Dear sir/madam

I plan to collect data for my assignment purpose on the "Vulnerability Evaluation" of the "Tokyo
cement" management information system. I am therefore asking you humbly to take part in our
survey by filling out this form. I assume that this questionnaire should take less than ten minutes
to fill in. This data is only used for this reason of analysis and is kept confidential.
I hope that you can distribute this to your company employee’s and have them request to answer
it. Your responses will greatly influence the improvement of our educational system. All
information provided will be treated strictly as confidential and purely for academic purpose.
Looking forward to your favorable responds.
Thankyou
Yours faithfully,
…………………………..

(Student-HND-COM, E-soft Metro Campus)

SECTION A
This section of question is particularly use for some background information about you
Please select the suitable answer by tick correctly in the provided box.
1. Gender (Tick one only)
Male ☐ Female ☐
2. Age 
18-25 years ☐ 25–30 years ☐

35–45 years ☐ 45-60 years ☐

3. Level of education 
Masters ☐
Diploma ☐ PhD ☐
HND ☐
Degree ☐
4. position
CEO ☐ Employee ☐

Manager ☐ Assistant manager ☐

5. Work experience (if you are working as a hospital staff)

1-5 years ☐ 6-10 years ☐

11-15 years ☐ 15-20 years ☐

Company name:

…………………………………..

Statement (Software Security) 5 4 3 2 1

6 Anti-spyware software to detect and remove any
spyware threats
7 ID management software to automate
administrative tasks such as resetting user
passwords and enabling users to reset their own
passwords
8 Desktop security software at application level and
operating level to monitor, restrict usage, or
disable certain features of the workstations.
9 Web-filtering software to prevent access to
inappropriate materials or sites
10 Periodical automatic debugging and tests to
remove any defects from newly developed
software or hardware components
11 Multi-user operating systems and application
software to allow concurrent access by multiple
users of a computer

SECTION B
Please indicate the tick (x) which you agree or disagree with the statement
Strongly agree = 5; Agree = 4; Disagree = 3; strongly disagree = 2; No idea = 1

Statement (Hardware Security) 5 4 3 2 1

12 CCTV, visual camera, magnetic detection system, and

electronic anti-theft system at strategic places, public
computer areas, and server areas

13 Emergency power sources and alternative communication

lines. (Use of alternative telephone lines or cables and
generators.)

14 Locks, security cables, locked cable trays, metal cages, or

anchoring devices to improve the security of hardware
equipment’s.

15 Periodical remote mirroring or file mirroring to back up disk

drives

Statement (Network Security) 5 4 3 2 1

16 Antivirus software and desktop security software to receive

regular updates to protect the internal network from any
security breaches.
17 Digital signatures are used to assure the authenticity of any
electronic documents sent via the company’s network (e.g.,
use of passwords, private key encryption, public key
encryption, or digital certificates)
18 Firewall to protect the internal network from external threats.

19 Firewall with virtual private network (VPN) capabilities is

installed for remote and wireless access connections.
20 Limitation of connection time is performed via configuration
routines to control and restrict access to the company’s high-
risk applications or databases.
Statement (Server Security) 5 4 3 2 1

21 Antivirus software on servers and antivirus definition files are

kept up-to-date
22 Fault tolerance is implemented to ensure if one system fails,
then there is a backup system that immediately takes over
23 Firewalls to protect the company’s network from unwarranted
intrusions

Statement (Data Security) 5 4 3 2 1

24 Disposing of unused media and sensitive media are properly

managed to maintain an audit trail
25 Enforced path is created between a user terminal and other
company’s services to reduce the risk of unauthorized access.
26 Attributes for each removable media application in the
company are properly recorded and the media are kept from
accessing, running, or transferring data to the company
workstations and network from any unauthorized devices.
(USB thumb drives, tapes, CDs, DVDs, disks, drives, etc.)

Statement (Workstation Security) 5 4 3 2 1

27 All office productivity software and browsers for the

workstations/laptops are configured to receive updates in a
timely manner.
28 The computer’s BIOS are secured in order to create a secure
public access computer.
29 Virus protection programs, configuration settings, and security
software programs are installed for web browsers and e-mail
programs

Statement (Physical and Environmental Security) 5 4 3 2 1

29 Air conditioning to stabilize the temperature and humidity

within the library building
30 Earthquake early warning system to alert company’s staff and
patrons prior to damaging ground shaking
31 Flood detector to provide an early warning of developing
floods in a library
32 Lightning protectors and surge protectors to protect any
valuable machines or equipment’s from lighting strikes,
voltage spikes, and surges
33 Security guards to monitor people entering and leaving the
company’s buildings and sites