The Directive requires that the means be maintained under the sole control of the signatory. This requirement is a particularly difficult one to achieve. One approach is to use different tokens or smart cards for the different transactions involved. The other answers are typical characteristics of digital signatures that can be implemented with public key cryptography.

The most beneficial item to review when performing an IT audit is the security log. The security log is a record of the events and activities that occur on a system or network, such as logins, logouts, file accesses, policy changes, or security incidents. The security log can provide valuable information for the auditor to assess the security posture, performance, and compliance of the system or network, and to identify any anomalies, vulnerabilities, or breaches that need to be addressed. The other options are not as beneficial as the security log, as they either do not provide enough information for the audit (A and C), or do not reflect the actual state of the system or network (D). References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter
7, page 405; Official (ISC)2 CISSP CBK Reference, Fifth Edition, Chapter 7, page 465.

The ISO 27000 Directory at: http://www.27000.org/index.htm has great coverage of the ISO 27000 series. The text below was extracted from their website.
As mention by Belinda the ISO 27001 standard is the certification controls criteria while
ISO 27002 is the actual standard. ISO 27002 used to be called ISO 17799 before being renamed.
An Introduction To ISO 27001 (ISO27001)
The ISO 27001 standard was published in October 2005, essentially replacing the old
BS7799-2 standard. It is the specification for an ISMS, an Information Security
Management System. BS7799 itself was a long standing standard, first published in the nineties as a code of practice. As this matured, a second part emerged to cover management systems. It is this against which certification is granted. Today in excess of a thousand certificates are in place, across the world.
ISO 27001 enhanced the content of BS7799-2 and harmonized it with other standards. A scheme has been introduced by various certification bodies for conversion from BS7799 certification to ISO27001 certification.
The objective of the standard itself is to "provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an Information Security
Management System". Regarding its adoption, this should be a strategic decision. Further,
"The design and implementation of an organization's ISMS is influenced by their needs and objectives, security requirements, the process employed and the size and structure of the organization".
The standard defines its 'process approach' as "The application of a system of processes within an organization, together with the identification and interactions of these processes, and their management". It employs the PDCA, Plan-Do-Check-Act model to structure the processes, and reflects the principles set out in the OECG guidelines (see oecd.org).
THE CONTENTS OF ISO 27001
The content sections of the standard are:
Management Responsibility
Internal Audits
ISMS Improvement
Annex A - Control objectives and controls
Annex B - OECD principles and this international standard
Annex C - Correspondence between ISO 9001, ISO 14001 and this standard
Introduction To ISO 27002 (ISO27002)
The ISO 27002 standard is the rename of the ISO 17799 standard, and is a code of practice for information security. It basically outlines hundreds of potential controls and control mechanisms, which may be implemented, in theory, subject to the guidance provided within ISO 27001.
The standard "established guidelines and general principles for initiating, implementing, maintaining, and improving information security management within an organization". The actual controls listed in the standard are intended to address the specific requirements identified via a formal risk assessment. The standard is also intended to provide a guide for the development of "organizational security standards and effective security management practices and to help build confidence in inter-organizational activities".
The basis of the standard was originally a document published by the UK government, which became a standard 'proper' in 1995, when it was re-published by BSI as BS7799. In
2000 it was again re-published, this time by ISO ,as ISO 17799. A new version of this appeared in 2005, along with a new publication, ISO 27001. These two documents are intended to be used together, with one complimenting the other.
ISO's future plans for this standard are focused largely around the development and publication of industry specific versions (for example: health sector, manufacturing, and so on). Note that this is a lengthy process, so the new standards will take some time to appear
THE CONTENTS OF ISO 17799 / 27002
The content sections are:
Structure
Risk Assessment and Treatment
Security Policy
Organization of Information Security
Asset Management
Human Resources Security
Physical Security
Communications and Ops Management
Access Control
Information Systems Acquisition, Development, Maintenance
Information Security Incident management
Business Continuity
Compliance
http://www.iso.org/iso/catalogue_detail?csnumber=42103
and
The ISO 27000 Directory at http://www.27000.org/index.htm

Explanation/Reference:
Explanation:
B1: Labeled Security: Each data object must contain a classification label and each subject must have a clearance label. When a subject attempts to access an object, the system must compare the subject's and object's security labels to ensure the requested actions are acceptable. Data leaving the system must also contain an accurate security label. The security policy is based on an informal statement, and the design specifications are reviewed and verified.
This security rating is intended for environments that require systems to handle classified data.
Incorrect Answers:
A: Security labels are not required at level C2.
C: Security labels are required at level B2; however, they were introduced at level B1.
D: Security labels are required at level B3; however, they were introduced at level B1.
References:
Harris, Shon, All In One CISSP Exam Guide, 6th Edition, McGraw-Hill, New York, 2013, p. 395