Free GAQM ISO-27005-LRM Exam Questions
Absolute Free ISO-27005-LRM Exam Practice for Comprehensive Preparation
-
GAQM ISO-27005-LRM Exam Questions
-
Provided By: GAQM
- Exam: ISO/IEC 27005 - Certified Lead Risk Manager
- Certification: GAQM ISO
-
Total Questions: 796
-
Updated On: May 21, 2026
-
Rated: 4.9 |
-
Online Users: 1592
-
Question 1
-
A university is upgrading its learning management system (LMS), which contains student information and academic records. Who should be designated as the risk owner for the LMS upgrade project, and what would be their primary task?
Answer: D
-
A university is upgrading its learning management system (LMS), which contains student information and academic records. Who should be designated as the risk owner for the LMS upgrade project, and what would be their primary task?
-
Question 2
-
An online retail company is assessing the risk of unauthorized access to customer credit card information. They are evaluating the implementation of end-to-end encryption for all transactions, regularly updating their payment systems, conducting penetration testing, or outsourcing payment processing to a PCI DSS compliant third-party. Which option most effectively reduces the risk level of unauthorized access to customer information?
Answer: A
-
An online retail company is assessing the risk of unauthorized access to customer credit card information. They are evaluating the implementation of end-to-end encryption for all transactions, regularly updating their payment systems, conducting penetration testing, or outsourcing payment processing to a PCI DSS compliant third-party. Which option most effectively reduces the risk level of unauthorized access to customer information?
-
Question 3
-
A manufacturing company uses legacy software to control its production line. The software is no longer supported by the vendor, and there are known security vulnerabilities. The company cannot afford to upgrade the software immediately. As a risk manager, what would be the most appropriate risk treatment decision?
Answer: A
-
A manufacturing company uses legacy software to control its production line. The software is no longer supported by the vendor, and there are known security vulnerabilities. The company cannot afford to upgrade the software immediately. As a risk manager, what would be the most appropriate risk treatment decision?
-
Question 4
-
A healthcare provider is evaluating the risk of unauthorized access to electronic health records (EHRs). The provider's risk criteria prioritize patient confidentiality and regulatory compliance. How should the risk level be assessed in this scenario?
Answer: B
-
A healthcare provider is evaluating the risk of unauthorized access to electronic health records (EHRs). The provider's risk criteria prioritize patient confidentiality and regulatory compliance. How should the risk level be assessed in this scenario?
-
Question 5
-
An educational institution is implementing MEHARI to assess risks to its learning management system (LMS). The team is in the process of risk treatment decision-making. What approach should be taken in this stage according to MEHARI, and why is it important for the institution's risk management?
Answer: B
-
An educational institution is implementing MEHARI to assess risks to its learning management system (LMS). The team is in the process of risk treatment decision-making. What approach should be taken in this stage according to MEHARI, and why is it important for the institution's risk management?