Swire Pacific Offshore
Information Security Awareness Assessment
You receive an email from a person whose name you recognize, but the domain following the name isn't familiar, what should you do?
- A. Reply to the email to verify they sent it
- B. Send a new email (not a reply) to the sender using the address from your address book or call the sender to verify they sent it or alternatively forward the email to Help-desk for Investigation
- C. Click on the Links in the email.
- D. Open attachments in the email.
Social Engineering involves the psychological manipulation of people in performing actions or divulging confidential information willingly, which is then used to bypass technical defense system
You receive an email from someone you know. This person is a colleague that you exchange information with on a routine basis, but the they are requesting sensitive/company confidential information or asking for transfer of funds, what should you do?
- A. Since this is someone you know it's safe to give out the requested information
- B. Confirm with the sender via phone call or new email (not a reply), that they sent the email
- C. Reply to the Original email
Which of the following should be used when creating passwords?
- A. Upper AND lower case letters
- B. Numbers and Special characters
- C. Eight or more characters in length
- D. A combination of all the above
Which of the following make it acceptable to share your password with another person?
- A. A co-worker needs to do something on your computer when you're out of the office
- B. Your supervisor wants to be able to access any of his or her employees’ computers
- C. Never share your password with anyone under any circumstances
- D. None of the above
You are in the process of entering sensitive information into your system when you are called to attend a meeting, you don’t bother logging off or locking your computer because local policy does that for you after 10 minutes of inactivity.
- A. Since you know everyone in the area this is acceptable
- B. This is not acceptable, you should always log off or lock your computer if you step away
- C. Since you’re only going to be away a short time this is acceptable
- D. Nothing on my computer has value, so this is acceptable
You receive a call from someone identifying themselves as IT support, the technician states they need your password to remotely deploy a new software package for you, what should you do?
- A. Yes, give them the password
- B. No, you should never give out your password to anyone
While at work you find that your computer is no longer under your control, what should you do?
- A. Ignore the warnings and continue to work
- B. Immediately STOP what you’re doing and contact helpdesk.
- C. Assume Help desk is working on your computer, wait for them to finish
- None of the Above
How can you prevent Ransomware
- A. Ensure your Anti-Virus is up-to-date and enable pop up blocker on your web browser
- B. Checking who the email sender is and not clicking on link or opening attachments in emails
- C. Regularly backing up of your data
- D. All of the above
Based on Staff guidelines on Social Media, what is not allowed
- A. Using Swire logo without being authorized
- B. Make implicit and explicit references to your colleagues/Business partners/ Vendors without their approval
- C. Disclose Sensitive and confidential information on social media
- D. All of the above