These are the 20 sets of Security Questions & Answers. Here, the content that we are providing is based on our knowledge and personal study.
If you missed the previous article on security quizzes click here.
1.) A project team wanted to celebrate the success of their Offshore Development Centre(ODC)and took photos of the team at the work area. Which of the following is correct?
A.) The team members should not have taken the photographs since taking photographs in the office/work area is a violation of the Security policy.
B.) An information security incident should be raised in Ultimatix for taking photographs without permission in the ODC.
C.) If there is a need to take photographs within the office, you must seek approval beforehand.
D.) All of the above
Answer.) D
2.) Which is the most important protection for information classified as Public?
A.) Protection from unauthorized disclosure
B.) Protection from unavailability
C.) Protection from unauthorized modification
Answer.) C
3.) You are working on a customer network and there is unrestricted access to the Internet to sites like Youtube and Gmail. What is appropriate in such situations?
A.) Since the customer has provided access, it is okay for you to access the site.
B.) It is acceptable to visit these sites during non-business hours only so that official work does not suffer.
C.) Even though access is available from the client network, it is inappropriate to access these sites as there is a risk of information leakage and violation
D.) Log it as a risk and then access these sites.
Answer.) C
4.) You are going on vacation. Your user-id has special privileges required to do certain specific tasks on the project. What should you do to ensure services are not infected when you are on vacation?
A.) Send your password to your supervisor in an encrypted e-mail.
B.) Write it down on a piece of paper, place it in a drawer, lock it, and hand over the key to your backup team member
C.) Get the privileges transferred to the user id of your backup team member. Do not disclose your password to anyone
D.) Share it with your backup team member verbally.
Answer.) C
5.) You have moved from offshore to the client location so the client has provided you an e-mail id on their domain. While communicating with the offshore team on project work which e-mail IDs should you use?
A.) Google or Yahoo e-mail ID as they are accessible from the client network as well as from home
B.) Either company or client mall ID as both belong to you
C.) company e-mail ID only
D.) Client provided an e-mail ID only
Answer.) D
6.) Which is the appropriate place to document the Backup plan for your project?
A.) Business Continuity Plan (BCP)
B.) Unified Project Plan (UPP)
C.) Risk Management Report (RMR)
D.) Security Operating Procedure document (Security OPD)
Answer.) B
7.) You are informed by the client that sensitive information is being faxed by them at your office Fax Machine. What are the appropriate actions you should take?
A.) Inform the office boy to collect the fax for you.
B.) Inform the admin to collect the fax as the fax machine is located in their area.
C.) Request the client to send a cover note, get confirmation on receipt of the cover note from you, and then send the actual information.
D.) Ask for the time of faxing and wait near the fax machine to receive it in person.
Answer.) C and D
8.) You are being stopped at the Security desk before entering the office. The security guard requests You to open your baggage for checking and to display your ID card as well. Choose what you should do In this circumstance?
A.) Allow baggage check and then walk into the office ignoring the ID card display request
B.) Display the ID card; but do not allow baggage check
C.) Cooperate with the security guard for baggage check and display your ID card as requested.
D.) You are an authorized employee of the organization, so no one should stop you for any baggage checks or ID card checks while entering the office
Answer.) C
9.) There is a fire in your Offshore Development Centre (ODC) which has disrupted your project work. Where would you look for the next steps to provide continued service to the customer?
A.) Project Plan
B.) HR emergency manual
C.) Business Continuity Plan
D.) All of the above
Answer.) C
10.) You are in office and your laptop is connected to the company network through cable. Your supervisor requests you to check If his data card is working on your laptop. You connect the data card to your laptop Immediately to check and reply that it is working, while the backup is in progress. Which are the correct options for the above scenario?
A.) You must not connect two networks simultaneously, that is, do not use the data card or external wi-fi when the laptop is connected to the LAN.
B.) Connecting to the data card while taking a backup is not advisable, since the backup job can end abruptly.
C.) You must have raised a CR before doing the activity.
D.) You should not use the data card Issued to another company associate from your laptop.
Answer.) A
11.) You learn about Open Source software freely available on the Internet and can be very useful to our project. You want to download the tool to give your supervisor and team members a demo. Select the appropriate option/s from the following to give this demo.
A.) you should download the tool directly and install the same if there is no threat detected after scanning the file with Anti- Virus software.
B.) Ask lS directly to Install the tool on your machine.
C.) You should ensure that any such open source to be installed on the company system has viruses, vulnerabilities, or any impact on the system or other devices on the network and that terms of usage are checked for compliance with licensing and contractual open source usage is allowed.
D.) You should request your supervisor to download the tool directly on the supervisor’s laptop and then give the demo.
Answer.) C
12.) When you are going on a long leave, what are the appropriate actions that you should take?
A.) Share your user ID and password with your team to ensure continuity of work.
B.) Ask the client to hold the project till you return.
C.) Send all the information/data to your personal ID and work for a few hours daily during vacation by visiting a nearby internet café.
D.) Transition all the activities and relevant Information/data for someone Within the team and delegate access to mals so that you do not need to share your credentials.
Answer.) D
13.) You want to start a blog to discuss delivery issues in your project or relationship. What would you do?
A.) Use Linkedin since it is mainly used by professionals as a networking platform.
B.) Ensure that you accept invites diligently on linked in – ensure they are from company and part of your relationship.
C.) Use the company’s internal social media (such as Knome) and post the query in the right community.
Answer.) C
14.) You have moved from offshore to the client location so the client has provided you an e-mail id on their domain. While communicating with the offshore team on project work which e-mail IDs should you use?
A.) Google or Yahoo e-mail ID as they are accessible from the client network as well as from home
B.) Either company or client mail ID as both belong to vou
C.) company e-mail ID only
D.) Client provided an e-mail ID only
Answer.) D
15.) You have been working from home on your laptop. What do you need to do when you connect to the company network?
A.) Ensure that the latest patches are updated.
B.) Restart the machine after patch deployment, if required.
C.) Ensure that the latest antivirus is updated.
D.) None of the above
Answer.) A, B, and, C
16.) Your colleague is on leave and the PL requests you to use your colleague’s ID for login to complete the work. What will you do?
A.) You will do as told by your PL
B.) You will refuse to use someone else’s ID and password to do work.
Answer.) B
17.) You are working on a customer network and there is unrestricted access to the Internet sites like Youtube and Gmail. What is appropriate in such situations?
A.) Since the customer has provided the access, It is okay for you to access the site.
B.) It is acceptable to visit these sites during non-business hours only so that official work does not suffer.
C.) Even though access is available from the client network, it is inappropriate to access these sites as there is a risk of information leakage and violation of contractual obligations.
D.) Log it as a risk and then access these sites
Answer.) C
18.) How would you protect the company/Customer provided laptops during air travel?
A.) Do not check in the laptop along with other luggage and carry it with you as hand baggage.
B.) Do not keep the laptop out of sight during any stage of travel
C.) For safety, you should check in the laptop with other luggage
D.) After the security check, collect your laptop promptly. Recheck once if you have collected your own laptop and not someone else’s.
Answer.) A, B, and D
19.) An associate carried a USB pen drive to the office without declaring it at reception. Later, the PL found it on the desktop of the user. If you were the PL, then which of the following is/are correct actions you would need to take?
A.) A security incident should be raised against the associate for possession of undeclared media in the work area.
B.) The pen drive should be given to IS team for scanning.
C.) As long as the association has used it for personal purposes, it’s okay. No action is needed.
D.) Ask the associate to fill o the media declaration form post-facto. so that the company process is followed
Answer.) A and B
20.) The company recommended method of disposing of non-electronic information in paper form classified as Restricted, Confidential or Internal Use is the same. Is this statement True or False?
A.) True
B.) False
Answer.) A.
security security security security security security security isecurity isecurity isecurity isecurity isecurity