Information Security Policy Quiz: Multiple Choice Questions

20 Questions | Total Attempts: 2591

SettingsSettingsSettings
Please wait...
Information Security Policy Quiz: Multiple Choice Questions

This Policy has been created to mitigate the multiple risks that the organisation faces by handling data and using technical equipment. Please complete the following set of questions to demonstrate you have an understanding of the policies, procedures and best practices laid out within the document.


Questions and Answers
  • 1. 
    If you are going to be using personal equipment in the organisation what should you do? (Select all that apply)
    • A. 

      Inform the IT Service Desk

    • B. 

      Get consent from your line manager

    • C. 

      Ensure the equipment meets standards as defined in the Information Security Policy

  • 2. 
    What should you do if you are leaving your PC or laptop unattended momentarily? (Select all that apply)
    • A. 

      Password lock your device

    • B. 

      Do nothing

  • 3. 
    What should you do if you require software downloading that is not already supplied by the Sports Leaders UK IT Service Desk?
    • A. 

      Contact the IT Service Desk

    • B. 

      Obtain managerial authorisation

    • C. 

      Request through the IT Service Desk and obtain managerial authorisation

  • 4. 
    What should you do if you believe your password has been compromised?
    • A. 

      Advise your Operations Support Advisor contact

    • B. 

      Contact the IT Service Desk immediately

    • C. 

      Contact your line manager immediately

    • D. 

      Email the Sports Leaders UK distribution group to let everybody know

  • 5. 
    What is the AC1 form used for?
    • A. 

      To advise the IT Service Desk another user may be misusing equipment

    • B. 

      Requesting a new password because yours has been compromised

    • C. 

      To request a new user account for a new member of staff

    • D. 

      To extend the period of time a mailbox remains available

    • E. 

      To advise the IT Service Desk a staff member is about to leave the organisation

  • 6. 
    Which of the following actions break data protection legislation? (Select all that apply)
    • A. 

      When logged in to terminal services I will save an organisational document on to my personal laptop/computer/tablet so I can work on it off line. I then upload it again after I have finished.

    • B. 

      I save a list of learner and tutor information on to my encrypted memory stick / flash drive.

    • C. 

      The responsible tutor assessor has requested I send them the list of learner names and dates of birth on their current course so they can check they are all correct. I have confirmed that I am speaking with the right person following the correct procedure. I then email them the list using my Sports Leaders UK account.

  • 7. 
    Which of the following actions break Sports Leaders UK policy? (Select all that apply)
    • A. 

      I save all of my information to my department’s folder on the shared S drive or to my personal Y drive only

    • B. 

      I forward work emails to my personal email so I can work on this information from home

    • C. 

      When logged in to terminal services I will save a document on to my personal laptop/computer/tablet so I can work on it offline. I then upload it again after I have finished

    • D. 

      I take a list of learner and tutor information with me out of the office on my memory stick/flash drive because it is encrypted

  • 8. 
    Where appropriate, which category of report can be distributed to members of the public?
    • A. 

      Category 1

    • B. 

      Category 2

    • C. 

      Category 3

    • D. 

      Category 4

  • 9. 
    When a customer contacts us to confirm/edit data we hold on them, how should we verify their identity? (Select all that apply)
    • A. 

      Information from their database record (e.g. email address)

    • B. 

      Name of first Pet

    • C. 

      Date of Birth

    • D. 

      Mothers Maiden Name

  • 10. 
    A member of Sports Leaders UK has been recruited to my department and will be starting to work in my team in two weeks time. What should I do before they start their new position?
    • A. 

      Request access to our S drive departmental folder and any database systems that my team use

    • B. 

      Request that they have any new equipment that may be relevant to their new position. (Monitor, laptop, mobile phone etc)

    • C. 

      Submit an NA1 form to the IT Service Desk

    • D. 

      Submit an AC1 form to HR

  • 11. 
    If you are provided with Sports Leaders UK portable equipment and you need to leave this in a vehicle overnight, how should this be stored? (Select all that apply)
    • A. 

      The vehicle is protected by an intruder alarm system which is in full working order, which will operate in the event of interference with the vehicle

    • B. 

      The portable equipment is concealed from view under a seat or floor mat and not visible from outside of the vehicle

    • C. 

      The doors of the vehicle are locked and all windows of the vehicle closed

    • D. 

      The portable equipment is concealed from view in a locked boot or covered luggage department

  • 12. 
    If a visitor requires internet access at Sports Leaders UK head office they may use which of the following facilities? (Select all that apply)
    • A. 

      The Sports Leaders UK primary wireless network (SportsLeadersUK)

    • B. 

      The Sports Leaders UK secondary wireless network (SLUK Guest)

    • C. 

      The Microsmiths / Linford Forum wireless network

    • D. 

      The Sports Leaders UK ‘Secured Port’

  • 13. 
    You are unexpectedly called by an external company. You have heard of the company before but are not sure if they have a contract with us or not. They ask that you allow them access to your computer so that they can fix a problem. What should you do? (Select all that apply)
    • A. 

      Give them your password and other login details that they may need to fix the problem

    • B. 

      Tell them they cannot have your password as we are not allowed to pass this out but let them connect to your computer to fix the problem as our support company have fixed issues by connecting to your computer on previous occasions

    • C. 

      Explain that you have not been notified and need to check that their request is valid. Call the IT Service Desk to verify and do not grant access until this has been confirmed

  • 14. 
    What are staff responsibilities to physical security in their work surroundings?  (Select all that apply)
    • A. 

      If they use any organisational mobile equipment they are responsible for ensuring it is kept safe and secure

    • B. 

      They are responsible for ensuring that no equipment is taken from their surroundings without authorisation

    • C. 

      They are responsible for ensuring that filing cabinets and doors that are their responsibility are locked and that any electronic equipment is locked or switched off before leaving the premises

  • 15. 
    If a third party of contractor wishes to work in an area that contains Sports Leaders UK information or needs computer access to a system what should you do to ensure confidentiality and to secure the area? (Select all that apply)
    • A. 

      Ensure that the third party or contractor has a formal agreement with us for the work and that it has been agreed

    • B. 

      Consider the risk of the third party or contractor having access and the necessity of the work then decide if access should be granted, denied or if their access should be monitored

    • C. 

      Ensure that keys are not left in filing cabinets and papers are filed away

    • D. 

      Ensure that computer equipment is locked, turned off or removed from the area

    • E. 

      Ensure that private rooms containing critical equipment of confidential information cannot be accessed

    • F. 

      Make other staff aware of their presence and where they are expected to need access to

  • 16. 
    What is a bulk email? (Select all that apply)
    • A. 

      Any email sent to 10 or less external users

    • B. 

      Any email sent to 15 or more external users

    • C. 

      Any email with an attachment larger than 10MB sent to an external user

  • 17. 
    What should you do if you exceed your 300MB storage limit? (Select all that are applicable)
    • A. 

      Create a personal folder (also known as a PST or archive file)

    • B. 

      Perform some 'housekeeping' on your email account

    • C. 

      Contact IT for assistance

    • D. 

      Do nothing as my department is allowed to store large amounts of data

  • 18. 
    If you receive a warning about a virus threat from a friend what should you do? (Select all that apply)
    • A. 

      Delete and ignore it as these type of emails can contain viruses or are a hoax

    • B. 

      Forward it to all staff in the organisation

    • C. 

      Send a new email to my friend and ask that they do not send me personal emails to my work email address

  • 19. 
    Which of the following actions is classed as unauthorised use of systems / electronic equipment? (Select all that apply)
    • A. 

      Using profanity while chatting by email to a colleague

    • B. 

      Logging in to my bank account at lunch time

    • C. 

      Using my work telephone or mobile to make a personal call without authorisation

    • D. 

      Sending an email to the Sports Leaders UK mailing list telling them that there are cakes in the kitchen at Head Office

    • E. 

      Sending an email to the Milton Keynes mailing list telling them that there are cakes in the kitchen at Head Office

  • 20. 
    What should you do if you receive a suspicious email? (Select all that apply)
    • A. 

      Move it to your junk folder or delete it

    • B. 

      Contact IT for assistance

    • C. 

      Open and read the email

Back to Top Back to top