This is the 20 sets of iSecurity quiz – Generic Question and Answer. Here, the content that we are providing is based on our knowledge and personal study.
1.)You are working on a project at a client site. The client has provided you with an e-mail id on their domain, you are not allowed to access the company e-mail id through the client network. What will you do to access e-mails received on our company ID? Select appropriate choice?
A.) Use client network to access company e-mails as you know that access is not blocked
B.)Use the Auto Forward feature of Les e-mail and forward mails received on your company ID to your client e-mail ID.
C.)Use the Auto Forward feature of company e-mail and forward e-mails received on company ID to your personal e-mail ld like Gmail or Yahoo
D.)Use webmail to access Tes e-mails outside the client network or have louts Notes configured on smartphone and use a network other than client network.
2.)Where can you find company process for Business Continuity Management?
A.)In iQMS Wik
C.)In Integrated Project Management System (IPMS)
D.)in Enterprise Process Web (EPW)
3.)What data would you typically select for the backup?
A.) Taking regular backup is just a recommendation; so no backup is really required.
B.) Only a large amount of data
C.) All of your personal data
D.) Data that will impact the project execution thus Impacting the company or its customer
4.)While working on an assignment where you are an administrator for the database, your password
A.)Can be shared with team members If a need arises
B.)Can be shared with clients if they ask for it
C.)Can be shared with a supervisor only.
D.)Should never be disclosed to anyone or shared with anyone
5.)Why do you need Business Continuity Plan?
A.)To be able to continue our critical operations in the event of any crisis/disaster
B.)Because others have it
C.)To minimize the impact of any crisis/disaster to company and our customers
Answer.)A and B
6.)The access-related controls for Confidential classification are more stringent as compared to Internal classification. Is this statement True or False and Why?
A.)TRUE as Confidential information is distributed among a limited number of people
B.)FALSE, as Internal information is stored within the company network
C.)TRUE, as the business impact due to unauthorized disclosure of confidential information is more than internal information.
D.)FALSE, as business impact due to unauthorized disclosure can be the same in both classifications.
7.)The information displayed on company website is classified as company Internal. This statement is True or False
A.)TRUE. Since all information is about company internal matters, it’s classified as company Internal
B.)FAlSE The information on company website is public and is explicitly approved by management for a public release
8.)You need to mail the estimation sheet created as a response to one RFP to your Onsite BRM. What care will you take while sending the e-mail with regards to its label?
A.)Document must be labeled as company Confidential
B.)E-mail must be labeled as Confidential
C.)Classification and labeling is required when the document is finalized, not when it’s under internal review
D.)Classification is not necessary since both the sender (you) and the recipient (BRM) are on company domain
Answer.)A and B
9.)What should you do to make your password difficult to guess or crack?
A.)Do not disclose it to anyone.
B.)Use a combination of alphabets, numbers, and special characters
C.)Use a combination of residential details like street name and flat number etc.
D.)Increase the length of the password to the extent possible.
Answer.)B and D
10.)While working on the office network, which of the following are not acceptable practices?
A.)Transmission of any information which is unprofessional, offensive, objectionable, intimidating, or private to others
B.)Publishing information which belongs to a particular political party
C.)Sending or posting messages that could denigrate or harass others on the basis of gender, race, age, disability, religion,
D.)Not to use internal platform for blogs
Answer.)A, B, and C
11.)You are taking a printout of a debugging code you have written. What precautions do you need to take?
A.)Collect the printouts immediately
B.)if the paper jams, remove the paper and shred it.
C.)Collect the printout next time you take a break
D.)Ensure that printout is classified properly
Answer.)A, B, and D
12.)You have a business need to use Internet-based chat messenger not approved by company. What should you do?
A.)Download it directly for use as it is a business need.
B.)Connect with your ISM to discuss the risks involved and the feasible solution
C.)Since the client has asked you should expect IS to install it directly.
D.)Get supervisor approval and install it
13.)You observe that one of your company colleagues keeps sending unsolicited e-mails which are either offensive, obscene, or at times defamatory what should you do?
A.)Do nothing. Just ignore such e-mails by deleting them
B.)Do nothing Keep such e-mails in a separate folder of your mailbox for future use
C.)Inform your ISM, raise an incident give the mail as evidence and delete il from your mailbox.
D.)Forward the e-mail to your other colleagues so that they are alerted to such activity
14.)How would you protect company/Customer provided laptops during air travel?
A.)Do not check-in the laptop along with other luggage and car it with you as hang-Baggage
B.)Do not keep the laptop out of sight during any stage of travel
C.)For safety. you should check in the laptop with other luggage
D.)After security check, collect your laptop promptly. Recheck once if you have collected your own laptop and someone else’s
Answer.)A, B, and D
15.)Tom has joined a project. He has been assigned a desktop. This desktop was used by Jerry who is now released from the project. Upon logging on, Tom found personal non-business files stored in the computer by Jerry. If you were Tom, what action would you take?
A.)You must inform the IS team to remove Jerry’s personal files from the desktop.
B.)You must inform Jerry to take copies of his personal files and delete them from the desktop.
C.)You can send Jerry’s personal files through e-mail to Jerry.
D.)You should raise an information security incident in the security incident reporting tool.
16.)You are going to do a project audit and realize that you do not have access to the Offshore Development Center (ODC). What should you do?
A.)Wait for some time and enter along with the next person entering the ODC.
B.)Knock the door and swipe once the door is opened so that your entry is registered.
C.)Request the Auditee to escort you into the ODc. Make sure that you sign the visitor register when entering and existing the ODc.
D.)It is not recommended for auditors to visit the customer ODC since the audit is internal to company.
17.)You are working on a shift and your colleague in the next shift is delayed due to traffic conditions. Your colleague calls you and asks you to download an urgent you avoid such sharing or e-mails IDs?
A.)There is no need to avoid as it Is Ok to use colleagues e-mail ID If the situation demands So
B.)Ask a supervisor or another associate from the next shift to use the ID of the colleague who is delayed
C.)Use the delegate/backup facility
D.)Use group mail id or mainline DB with required associates in the teams as members.
Answer:)C and D
18.)Information classified as Restricted should be given the highest level of protection among all classifications during storage or transmission. Is this statement True or False?
19.) Your client wants to know the background Check (BGC) outcome of one of the associates. He wants to get the complete report of BGC for verification. What will you do?
A.)You will get the softcopy of the report from HR SPOC. Once you verify, you will send it to the client
B.)You will ask the HR SPOC to share the BGC report of the association with the client
C.)You will ignore such requests
D.)You will raise a CR for this
20.)Who is responsible for classifying information?
A.)GL/PL of the project
B.)Information Security Coordinator for the project
D.)Owner of the information
- Data Privacy Certification Question and Answer
- Data Privacy Assessment Questions 2nd Part
- Data Privacy Assessment Questions & Answers
- ORACLE APEX Overview 2023
- HSE – Occupational Health & Safety @WBT | Course ID: 48150