This free survey is powered by
QUESTIONPRO.COM
Create a Survey
Surveys
2011
June
I
Information security
Information security
0%
Exit Survey »
Thank you for taking the time to participate in this assessment of your knowledge of Ausgrid's Information Security Policy and practices.
By completing this assessment and the one immediately following the computer based training (CBT) you will undertake we will be able to understand what modifications we may need to make to the training and awareness campaigns.
Thank you very much for your time and support. Please start with the assessment now by clicking on the
Continue
button below.
*
Name
*
Who must comply with Ausgrid’s Information Security Policy?
All employees, contractors and third parties who use Ausgrid’s information assets
All IT staff because they are the only people that deal with Ausgrid’s information assets
Only managers
Employees, but not contractors because contractors will not have access to Ausgrid’s information assets
In this question, four situations are presented (rows). Consider each in relation to the Information Security Policy, and match it to the information security issue (columns) it relates to. Please enter a 'Yes' or 'No' in each box.
Software circumvents protection mechanisms
Copyright breach
Protection against viruses
Unauthorised access
*
Do not use Gmail to send work related emails
*
Do not store unlicensed materials on Ausgrid systems
*
Do not re-configure antivirus systems on Ausgrid’s assets
*
Information assets should be handled according to their classification
*
Information assets can be classified into four levels according to the type and value of information that the asset contains. Put these levels in order from lowest classification level to highest: 1 (lowest) to 4 (highest).
PROTECTED
-- Select --
1
2
3
4
X-IN-CONFIDENCE
-- Select --
1
2
3
4
HIGHLY PROTECTED
-- Select --
1
2
3
4
UNCLASSIFIED
-- Select --
1
2
3
4
In this question, three principles regarding the handling of information assets are shown. Can you match each principle (row) to its relevant information security issue (column)? Please enter a 'Yes' or 'No' in each box.
Clean desk policy
Encryption
Classification
*
Hard copies of information assets should be locked away when not in use
*
Information should be stored securely
*
Information assets should be appropriately labelled
*
John has finished reading a copy of a PROTECTED paper document. He now needs to dispose of it. What is the correct way for John to do this?
Take it home and dispose of it
Shred it or put it in a secure document bin
Throw it in the rubbish bin under his desk.
Leave it on his desk
*
Joseph has a report that is classified as PROTECTED on his PC tablet. He intends to take this tablet out into the field with him today. Select the statement that is incorrect.
The tablet should be secured at all times
The report must be encrypted on the tablet
Joseph should not allow others to use his tablet with his log-on ID
Joseph is never permitted to take his tablet into the field
*
Which of the following statements is correct?
A criminal history check is conducted by the Australian Federal Police sometime within the first six months of a person’s employment at Ausgrid
A criminal history check is conducted by the Australian Federal Police before a person starts work at Ausgrid
If a person fails a criminal history check, they will only have access to documents classified as UNCLASSIFIED documents
A criminal history check is only conducted if a person is to be employed as a manager at Ausgrid
*
From the four options presented to the right, select the strongest password.
$H0l1day5%
Password1
JohnSmith9
Obts3
*
Select the option that represents a reason for monitoring activities like email and Internet access.
It helps Ausgrid to protect its information assets
It acts as a quality assurance on the correspondence that happens between Ausgrid and its customers
It enables managers to keep track of how well their teams are performing
It enables Ausgrid to collect personal data about its employees
*
Select the most accurate statement regarding IT security incidents.
In certain circumstances you are authorised to by-pass security controls
You have a responsibility to only report an IT security incident if you are sure that someone has broken the law
You have a responsibility to only access Ausgrid information that you have been given authorisation for
You have a responsibility to use Ausgrid IT resources appropriately, but you have no responsibility to observe or respond to the IT activities of the employees around you
Ausgrid Information Security Policy and practices assessment 2011.
Loading...
close
Loading...
Close
qpweb2.questionpro.net