What is tailgating?

A.
Blocking somebody's entry through the access door
B.
Going behind somebody through the access doors without
using own access card
C.
Opening an access door with your own access card

Availability means
A.
Service should be accessible at the required time and
usable by all
B.
Service should be accessible at the required time and
usable only by the authorized entity
C.
Service should not be accessible when required
Explanation
Availability means the property of being accessible and usable upon
demand by the authorized entity. Like Melange should be
accessible at all times to MGL employees only.

Why do we have a Business Continuity Plan?

A.
To ensure availability/immediate restoration of our service to
the customers in the event of a disaster/Incident
B.
To ensure that we continue business relations with
customer even after a project has ended
C.
To ensure that customers are kept happy so that we
continue to get business from them

A threat means some thing that has the potential

to cause harm

In the following example identify what is the

threat.
"We have installed anti viruses on individual
systems to prevent the attack of virus"
A.
Virus
B.
Anti virus
C.
System
D.
The User

What are the different categories of assets in an

organization (Choose the Best Answer)
A.
Information and Paper assets
B.
Physical and Application assets
C.
Service Assets
D.
Option A, B, C
E.
Option A and B Only
What is social engineering?
A.
A group planning for a social activity in the organization
B.
Creating a situation wherein a third party gains confidential
information from you
C.
The organization planning an activity for welfare of the
neighborhood

As a developer, how do you ensure the integrity

of the software that you develop?
A.
By maintaining documents / code in configuration
management system
B.
By following coding guidelines
C.
By doing reviews and testing
D.
Option A and B
E.
All the above

CEO sends a mail giving his views on the status

of the company and the companys future
strategy and the CEO's vision and the
employee's part in it. The mail should be
classified as
A.
Internal Mail(Missed)
B.
Public Mail
C.
Confidential Mail
D.
Restricted Mail

MGL's ______________ policy is mentioned

below.

We shall
Manage efficiently, the confidentiality and
integrity of organizational and customer's
information assets
Ensure business continuity in the event of
any security incident, with minimal business
impact
Continually improve our processes to
enhance information security
A.
Environmental Policy
B.
Quality Policy
C.
Information Security Policy
What quality system standard has been adopted
for implementing the ISMS quality system?
A.
ISO9001:2008
B.
ISO27001:2005
C.
ISO14001:2004
D.
BS7799
E.
TL9000:2000

When you check in the code / documents in your

configuration management system like CVS,
Sablime or KT, what do you ensure?
A.
Integrity of the code
B.
Availability of the code
C.
Confidentiality of the code
D.
All of the above(Missed)

Integrity of data means

A.
accuracy and completeness of the data
B.
data should be viewable at all times
C.
data should be accessed by only the right people

You see an employee taking photos in the server

room. What do you do?
A.
No issues, join them
B.
Ask them not to take photos in secure areas like server
rooms, labs etc. and raise a security incident.

Which of the following is the definition of a

computer worm?

A.
a piece of code that is capable of copying itself and typically
has a detrimental effect, such as corrupting the system or
destroying data.
B.
a standalone malware computer program that replicates
itself in order to spread to other computers. Often, it uses a
computer network to spread itself, relying on security
failures on the target computer to access it. It does not need
to attach itself to an existing program.
C.
a program designed to breach the security of a computer
system while ostensibly performing some innocuous
function.
D.
a network of private computers infected with malicious
software and controlled as a group without the owners'
knowledge, e.g., to send spam messages.
Explanation
Answer 1 - This is a computer virus
Answer 2 - This is a computer worm
Answer 3 - This is a trojan horse
Answer 4 - This is a botnet

What is the name of the software developed

jointly by the US and Israel that damaged almost
one-fifth of Iran's nuclear centrifuges in 2010.
A.
Duqu
B.
Flame
C.
Conficker
D.
Stuxnet
Explanation
The worm was delivered through a usb thumb drive onto a workers
computer. Be careful about plugging in unknown devices onto your
personal systems

According to the 2014 Ponemon report on data

breaches in the United States, the average cost
per record lost during a data breach to an
organization:
A.
$50
B.
$100
C.
$200
D.
$300
Explanation
According to this years benchmark findings, data breaches cost
companies an average of $201 per compromised record of which
$134 pertains to indirect costs including abnormal turnover or churn
of customers. Last years average per capita cost was $188 with an
average indirect cost of $128. The highest cost of $214 per
compromised record occurred in 2011

A phishing attack, or a communication asking a

user to reveal their username and password to
an attacker can direct a user to (select multiple
answers)
A.
reply via email
B.
open a webpage to enter information
C.
open a file and send to a different location
D.
provide sensitive information over the phone
Explanation
Phishing can take on many forms. Do not give your username or
password to anyone, through any form of communication. Any
competent IT organization will not require this information to help
you with your issues.

In the address portion of a website, what prefix

indicates your communications are being
encrypted during transit
A.
http://
B.
https://
C.
ftp://
D.
tcp://
Explanation
https usually accompanied by a lock symbol in the address bar
indicates your communication session is encrypted. That doesn't
mean your totally safe, but reduces your risk of information
disclosure.

BONUS QUESTION: (If correct you get two

items)The recent Sandworm malware, distributed
by Russian hackers, takes advantage of a zero
day vulnerabilty (an unpatched flaw in software),
in which Microsoft Office Product
A.
Microsoft Word
B.
Microsoft Excel
C.
Microsoft Powerpoint
D.
Microsoft Outlook
Explanation
The malware travels in a Powerpoint file that refers to an .INF file,
where INF is the Windows extension given to a special sort of
information file used during software setup. This pulls down
additional malware from the internet to steal data, or infect other
computers on your network

Which of the following will be compulsory tasks to

run on Web servers of your network? Choose
two.
A.
Run regular vulnerability checks
B.
Update Virus definitions
C.
Re-install OS at regular frequency
D.
Disk management should be regular

Which of the following virus types can be

transmitted via email? Choose all that apply.
A.
Worms
B.
Trojan horse
C.
Boot Record virus
D.
EXE file virus
When configuring antivirus for email, which of the
following configurations must be applied?
Choose two.
A.
Scan before downloading
B.
Scan before sending
C.
Scan before opening
D.
Scan after receiving

When configuring antivirus for email, which of the

following configurations must be applied?
Choose two.
A.
Scan before downloading
B.
Scan before sending
C.
Scan before opening
D.
Scan after receiving

http://www.proprofs.com/quiz-
school/quizshow.php?title=Security-Mock-Exam-Questions-
set-2&q=24&next=y