of the answer choices appear to be related to service unavailability.
upvoted 0 times
Christa
10 months ago
The focus is on protecting customer information and preventing security breaches.
upvoted 0 times
...
Nikita
10 months ago
Lucas changing his password weekly doesn't really relate to service availability.
upvoted 0 times
...
Abel
10 months ago
It's more about the security measures and the incident that happened.
upvoted 0 times
...
Cherri
10 months ago
I agree, none of the answer choices seem to indicate service unavailability.
upvoted 0 times
...
...
Annelle
11 months ago
I agree with Mireya. If Lucas couldn't access the website, then it means the service was unavailable.
upvoted 0 times
...
Mireya
11 months ago
I think situation A indicates service unavailability because Lucas couldn't access the website.
upvoted 0 times
...
Miles
11 months ago
I don't think any of the situations described indicate service unavailability. The scenario seems to focus more on data breaches and security measures rather than service outages.
upvoted 0 times
...

Save Cancel