Information Security Assessment Quiz! Trivia

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Timilehin
T
Timilehin
Community Contributor
Quizzes Created: 1 | Total Attempts: 445
Questions: 15 | Attempts: 445

SettingsSettingsSettings
Information Security Assessment Quiz! Trivia - Quiz


What do you know about the information security assessment? Do you think you can pass this quiz? Information security is the method of safeguarding information by diminishing information risks. It is a part of data risk management. It habitually involves preventing or at least reducing the possibility of unauthorized or inappropriate access to information. There are many important variables involved in this subject. Take this quiz and see how much you know about information security assessment.


Questions and Answers
  • 1. 

    The responsibility of information security lies with the

    • A.

      Chief Information Officer

    • B.

      Board of Directors

    • C.

      All Employees

    • D.

      Managing Director

    • E.

      Chief Risk Officer

    Correct Answer
    C. All Employees
    Explanation
    Information security is a collective responsibility that involves every individual within an organization. All employees play a crucial role in ensuring the security of information by following security protocols, being aware of potential threats, and adhering to best practices. While the Chief Information Officer, Board of Directors, Managing Director, and Chief Risk Officer may have specific roles and responsibilities related to information security, ultimately, it is the combined effort of all employees that helps protect sensitive information and maintain a secure environment.

    Rate this question:

  • 2. 

    Compliance with the Information Security Policy of the Bank is 

    • A.

      Mandatory

    • B.

      Optional

    • C.

      Discretionary

    Correct Answer
    A. Mandatory
    Explanation
    Compliance with the Information Security Policy of the Bank is mandatory because it is a requirement that must be followed by all individuals and entities within the bank. This policy is in place to ensure the protection of sensitive information, mitigate risks, and maintain the overall security of the bank's systems and data. Failure to comply with this policy may result in disciplinary actions or legal consequences.

    Rate this question:

  • 3. 

    The following are threats to Information Security except:

    • A.

      Exposure to Sensitive Documentation

    • B.

      Virus Attacks

    • C.

      Lack of adequate personnel

    • D.

      Natural Disasters

    • E.

      Theft, Sabotage and Misuse

    Correct Answer
    C. Lack of adequate personnel
    Explanation
    The lack of adequate personnel is not a threat to information security because it refers to a shortage of staff or personnel, which may result in a lack of efficiency or productivity, but it does not directly pose a risk to the security of information. The other options listed - exposure to sensitive documentation, virus attacks, natural disasters, theft, sabotage, and misuse - all represent potential threats to information security as they can lead to unauthorized access, data breaches, or loss of information integrity.

    Rate this question:

  • 4. 

    Users may install personal software on their official workstations.

    • A.

      True

    • B.

      False

    Correct Answer
    B. False
    Explanation
    The statement contradicts common workplace policies where personal software is typically not allowed to be installed on official workstations. This is done to maintain security, prevent unauthorized software installations, and ensure the smooth functioning of the workstation for official purposes.

    Rate this question:

  • 5. 

    Approval for the Introduction and removal of information assets from the premises is granted by 

    • A.

      Chief Information Officer

    • B.

      Head, Corporate Services

    • C.

      Both

    Correct Answer
    C. Both
    Explanation
    Both the Chief Information Officer and the Head of Corporate Services have the authority to approve the introduction and removal of information assets from the premises. This means that either one of them can grant permission for these actions to take place. It is important for these individuals to have control over the movement of information assets in order to ensure their security and proper management within the organization.

    Rate this question:

  • 6. 

    Users shall carry items such as laptops as hand luggage while in transit when they deem it necessary.

    • A.

      True

    • B.

      False

    Correct Answer
    B. False
    Explanation
    The statement suggests that users have the discretion to decide whether or not to carry items like laptops as hand luggage while in transit. However, the correct answer is "False" because the decision of carrying such items as hand luggage is not left to the users' discretion. Airlines and airport authorities have specific rules and regulations regarding what items can be carried as hand luggage, and laptops are generally required to be screened separately at security checkpoints.

    Rate this question:

  • 7. 

    Users are expected to keep a clear desk at the last working day of the week alone.

    • A.

      True

    • B.

      False

    Correct Answer
    B. False
    Explanation
    Users are not expected to keep a clear desk only on the last working day of the week. The statement implies that users are only required to have a clear desk on the last working day, which is not true. Users are expected to keep a clear desk at all times, regardless of the day of the week.

    Rate this question:

  • 8. 

    Users may write out passwords for safe keeping.

    • A.

      True

    • B.

      False

    Correct Answer
    B. False
    Explanation
    Users should not write out passwords for safe keeping as it poses a security risk. Writing down passwords increases the chances of them being lost, stolen, or accessed by unauthorized individuals. It is recommended to use password managers or other secure methods to store and manage passwords.

    Rate this question:

  • 9. 

    Sharing of user IDs or passwords is permitted with adequate justification.

    • A.

      True

    • B.

      False

    Correct Answer
    B. False
    Explanation
    Sharing of user IDs or passwords is not permitted, even with adequate justification. This practice poses a significant security risk as it compromises the confidentiality and integrity of the system. User IDs and passwords are meant to be kept private and should not be shared with others, as it can lead to unauthorized access and potential misuse of sensitive information. It is essential to maintain strong security practices by keeping user credentials confidential and not sharing them with anyone.

    Rate this question:

  • 10. 

    Malware incidents shall be reported and resolved in line with SunTrust Bank Incident Management Procedures.

    • A.

      True

    • B.

      False

    Correct Answer
    A. True
    Explanation
    The given statement is true because it states that malware incidents should be reported and resolved according to SunTrust Bank's Incident Management Procedures. This implies that the bank has specific procedures in place to handle malware incidents, which is important for ensuring the security and integrity of the bank's systems and data. By following these procedures, the bank can effectively respond to and mitigate the impact of malware incidents, protecting both the bank and its customers from potential harm.

    Rate this question:

  • 11. 

    Any SunTrust Bank information stored in removable media for any particular purpose shall be deleted once no longer required.

    • A.

      True

    • B.

      False

    Correct Answer
    A. True
    Explanation
    The statement suggests that any SunTrust Bank information stored in removable media should be deleted once it is no longer needed. This indicates that the bank follows a policy of ensuring that sensitive information is not kept on removable media for longer than necessary, which helps to protect against potential data breaches or unauthorized access. Therefore, the correct answer is True.

    Rate this question:

  • 12. 

    The use of third party email services for official purposes may be permitted discretionarily.

    • A.

      True

    • B.

      False

    Correct Answer
    B. False
    Explanation
    The statement suggests that the use of third party email services for official purposes may be allowed at the discretion of someone. However, the correct answer is "False" because the use of third party email services for official purposes is generally not permitted. Organizations usually have their own email systems or designated platforms for official communication to ensure security, confidentiality, and control over official correspondence.

    Rate this question:

  • 13. 

    Users shall make an attempt to nullify potential threats to their systems in addition to consulting the IT Department.

    • A.

      True

    • B.

      False

    Correct Answer
    A. True
    Explanation
    The statement suggests that users should not solely rely on the IT Department for protection against threats to their systems. Instead, they should take proactive measures to identify and eliminate potential threats themselves. This implies that users have a responsibility to be vigilant and take necessary precautions to safeguard their systems, in addition to seeking assistance from the IT Department when needed.

    Rate this question:

  • 14. 

    Users shall report issued devices lost or stolen immediately to the CIO in accordance with the information security incident management process

    • A.

      True

    • B.

      False

    Correct Answer
    A. True
    Explanation
    The correct answer is true because reporting lost or stolen devices immediately to the CIO is an important step in ensuring information security. By doing so, the necessary actions can be taken to protect sensitive data and prevent unauthorized access. This helps in mitigating potential risks and maintaining the overall security of the organization's information assets.

    Rate this question:

  • 15. 

    Users shall pro-actively explore the use of other communication links such as personal modems to connect to the Bank's internal network should there be downtime from the Bank's internet service providers.

    • A.

      True

    • B.

      False

    Correct Answer
    B. False
    Explanation
    The statement suggests that users should use personal modems to connect to the Bank's internal network in case there is downtime from the Bank's internet service providers. However, this is not a recommended practice as it can pose security risks and may not be in compliance with the Bank's policies and procedures. It is important for users to follow the Bank's guidelines and protocols during such situations.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 21, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Dec 08, 2016
    Quiz Created by
    Timilehin
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.