Information Security Handbook e-Learning (Module 3)

The Information Security handbook is Leighton's bible to where the ISMS policies and procedures are outlined and highlighted.   This e-learning module will cover the content of the handbook.

Untitled objective

What is the purpose of the ISMS Handbook?

  • To raise awareness of Information Security
  • To document the user responsibilities in regards to Information Security
  • To set out Information Security guidelines
  • All of the above

Who should you contact if you have a query in regards to Information Security or if you suspect an Information Security breach?

  • The police
  • IT Service Desk and/or The Information Security Managers
  • Don't contact anyone
  • Rainton Park Security

Where are the Information Security Policies held?

  • In a file somewhere
  • On SharePoint
  • What Information Security Policies?
  • They don't apply to me

You are unsure what you should keep on your desk, what you can have on your desk or what you can have on your home screen. Where would you check for what you can and can't do?

  • I wouldn't, I will just do what I need to do
  • Not sure
  • The Clear Desk and Screen Policy
  • Leighton's Safe Working Procedure

How would you recognise a Visitor at Leighton?

  • The Leighton Visitors Badge
  • Why would I need to recognise a visitor?
  • By face

You should always? Please tick those which you believe to be correct

  • Hold the door open for people
  • Challenge People who don't have a fob or a visitor pass
  • Challenge People who you dont recognise or trust

Information that is sensitive to Leighton must not be shared unless?

  • It must never be shared
  • It can always be shared
  • Unless you have formal approval from Leighton
  • A client really needs it

How would you request to have Admin rights?

  • Try and change the settings myself
  • Ask my manager
  • I dont need to ask anyone
  • Complete the Trusted User Form on Jira

How would you request to become a Remote Worker?

  • Read and sign the Remote Worker Agreement and make WFH requests through your line manager
  • Work from home without approval
  • Don't need to do anything

Which of the below statements is true?

  • I must never download and install unauthorised software
  • I must never use Leighton Equipment for personal benefit
  • I must never copy Software or Information for personal use
  • All of the above

Passwords must be?

  • Shared freely
  • Shared only with trusted people
  • Changed frequently and never shared
  • Be written down so they are not forgotten

What act should you be aware of in regards to Leighton's Information Security?

  • Macbeth Act 3, Scene 1
  • The Local Government Act
  • The Data Protection Act
  • The Trustee Act

In regards to email usage you should never?

  • Send email with content adverse to Leighton business interest
  • Send personal sensitive or commercially sensitive information via unencrypted email
  • Reply to Spam - replying confirms valid recipient
  • All of the above

When speaking about Leighton on your personal social media you should? Please tick all of those which you believe to be correct

  • Say what you want, its your social media account
  • Be respectful of Leighton, its staff and its partners

When using an Official Leighton Social Media Account you should?

  • Have consent and authorisation of your Line Manager
  • Comply with Leighton's policies
  • Be respectful and tasteful
  • All of the above

Which of the below is an example of an Information Security Incident/Breach?

  • Lost or Stolen IT Equipment
  • Software and systems which don't operate as expected
  • Unauthorised personnel roaming the office
  • All of the above

What two classifications are used for Leighton's Information Security?

  • Official and Non Official
  • Correct and Incorrect
  • Right and Wrong
  • Proper and Improper

What will happen if you don't comply with the Information Security Handbook? Please tick those which you believe to be correct.

  • Nothing
  • Possible disciplinary action
  • Possible ISMS Security Breaches