This free survey is powered by QUESTIONPRO.COM
  1. Surveys
  2. 2011
  3. June
  4. I
  5. Information security

Information security

0%
Exit Survey »
 
 
Thank you for taking the time to participate in this assessment of your knowledge of Ausgrid's Information Security Policy and practices.

By completing this assessment and the one immediately following the computer based training (CBT) you will undertake we will be able to understand what modifications we may need to make to the training and awareness campaigns.

Thank you very much for your time and support. Please start with the assessment now by clicking on the Continue button below.
 
 
 
* Name
   
 
 
 
* Who must comply with Ausgrid’s Information Security Policy?
 
All employees, contractors and third parties who use Ausgrid’s information assets
 
All IT staff because they are the only people that deal with Ausgrid’s information assets
 
Only managers
 
Employees, but not contractors because contractors will not have access to Ausgrid’s information assets
 
 
In this question, four situations are presented (rows). Consider each in relation to the Information Security Policy, and match it to the information security issue (columns) it relates to. Please enter a 'Yes' or 'No' in each box.
Software circumvents protection mechanisms Copyright breach Protection against viruses Unauthorised access
* Do not use Gmail to send work related emails
* Do not store unlicensed materials on Ausgrid systems
* Do not re-configure antivirus systems on Ausgrid’s assets
* Information assets should be handled according to their classification
 
 
 
* Information assets can be classified into four levels according to the type and value of information that the asset contains. Put these levels in order from lowest classification level to highest: 1 (lowest) to 4 (highest).
PROTECTED
HIGHLY PROTECTED
UNCLASSIFIED
X-IN-CONFIDENCE
 
 
In this question, three principles regarding the handling of information assets are shown. Can you match each principle (row) to its relevant information security issue (column)? Please enter a 'Yes' or 'No' in each box.
Clean desk policy Encryption Classification
* Hard copies of information assets should be locked away when not in use
* Information should be stored securely
* Information assets should be appropriately labelled
 
 
 
* John has finished reading a copy of a PROTECTED paper document. He now needs to dispose of it. What is the correct way for John to do this?
 
Shred it or put it in a secure document bin
 
Throw it in the rubbish bin under his desk.
 
Leave it on his desk
 
Take it home and dispose of it
 
 
 
* Joseph has a report that is classified as PROTECTED on his PC tablet. He intends to take this tablet out into the field with him today. Select the statement that is incorrect.
 
Joseph is never permitted to take his tablet into the field
 
Joseph should not allow others to use his tablet with his log-on ID
 
The tablet should be secured at all times
 
The report must be encrypted on the tablet
 
 
 
* Which of the following statements is correct?
 
A criminal history check is only conducted if a person is to be employed as a manager at Ausgrid
 
If a person fails a criminal history check, they will only have access to documents classified as UNCLASSIFIED documents
 
A criminal history check is conducted by the Australian Federal Police before a person starts work at Ausgrid
 
A criminal history check is conducted by the Australian Federal Police sometime within the first six months of a person’s employment at Ausgrid
 
 
 
* From the four options presented to the right, select the strongest password.
 
$H0l1day5%
 
Password1
 
JohnSmith9
 
Obts3
 
 
 
* Select the option that represents a reason for monitoring activities like email and Internet access.
 
It enables managers to keep track of how well their teams are performing
 
It enables Ausgrid to collect personal data about its employees
 
It acts as a quality assurance on the correspondence that happens between Ausgrid and its customers
 
It helps Ausgrid to protect its information assets
 
 
 
* Select the most accurate statement regarding IT security incidents.
 
You have a responsibility to only report an IT security incident if you are sure that someone has broken the law
 
You have a responsibility to only access Ausgrid information that you have been given authorisation for
 
In certain circumstances you are authorised to by-pass security controls
 
You have a responsibility to use Ausgrid IT resources appropriately, but you have no responsibility to observe or respond to the IT activities of the employees around you
 
Ausgrid Information Security Policy and practices assessment 2011.
Survey Software Powered by QuestionPro Survey Software