Security
Our 2023 Mandatory Security & Privacy Training – Trust No One is optional
True or False?
False - complete this 2023 Annual Security Training before September 29
Who is the Chief Privacy Officer for Cisco?
Harvey Jang
What is the ISO standard designed to help organizations prevent, prepare for, respond to and recover from unexpected and disruptive incidents?
A) ISO 22301
B) ISO 27001
C) ISO 9001
D) ISO 14001
A) ISO 22301 is the international standard for Business Continuity Management (BCM).
Russ Smoak has how many direct reports?
A) 20 B) 15 C) 10 D) 17
D) 17
Who is the current Chief Operating Officer?
A) Maria Martinez B) Mark Patterson C) Gary Moore D) Rebecca Jacoby
A) Maria Martinez
What is spear phishing?
A) a type of phishing attack that targets specific individuals or organizations
B) a type of phishing attack using light spears
C) a type of phishing attack meant for farming
D) a type of phishing specifically meant for the weapons industry
A) The goal of spear phishing is to steal sensitive information such as login credentials or infect the targets' device with malware
Which is an example of Personally Identifiable Information (PII)?
A) job title B) street address C) passport number D) company name
C) passport number can be associated to an individual
True or False: Disaster recovery and Business Continuity Management are the same thing
False: BCM makes sure that an organization can continue to function while recovering from a disruption. Disaster recovery is the process of returning a business or organization to a state of normality.
Which team reports to Russell Smoak?
A) Global Cloud Compliance B) Trust Transformation C) Security Visibility and Incident Command (SVIC) D) Service Readiness Engineering
D) Bringing the best of Cisco to our customers by enabling sustainable Customer Experience and Engineering collaboration by design. Comprised of Quarterly Business Review, Alignment Management, and Readiness and Response Management teams.
Cisco has been voted #1 world's best workplaces
True or False
True: Excited to be ranked one of the World's Best Workplaces twelve years in a row! #1 in 2019 & 2020 and #2 in 2021.
External customers can collaborate with Cisco employees on:
A) Microsoft teams B) Webex C) Zoom D) All of the above
D) We recognize your customers, vendors and partners may use Zoom, Citrix, Google, Microsoft and other vendors to host meetings, and Infosec would advise the following best practices for video and web conferencing.
Which is an example of Sensitive PII?
A) Name B) Passport number C) Height D) Work address
B) Sensitive PII (i.e..sensitive data) is PII that can be used to embarrass, harm, or discriminate against someone or can be used for identity theft or fraud to the data subject.
A business continuity plan is mandatory for the following criticality levels:
A) C1 to C3
B) C1 to C5
C) C4 to C5
D) All business processes regardless of criticality
A) For all BP's having criticality C1 to C3, Business Continuity Plan is mandatory. For BPs with criticality C4 or C5, BCP is optional.
CIRRA stands for?
Customer Incident Response, Readiness, and Assurance (CIRRA)
Which is not one of Cisco's Products, Solutions, and Services?
A) Networking B) Security C) Computing D) Food Services
D) Food Services
Which Cisco team assists sellers with security assurance responses?
A) Privacy Center of Excellence
B) Cisco.com
C) Customer Information Clearinghouse
D) Security Legal
C) The Customer Information Clearinghouse (CIC) provides sales enablement support to account teams, legal, Customer Experience (CX), and other customer-facing groups across Cisco by supplying consistent and accurate security assurance, data protection, and privacy responses.
A PIA is required for all acquired company offers
True or False
False: A PIA is not needed when the product will go EOL before 6 months or does not involve processing of any personal information
True or False: Global Business Resiliency (GBR) is Part Of The Corporate Security Team
True: Global Business Resiliency (GBR) is Part Of The Corporate Security Team which also includes Global Emergency Management and Global Incident Management
Cisco Product and SaaS Security services include:
A) CSDL B) ASIG C) Security Insights D) All of the above
Who will not be a speaker for WebexOne 2023?
A) Neil deGrasse Tyson
B) Robert De Niro
C) Steve Kerr
D) Jane Rosenthal
C) Steve Kerr
Which are valid ways to provide customers with Cisco software distribution?
A) Doc Exchange
B) SFTP
C) Software Download Center (SDS) and SFP/SFA
D) None of the above
C) The Services Access Policy defines access policies for both external and internal users for software distribution, return material authorization (RMA), technical support, and smart capabilities. Section 4.2.4.2 for Production Software Distribution; Only Software Download Center (SDS) and SFP/SFA may be used to send external parties’ software. SFP is the only sanctioned delivery mechanism for internal users to deliver software to external parties because Cisco is required to keep an audit log of all software distributed. File Exchange may not be used to distribute production software.
Tools developed that impact employees in France need to be reviewed by:
A) Francization team B) Works Council team C) Chief Privacy Officer D) CSDL team
B) The Works Council Compliance team was created to ensure that all Cisco applications, tools, processes and initiatives are compliant to the Works Councils in Germany, Austria, the Netherlands, Belgium and France. This compliance is important from the legal perspective, as the Works Councils enforce the local laws regarding employee rights.
Where should you send customer requests for queries on business continuity that cannot be addressed on the Cisco Trust Portal?
A) Brian Stoner B) Customer Information Clearinghouse C) ISO 22301 D) Cisco TAC
B) Please direct customers directly to the Cisco Trust Portal for queries. For questions that the Cisco Trust Portal cannot answer, the Customer Information Clearinghouse (CIC) team can provide consistent and vetted answers to common customer requests.
Product Security Incident Response Team (PSIRT) does the following:
A) Delivers deep security knowledge for event analysis, threat assessments, and formulating best practices and mitigation procedures for Cisco products and services.
B) Enhances CX/ONEx risk management and controls maturity via cross-functional engagement.
C) Manages the global investigation and reporting of vulnerability information for Cisco products and services.
C) The Cisco Product Security Incident Response
Team (PSIRT) is a dedicated, global team that
manages the receipt, investigation, and public
reporting of security vulnerability information
that is related to Cisco products and networks.
Cisco has a contest where you can win:
A) a trip to Allegiant Stadium in Las Vegas, Nevada
B) a trip to NFL Draft in Detroit, Michigan
C) NFL-themed tailgate package, complete with a cornhole set and grilling equipment
D) All of the above
D) To celebrate the 2023-2024 NFL season and our growing partnership, we are bringing back our weekly NFL Pick’Em Challenge. It gives you the opportunity to win exclusive NFL prizes and experiences.
https://weare.cisco.com/c/r/weare/build-a-streak-win-a-trip-to-super-bowl-lviii.html