In acceptable use of Information Assets, which is the best practice?

A. Access to information and communication systems are provided for business purpose only

B. Interfering with or denying service to any user other than the employee's host

C. Playing any computer games during office hours

D. Accessing phone or network transmissions, including wireless or wifi transmissions

You receive an E-mail from some unknown person claiming to be representative of your bank and asking for your account number and password so that they can fix your account. Such an attempt of social engineering is called

A. Shoulder Surfing

B. Mountaineering

C. Phishing

D. Spoofing

Which of the following statements are correct for Clean Desk Policy?

A. Don't leave confidential documents on your desk.

B. Don't leave valuable items on your desk if you are not in your work area.

C. Don't leave highly confidential items.

D. Don't leave laptops without cable lock.

Which of the following is a technical security measure?

A. Encryption

B. Security policy

C. Safe storage of backups

D. User role profiles.

The computer room is protected by a pass reader. Only the System Management department has a pass. What type of security measure is this?

A. a corrective security measure

B. a physical security measure

C. a logical security measure

D. a repressive security measure

The following are the guidelines to protect your password, except:

A. Don't use the same password for various company system security access

B. Do not share passwords with anyone

C. For easy recall, use the same password for company and personal accounts

D. Change a temporary password on first log-on

A decent visitor is roaming around without visitor's ID. As an employee you should do the following, except:

A. Say "hi" and offer coffee

B. Call the receptionist and inform about the visitor

C. Greet and ask him what is his business

D. Escort him to his destination

Which reliability aspect of information is compromised when a staff member denies having sent a message?

A. Confidentiality

B. Integrity

C. Availability

D. Correctness

What type of compliancy standard, regulation or legislation provides a code of practice for information security?

A. ISO/IEC 27002

B. Personal data protection act

C. Computer criminality act

D. IT Service Management

In what part of the process to grant access to a system does the user present a token?

A. Authorisation

B. Verification

C. Authentication

D. Identification