Information security quiz

1 / 21

The basis for authorization access is established according to what?

According to each department needs

According to operational and functional needs

According to the "need to know" principle

According to specific role

According to the law

2 / 21

Who should be accountable for unresolved vulnerability issues?

The personnel who conducted the vulnerability assessment

The asset owner

CEO

Security Official

3 / 21

What are the key principles of Information Security?

Accessibility, Continuity & Informative

Answerable, Continuity & Integrity

Availability, Confidentiality & Integrity

Achievable, Continuous & Informative

4 / 21

When you get an E-mail which looks suspicious, who shall you notify?

CEO

Security official

HR Manager

IT department

5 / 21

What is NOT an example to an “interested party” according to ISO 27001?

Employees

Shareholders

Regulators and the government

Suppliers and partners

Customers

Auditors

6 / 21

What is considered to be critical information according to the Information classification procedure

Financial reports required by regulatory authorities

Passwords and information on corporate security procedures

All software code developed in the company, whether used internally or sold to clients.

Accounting data and internal financial reports

Electronic transmissions from clients

All of the above

7 / 21

What does CIA stand for?

Central Integration Availability

Confidentiality Integrity Availability

Confidentiality Information Availability

Confidentiality Interactive Analyzer

8 / 21

What is considered to be a breach of security information?

Lost laptop or other detachable media containing sensitive information

Not Maintaining a clean desk

Leaving a computer screen on unattended

An employee who is not authorized to access medical records, read patient’s file

None of the above

9 / 21

Which of the following statements are true?

You can use the internet to buy personal goods to be delivered to the company business address

You can download video, music files, or games to your computer at work

Personal devices used for work business shall be registered and approved by the security official

Unattended mobile computing devices shall be physically secured

10 / 21

Before destroying or re-use of detachable media, what are the actions you need to follow?

Clear any information in such a way that it cannot be read or reconstructed

Delete all files

Subtracted from the “List of assets”

Prior approval of Security Official

Filling Request for Subtraction of Detachable Media

11 / 21

Before media containing sensitive data is transported outside Fairtility premises, what actions do you need to follow?

Prior approval of Security Official

Filling Request for PHI transportation

Data shall be encrypted

All of the above

Sensitive media transportation outside of Fairtility premises is not allowed

12 / 21

How does ISO/IEC 27001 define an ‘information system’?

A system of interacting entities that form a uniform whole

A set of applications, services, information technology assets, or other information-handling components

A set of integrated components for collecting, storing, and processing data

Information-handling components including systems, services, and networks

13 / 21

Within the ISO standards, what does “shall” indicate?

A recommendation

A permission

A capability

A requirement

14 / 21

Persons doing work on behalf of the organization’s control shall be aware of

The information security policy

Their contribution to the effectiveness of the information security system, including the benefits of improved information security performance

The implications of not complying with the information security management system requirements

All of the above

15 / 21

According to the requirements of ISO 27001, who shall review the organization’s Information Security Management System at planned intervals to ensure its continuing suitability, adequacy, and effectiveness?

External Auditor

Internal Auditor

Quality Manager

Top Management

Security official

16 / 21

When should organizations perform an information security risk assessment?

Monthly

Every six months or before significant changes occurrence

Every 12 months or before significant changes occurrence

At planned intervals or before significant changes occurrence

17 / 21

Information security objectives shall be

Consistent with the information security policy

Measurable (if practicable)

Communicated

All of the above

18 / 21

Which of the below are common threats to organizations?

Fraud

Loss of information

Unauthorized access

All of the above

19 / 21

What does PDCA stand for?

Plan, Design, Confirm, Act

Plan, Do, Check, Act

Prepare, Do, Critique, Appraisal

Prepare, Do, Critique, Assess

20 / 21

Which of the below are ISO 27001’s control sets?

Information security policies

Asset management

Access control

All of the above

21 / 21

How does ISO/IEC 27001 define an ‘asset’?

Anything valuable to the organization

A physical item within the organization

Digital and physical items owned by an organization

Tangible and non-tangible items owned or rented by an organization

Your score is

The average score is 21%

Description

Benifits

Description

Benifits

Why should you work with Biochem?

A consulting company for the bio-med and digital health industries?

Over a thousand projects in Israel and around the world with over 90% repeat customers
Proven experience in audits of international regulatory bodies
We provide personal attention, flexibility and high level service
Company manager Eran Yona is professionally involved in every project
10 years warranty on the result and success in the regulatory requirements
We conduct trainings, trainings and courses in a variety of relevant fields
A boutique company oriented towards innovation, technology and a personal relationship with the customer
We aim at achievements, results and creating value for the client
Professional training for your team at the end of the project at no additional cost
Accepting solutions, results and advantage while paying attention to effectiveness and cost-benefit considerations
The oldest consulting company for the bio-med and digital health industries in Israel since 2007

+ 0

years of experience

+ 0

customers Worldwide

% 0

customers coming back

% 0

Approvals success regulatory

Our unique work methodology, which was developed based on many years of experience in the industry, combines professional and practical knowledge, minimizes regulatory and business risks, improves productivity and returns for the client

Information security quiz

Why should you work with Biochem?

external links

Company Services

Links

Information security quiz

Why should you work with Biochem?

Related products

GMP & Clean Rooms quiz

external links

Company Services

Links