43893 TCS Answers : Information Security Awareness Main Course LCS WBT Success

by

Information security is crucial in today’s digital world 43893 TCS Answers course. The 43893 TCS Answers helps associates gain knowledge on basic security concepts, policies, best practices and their responsibilities. This article provides all the questions and answers for the TCS Information Security Awareness Main Course LCS WBT 43893 TCS Answers. The course covers important topics around information security basics, policies, and best practices.

43893 TCS Answers
43893 TCS Answers

43893 TCS Answers :

Section 1: Information Classification

Question 1

Which of the following is the most sensitive type of information?
Answer: Confidential

Question 2:

Which of the following is the least sensitive type of information?
Answer: Public

Section 2: Password Management

Question 3:

Which of the following is considered a strong password?
Answer: R@nd0mC0mpl3xP@ssw0rd123!

Question 4:

How often should passwords be changed?
Answer: Every 90 days

Section 3: Email Security

Question 5:

Which of the following email attachments should be opened with caution?
Answer: Attachments from unknown senders

Question 6:

True or False: It is safe to provide personal information like credit card details over email.
Answer: False

Section 4: Internet and Device Security

Question 7:

Which of the following helps protect your device from viruses and malware?
Answer: Antivirus software

Question 8:

True or False: It is safe to connect to public WiFi networks.
Answer: False

Section 5: Social Engineering

Question 9:

Which of the following is an example of social engineering?
Answer: Pretending to be someone in technical support to get access to a user’s computer.

Question 10:

True or False: It is safe to provide personal information like your date of birth to someone who claims to be from your bank over the phone.
Answer: False.

Section 6: Device and Media Handling

Question 11:

Which of the following storage devices should have encryption enabled?
Answer: External hard drives, USB drives

Question 12:

What precautions should be taken before throwing away confidential documents?
Answer: Shred or destroy documents so information cannot be reconstructed.
I have included the main questions and answers from the course under relevant headings for easy reference. Please let me know if you need any clarification or have additional questions.

Section 7: Information Security Policies

Question 13:

Which policy governs the appropriate use of company IT resources?
Answer: Acceptable Use Policy

Question 14:

Which policy defines how confidential information should be handled and protected?
Answer: Information Classification and Handling Policy

Section 8: Information Security Best Practices

Question 15:

Which of the following helps ensure only authorized changes are made to systems and networks?
Answer: Change Management Process

Question 16:

True or False: Departmental printers and copiers should have strong access controls.
Answer: True

43893 TCS Answers

Information Assets
Information assets at TCS include confidential data like customer details, source code etc. Controls protect these assets from threats.

  • Customer databases, source code, technical designs, project plans are some examples of information assets.
  • Controls involve policies, awareness programs, encryption etc. to safeguard assets from unauthorized access or usage.

Information Classification
TCS classifies information into different categories based on sensitivity.

  • Public – Freely available information with no restrictions
  • Internal – For internal circulation but not for external distribution
  • Confidential – Unauthorized disclosure can impact business competitiveness
  • Strictly Confidential – Disclosures can seriously damage business

Access Control
Controlling who can access what information is crucial. Some important access control measures are:

  • User ID-Password: Unique credentials issued to access authorized systems/data
  • Authorization: Granting access to only required information based on job role
  • Authentication: Verifying identity through something you know (password), have (token) or are (biometrics)
  • Account management: Timely closure of terminated/inactive user accounts

Information Handling
Proper handling reduces security risks from accidental or intentional misuse of information assets. Some key practices are:

  • Classify and label information as per sensitivity
  • Access information only on need to know basis in authorized locations
  • Avoid discussing confidential matters in public
  • Report security incidents/concerns without fear of retribution
  • Physically secure printouts, avoid working in public, log off when away

Information Transfer
Controls ensure information in transit is protected from interception or modification risks. Some examples:

  • Encrypt email attachments containing sensitive data
  • Use secure file transfer mechanisms for large/critical data
  • Physically transfer storage devices instead of mailing them
  • Secure laptops/devices as per travel security policies if travelling abroad

Computer Security
Safety measures help protect systems and information stored on them. Key aspects include:

  • Use firewall and antivirus softwares to block malware
  • Apply OS security patches, updates on time
  • Use strong, unique passwords and don’t share them
  • Exercise caution against phishing/spam emails, links and unknown USB devices
  • Lock screen/log off when system is unattended even for short whiles

Network Security
Controls ensure information remains secure while being transported over networks. Some examples are:

  • Encrypt sensitive information transmitted wirelessly
  • Use corporate approved secured network connections
  • Be careful of open/public WiFi networks which can be compromised
  • Disable network discovery, file/printer sharing to avoid intrusions
  • Monitor for and report suspicious network activity without delay

Information Security Awareness
Being aware of risks helps associates take necessary precautions. Important awareness aspects are:

  • Complete mandatory security awareness training periodically
  • Follow security best practices and policies shared through communication channels
  • Report security incidents/vulnerabilities without delay
  • Clarify doubts from Information Security team if any aspect is unclear

Associate Responsibilities
Each associate plays a vital role in information security. Some key responsibilities include:

  • Follow security policies, process and guidelines diligently
  • Immediately report security incidents/breaches encountered
  • Handle TCS as well as customer information with care and confidentiality
  • Undergo periodic security awareness training provided by the company
  • Clarify doubts and provide suggestions to strengthen security practices

Leave a Comment