by

  1. Basic objectives of information security include: confidentiality, integrity and accessibility of information.
        ⚪  A. True
        ⚫  B. False

  2. Security vulnerability is occurred naturally, and is not affected by human factors.
        ⚪  A. True
        ⚫  B. False

  3. We need to verify the identity of the external service providers, before allowing them to access confidential information or systems.
        ⚫  A. True
        ⚪ B. False

  4. Which of the following would MOST effectively reduce social engineering incidents?
        ⚫  A. Security awareness training
        ⚪  B. Increased physical security measures
        ⚪  C. Email monitoring policy
        ⚪  D. Intrusion detection / prevention systems

  5. Which one of the following should NOT be used as an information security objective?
        ⚪  A. Zero occurence of improper handling of sensitive information
        ⚫  B. Notify affected customer of information leakage 90 days after incident
        ⚪  C. 98% or above of staff received and passed information security awareness training
        ⚪  D. Zero occurence of incorrect access right assignment

  6. Which one of the following is NOT recommended when terminating an employee?
        ⚪  A. Delete all physical access privileges
        ⚪  B. Organize an exit interview
        ⚫  C. Escort the employee to leave the building before offboarding clearance
        ⚪  D. Disable all logon accounts by last date of employment

  7. Which one of the followings is NOT acceptable?
        ⚪  A. Assign unique reference numbers to customer access requests
        ⚫  B. Pack equipment of different customers together to save storage spaces
        ⚪  C. Verify equipment brand name and serial number during move-out
        ⚪ D. Allow customer to bring and install additional power bars in their racks

  8. The BEST way to ensure that security settings on each platform are in compliance with information security policies and procedures is to:
        ⚪  A. Perform penetration testing
        ⚫  B. Establish security baselines
        ⚪  C. Implement vendor default settings
        ⚪  D. Link policies to an independent standard

  9. The FIRST priority when responding to an information security incident is:
        ⚪  A. Documentation
        ⚪  B. Monitoring
        ⚪  C. Restoration
        ⚫  D. Containment

 10. When an emergency security patch is received via electronic mail, the patch should FIRST be:
        ⚪ A. Loaded onto an isolated test machine
        ⚪  B. Decompiled to check for mailicious code
        ⚫  C. Validated to ensure its authenticity
        ⚪  D. Copied onto write-once media to prevent tampering

Leave a Reply

Your email address will not be published.

Enter Captcha Here : *

Reload Image