Exam ISO-IEC-27005-Risk-Manager Topic 3 Question 6 Discussion
Actual exam question for PECB's ISO-IEC-27005-Risk-Manager exam
Question #: 6
Topic #: 3
Question #: 6
Topic #: 3
Which statement regarding information gathering techniques is correct?
Suggested Answer: B Vote an answer
ISO/IEC 27005 supports the use of various information-gathering techniques, including technical tools, to identify and assess risks. Technical tools such as vulnerability scanners and asset management software can help organizations identify technical vulnerabilities and compile a list of assets that are critical for risk assessment. This aligns with the standard's recommendation to use automated tools for an effective risk assessment process. Option B is correct because it accurately describes an effective information-gathering technique.
Reference:
ISO/IEC 27005:2018, Clause 8.2, "Risk Identification," which discusses using tools and techniques to identify risks.
Reference:
ISO/IEC 27005:2018, Clause 8.2, "Risk Identification," which discusses using tools and techniques to identify risks.
by Theodore at Apr 08, 2025, 09:57 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).