Information Security Policy Review Quiz

Information Security Policy Review Quiz
Note: This quiz reflects the policies and standards included in our product
(The product has over 70 challenging questions in 10 categories)
Close Window

Test Yourself: Select the BEST Response

1. The security policy is intended to:
A. Restrict Access to company resources
B. Define what is expected in or of an organization

2. If you are not sure whether or not the statement you are about to make would be considered harassment you should:
A. Contact the appropriate expertise before making the statement
B. Not make the statement

3. The company provides computer, network, and application assets to conduct company business. Which statement below is true?
A. Limited non-business use is allowed provided it does not interfere with the company's mission and in violation of company policies.
B. Employees may use company assets for any purpose provided it is during non-business hours and not on company property.

4. The principle of non-repudiation refers to:
A. The ability of the originator or receiver of a message to falsely deny an action or inaction
B. The ability of an unauthorized or disgruntled user to deny service/access to information by encryption

5. Which of the following aspects of accountability assures that subjects (user entities) are who they claim to be?
A. Identification B. Authentication C. Audit

6. Object Reuse refers to:
A. Passing control and access to programs and data from one subject to another.
B. Protecting Temporary files and objects from unauthorized access and use when discarded.

7. All networks are vulnerable to internal and external attacks. The probability of a successful attack is contingent upon steps taken to protect the weakest links. Network vulnerabilities are often directly attributed to:
A. User carelessness, lack of security standards, and weak network or server safeguards.
B. Hacker/cracker creativity, networking, and attack tools.

TOP