JAIIB · PPB · Chapter 7

Security Considerations and Mitigation Measures in Banks

Chapter notes, video classes, MCQ practice tests and quick-revision one-liners for Principles and Practices of Banking — JAIIB.

1 practice test 66 one-liners
Quick revision

One-liners from this chapter

Free sample — 8 of 66 rapid-fire Q&A cards.

Q

What is the primary purpose of an Information Security Policy in a bank?

A

An Information Security Policy defines the framework for protecting confidential data, IT assets, and customer information from unauthorized access, misuse, or breaches. It serves as the foundational governance document guiding all security-related decisions.

Q

Under the four-control IS audit framework, which type of control does a smoke detector in a server room represent?

A

Detective control

Q

What does CIA triad stand for in the context of bank information security?

A

CIA stands for Confidentiality, Integrity, and Availability — the three core principles ensuring that banking data is accessible only to authorized users, remains accurate and unaltered, and is reliably available when needed.

Q

What is the principle called when even an authorised user is given only need-based, minimum access in a core banking system?

A

Least privilege (logical control)

Q

What is a firewall and why is it critical for bank network security?

A

A firewall is a network security device that monitors and controls incoming and outgoing traffic based on predefined security rules. Banks use firewalls to create a barrier between trusted internal networks and untrusted external networks like the internet.

Q

According to IS audit, which single factor is regarded as the largest promoter of fraud scope in a computerised banking environment?

A

Inadequate control over data

Q

What is the role of Intrusion Detection Systems (IDS) in banks?

A

An IDS monitors network traffic for suspicious activity and known threat patterns, alerting security teams to potential breaches or policy violations. Banks use IDS to detect unauthorized access attempts in real time.

Q

Why is tampering with computerised banking data difficult to detect compared with paper records?

A

Data is stored on magnetic media where alterations leave no visible trace without adequate controls

Unlock all 66 one-liners

Self-quiz mode with hidden answers + printable deck.

Open the deck
Test yourself

MCQ practice tests

Chapter-wise mock tests with instant scoring.

Practice test

Master the full PPB syllabus

Every chapter of Principles and Practices of Banking — videos, tests, notes and one-liner decks in one place.