Security awareness assessment (EN) (copy)

Assessment (copy)

On Facebook, you see a post of a friend saying he had a bad experience with Delhaize. He thinks Delhaize is the worst and most expensive supermarket in his town and he will never go shopping there again. How do you react?

  • You highlight to him that Delhaize is one of the best supermarkets in the country and that his action is not the correct one
  • You try to understand what happened by asking him for his feedback and promise to get back to him with a voucher from Delhaize to compensate for the bad experience
  • You do not participate in the conversation and ignore the posts
Please select the correct answer

You need to transfer data to a partner or colleague; the file is too big to send it via email. How do you solve this?

  • You put it on your personal USB stick and give it to the person
  • You put it on the company file server where both have access or use File Share to exchange big files
  • You try to transfer the data via iCloud or Dropbox
Please select the correct answer

You are getting a new laptop and you need to return the old one to the IT department. What do you do with all the information that resides on your computer?

  • Copy all the data on a portable device and keep this data safe at home
  • Copy all the data to the dedicated file servers
  • Leave all the data on the computer as it will be migrated to the new one
Please select the correct answer

What do you do with paper documents containing sensitive information that are no longer needed?

  • Put them in the bin under your desk; it gets emptied every night, so there is no risk of those documents getting in the wrong hands
  • Insert them in one of the dedicated secured containers or shred them using a cross-cut shredder
  • Leave them on your desk with all other papers, because only authorized employees should have access to the building anyway
Please select the correct answer

The helpdesk asks for your username and password over the phone to test a new application. What is your answer?

  • You give them your username and password because you can trust people from the helpdesk; they will never to do anything wrong with it
  • You do not give them your password and inform your line manager about this request
  • You verify if the person is really from the helpdesk and only after that you share your password
Please select the correct answer

Which of the following is a good password?

  • Theweatherisgood
  • tH3W36ther!sG00D
  • 12345677
Please select the correct answer

You’re working on an important document with a strict deadline, and suddenly you’re asked to reboot your computer. A new critical patch was installed on your computer and a reboot is needed. What do you do?

  • You ignore this request and continue working
  • You finish your running task that will not take more than 30 minutes and reboot your computer immediately after
Please select the correct answer

You’re confronted with access to a directory containing files you’re not supposed to see. What do you do?

  • Investigate the incident instantly
  • Immediately report it to the IT Helpdesk or Service desk (via email or phone)
  • Inform the boss as soon he/she is back from his/her business trip
Please select the correct answer

Is this statement true or false?

  • Working in a secured building means that you can discuss confidential information in an open workspace
  • Our Information Security Policies only apply to digital information, not to information on hard copy or in verbal discussions
  • An example of a standard security procedure is that when you leave your office desk you need to lock your computer
Choose true or false

You are browsing through the intranet and accidentally click on a page which takes you to sensitive company information which you should not normally have access to. What do you do?

  • Click away and keep working
  • Click away and inform the Information Security department or the helpdesk
  • Check the information and try to find out to whom it belongs and inform that person of the breach
Please select the correct answer

If you see a person you do not know inside the office premises without an identification badge, what do you do? Please select all options that apply.

  • Ask the person for his/her identification badge
  • If you cannot establish his identity, escort him to reception or alert security that there is an intruder
  • Ignore him and do not take any further action
Please select all answers that apply

You accidentally clicked on a link in an email, and your computer starts to act suspiciously and freezes. What do you do?

  • You reboot your computer and resume your work
  • You stop working, unplug your computer and inform the helpdesk about what happened
  • You wait until the computer is usable again and resume your work
Please select the correct answer

You’re receiving visitors today. Which procedure do you follow? Please choose all that apply.

  • I ensure the visitors wear their temporary badge in a visible way
  • I ensure their presence is registered at the reception desk
  • I escort my visitors all the time and never leave my visitors alone in areas where they can access out IT infrastructure
Please select all answers that apply

You need to provide your payment card number to buy some goods online, how can you do that securely?

  • Sent your CCN via e-mail to the vendor
  • Check if the site from where you’re buying has a valid certificate (green or lock sign) in the URL bar
  • Provide your CCN details by phone
Please select the correct answer

You see the following post on Facebook from one of your colleagues who had a heavy workday in the shop: “It’s always the same thing with our customers, never happy with our services even if we are the best in town!”

  • Per our social media policy, it’s allowed to make such comments on Facebook.
Choose true or false

Which of the following does not respect the confidentiality of information?

  • Disclose confidential information only to authorised individuals
  • Upload confidential information to Dropbox
  • Encrypting e-mails, you send to colleagues containing confidential information
Please select the correct answer

Which is the appropriate way to send confidential data?

  • In an encrypted way
  • In a compressed way
  • As an attachment
Please select the correct answer

What is the best way to keep your password secure?

  • Write it down and always carry it on you
  • Memorise it or use a password manager
  • Tell it to a person you trust
Please select the correct answer

Which of the following statements are true and which are false?

  • If you cannot memorise all your passwords, you use a password manager to help you keep your passwords secure
  • It is ok to use the same password for your private as well as for your business activities.
  • It is ok to share your password with your manager, if requested.
Choose true or false

What do you need to do when you notice you have lost your company smartphone?

  • Buy another one at your own cost
  • Tell your manager when he/she is back from his/her business trip and ask for a new one
  • Immediately inform the IT helpdesk of the loss so they can trace it and/or remotely wipe it
Please select the correct answer

Which of the following statements are true and which are false?

  • You should never give your personal password to anyone else
  • You should never circumvent the safety measures set up to protect the company
  • You should never participate in social media conversations or blogs that could be damaging to the company
Choose true or false

All assets must have an owner, but what are company assets? Mark all assets. One or more answers could be correct.

  • Goods in the shop
  • Shelving systems and buildings
  • Intellectual property
Please select all answers that apply

Which of the following answers is not correct: why is it important that we all have a personal account and password?

  • Because we must be responsible for every activity that we carry out
  • Because IT can provide us with the right access to information and applications needed to perform our job
  • Because if a colleague forgets their username or password, we can share our username and password with them, so that they can still perform their job
Please select all answers that apply

Depending on the classification of the information or system, special/extra activities are logged and maintained.

  • True
  • False
Choose true or false

Indicate which situations could constitute security incidents. One or more answers could apply.

  • Loss or theft of corporate laptop
  • Sharing of personal username and password with other individuals
  • Involuntary or unauthorised distribution of classified information through mail
Please select all answers that apply

Why is it important to report an incident to the IT services or security department?

  • They can investigate the incident and take appropriate actions to guarantee safe business operations.
  • They can fix the issue faster and you can get on with your daily job
  • You do not need to report all security incidents if they do not stop you from doing your job
Please select all answers that apply