Home
Courses
Comply Catch-Up
Tools & Templates
Register
Log In

Select Page

ISO 27001 – Security Training ISO Questionnaire

ISO Questionnaire

This quiz will contain 15 total questions.

We will ask you a series of questions that will be related to the information you have read on the previous page. Our knowledge on this topic is vital for remaining aware of any security threats to the company.

To complete this quiz, you must get all questions correct. If you do not manage to get all questions correct, you can start over the quiz as many times as you would like to.

Time limit: 0

Quiz Summary

0 of 15 Questions completed

Questions:

Information

You have already completed the quiz before. Hence you can not start it again.

Quiz is loading…

You must sign in or sign up to start the quiz.

You must first complete the following:

Results

Quiz complete. Results are being recorded.

Results

0 of 15 Questions answered correctly

Your time:

Time has elapsed

You have reached 0 of 0 point(s), (0)

Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)

Categories

Course 1, Module 5 0%
ISO 0%

You have failed the ISO Questionnaire. Please try again.
You have passed the ISO Questionnaire. Please head back to the main course page, where you can download your Certificate of Completion.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

Current
Review
Answered
Correct
Incorrect

Question 1 of 15

1. Question
When using a BYOD, when is it acceptable to connect to a public wifi network?
- 1. Always, the implemented firewalls completely protect client data
- 2. In case of client emergency.
- 3. Never
Correct

Incorrect
Question 2 of 15

2. Question
Under the Information Classification Policy, who has access to information classed as INTERNAL?
- 1. Employees and all external third parties.
- 2. Employees and selected external third parties.
- 3. Selected employees.
Correct

Incorrect
Question 3 of 15

3. Question
In a secure password, how many characters should be used?
- 1. Five.
- 2. Nine.
- 3. Twelve.
Correct

Incorrect
Question 4 of 15

4. Question
How regularly should passwords be changed?
- 1. Every month.
- 2. Every six months.
- 3. Annually.
Correct

Incorrect
Question 5 of 15

5. Question
In the case of a short absence (30 minutes or less) how should information be protected under the Clear Screen policy?
- 1. Lock the workstation behind a password.
- 2. Log out of all systems and turn off the laptop.
- Due to the small-time window, no controls need to be taken.
Correct

Incorrect
Question 6 of 15

6. Question
In the case of an extended absence (more than 30 minutes) how should information be protected under the Clear Screen policy?
- 1. Lock the workstation behind a password.
- 2. Log out of all systems and turn off the laptop.
- 3. Due to the small-time window, no controls need to be taken.
Correct

Incorrect
Question 7 of 15

7. Question
For which classification of data must a record of destruction be kept?
- 1. Public, Internal, Restricted and Confidential.
- 2. No record of destruction is needed for any data.
- 3. Restricted and Confidential.
Correct

Incorrect
Question 8 of 15

8. Question
Who should security incidents be reported to?
- 1. Information Security Officer.
- 2. CEO.
- 3. No-one, issues will resolve themselves.
Correct

Incorrect
Question 9 of 15

9. Question
How should the Information Security Officer be informed of a major security incident?
- 1. Via email or call.
- 2. Via letter.
- 3. Exclusively in person.
Correct

Incorrect
Question 10 of 15

10. Question
Which of the following actions would breach the Clear Screen Policy?
- 1. An employee locking their laptop when not present at their desk.
- 2. An employee leaving confidential written documents on their desk.
- 3. An employee not locking their laptop when away for lunch.
Correct

Incorrect
Question 11 of 15

11. Question
Which of the following methods could be used to protect sensitive data?
- 1. Passwords.
- 2. Restricted file permissions.
- 3. Both.
Correct

Incorrect
Question 12 of 15

12. Question
What is the most secure method of storing passwords?
- 1. Using third party password software.
- 2. Writing them down.
- 3. Using an approved password management system.
Correct

Incorrect
Question 13 of 15

13. Question
What should you do when you receive a suspicious email?
- 1. Open it and click on the internal links.
- 2. Delete this without opening it and inform the Information Security Officer if you suspect a problem.
- 3. Forward it on to the CEO for checking.
Correct

Incorrect
Question 14 of 15

14. Question
Should minor security incidents be reported to the Information Security Officer?
- 1. Yes.
- 2. No, these should be raised directly to the CEO.
- 3. No.
Correct

Incorrect
Question 15 of 15

15. Question
What should you do if you think your password has been compromised?
- 1. Change your password.
- 2. Report the incident to the Information Security Officer.
- 3. Both.
Correct

Incorrect

Company

Legal

Terms and Conditions

stackedregandqasv3

Comply Exchange is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: NASBAregistry.org.