PECB Certified ISO/IEC 27001 Lead Implementer

Here you have the best PECB Lead Implementer practice exam questions

You have 145 total questions to study from
Each page has 5 questions, making a total of 29 pages
You can navigate through the pages using the buttons at the bottom
This questions were last updated on November 14, 2025
This site is not affiliated with or endorsed by PECB.

Question 1 of 145

Scenario 1: HealthGenic is a pediatric clinic that monitors the health and growth of individuals from infancy to early adulthood using a web-based medical software. The software is also used to schedule appointments, create customized medical reports, store patients’ data and medical history, and communicate with all the involved parties, including parents, other physicians, and the medical laboratory staff.
Last month, HealthGenic experienced a number of service interruptions due to the increased number of users accessing the software. Another issue the company faced while using the software was the complicated user interface, which the untrained personnel found challenging to use.
The top management of HealthGenic immediately informed the company that had developed the software about the issue. The software company fixed the issue; however, in the process of doing so, it modified some files that comprised sensitive information related to HealthGenic’s patients. The modifications that were made resulted in incomplete and incorrect medical reports and, more importantly, invaded the patients’ privacy.
Based on the scenario above, answer the following question:
Which of the following indicates that the confidentiality of information was compromised?

Service interruptions due to the increased number of users

Invasion of patients’ privacy

Modification of patients’ medical reports

Correct Answer: B

Question 2 of 145

Based on scenario 1, what is a potential impact of the loss of integrity of information in HealthGenic?

Disruption of operations and performance degradation

Incomplete and incorrect medical reports

Service interruptions and complicated user interface

Correct Answer: B

Question 3 of 145

Intrinsic vulnerabilities, such as the _____________, are related to the characteristics of the asset. Refer to scenario 1.

Software malfunction

Service interruptions

Complicated user interface

Correct Answer: C

Question 4 of 145

Which situation described in scenario 1 represents a threat to HealthGenic?

HealthGenic did not train its personnel to use the software

The software company modified information related to HealthGenic’s patients

HealthGenic used a web-based medical software for storing patients' confidential information

Correct Answer: B

Question 5 of 145

In scenario 1, HealthGenic experienced a number of service interruptions due to the loss of functionality of the software. Which principle of information security has been affected in this case?

Availability

Confidentiality

Integrity

Correct Answer: A