Which of the following statements are correct for Clean Desk Policy?
A. Don't leave confidential documents on your desk.
B. Don't leave valuable items on your desk if you are not in your work area.
C. Don't leave highly confidential items.
D. Don't leave laptops without cable lock.
What type of legislation requires a proper controlled purchase process?
A. Personal data protection act
B. Computer criminality act
C. Government information act
D. Intellectual property rights act
_________________is an asset like other important business assets has value to an organization and consequently needs to be protected.
A. Infrastructure
B. Data
C. Information
D. Security
Phishing is what type of Information Security Incident?
A. Private Incidents
B. Cracker/Hacker Attacks
C. Technical Vulnerabilities
D. Legal Incidents
What is social engineering?
A. A group planning for a social activity in the organization
B. Creating a situation wherein a third party gains confidential information from you
C. The organization planning an activity for welfare of the neighborhood
An administration office is going to determine the dangers to which it is exposed.
What do we call a possible event that can have a disruptive effect on the reliability of information?
A. dependency
B. threat
C. vulnerability
D. risk
Who are allowed to access highly confidential files?
A. Employees with a business need-to-know
B. Contractors with a business need-to-know
C. Employees with signed NDA have a business need-to-know
D. Non-employees designated with approved access and have signed NDA
In the event of an Information security incident, system users' roles and responsibilities are to be observed, except:
A. Report suspected or known incidents upon discovery through the Servicedesk
B. Preserve evidence if necessary
C. Cooperate with investigative personnel during investigation if needed
D. Make the information security incident details known to all employees
Which of the following is a preventive security measure?
A. Installing logging and monitoring software
B. Shutting down the Internet connection after an attack
C. Storing sensitive information in a data save
Availability means
A. Service should be accessible at the required time and usable by all
B. Service should be accessible at the required time and usable only by the authorized entity
C. Service should not be accessible when required
What is the worst possible action that an employee may receive for sharing his or her password or access with others?
A. Forced roll off from the project
B. The lowest rating on his or her performance assessment
C. Three days suspension from work
D. Termination
In which order is an Information Security Management System set up?
A. Implementation, operation, maintenance, establishment
B. Implementation, operation, improvement, maintenance
C. Establishment, implementation, operation, maintenance
D. Establishment, operation, monitoring, improvement
Which measure is a preventive measure?
A. Installing a logging system that enables changes in a system to be recognized
B. Shutting down all internet traffic after a hacker has gained access to the company systems
C. Putting sensitive information in a safe
Which of the following is not a type of Information Security attack?
A. Legal Incidents
B. Vehicular Incidents
C. Technical Vulnerabilities
D. Privacy Incidents
Information has a number of reliability aspects. Reliability is constantly being threatened. Examples of threats are: a cable becomes loose, someone alters information by accident, data is used privately or is falsified.
Which of these examples is a threat to integrity?
A. a loose cable
B. accidental alteration of data
C. private use of data
D. System restart