10-04-2017, 09:14 PM
Sno Question Answers
1 Name of RSC (regional security coordinator) of Noida Charu kalra
2 Name of ISC of your department ISCs in Noida- Admin-Ashok Pipal;HR-Mahesh Sharma,Finance-Alok Bhat,SI-Bimal Srivastava,SI Bel- Nitu Jha,CS-D Sridhar,ITES-Aparna Jaiswal,IT IS-Anand Shukla,Quality-Mamta Sharma
3 What is ISMS Information Security management System
4 Where are the security policies & procedures available ultimatix
5 Give the versions of security policies & procedures Policy 3.1,Procedures 2.3
6 What is the disposal process for assets Hard disks & tapes - degaussing & destruction;Floppy Disks,CDs ,DVDs & paper docs -shredding. Disposal form to be filled, reviewed by ISC, approved by RSC & executed by ADMIN. Shredder near xerox m/c
7 How is IT related calls placed call at 1505
8 Session timeout Inactive terminals lockout in 5 mins
9 Controls not applicable in CMC from SOA (Statement of Applicability) Public access delivery & loading area,Electronic commerce,Online transactions,Publicly available information,Policy on use of cryptographic controls,Key management,Regulation of cryptographic controls Total 133 controls,125 applicable ,8 not applicable
10 BCP (Business Continuity Plan) Followed in DPLI
11 What is an asset Physical or intellectual property of CMC(owned/hired/leased) which is recognised as valuable to CMC
12 Who all form Information Security Board (ISB) MD-CEO- Chairman; Members- CFO,CIO,Heads of Admin,HR ,COO-CMCA
13 Who is CMC's Information Security Manager Mr V S Murthy
14 Who all form Regional Information Security Committee DCH-Chairman, Members-Regional Heads of Admin,HR,Quality,IT IS,SBU Hds,RSC Meeting once in six months
15 Name members of Regional Information Security Implementation Team RSC & ISCs in Noida- Admin-Ashok Pipal;HR-Mahesh Sharma,Finance-Alok Bhat,SI-Bimal Srivastava,SI Bel- Nitu Jha,CS-D Sridhar,ITES-Aparna Jaiswal,IT IS-Anand Shukla,Quality-Mamta Sharma,BDG- Meeting once a month
16 Name 3 attributes of Information Security CIA (Confidentiality,Integrity,Availability)
17 Name 4 Ps of Security People (culture,knowledge),Processess(Procedures,guidelines),Products(hardware,Software & n/w),Partners(vendors,outsourcing organisations)
18 Name Types of information security controls Physical control(Facility protection, security guards, locks); Administrative controls (Policies, standards, procedures, guidelines, screening personnel, security awareness training ); Technical controls (Logical access controls, encryption, security devices, identification and authentication )
19 Name key domains of ISO27001 11 domains- Security policy, Organization of information security, Asset management, Human resource security, Physical and environmental security, Communications and operations management, Access control, Information systems acquisition, development & Maintenance, Information security incident management, Business continuity management, Compliance
20 What is CMC Security Mission statement Pls see sheet 'Mission Statmt'
21 Name Categories of assets Electronic Information Assets, Paper-based Information Assets, Software Assets, IT Equipment Assets and Support Services Assets
22 How is information classified RESTRICTED, CONFIDENTIAL, INTERNAL, PUBLIC
23 What is Physical & Environmental security Display ID cards at all times when present within CMC premises
Smoking, eating and drinking beverages in restricted/secure areas is strictly prohibited
Access cards should not be shared with others
Photographic, video or other recording equipment will not be allowed inside restricted / secure areas without approval
24 What is web site security Individuals will not host their personal websites on CMC s resources.
25 What precaution is required before connecting visitor s Laptop to the network verify if latest anti-virus software is present
26 What is our password policy Minimum of 8 characters for normal users; Password should be a combination of alphabets numbers and at least one special character.
The numeric or special character will not be the first character of the password.
Users should change their passwords at least once in Ninety (90) days.
The changed password should be different from the previous three passwords
27 Specify types of incidents Virus Attack
Unauthorized copying / disclosure of information
Tampering
Theft of any hardware or software resource
Attempts to gather information
Natural Disasters (Flood, earthquake etc.)
Fire
Electrical Outages
Network Outages
28 What steps are required before distributing or photocopying information which is clasified as 'Confidential' or 'Restricted' Prior approval of RSC/SBU Head required before photocopying such docs. Its distribution is also restricted as decided by owner.Owner will maintain list of persons who have been distributed these docs.
29 What is the frequency of backup Weekly scheduling done
30 Clear desk & clear screen policy users will lock terminals when they are away from the desks, & not keep confidential documents on their desks but under lock
pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt
1 Name of RSC (regional security coordinator) of Noida Charu kalra
2 Name of ISC of your department ISCs in Noida- Admin-Ashok Pipal;HR-Mahesh Sharma,Finance-Alok Bhat,SI-Bimal Srivastava,SI Bel- Nitu Jha,CS-D Sridhar,ITES-Aparna Jaiswal,IT IS-Anand Shukla,Quality-Mamta Sharma
3 What is ISMS Information Security management System
4 Where are the security policies & procedures available ultimatix
5 Give the versions of security policies & procedures Policy 3.1,Procedures 2.3
6 What is the disposal process for assets Hard disks & tapes - degaussing & destruction;Floppy Disks,CDs ,DVDs & paper docs -shredding. Disposal form to be filled, reviewed by ISC, approved by RSC & executed by ADMIN. Shredder near xerox m/c
7 How is IT related calls placed call at 1505
8 Session timeout Inactive terminals lockout in 5 mins
9 Controls not applicable in CMC from SOA (Statement of Applicability) Public access delivery & loading area,Electronic commerce,Online transactions,Publicly available information,Policy on use of cryptographic controls,Key management,Regulation of cryptographic controls Total 133 controls,125 applicable ,8 not applicable
10 BCP (Business Continuity Plan) Followed in DPLI
11 What is an asset Physical or intellectual property of CMC(owned/hired/leased) which is recognised as valuable to CMC
12 Who all form Information Security Board (ISB) MD-CEO- Chairman; Members- CFO,CIO,Heads of Admin,HR ,COO-CMCA
13 Who is CMC's Information Security Manager Mr V S Murthy
14 Who all form Regional Information Security Committee DCH-Chairman, Members-Regional Heads of Admin,HR,Quality,IT IS,SBU Hds,RSC Meeting once in six months
15 Name members of Regional Information Security Implementation Team RSC & ISCs in Noida- Admin-Ashok Pipal;HR-Mahesh Sharma,Finance-Alok Bhat,SI-Bimal Srivastava,SI Bel- Nitu Jha,CS-D Sridhar,ITES-Aparna Jaiswal,IT IS-Anand Shukla,Quality-Mamta Sharma,BDG- Meeting once a month
16 Name 3 attributes of Information Security CIA (Confidentiality,Integrity,Availability)
17 Name 4 Ps of Security People (culture,knowledge),Processess(Procedures,guidelines),Products(hardware,Software & n/w),Partners(vendors,outsourcing organisations)
18 Name Types of information security controls Physical control(Facility protection, security guards, locks); Administrative controls (Policies, standards, procedures, guidelines, screening personnel, security awareness training ); Technical controls (Logical access controls, encryption, security devices, identification and authentication )
19 Name key domains of ISO27001 11 domains- Security policy, Organization of information security, Asset management, Human resource security, Physical and environmental security, Communications and operations management, Access control, Information systems acquisition, development & Maintenance, Information security incident management, Business continuity management, Compliance
20 What is CMC Security Mission statement Pls see sheet 'Mission Statmt'
21 Name Categories of assets Electronic Information Assets, Paper-based Information Assets, Software Assets, IT Equipment Assets and Support Services Assets
22 How is information classified RESTRICTED, CONFIDENTIAL, INTERNAL, PUBLIC
23 What is Physical & Environmental security Display ID cards at all times when present within CMC premises
Smoking, eating and drinking beverages in restricted/secure areas is strictly prohibited
Access cards should not be shared with others
Photographic, video or other recording equipment will not be allowed inside restricted / secure areas without approval
24 What is web site security Individuals will not host their personal websites on CMC s resources.
25 What precaution is required before connecting visitor s Laptop to the network verify if latest anti-virus software is present
26 What is our password policy Minimum of 8 characters for normal users; Password should be a combination of alphabets numbers and at least one special character.
The numeric or special character will not be the first character of the password.
Users should change their passwords at least once in Ninety (90) days.
The changed password should be different from the previous three passwords
27 Specify types of incidents Virus Attack
Unauthorized copying / disclosure of information
Tampering
Theft of any hardware or software resource
Attempts to gather information
Natural Disasters (Flood, earthquake etc.)
Fire
Electrical Outages
Network Outages
28 What steps are required before distributing or photocopying information which is clasified as 'Confidential' or 'Restricted' Prior approval of RSC/SBU Head required before photocopying such docs. Its distribution is also restricted as decided by owner.Owner will maintain list of persons who have been distributed these docs.
29 What is the frequency of backup Weekly scheduling done
30 Clear desk & clear screen policy users will lock terminals when they are away from the desks, & not keep confidential documents on their desks but under lock
pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt pepsico ppt