PECB ISO-IEC-27001-Lead-Implementer Exam - Topic 6 Question 4 Discussion

Actual exam question for PECB's ISO-IEC-27001-Lead-Implementer exam

Question #: 4
Topic #: 6

[All ISO-IEC-27001-Lead-Implementer Questions]

What is the ISO / IEC 27002 standard?

AIt is a guide of good practices that describes the control objectives and recommended controls regarding information security.

BIt is a guide that focuses on the critical aspects necessary for the successful design and implementation of an ISMS in accordance with ISO / IEC 27001

CIt is a guide for the development and use of applicable metrics and measurement techniques to determine the effectiveness of an ISMS and the controls or groups of controls implemented according to ISO / IEC 27001.

Show Suggested Answer

Suggested Answer: A

by Ligia at May 10, 2022, 02:30 AM

Limited Time Offer

25%

Off

Get Premium ISO-IEC-27001-Lead-Implementer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Barb

7 months ago

Definitely a must-read for anyone in the field!

upvoted 0 times

...

Linwood

7 months ago

I thought it was just a checklist, but it's deeper than that!

upvoted 0 times

...

Minna

7 months ago

Wait, isn't it more about metrics and effectiveness?

upvoted 0 times

...

Madelyn

7 months ago

Totally agree, it's essential for ISMS!

upvoted 0 times

...

Lashon

7 months ago

It's all about good practices for info security!

upvoted 0 times

...

Louann

8 months ago

I practiced a question similar to this, and I think it was about the controls and objectives, so I’m leaning towards option A being the correct answer.

upvoted 0 times

...

Aileen

8 months ago

I feel like option A sounds right, but I also recall something about metrics in ISO/IEC 27002. Was that part of it or just in the context of ISO/IEC 27001?

upvoted 0 times

...

Gerald

8 months ago

I remember studying that it provides guidance on control objectives, but I might be mixing it up with ISO/IEC 27001, which is more about the ISMS design.

upvoted 0 times

...

Avery

8 months ago

I think ISO/IEC 27002 is about good practices for information security controls, but I'm not entirely sure if it also covers implementation aspects.

upvoted 0 times

...

Alisha

8 months ago

Hmm, this one seems straightforward. I'm pretty sure the missing word is "Process" since that's the typical middle part of the SIPOC acronym.

upvoted 0 times

...

William

8 months ago

Hmm, this is a tricky one. I want to make sure I understand the requirements fully before selecting an answer. Let me re-read the question and think through the implications of each choice.

upvoted 0 times

...

Sabra

8 months ago

I'm leaning towards A. It feels safer to step back from the decision rather than risk the perception of conflict, but I'm not completely confident.

upvoted 0 times

...