1.
Personal e-mail should not be used under any circumstances while at work.
Correct Answer
B. False
Explanation
Using personal e-mail at work is generally discouraged, but it is not always prohibited. Many companies have policies in place regarding the use of personal e-mail, and some may allow limited use for non-work-related purposes during designated break times. However, it is important to exercise caution and use personal e-mail responsibly to ensure that it does not interfere with work productivity or compromise sensitive information. Therefore, the statement that personal e-mail should not be used under any circumstances while at work is too absolute and not entirely accurate.
2.
“Client Data” includes the documents and email received for processing in addition to Discovia generated statements of work and service agreements
Correct Answer
B. False
Explanation
The statement is false because "Client Data" refers only to the documents and email received for processing, and does not include Discovia generated statements of work and service agreements.
3.
Discovia’s network is so secure that viruses cannot get in.
Correct Answer
B. False
Explanation
This statement is an overstatement and cannot be completely true. While Discovia's network may have strong security measures in place, it is impossible to claim that viruses cannot get in. No network can guarantee 100% protection against all types of viruses. It is always important to have additional security measures and precautions in place to minimize the risk of viruses and other cyber threats.
4.
Unless directed by the client to the contrary, client data should always be encrypted when stored on portable media.
Correct Answer
A. True
Explanation
Client data should always be encrypted when stored on portable media to ensure its security and prevent unauthorized access. Encrypting the data adds an extra layer of protection, making it more difficult for hackers or unauthorized individuals to read or use the information if the portable media is lost or stolen. This helps to maintain the confidentiality and integrity of the client's data, which is crucial for maintaining trust and compliance with data protection regulations.
5.
All of Discovia’s data is confidential
Correct Answer
B. False
Explanation
The statement "All of Discovia's data is confidential" is not true. It implies that every single piece of data owned by Discovia is confidential, which may not be the case. Some data might be confidential, but it is unlikely that all of Discovia's data falls under the category of confidential information. Therefore, the correct answer is False.
6.
Production media may be kept at my desk as long as it’s inside of the card key protected suite.
Correct Answer
B. False
Explanation
The statement is false because production media should not be kept at the desk, even if it is inside a card key protected suite. It is important to store production media in a secure and designated location to prevent unauthorized access or potential damage. Keeping it at the desk increases the risk of loss, theft, or accidental exposure to unauthorized individuals.
7.
If I use my mobile phone for Discovia purposes, I authorize Discovia to wipe my device under certain circumstances
Correct Answer
A. True
Explanation
The statement suggests that if the individual uses their mobile phone for Discovia purposes, they give permission to Discovia to delete or erase the data on their device in specific situations. This indicates that the individual acknowledges and accepts the potential consequences of using their mobile phone for Discovia activities, including the possibility of data deletion.
8.
No one should ask for my password except for IT
Correct Answer
B. False
Explanation
The statement "No one should ask for my password except for IT" implies that only the IT department should ask for the password. However, this is not true. It is important to be cautious and not share passwords with anyone, including the IT department. It is best to follow proper security protocols and only provide passwords when necessary and through secure channels. Sharing passwords can lead to unauthorized access and compromise of personal or sensitive information.
9.
E-mail is an acceptable means to receive client data if it’s just a few documents or a single PST.
Correct Answer
B. False
Explanation
The statement is false because e-mail is not an acceptable means to receive client data, even if it's just a few documents or a single PST. E-mail is not a secure method of transferring sensitive data, as it can be intercepted or hacked. It is recommended to use more secure methods such as encrypted file transfer or secure file sharing platforms to protect client data.
10.
You can opt out of using a laptop lock for your machine if you only work in the office
Correct Answer
B. False
Explanation
It is not advisable to opt out of using a laptop lock even if you only work in the office. While the risk of theft may be lower in the office, there is still a possibility of unauthorized access or theft by employees or visitors. Additionally, laptops are portable and can be easily taken outside of the office, increasing the risk of theft. Therefore, it is important to use a laptop lock to ensure the security of the device and any sensitive information it may contain.
11.
On my personally owned computer, I can save client data only when:
Correct Answer
E. None of the above
Explanation
The correct answer is "None of the above" because none of the given conditions specify the criteria for saving client data on the personally owned computer. The question suggests that there might be other requirements or conditions not mentioned in the options that determine when client data can be saved.
12.
A client reports possible corruption of source files while conducting doc review. To investigate the source of the trouble:
Correct Answer
C. The file should be examined from the network drive or download locally to an Operations virtual machine or Forensics lab computer.
Explanation
The correct answer is to examine the file from the network drive or download it locally to an Operations virtual machine or Forensics lab computer. This approach allows for a thorough examination of the file while minimizing the risk of further corruption or loss of data. By analyzing the file in a controlled environment, the project manager can accurately assess the extent of the corruption and determine the appropriate course of action for repair or recovery.
13.
Personal use of the company’s computers or internet access is allowed provided that:
Correct Answer
E. All of the above.
Explanation
The correct answer is "All of the above" because the statement includes all the conditions that need to be met for personal use of the company's computers or internet access to be allowed. These conditions include: the usage being reasonable and not interfering with job performance or business efficiency, not using the Discovia email address for non-business purposes, not conducting Discovia business on non-business email accounts, and not installing unlicensed or unapproved applications.
14.
Installing software is ok as long as:
Correct Answer
D. It is approved for use by IT Operations
Explanation
Installing software on a computer should only be done if it is approved for use by IT Operations. This ensures that the software is compatible with the system and meets the necessary security and operational requirements. Installing software without approval can lead to compatibility issues, security vulnerabilities, and potential violations of company policies. Therefore, it is important to follow the proper procedures and obtain approval before installing any software on a computer.
15.
If I believe a computer has been infected by a virus I should:
Correct Answer
E. B,C, and D
Explanation
If a computer is believed to be infected by a virus, it is important to notify the IT department so that they can take appropriate action to address the issue. Preserving the current state of the operating system is also crucial as it can help in identifying the virus and potentially recovering any lost data. Disconnecting the computer from the network is necessary to prevent the virus from spreading to other systems. Therefore, options B, C, and D are all necessary steps to take in such a situation.
16.
I can buy stock in a Discovia client or end-client company:
Correct Answer
F. C and D
Explanation
The correct answer is C and D. This means that you can buy stock in a Discovia client or end-client company only with CEO and/or President approval, and if you intend to keep the stock for at least a year. This indicates that there are certain restrictions and conditions in place for buying stock in these companies, and it requires the approval of higher-level executives.
17.
The threats Discovia faces, which I have control over include:
Correct Answer
F. All of the above
Explanation
The correct answer is "All of the above". This means that Discovia faces all of the mentioned threats, including insider trading, viruses, social engineering, password leakage, and spyware. These threats can potentially harm the company's security and confidentiality. Insider trading refers to the illegal practice of trading stocks based on non-public information. Viruses can infect computer systems and disrupt operations. Social engineering involves manipulating individuals to gain unauthorized access. Password leakage refers to the unauthorized disclosure of passwords. Spyware is malicious software that gathers information without the user's consent. Therefore, all these threats pose risks to Discovia.
18.
Using my personal laptop or home computer for company business is approved if:
Correct Answer
A. The usage is limited to Terminal Server or OWA and company data is not stored locally
Explanation
The correct answer states that using personal laptops or home computers for company business is approved only if the usage is limited to Terminal Server or OWA (Outlook Web Access) and company data is not stored locally. This means that employees can access company resources and perform work tasks using these approved methods, but they should not save any company data on their personal devices. This helps to ensure the security and integrity of company information.
19.
In the context of the Discovia security and awareness training CIA stands for:
Correct Answer
A. Confidentiality, Integrity, Availability
Explanation
The correct answer is Confidentiality, Integrity, Availability. In the context of Discovia security and awareness training, CIA refers to these three principles. Confidentiality ensures that information is only accessible to authorized individuals. Integrity ensures that information remains accurate and unaltered. Availability ensures that information is accessible to authorized individuals when needed. This acronym is commonly used in the field of information security to emphasize the importance of these principles in protecting data and systems.
20.
The published up-to-date policy and plan documents relevant to the company’s Information Security and Risk Management plan can be obtained from:
Correct Answer
A. Http://DiscoNet
Explanation
The correct answer is http://DiscoNet. This is because the question asks for the source from which the published policy and plan documents can be obtained. Among the given options, only the URL http://DiscoNet is a source that can provide the documents. The other options such as the network F:\ Drive, the employee handbook, my new hire paperwork, and binders conveniently located in the office do not specifically mention providing the published policy and plan documents.