Security
Privacy
Resiliency
STO - Russ's team
Cisco
100

Our 2023 Mandatory Security & Privacy Training – Trust No One is optional

True or False?

False - complete this 2023 Annual Security Training before September 29

100

Who is the Chief Privacy Officer for Cisco?

100

What is the ISO standard designed to help organizations prevent, prepare for, respond to and recover from unexpected and disruptive incidents?

A) ISO 22301

B) ISO 27001

C) ISO 9001

D) ISO 14001

A) ISO 22301 is the international standard for Business Continuity Management (BCM).

100

Russ Smoak has how many direct reports?

A) 20 B) 15 C) 10 D) 17

D) 17

100

Who is the current Chief Operating Officer?

A) Maria Martinez B) Mark Patterson C) Gary Moore D) Rebecca Jacoby

A) Maria Martinez

200

What is spear phishing?

A) a type of phishing attack that targets specific individuals or organizations

B) a type of phishing attack using light spears

C) a type of phishing attack meant for farming

D) a type of phishing specifically meant for the weapons industry

A) The goal of spear phishing is to steal sensitive information such as login credentials or infect the targets' device with malware 

200

Which is an example of Personally Identifiable Information (PII)?

A) job title B) street address C) passport number D) company name

C) passport number can be associated to an individual

200

True or False: Disaster recovery and Business Continuity Management are the same thing


False: BCM makes sure that an organization can continue to function while recovering from a disruption. Disaster recovery is the process of returning a business or organization to a state of normality. 

200

Which team reports to Russell Smoak?

A) Global Cloud Compliance B) Trust Transformation C) Security Visibility and Incident Command (SVIC) D) Service Readiness Engineering

D) Bringing the best of Cisco to our customers by enabling sustainable Customer Experience and Engineering collaboration by design. Comprised of Quarterly Business Review, Alignment Management, and Readiness and Response Management teams.

200

Cisco has been voted #1 world's best workplaces

True or False

True: Excited to be ranked one of the World's Best Workplaces twelve years in a row! #1 in 2019 & 2020 and #2 in 2021.

300

External customers can collaborate with Cisco employees on:

A) Microsoft teams B) Webex C) Zoom D) All of the above

D) We recognize your customers, vendors and partners may use Zoom, Citrix, Google, Microsoft and other vendors to host meetings, and Infosec would advise the following best practices for video and web conferencing.

https://cisco.sharepoint.com/sites/CXCentersEandS_BCSP_SandO/SitePages/Secure-Video-and-Web-Conferencing-Guidance.aspx

300

Which is an example of Sensitive PII?

A) Name B) Passport number C) Height D) Work address

B) Sensitive PII (i.e..sensitive data) is PII that can be used to embarrass, harm, or discriminate against someone or can be used for identity theft or fraud to the data subject.

300

A business continuity plan is mandatory for the following criticality levels:

A) C1 to C3

B) C1 to C5

C) C4 to C5

D) All business processes regardless of criticality

A) For all BP's having criticality C1 to C3, Business Continuity Plan is mandatory. For BPs with criticality C4 or C5, BCP is optional. 

https://cisco.sharepoint.com/sites/GlobalResiliencyAndEmergencyPreparedness/SitePages/Business-Impact-Analysis-(BIA)---Step-by-Step-Guide.aspx

300

CIRRA stands for?

Customer Incident Response, Readiness, and Assurance (CIRRA)

300

Which is not one of Cisco's Products, Solutions, and Services?

A) Networking B) Security C) Computing D) Food Services


D) Food Services

400

Which Cisco team assists sellers with security assurance responses?

A) Privacy Center of Excellence

B) Cisco.com

C) Customer Information Clearinghouse

D) Security Legal

C) The Customer Information Clearinghouse (CIC) provides sales enablement support to account teams, legal, Customer Experience (CX), and other customer-facing groups across Cisco by supplying consistent and accurate security assurance, data protection, and privacy responses.

400

A PIA is required for all acquired company offers

 True or False

False: A PIA is not needed when the product will go EOL before 6 months or does not involve processing of any personal information

400

True or False: Global Business Resiliency (GBR) is Part Of The Corporate Security Team


True: Global Business Resiliency (GBR) is Part Of The Corporate Security Team which also includes Global Emergency Management and Global Incident Management

400

Cisco Product and SaaS Security services include:

A) CSDL B) ASIG C) Security Insights D) All of the above

400

Who will not be a speaker for WebexOne 2023?

A) Neil deGrasse Tyson

B) Robert De Niro

C) Steve Kerr

D) Jane Rosenthal

500

Which are valid ways to provide customers with Cisco software distribution?

A) Doc Exchange

B) SFTP

C) Software Download Center (SDS) and SFP/SFA

D) None of the above

C) The Services Access Policy defines access policies for both external and internal users for software distribution, return material authorization (RMA), technical support, and smart capabilities. Section 4.2.4.2 for Production Software Distribution; Only Software Download Center (SDS) and SFP/SFA may be used to send external parties’ software. SFP is the only sanctioned delivery mechanism for internal users to deliver software to external parties because Cisco is required to keep an audit log of all software distributed. File Exchange may not be used to distribute production software.

500

Tools developed that impact employees in France need to be reviewed by:

A) Francization team B) Works Council team C) Chief Privacy Officer D) CSDL team

B) The Works Council Compliance team was created to ensure that all Cisco applications, tools, processes and initiatives are compliant to the Works Councils in Germany, Austria, the Netherlands, Belgium and France. This compliance is important from the legal perspective, as the Works Councils enforce the local laws regarding employee rights. 

500

Where should you send customer requests for queries on business continuity that cannot be addressed on the Cisco Trust Portal?

A) Brian Stoner B) Customer Information Clearinghouse C) ISO 22301 D) Cisco TAC

B) Please direct customers directly to the Cisco Trust Portal for queries. For questions that the Cisco Trust Portal cannot answer, the Customer Information Clearinghouse (CIC) team can provide consistent and vetted answers to common customer requests.

500

Product Security Incident Response Team (PSIRT) does the following:

A) Delivers deep security knowledge for event analysis, threat assessments, and formulating best practices and mitigation procedures for Cisco products and services.

B) Enhances CX/ONEx risk management and controls maturity via cross-functional engagement.

C) Manages the global investigation and reporting of vulnerability information for Cisco products and services.

C) The Cisco Product Security Incident Response

Team (PSIRT) is a dedicated, global team that

manages the receipt, investigation, and public

reporting of security vulnerability information

that is related to Cisco products and networks.

500

Cisco has a contest where you can win:

A) a trip to Allegiant Stadium in Las Vegas, Nevada

B) a trip to NFL Draft in Detroit, Michigan

C)  NFL-themed tailgate package, complete with a cornhole set and grilling equipment

D) All of the above

D) To celebrate the 2023-2024 NFL season and our growing partnership, we are bringing back our weekly NFL Pick’Em Challenge. It gives you the opportunity to win exclusive NFL prizes and experiences.


https://weare.cisco.com/c/r/weare/build-a-streak-win-a-trip-to-super-bowl-lviii.html