iSecurity Quiz Answers MCQ 2023 - Course Id - 7408 | TCS iEvolve MCQ | Part 3

Part 1

Part 2

Question 1: Where classification is not specified by the client, such information does not require any specific protection. Is this statement True or False?

A. TRUE

B. FALSE

Answer: B (FALSE)

Question 2: You are under pressure and a bit dejected when you receive an e-mail from a friend on your official mail ID. Your friend has asked you to forward the e-mail to at least ten people. If you do so, a miracle would take place in your life within the next 24 hours, or else a mishap would take place. What should you do in such a scenario?

A. You should forward this e-mail to 10 of your friends ensuring that all are in the Company and the e-mail is forwarded to their Company ID.

B. You should ignore such e-mails and delete them.

C. You should forward the e-mail to your friends as there is no confidentiality violation, and you are not doing it with any fraudulent intent.

D. You should not forward or even solicit emails that are unrelated to business activities or for personal gain.

Answer: B and D

Question 3: You are not allowed to classify any information as Public without authorization. Is this statement True or False?

A. TRUE

B. FALSE

Answer: A (TRUE)

Question 4: Rohit is a project leader for a team of 30 people. He has to catch an evening flight and so is leaving the office a bit early. He was requested for laptop verification at the security desk while leaving the office. What should Rohit do?

A. Rohit is a project leader, so there is no need for him to give his laptop for verification.

B. As security has checked the laptop while entering the office, there is no need to check while leaving the office.

C. Being a laptop user, Rohit should cooperate with a security person for laptop verification.

D. Rohit should expect a waiver since he has to catch the flight.

Answer: C

Question 5: You are working overseas at a client location and need to use the data when you return to your home country. How will you ensure data availability?

A. Copy the data to a personal laptop.

B. Upload the data on the internet.

C. Copy the data on a personal USB drive and carry it with you.

D. Carry the data with you with client permission.

Answer: D

Question 6: You receive a call from your friend asking you to leave immediately as there is some unrest in a certain part of the city. Which of these is the most appropriate action for you to take?

A. You will leave immediately without informing anybody.

B. You will inform everyone about the call and ask them to leave as well.

C. Ask your friends in the office and try to confirm whether they are aware of such unrest.

D. Inform the Admin/ML about the call and wait for their instructions.

Answer: D

Question 7: You are taking a printout of a debugging code you have written. What precautions do you need to take?

A. Collect the printouts immediately.

B. If the paper jams, remove the paper and shred it.

C. Collect the printout next time you take a break.

D. Ensure that the printout is classified properly.

Answer: A, B, and D

Question 8: The primary reason for which I am not allowed to store unlicensed music files on Company assets is that:

A. Company is against music.

B. My manager would not like it.

C. It is a copyright violation.

D. It occupies hard disk space.

Answer: C

Question 9: The client has sent you some data on a USB stick. What are the mandatory steps that you need to follow?

A. Need to declare the media at the reception.

B. If the media has to be connected to the Company network, it should be scanned by IS for a virus.

C. After approval by IS, it should be approved by OU/Sub OU/SSG ISM to copy the required data.

D. IS team will copy the required information onto an appropriate location.

Answer: All of the above

Question 10: While working on an assignment where you are an administrator for the database, your password

A. Can be shared with a team member if a need arises.

B. Can be shared with clients if they ask for it.

C. Can be shared with a supervisor only.

D. Should never be disclosed to anyone or shared with anyone.

Answer: D

Question 11: One day when you log on to your e-mail, you find that there is an unsolicited e-mail having abusive and offensive content in your Inbox. What should you do?

A. Forward such e-mails to your colleagues.

B. Report an incident along with the evidence (Header information and copy of e-mail) and then delete such e-mails from your mailbox.

C. Save such e-mails for future use.

D. Do nothing.

Answer: B

Question 12: You are attending an important telecon with your client manager. All of a sudden, you hear a fire alarm. What should you do?

A. Continue with the call as these alarms are part of regular drills, and your meeting is important.

B. Inform the client at the other end about the fire alarm and evacuate the building using the closest fire exit along with others.

C. Contact your ISM and inform them about the situation and take approval to continue with the call.

D. Drop an email to the Admin about your presence in the building and that you are not evacuating due to an important call with the client.

Answer: B

Question 13: What data would you typically select for the backup?

A. Taking regular backup is just a recommendation, so no backup is really required.

B. Only a large amount of data.

C. All of your personal data.

D. Data that will impact the project execution thus impacting Company or its customer.

Answer: D

Question 14: You are on leave when you receive an urgent call from your supervisor asking for your login credentials so that another team member can log in and complete the pending request. What should you do in such a situation?

A. You should share your credentials as work is being affected.

B. You should share your credentials because even if something goes wrong, you are not responsible for being on leave.

C. You should raise a security incident.

D. You should not share your credentials.

Answer: C and D

Question 15: You have been working from home on your laptop. What do you need to do when you connect to the Company network?

A. Ensure that the latest patches are updated.

B. Restart the machine after patch deployment, if required.

C. Ensure that the latest antivirus is updated.

D. None of the above.

Answer: A, B, and C

Question 16: Due care must be taken for virus check while opening encrypted attachments as compared to unencrypted attachments in e-mail. Is this statement True or False?

A. TRUE

B. FALSE

Answer: A (TRUE)

Question 17: Where can you find the Company process for Business Continuity Management?

A. In IQMS Wiki

B. In KNOWMAX

C. In Integrated Project Management System (IPMS)

D. In Enterprise Process Web (EPW)

Answer: A

Question 18: You have a business need to use a Company-based chat messenger not approved by the Company. What should you do?

A. Download it directly for use as it is a business need.

B. Connect with your ISM to discuss the risks involved and the feasible solution.

C. Since the client has asked you, you should expect IS to install it directly.

D. Get supervisor approval and install it.

Answer: B

Question 19: Your college friend shares with you code for an e-mail agent that can auto-respond to specific users with pre-defined content. Is it appropriate for you to implement this agent in the Company for a specific business purpose?

A. YES

B. NO

Answer: B

Question 20: Tom has joined a project. He has been assigned a desktop. This desktop was used by Jerry, who is now released from the project. Upon logging on, Tom found personal non-business data like music and movie files stored on the computer by Jerry. If you were Tom, what action would you take?

A. You must inform the IS team to remove Jerry's personal files from the desktop.

B. You must inform Jerry to take copies of his personal files and delete them from the desktop.

C. You can send Jerry's personal files through e-mail to Jerry.

D. You should raise an information security incident in the security Incident reporting tool.

Answer: D

Question 21: You receive an e-mail on your Company ID which has a personal business proposal not related to the Company. Is it appropriate to reply?

A. It is ok since no confidential information is being shared.

B. It is inappropriate since the e-mail is for personal gain and unrelated to your work.

C. It is okay to respond to the e-mail after office hours or on a weekend.

D. No, such activities should be done using personal e-mail IDs only.

Answer: B and D

Question 22: When you have to retain the information, which factors should be considered for the retention period?

A. Company Retention policy

B. Regulatory requirements

C. Project duration

D. Contractual requirements

Answer: All of the above

Question 23: You just received an e-mail from your bank asking you to confirm your online activities by logging on to your account within a week. What is the best course of action to take?

A. If possible, call your bank to confirm the authenticity of the e-mail. If you can't reach your bank, don't click the link but visit your account by manually entering the URL of the bank.

B. Follow the link provided in the e-mail and enter your login information – after all, the e-mail has your bank's logo and looks legitimate.

C. Set up my anti-spam software to automatically purge messages received from people not listed in my contacts.

D. I know it's phishing, so I will just put false information in to fool the hackers. It is not my information; they cannot do anything to harm me.

Answer: A

Question 24: To whom should you express your concerns and suggestions related to information security at your location?

A. Information Security Manager

B. Security Guard

C. Admin Head

D. HR Manager

Answer: A

Question 25: A top government official is coming to visit you in one of the Company offices. This person is a prospective client for the Company. Select the appropriate choices to handle the visitor access for such officials

A. Since the person is a prospective client and high-profile government official, you need not follow the visitor management process.

B. It is allowed to completely avoid the visitor process for such visitors.

C. You are busy completing daily tasks and hence should request someone from admin to escort the official.

D. You should obtain all the details in advance and keep things ready so that minimal time is spent while issuing the visitor pass.

Answer: D

Part 1

Part 2