Swire Pacific Offshore

Information Security Awareness Assessment

You receive an email from a person whose name you recognize, but the domain following the name isn't familiar, what should you do?

  • A. Reply to the email to verify they sent it
  • B. Send a new email (not a reply) to the sender using the address from your address book or call the sender to verify they sent it or alternatively forward the email to Help-desk for Investigation
  • C. Click on the Links in the email.
  • D. Open attachments in the email.

Social Engineering involves the psychological manipulation of people in performing actions or divulging confidential information willingly, which is then used to bypass technical defense system

  • True
  • False

You receive an email from someone you know. This person is a colleague that you exchange information with on a routine basis, but the they are requesting sensitive/company confidential information or asking for transfer of funds, what should you do?

  • A. Since this is someone you know it's safe to give out the requested information
  • B. Confirm with the sender via phone call or new email (not a reply), that they sent the email
  • C. Reply to the Original email

Which of the following should be used when creating passwords?

  • A. Upper AND lower case letters
  • B. Numbers and Special characters
  • C. Eight or more characters in length
  • D. A combination of all the above

Which of the following make it acceptable to share your password with another person?

  • A. A co-worker needs to do something on your computer when you're out of the office
  • B. Your supervisor wants to be able to access any of his or her employees’ computers
  • C. Never share your password with anyone under any circumstances
  • D. None of the above

You are in the process of entering sensitive information into your system when you are called to attend a meeting, you don’t bother logging off or locking your computer because local policy does that for you after 10 minutes of inactivity.

  • A. Since you know everyone in the area this is acceptable
  • B. This is not acceptable, you should always log off or lock your computer if you step away
  • C. Since you’re only going to be away a short time this is acceptable
  • D. Nothing on my computer has value, so this is acceptable

You receive a call from someone identifying themselves as IT support, the technician states they need your password to remotely deploy a new software package for you, what should you do?

  • A. Yes, give them the password
  • B. No, you should never give out your password to anyone

While at work you find that your computer is no longer under your control, what should you do?

  • A. Ignore the warnings and continue to work
  • B. Immediately STOP what you’re doing and contact helpdesk.
  • C. Assume Help desk is working on your computer, wait for them to finish
  • None of the Above

How can you prevent Ransomware

  • A. Ensure your Anti-Virus is up-to-date and enable pop up blocker on your web browser
  • B. Checking who the email sender is and not clicking on link or opening attachments in emails
  • C. Regularly backing up of your data
  • D. All of the above

Based on Staff guidelines on Social Media, what is not allowed

  • A. Using Swire logo without being authorized
  • B. Make implicit and explicit references to your colleagues/Business partners/ Vendors without their approval
  • C. Disclose Sensitive and confidential information on social media
  • D. All of the above