ISO 27002 quiz part 1

1

What does the Information Security Policy describe?

1

In the context of contact with special interest groups, any information sharing agreements should identify requirements for the protection of ( topic-specific, public, confidential ) information.

1

Responsibilities for information security in projects should be defined and allocated to:

1

Organizations allowing teleworking activities, the physical security of the building and the local environment of the teleworking site should be considered

1

Prior to employment, ( screening, awareness training, trial period ) as well as terms & conditions of employment are included as controls in ISO 27002 to ensure that employees and contractors understand their responsibilities and are suitable for the roles for which they are considered.

1

It is allowed that employees and contractors are provided with an anonymous reporting channel to report violations of information security policies or procedures (“whistle blowing”)

1

The identified owner of an asset is always an individual

1

Who is accountable to classify information assets?

1

Physical labels and ( data encryption, metadata, digital folders ) are two common forms of labelling which are mentioned in ISO 27002.

1

What should be used to protect data on removable media if data confidentiality or integrity are important considerations?

This is the first quiz about 27002

ISO 27002 quiz part 1

What does the Information Security Policy describe?

In the context of contact with special interest groups, any information sharing agreements should identify requirements for the protection of topic-specific public confidential( topic-specific, public, confidential ) information.

Responsibilities for information security in projects should be defined and allocated to:

Organizations allowing teleworking activities, the physical security of the building and the local environment of the teleworking site should be considered

It is allowed that employees and contractors are provided with an anonymous reporting channel to report violations of information security policies or procedures (“whistle blowing”)

The identified owner of an asset is always an individual

Who is accountable to classify information assets?

Physical labels and data encryption metadata digital folders( data encryption, metadata, digital folders ) are two common forms of labelling which are mentioned in ISO 27002.

What should be used to protect data on removable media if data confidentiality or integrity are important considerations?

In the context of contact with special interest groups, any information sharing agreements should identify requirements for the protection of ( topic-specific, public, confidential ) information.

Physical labels and ( data encryption, metadata, digital folders ) are two common forms of labelling which are mentioned in ISO 27002.