The human resource department has just informed you about the termination of employment of an
employee. As the Information security manager, which of the following action should you take with
immediate effect?
Select one:
a. Invite the employee to hand over anything that belongs to the I.T department.
b. Revoke access to all authorised applications and software.
c. Compile a report about what the employee has been up to.
d. Check the CCTV footage for any suspcious activity.
Feedback
The correct answer is: Revoke access to all authorised applications and software.
Question 2
The acronym “BYOD” as an IT strategy/ policy in organisations stands for ___________
Select one:
a. Bring your own Device
b. Bring your own Data
c. Bring your organisation Device
d. Bring your own Dungle
Feedback
The correct answer is: Bring your own Device
Question 3
The principle in a security policy which involves giving each person the minimum access necessary to do
his or her job is referred to as ___________
Select one:
a. Single operator policy
b. Least privilege
c. Dual operator policy
d. Separation of duties
Feedback
The correct answer is: Least privilege
Question 4
,According to the Standard of Good Practice for Information Security (SGP), people management BEST
refers to ___________
Select one:
a. The human resource concept of managing human personel.
b. All aspects of security related to the behavior of employees and others who have access to the
organisation’s information and systems.
c. The understanding of human resources principles, that range from hiring, training, management and
supervising.
d. All aspects of Human Resources Management.
Feedback
The correct answer is: All aspects of security related to the behavior of employees and others who have
access to the organisation’s information and systems.
Question 5
As an information security manager, one of your security officers comes to you complaining about an
application that the company uses, but is blocked by the security tools you have recently implemented.
Which of the option below will be the best course of action to take?
Select one:
a. Blacklisting the application.
b. Acquire a new application that won’t be blocked by the new system.
c. Turning off the new security tools.
d. Whitelisting the application.
Feedback
The correct answer is: Whitelisting the application.
Question 6
With reference to user management, what is the main job of directory server?
Select one:
a. It manages user identity and authorisation data in a directory format.
b. It gives users access to the system.
c. It has the information of every user in the system
d. It logs every user in the system and records everything the user does.
Feedback
, The correct answer is: It manages user identity and authorisation data in a directory format.
Question 7
According to the European Union Agency for Network and Information Security (ENISA), the three main
processes in the development of an information security awareness program are
______________________
Select one:
a. Plan, Assess and Design; Execute and Manage; Evaluate and Adjust
b. Design and Develop; Implement and Monitor; Analyse and Change
c. Plan, Design and Develop; Execute and Manage; Evaluate and Adjust
d. Assess and Design; Execute and Manage; Analyse and Change
Feedback
The correct answer is: Plan, Assess and Design; Execute and Manage; Evaluate and Adjust
Question 8
A manager in a security firm was caught using company’s resources for personal gain. This behavious is
an example of ___________
Select one:
a. Malicious behaviour
b. Accidental behaviour
c. Non-accidental behaviour
d. Negligent behaviour
Feedback
The correct answer is: Malicious behaviour
Question 9
A behaviour that does not involve a motive to cause harm but does involve a conscious decision to act
inappropriately is called ___________
Select one:
a. Malicious behaviour
b. Non-accidental behaviour
c. Negligent behaviour
d. Accidental behaviour
employee. As the Information security manager, which of the following action should you take with
immediate effect?
Select one:
a. Invite the employee to hand over anything that belongs to the I.T department.
b. Revoke access to all authorised applications and software.
c. Compile a report about what the employee has been up to.
d. Check the CCTV footage for any suspcious activity.
Feedback
The correct answer is: Revoke access to all authorised applications and software.
Question 2
The acronym “BYOD” as an IT strategy/ policy in organisations stands for ___________
Select one:
a. Bring your own Device
b. Bring your own Data
c. Bring your organisation Device
d. Bring your own Dungle
Feedback
The correct answer is: Bring your own Device
Question 3
The principle in a security policy which involves giving each person the minimum access necessary to do
his or her job is referred to as ___________
Select one:
a. Single operator policy
b. Least privilege
c. Dual operator policy
d. Separation of duties
Feedback
The correct answer is: Least privilege
Question 4
,According to the Standard of Good Practice for Information Security (SGP), people management BEST
refers to ___________
Select one:
a. The human resource concept of managing human personel.
b. All aspects of security related to the behavior of employees and others who have access to the
organisation’s information and systems.
c. The understanding of human resources principles, that range from hiring, training, management and
supervising.
d. All aspects of Human Resources Management.
Feedback
The correct answer is: All aspects of security related to the behavior of employees and others who have
access to the organisation’s information and systems.
Question 5
As an information security manager, one of your security officers comes to you complaining about an
application that the company uses, but is blocked by the security tools you have recently implemented.
Which of the option below will be the best course of action to take?
Select one:
a. Blacklisting the application.
b. Acquire a new application that won’t be blocked by the new system.
c. Turning off the new security tools.
d. Whitelisting the application.
Feedback
The correct answer is: Whitelisting the application.
Question 6
With reference to user management, what is the main job of directory server?
Select one:
a. It manages user identity and authorisation data in a directory format.
b. It gives users access to the system.
c. It has the information of every user in the system
d. It logs every user in the system and records everything the user does.
Feedback
, The correct answer is: It manages user identity and authorisation data in a directory format.
Question 7
According to the European Union Agency for Network and Information Security (ENISA), the three main
processes in the development of an information security awareness program are
______________________
Select one:
a. Plan, Assess and Design; Execute and Manage; Evaluate and Adjust
b. Design and Develop; Implement and Monitor; Analyse and Change
c. Plan, Design and Develop; Execute and Manage; Evaluate and Adjust
d. Assess and Design; Execute and Manage; Analyse and Change
Feedback
The correct answer is: Plan, Assess and Design; Execute and Manage; Evaluate and Adjust
Question 8
A manager in a security firm was caught using company’s resources for personal gain. This behavious is
an example of ___________
Select one:
a. Malicious behaviour
b. Accidental behaviour
c. Non-accidental behaviour
d. Negligent behaviour
Feedback
The correct answer is: Malicious behaviour
Question 9
A behaviour that does not involve a motive to cause harm but does involve a conscious decision to act
inappropriately is called ___________
Select one:
a. Malicious behaviour
b. Non-accidental behaviour
c. Negligent behaviour
d. Accidental behaviour
