You receive the following communication on email: Please clear payment of this critical and sensitive invoice.

I will be on vacation and All of the

unavailable above
What type of attack can happen when an attacker leaves an USB stick lying for an employee to plug in? USB attack

You receive an email from [email protected] asking you to send your full name, login username, password, and date of birth for Forward the email to
employee apprais al [email protected]
DLP helps to: Protect bank's sensitive and confidential data from being shared outside
bank’s intern
You login to your system using your password, read about strategic information related to a merger, and financial forecasting. What Secret
type of data are
What type of phishing attack happens through SMS? Smishi ng

Most devastating loss to the bank is: Loss ofdata

Clear desk & clear screen policy enables users to: Protect confidential
information
Allowing ______ entry into restricted area is in violation of policy Unauthorized

Which of the following should be done for Data Leakage Prevention? 1,2,3

Which of the following is a type of malware? Click correct options. 2 ,3

You receive a suspicious email requesting urgent action. What should you do? 1 ,2,

Which of the following is true about phishing attacks? All of t he

above
Your security settings are not allowing you to download an important e-mail attachment sent by your customer. What should you do? InformIT helpdesk about the issue and ask them to help with the
same
What are the important components of Triad of information security? 1 ,2,3

A former colleague approaches you at work and requests access to your device for a few minutes to fill a form that is required by the t that this would be against the security policy and politely
HR departmen Explain decline
___________ is a special form of attack using which hackers exploit – human psychology. Socialngineering
E
Jennifer receives an email claiming that her bank account information has been lost and that she needs to click a link to update the Phishin g
bank’s database.
What does malware stand for? Malicious Software

Your colleague has sent confidential information to unauthorized recipients. What does this indicate? Breach of
policy
Which of the following is true with regards to IT assets as per the policy? All of t he
above
ISSP stands for Information Security _____ and Procedures Standa ts
r
Which of the following is NOT a social engineering attack? Denial of Service attac

In phishing, attackers target using ________ to do social engineering Email

Your friend is visiting you at work and wants to check his e-mail urgently. How do you respond? Explain to your friend that you cannot give him access to company network
as it is ag
What type of attack happens when an attacker simply walks in behind a person who has legitimate access? Tailgating

You see an unknown individual without a badge trying to enter restricted area. What should you do? Report the suspicious activity

Information security is ______ responsibility. Select the most appropriate option. Everyone's

Which of the following is a part of clear desk & clear screen policy? All of t he
above
What is the main purpose of DLP in the bank? End us ers do not send critical information outside the corporate
network
If a user wants to share critical information outside of the organization for business purpose, how should he send the information? Protect the file by Seclore and then
send it
Which of these activities on social media are not allowed? Postployee information such as ID card, access number,
em etc
What should you do if your official mobile computing device is stolen? File an FIR with the police and submit a copy of the report to the concerned
departme
What should you do if you suspect you have received a phishing email? Forwad the email to [email protected]
r
Which of the following is incorrect? The int ernet has made it hard to collect PII

Most devastating loss to the bank is: Loss ofdata

Which of the following are genuine ICICI bank domains? 1,2

Which action from list below can help restrict a malware attack? 2,3

You want to leave your workstation. What should you do before you leave? Lockbinets containing documents with sensitive
ca information
Which Digital Rights Management solution do we use at ICICI? Seclore

Which among the following statements is correct 1 ,3,4

An unknown person is spotted following closely behind an employee and entering the restricted section of the building without an Tailgating
ID/badge. What t attack
Select all correct options. Human Firewalls are: 1 ,2

Which of the following are characteristics of Internal Data? 1 ,2,3

You are sitting in a café with your friend after work when your boss calls up, asking you to share some confidential data urgently. How Ensure that you are in a private place and that you are not connected to a
do you resp o public netw
 Data Classification is: Act ofassification of information based on
cl sensitivity
Access control systems provide ________ environment. All of the
above
You receive the following communication on email: Please clear payment of this critical and sensitive invoice. I will be on vacation and Reportthe suspicious email to [email protected]
unavailable
Individuals who need and use ICICI data as part of their assigned duties or in fulfilment of assigned roles or functions within ICICI are Dataers
called Us
Which of the following are the characteristics of a strong password? It is at least 8 characters long and It is significantly different from previous
password
An electrician comes to your desk and asks you to step aside for a minute as he needs to check whether all the sockets on your Lock the device, files and cabinets, step aside but keep a watch on what he is
workstation are func t doing
What are the characteristics of Confidential data? 1 ,2

All users are required to read the _____ Both ind ii

a
Which of the following causes breach of DLP guidelines? 1 ,2

What are the characteristics of secret data? 1 ,2

In what way can a malware use your device to perform breach of security? Select the correct options. All of the
above
What type of attack is Tailgating? Social Engineering

Which of the following is a strong password? 2,3

What should employees do upon resignation? Surrender all their official devices to their manager or local IT personnel (as
per the p
You should always be extra alert when you receive messages related to: All of the
above
Which of the following are part of visitor management guidelines? All of the
above
Which of the following is PII? All of the
above
Your official IT assets battery life has reduced drastically over the last few days. What should you do? Contacthe helpdesk and ask for assistance
t
You receive a phone call from an unknown person asking for PII of a customer. What kind of attack could this be? Vishin attack
g
What is the purpose of access security policy? Both i. and ii.

An employee does the following activities using the internet at work. Which of these activities are allowed? Only job-related activities such as research and educational
tasks
Select the unauthorized data transmission from the below statements: 1 ,3,4

Which of these is a preventive measure against a ransomware attack? All of t he

above
Information Security is the process of Protecting Information

You see the message " Your computer is infected with a virus. Please click on the below link to remove it". What should you do? Contact the Helpdesk/ISG Team

Raj is an employee of the bank and he is loyal and honest towards his work. One day he comes to know that one of his colleague who isn 2,3,4
also his frie
Which of the following is true with regards to Shrink-wrapped/Freeware/Shareware Software? All of the
above
A confidential file needs to be forwarded to the finance department. Who all should be kept in loop? People who fall under the 'need to know' principle

What is public data? Information explicitly approved by management for release to public

Breach of Bank's Information security policy could result into Both i and i

Which of the following are examples of secret information? Strategic information like mergers and acquisitions, materially significant
investmen