PDF 04
PDF 04
PDF 04
Loss of hardware
Loss of data
Loss of software
Loss of printouts
Your security settings are not allowing you to download an important e-mail attachment sent by your customer. What should
you do?
Disable the security settings temporarily and download attachment
Explain the issue to the customer and request them to reshare the attachment in different format
Inform IT helpdesk about the issue and ask them to help with the same
An employee does the following activities using the internet at work. Which of these activities are allowed?
Download or upload obscene, offensive or illegal material
Your colleague has sent confidential information to unauthorized recipients. What does this indicate?
Proper usage
Breach of policy
Invalid action
Seclore
Primetime
SAP
Sharing Information
Destroying Information
Transferring Information
Brute Force
Smishing
Vishing
Malicious Software
Email attachment
Virus
Your official IT assets battery life has reduced drastically over the last few days. What should you do?
Find solution on internet and solve the problem immediately
Raj is an employee of the bank and he is loyal and honest towards his work. One day he comes to know that one of his
colleague who is also his friend is involved in a suspicious activity, which can lead to data breach. No one knows about this
except Raj, what should he do now?
He should ignore because no one knows about this.
He should warn his colleague that he is involved in illegitimate activity and he will inform his manager regarding this.
He must go to his reporting authority and inform him/her about his findings.
Phishing
Vishing
Bank attack
Which action from list below can help restrict a malware attack?
Immediately clicking on links with urgent actions like - 'Urgent! Your security has been breached'
Ensuring the firewall and antivirus are always turned on and up to date
If required, sensitive documents should be disposed using secure means of disposal such as shredder .
True
False
Which of the following is a part of clear desk & clear screen policy?
Do not post or leave confidential or sensitive information on your desk or screen
It involves sending fake emails or communication to scam readers into clicking on fraudulent links and attachments
You are sitting in a café with your friend after work when your boss calls up, asking you to share some confidential data
urgently. How do you respond?
Connect to the café's open Wi-Fi immediately and share the file
Share your e-mail ID and password with your boss and ask them to retrieve the file from your mail
Ensure that you are in a private place and that you are not connected to a public network before sending the
information
What should you do if you suspect you have received a phishing email?
Forward the email to reportphishing@icicibank.com
False
You receive a suspicious email requesting urgent action. What should you do?
Do not trust unexpected emails
Achieve targets
Data Custodians
Data Users
Data Sharers
DLP software detects potential data breaches and prevent them by monitoring, detecting and blocking sensitive data while in
use, in motion, and at rest. Is this statement is true or false?
True
False
An electrician comes to your desk and asks you to step aside for a minute as he needs to check whether all the sockets on
your workstation are functional. What do you do?
Lock the device, files and cabinets, step aside but keep a watch on what he is doing
Step away immediately and go for a coffee break while the electrician is at work
A large file is getting downloaded, so keep the screen on while you step away
Operating System
Wi-Fi Network
Surveillance camera
A former colleague approaches you at work and requests access to your device for a few minutes to fill a form that is
required by the HR department. How do you respond?
Allow the colleague to use your device while you grab your coffee
Warn the colleague to not download any attachments from unknown sources and let them use your device
Explain that this would be against the security policy and politely decline
Ask your manager for permission and if the manager allows it, let the colleague use your device
You receive a phone call from an unknown person asking for PII of a customer. What kind of attack could this be?
USB attack
Vishing attack
Phishing attack
Man-in-the-middle attack
What type of attack happens when an attacker simply walks in behind a person who has legitimate access?
Phishing
Ransomware
Brute Force
Tailgating
In what way can a malware use your device to perform breach of security? Select the correct options.
Log your keystrokes. Example: confidential information, passwords
False
Select the unauthorized data transmission from the below statements:
Sending sensitive information to personal email Ids (even with good intention)
Sending sensitive information from official account to another official account for business requirement
Sending sensitive information to any external party who does not have a legitimate business need to receive such
information
Sending documents to personal email IDs of employees of service providers or partner agencies instead of their
official IDs
Your friend is visiting you at work and wants to check his e-mail urgently. How do you respond?
Allow him to access his account from your company device
Allow him to plug-in his device to the bank's network to access the internet
Let him use your colleague's device while your colleague is on a lunch break
Explain to your friend that you cannot give him access to company network as it is against the security policy
Customer Support's
Everyone's
___________ is a special form of attack using which hackers exploit – human psychology.
Cross Site Scripting
Social Engineering
Mechanical Engineering
You are sitting in a café with your friend after work when your boss calls up, asking you to share some confidential data
urgently. How do you respond?
Connect to the café's open Wi-Fi immediately and share the file
Share your e-mail ID and password with your boss and ask them to retrieve the file from your mail
Ensure that you are in a private place and that you are not connected to a public network before sending the
information
You receive an email from HR@hroficici.com asking you to send your full name, login username, password, and date of
birth for employee appraisal. What would you do?
Reply with the details immediately
Ransomware
Trojan
Encrypted Files
Birthdate
Account number
Availability
Confidentiality
Vulnerability
Unauthorized use of another persons email is a violation of the policy
True
False
Vishing
Smishing
A confidential file needs to be forwarded to the finance department. Who all should be kept in loop?
Your manager, your department head and the common e-mail ID shared by the finance team
Your entire team, so that everybody is on same page on the file shared
Your manager only; he will forward it to the concerned person as per his discretion
Unauthorized relocation of equipment inside the premises is violation of the security policy
True
False
You want to leave your workstation. What should you do before you leave?
Leave the documents on table as office premises are guarded and Apply Privilege Leave
https://icicibank.com
https://icici.bank.com
https://icicibank.loan.com
Visitors are required to sign-in at the reception and wear a visitor’s badge
Both i and ii
You receive the following communication on email: Please clear payment of this critical and sensitive invoice. I will be on
vacation and unavailable - CEO. What do you do?
Pay immediately to avoid vendor dissatisfaction
Forward the email to finance department and ask them to take it up on priority
Restrict user to transfer data from one branch location to other branch location of the bank.
Both i and ii
What type of attack can happen when an attacker leaves an USB stick lying for an employee to plug in?
Phishing
Tailgating
Brute Force
USB attack
Ensure minimum sharing of sensitive or critical data and to authorized party only
If you come across to any incident and data breach, report to ISG immediately
You see the message " Your computer is infected with a virus. Please click on the below link to remove it". What should you
do?
Click on the link