Question Answers of ISMS Security Awareness Training assessment for HR and all employees, Learn the basics of ISMS and Security Awareness with our easy-to-understand Q&A guide.
Question 1:
What would you do if you encountered a security incident:
a. Report it to your Supervisor or contact the Information Security & Compliance team
b. Call the local newspaper & media
c. Tell your colleagues & team members
d. All the above
Answer: a. Report it to your Supervisor or contact the Information Security & Compliance team
Question 2:
When constructing a password you should:
a. Use your family member’s name, pet’s name, or put your Date of Birth
b. Use phrases or misspelled words with embedded numbers and special characters
c. Use sequenced letters and numbers from your keyboard
d. All of the above
Answer: b. Use phrases or misspelled words with embedded numbers and special characters
Question 3:
You have a hard copy of a customer document that you want to dispose of. What would you do?
a. Give it to the office boy to reuse for other purposes
b. Shred it using a shredder
c. Be environment friendly and reuse it for writing
d. Throw it in any dustbin
Answer: b. Shred it using a shredder
Question 4:
When I write down my password & store it on a piece of paper, I am accepting risk on behalf of the organization and violating policy.
Answer: TRUE
Question 5:
Clear screen means that nothing should be saved on your computer desktop & computers are to remain locked when you move away from your desk.
Clear Desk means that confidential documents are to be under lock & key and should not be accessible to unauthorized parties when you move from your desk.
Answer: TRUE
Question 6:
Which of the following security rules should you practice while in your office building?
a. Employees required to wear badges should have them visible at all times
b. Revoke access immediately when an employee or contractor is terminated or leaves
c. Don’t leave data at printers, scanners, fax machines, and desks unattended
d. Escort visitors to departments & ensure they wear Visitor ID Cards
e. All the above
Answer: e. All the above
Question 7:
Why do we have a Business Continuity Plan?
a. To ensure we continue business relations with customers even after a project has ended
b. To ensure availability/immediate restoration of our service to the customers in the event of a disaster/incident
c. To ensure customers are kept happy so we continue to get business from them
Answer: b. To ensure availability/immediate restoration of our service to the customers in the event of a disaster/incident
Question 8:
Which of the following statement is incorrect with respect to internal audits and management reviews?
a. Management reviews must be carried out at planned intervals
b. Internal Audits should cover all locations & controls
c. A management review is conducted by top management
d. Internal audits are carried out by the organization’s top management
Answer: d. Internal audits are carried out by the organization’s top management
Question 9:
You find useful software freely available online that could help with your work. What should you do?
a. Raise a Change Request for a licensed version of that software with proper justification on why you need it & send it for approval to the relevant team
b. Inform your colleagues that there is a useful software available freely on the Internet & they can all download it as it will make their daily work simpler & easier
c. Get in touch with your friend who is in IT Team & request him to download the software on your system as he has administrative privileges
d. Try to download the software on your system, if it is allowing you to do so
Answer: a. Raise a Change Request for a licensed version of that software with proper justification on why you need it & send it for approval to the relevant team
Question 10:
We are supposed to keep office-related confidential documents stored at /with?
a. At our home
b. With our friends
c. In secured places
d. Open Places
Answer: c. In secured places
Question 11:
What is a critical activity for HR during employee joining in context to ISO 27001:2013 ?
a. Fitness Check
b. Background Check
c. Health Check Up
d. Psychometric Check
Answer: b. Background Check
Question 12:
You see an employee or someone else taking photos in the work area. What do you do?
a. Ask them not to take photos in secure areas and raise a security incident
b. No issues, join them
Answer: a. Ask them not to take photos in secure areas and raise a security incident
Question 13:
The FIRST objective of a “Security Aware Employee” is to be able to:
a. Report a security threat
b. Recognize a security threat
c. Manage a security threat
d. Avoid a security threat
Answer: b. Recognize a security threat
Question 14:
A visitor is roaming around without a visitor’s ID. As an employee which is the one option you SHOULD NOT DO from the following:
a. Call the receptionist and inform them about the visitor
b. Greet and ask him what is his business
c. Say “Hi”, Offer coffee and start sharing office information with him
d. Escort him to his destination after completing the formalities at the reception
Answer: c. Say “Hi”, Offer coffee and start sharing office information with him
Question 15:
Access Control Systems, CCTV and security guards are form of?
a. Compliance
b. Environment Security
c. Physical Security
d. Access Control
Answer: c. Physical Security
Question 16:
Your supervisor is very busy and asks you to log into the HR Server using her user-ID and password to retrieve some reports. What should you do?
a. Decline the request and remind your supervisor that it is against company policy
b. Ignore the request and hope they forget
c. It’s your boss, so it’s okay to do this
Answer: a. Decline the request and remind your supervisor that it is against company policy
Question 17:
Authorised staff are allowed to scan, monitor or view your emails & its usage for inappropriate use or suspected policy violations of the company email system.
Answer: TRUE
Question 18:
When I leave my computer, I do not need to lock it AS LONG AS I have automatic lock enabled.
Answer: FALSE
Question 19:
A friend sends an electronic Hallmark greeting card (e-card) to your work email. You need to click on the attachment to see the card.
What should you do?
a. Forward the email to your personal mail box
b. Delete the message
c. Click on the attachment to open & view it
d. Download the attachment on your office computer / laptop & then open it
Answer: b. Delete the message
Question 20:
Your passwords should be easy to remember and hard to guess, which of the following is an example of strong password?
a. $ayN02#ackers
b. 29Feb1980
c. Passw0rd
d. MyPetName
Answer: a. $ayN02#ackers
That’s It! We hope you find the MCQs helpful. Watch this space for additional content in the future. Do not forget to share this post on social media. Until next time, happy browsing!
