Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70track

Free PECB ISO-IEC-27002-Foundation Practice Exam with Questions & Answers

Questions 1

An organization has established and maintains contact with special interest groups with which it shares and obtains information about security threats, vulnerabilities, trends, etc. Based on ISO/IEC 27002, is this a good practice?

Options:
A.

No, organizations should avoid sharing or exchanging information about new threats or vulnerabilities

B.

No, organizations should share such information only with the authorities

C.

Yes, it is recommended for organizations to establish and maintain contact with special interest groups regarding security threats, trends, etc.

PECB ISO-IEC-27002-Foundation Premium Access
Questions 2

Which control of ISO/IEC 27002 aims to ensure the correct and secure operation of information processing facilities?

Options:
A.

Control 7.2 Physical entry

B.

Control 5.37 Documented operating procedures

C.

Control 5.35 Independent review of information security

Questions 3

What is a PII controller?

Options:
A.

A natural person to whom the PII relates

B.

A privacy stakeholder that determines the purpose and means for processing PII besides individuals who use data for personal purposes

C.

A privacy stakeholder that handles PII on behalf of and in accordance with the instructions of a PII controller

Questions 4

What, among others, should be considered when using cryptography?

Options:
A.

The roles and responsibilities for the key management

B.

Security checkpoints in projects

C.

Restricting and filtering systems connection to the network

Questions 5

Which of the following controls aims to protect the production environment and data?

Options:
A.

Control 5.13 Labelling of information

B.

Control 8.31 Separation of development, testing and operational environments

C.

Control 6.6 Confidentiality or non-disclosure agreements

Questions 6

Which statement below describes the principle of confidentiality?

Options:
A.

Property that information is not made available or disclosed to unauthorized individuals, entities, or processes

B.

Property of accuracy and completeness

C.

Property of being accessible and usable upon demand by an authorized entity

Questions 7

What does information security determine?

Options:
A.

What information needs to be protected and why it should be protected

B.

How to protect information and what to protect it from

C.

Both A and B

Questions 8

According to Control 5.27 Learning from information security incidents, how can organizations use the information gained from the evaluation of information security incidents?

Options:
A.

To enhance user awareness and training

B.

Both A and C

C.

To enhance the incident management plan

Questions 9

What should the organization do with regard to the information security roles and responsibilities of an employee who is leaving or changing the job role?

Options:
A.

It should identify and transfer them to another employee

B.

It should document them in the termination of employment policy

C.

It should outsource them to an external party

Questions 10

Which control of ISO/IEC 27002 helps organizations ensure that employees and contractors are suitable for their roles?

Options:
A.

Control 6.1 Screening

B.

Control 6.4 Disciplinary process

C.

Control 6.7 Remote working

Certification Provider: PECB
Exam Name: ISO/IEC 27002 Foundation Exam
Last Update: Jul 14, 2026
Questions: 40
PDF + Testing Engine
$164.99
$49.5
Testing Engine
$124.99
$37.5
PDF (Q&A)
$104.99
$31.5