ISMS Assessment
Authored by Alaine Ng
Instructional Technology
Professional Development
Used 13+ times
AI Actions
Add similar questions
Adjust reading levels
Convert to real-world scenario
Translate activity
More...
Content View
Student View
20 questions
Show all answers
1.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Your organization has noticed an increase in phishing attacks. What is the most effective initial response?
Your organization has noticed an increase in phishing attacks. What is the most effective initial response?
Block all emails from external sources.
Conduct security awareness and phishing training for employees.
Purchase a new anti-phishing tool.
Restrict access to email for most employees.
2.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
A critical software used by your organization is reaching end-of-life. What should you do?
A critical software used by your organization is reaching end-of-life. What should you do?
Keep using it while restricting access.
Negotiate with the vendor for extended support.
Immediately replace it with an alternative.
Plan a migration to supported software.
3.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Following a data breach, what is the first action the company should take?
Following a data breach, what is the first action the company should take?
Revise the incident response plan.
Conduct a post-incident review.
Penalize responsible employees.
Immediately notify customers.
4.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
What is the first step in implementing an ISMS in a small company?
Buy cybersecurity tools.
Define the ISMS scope and objectives.
Start employee training on cybersecurity.
Hire a security team.
5.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
Sensitive data was accessed by an unauthorized department. What do you do first?
Sensitive data was accessed by an unauthorized department. What do you do first?
Restrict access and review controls.
Delete the data.
Ignore, since it was internal.
Report to law enforcement.
6.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
During a risk assessment, it's discovered that a critical piece of software used by the organization is nearing end-of-life and will no longer receive security updates. What is the BEST course of action?
During a risk assessment, it's discovered that a critical piece of software used by the organization is nearing end-of-life and will no longer receive security updates. What is the BEST course of action?
Continue using the software while restricting access to it.
Seek an extension of support from the software vendor.
Immediately switch to an alternative without a risk analysis.
Plan and execute a migration to a supported software solution.
7.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
An employee loses a company-issued laptop containing unencrypted personally identifiable information (PII) of clients. Which of the following actions should be taken FIRST?
An employee loses a company-issued laptop containing unencrypted personally identifiable information (PII) of clients. Which of the following actions should be taken FIRST?
Assess the impact of the lost data and determine the breach's severity.
Ignore the incident if the laptop is password protected.
Immediately inform all clients about the potential data breach.
Suspend the responsible employee.
Access all questions and much more by creating a free account
Create resources
Host any resource
Get auto-graded reports
Continue with Google
Continue with Email
Continue with Classlink
Continue with Clever
or continue with
Microsoft
%20(1).png)
Apple
Others
Already have an account?
