GIAC Certified ISO-27000 Specialist: G2700 Exam
G2700 Questions & Answers
Exam Code: G2700
Exam Name: GIAC Certified ISO-27000 Specialist
Q & A: 453 Q&As
QUESTION NO: 1
Mark works as a Network Security Administrator for Lead2pass Inc. An employee of the
organization comes to Mark and tells him that a few months ago, the employee had filled an online
bank form due to some account related work. Today, when again visiting the site, the employee
finds that some of his personal information is still being displayed in the webpage. Which of the
following types of cookies should be disabled by Mark to resolve the issue?
A. Session
B. Temporary
C. Secure
D. Persistent
Answer: D
QUESTION NO: 2
You work as an Information Security Manager for Lead2pass Inc. You are working on the
documentation of control A.10.1.1. What is the purpose of control A.10.1.1?
A. It is concerned with the documentation of the human resource security to make recruitments
clear to the organization.
B. It is concerned with the documentation of the supply chain management.
C. It is concerned with the documentation of operating procedures to ensure the correct and
secure use of information processing facilities.
D. It is concerned with the documentation of the disaster recovery management to ensure proper
backup technologies.
Answer: C
QUESTION NO: 3
Mark works as a Network Security Administrator for Lead2pass Inc. He has been assigned the
task of installing a MySQL server. Mark wants to monitor only the data that is directed to or
originating from the server and he also wants to monitor running processes, file system access
and integrity, and user logins for identifying malicious activities. Which of the following intrusion
detection techniques will Mark use to accomplish the task?
A. Network-based IDS
B. Signature-based IDS
C. Anomaly-based IDS
D. Host-based IDS
Answer: D
QUESTION NO: 4
Which of the following are the exceptions of the Data Protection Act?
Each correct answer represents a complete solution. Choose all that apply.
A. Section 36 – Domestic purposes
B. Section 28 – National security
C. Section 55 – Unlawful obtaining of personal data
D. Section 29 – Crime and taxation
Answer: A,B,D
QUESTION NO: 5
Which of the following statements are true about security risks?
Each correct answer represents a complete solution. Choose three.
A. These are considered as an indicator of threats coupled with vulnerability.
B. These can be removed completely by taking proper actions.
C. These can be mitigated by reviewing and taking responsible actions based on possible risks.
D. These can be analyzed and measured by the risk analysis process.
Answer: A,C,D
QUESTION NO: 6
A project plan includes the Work Breakdown Structure (WBS) and cost estimates. Which of the
following are the parts of a project plan?
Each correct answer represents a complete solution. Choose all that apply.
A. Risk identification
B. Security Threat
C. Project schedule
D. Team members list
E. Risk analysis
Answer: A,C,D,E
QUESTION NO: 7
Which of the following are the basics of Business Continuity Management?
Each correct answer represents a complete solution. Choose all that apply.
A. Implementation of a risk assessment technique to identify the causes and consequences of
failures
B. Regular checking of business continuity plans
C. Identification of authentication techniques according to the requirements
D. Identification of human resources according to the requirements
Answer: A,B,D
QUESTION NO: 8
Which of the following controls are administrative in nature?
A. Directive controls
B. Recovery controls
C. Preventive controls
D. Detective controls
Answer: A
QUESTION NO: 9
Fill in the blank with an appropriate phrase.
_________accord describes the minimum regulatory capital to be allocated by each bank based
on its risk profile of assets.
Answer: Basel ll
QUESTION NO: 10
You work as an Information Security Officer for Lead2pass Inc. You need to create an asset
management plan differentiating fixed assets from inventory items. How will you differentiate
assets from inventory items?
A. Inventory items are sold.
B. Assets are temporary usually.
C. Inventory items are permanent.
D. Assets cannot be used.
Answer: A
…go to http://www.lead2pass.com/g2700.html to download the lastest full version.
