Discovia Security Awareness Training

The correct answer is "All of the above". This means that Discovia faces all of the mentioned threats, including insider trading, viruses, social engineering, password leakage, and spyware. These threats can potentially harm the company's security and confidentiality. Insider trading refers to the illegal practice of trading stocks based on non-public information. Viruses can infect computer systems and disrupt operations. Social engineering involves manipulating individuals to gain unauthorized access. Password leakage refers to the unauthorized disclosure of passwords. Spyware is malicious software that gathers information without the user's consent. Therefore, all these threats pose risks to Discovia.

Client data should always be encrypted when stored on portable media to ensure its security and prevent unauthorized access. Encrypting the data adds an extra layer of protection, making it more difficult for hackers or unauthorized individuals to read or use the information if the portable media is lost or stolen. This helps to maintain the confidentiality and integrity of the client's data, which is crucial for maintaining trust and compliance with data protection regulations.

This statement is an overstatement and cannot be completely true. While Discovia's network may have strong security measures in place, it is impossible to claim that viruses cannot get in. No network can guarantee 100% protection against all types of viruses. It is always important to have additional security measures and precautions in place to minimize the risk of viruses and other cyber threats.

The correct answer is "All of the above" because the statement includes all the conditions that need to be met for personal use of the company's computers or internet access to be allowed. These conditions include: the usage being reasonable and not interfering with job performance or business efficiency, not using the Discovia email address for non-business purposes, not conducting Discovia business on non-business email accounts, and not installing unlicensed or unapproved applications.

The correct answer is Confidentiality, Integrity, Availability. In the context of Discovia security and awareness training, CIA refers to these three principles. Confidentiality ensures that information is only accessible to authorized individuals. Integrity ensures that information remains accurate and unaltered. Availability ensures that information is accessible to authorized individuals when needed. This acronym is commonly used in the field of information security to emphasize the importance of these principles in protecting data and systems.

The correct answer is http://DiscoNet. This is because the question asks for the source from which the published policy and plan documents can be obtained. Among the given options, only the URL http://DiscoNet is a source that can provide the documents. The other options such as the network F:\ Drive, the employee handbook, my new hire paperwork, and binders conveniently located in the office do not specifically mention providing the published policy and plan documents.

The statement suggests that if the individual uses their mobile phone for Discovia purposes, they give permission to Discovia to delete or erase the data on their device in specific situations. This indicates that the individual acknowledges and accepts the potential consequences of using their mobile phone for Discovia activities, including the possibility of data deletion.

The correct answer is "None of the above" because none of the given conditions specify the criteria for saving client data on the personally owned computer. The question suggests that there might be other requirements or conditions not mentioned in the options that determine when client data can be saved.

The statement "No one should ask for my password except for IT" implies that only the IT department should ask for the password. However, this is not true. It is important to be cautious and not share passwords with anyone, including the IT department. It is best to follow proper security protocols and only provide passwords when necessary and through secure channels. Sharing passwords can lead to unauthorized access and compromise of personal or sensitive information.

It is not advisable to opt out of using a laptop lock even if you only work in the office. While the risk of theft may be lower in the office, there is still a possibility of unauthorized access or theft by employees or visitors. Additionally, laptops are portable and can be easily taken outside of the office, increasing the risk of theft. Therefore, it is important to use a laptop lock to ensure the security of the device and any sensitive information it may contain.

If a computer is believed to be infected by a virus, it is important to notify the IT department so that they can take appropriate action to address the issue. Preserving the current state of the operating system is also crucial as it can help in identifying the virus and potentially recovering any lost data. Disconnecting the computer from the network is necessary to prevent the virus from spreading to other systems. Therefore, options B, C, and D are all necessary steps to take in such a situation.

Installing software on a computer should only be done if it is approved for use by IT Operations. This ensures that the software is compatible with the system and meets the necessary security and operational requirements. Installing software without approval can lead to compatibility issues, security vulnerabilities, and potential violations of company policies. Therefore, it is important to follow the proper procedures and obtain approval before installing any software on a computer.

The statement is false because e-mail is not an acceptable means to receive client data, even if it's just a few documents or a single PST. E-mail is not a secure method of transferring sensitive data, as it can be intercepted or hacked. It is recommended to use more secure methods such as encrypted file transfer or secure file sharing platforms to protect client data.

The statement is false because production media should not be kept at the desk, even if it is inside a card key protected suite. It is important to store production media in a secure and designated location to prevent unauthorized access or potential damage. Keeping it at the desk increases the risk of loss, theft, or accidental exposure to unauthorized individuals.

The correct answer is to examine the file from the network drive or download it locally to an Operations virtual machine or Forensics lab computer. This approach allows for a thorough examination of the file while minimizing the risk of further corruption or loss of data. By analyzing the file in a controlled environment, the project manager can accurately assess the extent of the corruption and determine the appropriate course of action for repair or recovery.

The correct answer states that using personal laptops or home computers for company business is approved only if the usage is limited to Terminal Server or OWA (Outlook Web Access) and company data is not stored locally. This means that employees can access company resources and perform work tasks using these approved methods, but they should not save any company data on their personal devices. This helps to ensure the security and integrity of company information.

Using personal e-mail at work is generally discouraged, but it is not always prohibited. Many companies have policies in place regarding the use of personal e-mail, and some may allow limited use for non-work-related purposes during designated break times. However, it is important to exercise caution and use personal e-mail responsibly to ensure that it does not interfere with work productivity or compromise sensitive information. Therefore, the statement that personal e-mail should not be used under any circumstances while at work is too absolute and not entirely accurate.

The correct answer is C and D. This means that you can buy stock in a Discovia client or end-client company only with CEO and/or President approval, and if you intend to keep the stock for at least a year. This indicates that there are certain restrictions and conditions in place for buying stock in these companies, and it requires the approval of higher-level executives.

The statement "All of Discovia's data is confidential" is not true. It implies that every single piece of data owned by Discovia is confidential, which may not be the case. Some data might be confidential, but it is unlikely that all of Discovia's data falls under the category of confidential information. Therefore, the correct answer is False.

The statement is false because "Client Data" refers only to the documents and email received for processing, and does not include Discovia generated statements of work and service agreements.