Month End Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmasmnth

Scenario 2Knight is an electronics company based in Northern California, the US that develops video...

  1. Home
  2. PECB
  3. ISO 27001
  4. ISO-IEC-27001-Lead-Auditor
  5. ISO-IEC-27001-Lead-Auditor Questions
  6. PECB Certified ISO/IEC 27001 2022 Lead Auditor exam Practice Questions

Scenario 2

Knight is an electronics company based in Northern California, the US that develops video game consoles. With over 300 employees globally, Knight is celebrating its fifth anniversary by launching the G-Console, a next-generation gaming system aimed at international markets. G-Console is considered to be the ultimate media machine of 2021, and it will give players the best gaming experience. The console pack will include a pair of VR headsets, two games, and other gifts.

Over the years, the company has developed a strong reputation for integrity, honesty, and respect toward their customers. Besides being a very customer-oriented company, Knight also gained wide recognition within the gaming industry because of its quality.

As one of the leading video game console developers in the world, Knight often finds itself a target for malicious activities. Therefore, it has implemented an information security management system (ISMS) based on ISO/IEC 27001, and its scope was communicated to employees of the company over a weekly meeting.

Recently, however, Knight experienced a security breach when hackers leaked proprietary information. In response, the incident response team (IRT) immediately began a thorough investigation of the system and the specifics of the incident. Initially, the IRT suspected that employees may have used weak passwords, allowing hackers to easily access their accounts. Upon further investigation, it was revealed that the hackers captured traffic from the file transfer protocol (FTP), which transmits data using clear-text passwords for authentication.

In light of this security incident, and following the IRT’s recommendations, Knight decided to replace the FTP with Secure Shell (SSH) protocol. This change ensures that any captured traffic is encrypted, significantly improving security.

After implementing these changes, Knight conducted a risk assessment to verify that the implementation of controls had minimized the risk of similar incidents. Based on the results of the risk assessment, they chose a risk treatment option to treat the risk.

Question

Based on Scenario 2, the risk treatment option was based on the risk assessment results. Is this acceptable?

A.

Yes, an appropriate risk treatment option is taking into account the risk assessment results.

B.

No, the risk treatment option should be based solely on financial considerations regardless of the risk assessment results.

C.

No, the risk treatment options should be randomly selected to ensure unbiased decision-making.

PECB ISO-IEC-27001-Lead-Auditor View All Questions

PECB ISO-IEC-27001-Lead-Auditor Summary

  • Vendor: PECB
  • Product: ISO-IEC-27001-Lead-Auditor
  • Update on: Feb 1, 2026
  • Questions: 418
Price: $52.5  $149.99
Buy Now ISO-IEC-27001-Lead-Auditor PDF + Testing Engine Pack
Next
Scenario:A data processing tool crashed when a user added more data to the buffer than...
Scenario 1: Fintive is a distinguished security provider for online payments and protection solutions.
Previous

Payments We Accept

Your purchase with ExamsVCE is safe and fast. Your products will be available for immediate download after your payment has been received.
The ExamsVCE website is protected by 256-bit SSL from McAfee, the leader in online security.

examsvce payment method

Contact Us

Copyright © 2013-2026 examsvce.com. All Rights Reserved
mcafee secure

TESTED 01 Feb 2026