ISMS Test Quiz Questions And Answers

Locking your computer with Windows+L keys is an effective way to protect data from being stolen while going for lunch. When you lock your computer, it requires a password or PIN to unlock, preventing unauthorized access to your files and information. This ensures that even if someone tries to access your computer while you are away, they will be unable to view or steal any sensitive data.

In the event of a scheduled fire drill in your facility, it is important to participate in the drill. This is because fire drills are conducted to ensure that individuals are familiar with the emergency procedures and evacuation routes in case of a real fire. By participating in the drill, you can practice the necessary actions and help ensure the safety of yourself and others in the event of an actual fire emergency.

Sharing passwords with others is a serious violation of security protocols and can lead to unauthorized access to sensitive information. Termination is the most severe punishment an employee can receive for such an offense as it demonstrates a lack of trust and responsibility. It sends a strong message to other employees about the importance of maintaining confidentiality and protecting company assets. This punishment ensures that the employee is held accountable for their actions and serves as a deterrent for others who may consider engaging in similar behavior.

An Access Control List (ACL) is a reference that determines who has access to data or documents. It is a list of permissions associated with an object, such as a file or folder, that specifies which users or groups are granted access and the type of access they have. By referring to the ACL, one can identify the individuals or entities that are authorized to view, modify, or delete specific data or documents. The other options, MAsterlist of Project Records (MLPR) and Data Classification Label, do not specifically indicate access rights and permissions.

If an employee is caught abusing the internet, they will instantly receive an IR (incident report) instead of a mere warning. This implies that the consequence for such an offense is severe and immediate, indicating that the company has a zero-tolerance policy towards internet abuse. The use of the word "instantly" suggests that there is no leniency or opportunity for a warning or second chance in such cases. Therefore, the statement is true.

Malware is a term used to describe malicious software that is created or used by hackers to disrupt computer operations, gain unauthorized access to private information, or infiltrate private computer systems. It encompasses a wide range of harmful software, including viruses, worms, spyware, ransomware, and adware. These malicious programs are designed to exploit vulnerabilities in computer systems and networks, allowing hackers to carry out various nefarious activities such as stealing sensitive data, damaging or disabling computer systems, or gaining unauthorized control over them.

Lack of adequate security controls refers to the absence or insufficiency of measures put in place to protect a system or network from potential risks and attacks. This creates a vulnerability, which is a weakness or flaw in the system that can be exploited by threats. Vulnerabilities can lead to unauthorized access, data breaches, or other malicious activities that can have a significant impact on the assets, such as sensitive information or resources, within the system. Therefore, the lack of adequate security controls increases the likelihood of vulnerabilities, making it the correct answer.

CCTV, access control systems, and security guards are all measures that are put in place to physically protect a location or premises. These measures are designed to prevent unauthorized access, monitor activities, and ensure the safety and security of people and assets. Therefore, the correct answer is Physical Security.

The statement is generally false. While it may be acceptable to leave laptops in locked bins during weekdays, it is not recommended to leave them unattended over the weekend. It's essential to follow company policies and best practices for securing electronic devices, such as storing them in a secure location or taking them home when not in use for extended periods.

An employee who is caught temporarily keeping an MP3 file in the workstation may still be eligible for IR (Industrial Relations) depending on the company's policies and the severity of the offense. The statement "IR will not be given" implies a blanket rule that does not consider any mitigating factors or potential disciplinary actions. Therefore, the correct answer is False.