29:["$","section",null,{"className":"mx-auto space-y-6 rounded-xl border border-stone-100/80 bg-white px-5 py-8 shadow-sm backdrop-blur-sm backdrop-saturate-150 transition-all md:px-8 md:py-10","children":["$","div",null,{"className":"mx-auto max-w-[740px] space-y-6","children":[["$","div",null,{"className":"mb-6 flex items-center gap-3 border-b pb-4","children":[["$","svg",null,{"width":"15","height":"15","viewBox":"0 0 15 15","fill":"none","xmlns":"http://www.w3.org/2000/svg","className":"size-5 text-indigo-500","children":["$","path",null,{"d":"M12.5 3L2.5 3.00002C1.67157 3.00002 1 3.6716 1 4.50002V9.50003C1 10.3285 1.67157 11 2.5 11H7.50003C7.63264 11 7.75982 11.0527 7.85358 11.1465L10 13.2929V11.5C10 11.2239 10.2239 11 10.5 11H12.5C13.3284 11 14 10.3285 14 9.50003V4.5C14 3.67157 13.3284 3 12.5 3ZM2.49999 2.00002L12.5 2C13.8807 2 15 3.11929 15 4.5V9.50003C15 10.8807 13.8807 12 12.5 12H11V14.5C11 14.7022 10.8782 14.8845 10.6913 14.9619C10.5045 15.0393 10.2894 14.9965 10.1464 14.8536L7.29292 12H2.5C1.11929 12 0 10.8807 0 9.50003V4.50002C0 3.11931 1.11928 2.00003 2.49999 2.00002Z","fill":"currentColor","fillRule":"evenodd","clipRule":"evenodd"}]}],["$","h2",null,{"className":"font-heading text-lg font-medium text-stone-700 md:text-xl","children":"Discussion"}],["$","span",null,{"className":"ml-auto rounded-full border border-indigo-100/60 bg-indigo-50/80 px-3 py-1 text-xs font-medium text-indigo-700 shadow-sm","children":[1," ","comment"]}]]}],["$","$L2a",null,{"question":{"id":"GTWHKG4q8G","slot":22,"body":"

Which security controls must be implemented to comply with ISO/IEC 27001?

","answer":null,"exam_id":"lead-implementer","o_id":"155313-exam-lead-implementer-topic-1-question-22-discussion","o_answer_long":"

","o_answer_short":"","o_sect":1,"o_slot":22,"is_published":true,"created_at":"$D2025-05-11T04:02:55.523Z","updated_at":"$D2025-05-12T11:48:53.393Z","last_comment_at":"$D2025-01-23T22:48:00.000Z","options":[{"id":"8iOrf95Seb","o_is_correct":false,"slot":0,"body":"

Those designed by the organization only

","is_correct":null,"question_id":"GTWHKG4q8G","created_at":"$D2025-05-11T04:02:55.523Z","updated_at":"$D2025-05-11T04:02:55.523Z"},{"id":"9iXu55WnWq","o_is_correct":true,"slot":1,"body":"

Those included in the risk treatment plan

","is_correct":null,"question_id":"GTWHKG4q8G","created_at":"$D2025-05-11T04:02:55.523Z","updated_at":"$D2025-05-11T04:02:55.523Z"},{"id":"eSmqaCb9z8","o_is_correct":false,"slot":2,"body":"

Those listed in Annex A of ISO/IEC 27001, without any exception

","is_correct":null,"question_id":"GTWHKG4q8G","created_at":"$D2025-05-11T04:02:55.523Z","updated_at":"$D2025-05-11T04:02:55.523Z"}],"exam":{"code":"Lead Implementer","id":"lead-implementer","vendor_id":"pecb"}},"session":null}],["$","div",null,{"className":"mt-8 space-y-8","children":[["$","div",null,{"className":"relative flex w-full","children":[false,["$","div",null,{"className":"flex flex-col w-full rounded-xl transition-colors duration-200","children":[["$","div",null,{"className":"relative flex items-center before:absolute before:left-[-5px] before:top-1/2 before:z-[15] before:size-[5px] before:-translate-y-1/2 before:bg-transparent","children":[["$","$L2b",null,{"className":"relative z-20 size-9 overflow-hidden rounded-full bg-stone-100 ring-2 ring-stone-50 transition-all duration-200 hover:ring-indigo-50","children":["$","$L2c",null,{"src":"https://avatar.vercel.sh/Acrisius","alt":"Acrisius"}]}],["$","div",null,{"className":"flex flex-col items-start gap-1 pl-3","children":[["$","div",null,{"className":"flex items-center gap-x-2","children":[["$","span",null,{"className":"font-semibold text-stone-800","children":"Acrisius"}],["$","span",null,{"className":"inline-flex rounded-full border border-indigo-100 bg-indigo-50 px-2.5 py-0.5 text-[11px] font-medium text-indigo-700","children":["Option","",": ","B"]}]]}],["$","span",null,{"className":"text-xs text-stone-400","children":"Jan 23, 2025"}]]}]]}],["$","div",null,{"className":"relative","children":[["$","p",null,{"className":"prose prose-stone max-w-full whitespace-pre-line break-words py-3 text-[15px] leading-relaxed text-stone-600 [word-break:break-word]","children":"The answer to this question is B\n\nThose included in the risk treatment plan\n\nTo obtain the approval of the management for the ISMS implementation, the follwoing documented information should be prepared in advance:\nRisk analysis report\nRisk Treatment plan (including the identification of residual risks) and the statement of applicability"}],["$","$L2d",null,{"comment":{"id":"9nmfyz8GyS","body":"The answer to this question is B\n\nThose included in the risk treatment plan\n\nTo obtain the approval of the management for the ISMS implementation, the follwoing documented information should be prepared in advance:\nRisk analysis report\nRisk Treatment plan (including the identification of residual risks) and the statement of applicability","created_at":"2025-01-23T22:48:00.000Z","parent_id":null,"user_id":"KiePqn40vH","user_name":"Acrisius","user_image":null,"options":["9iXu55WnWq"],"upvotes":3,"upvoted":false,"children":[]},"session":null,"question":"$2e"}]]}],false]}]]}]]}]]}]}]

Lead Implementer Exam - Question 22

Discussion