Information Security Session 3 Assessment

05 May

Information Security Session 3 Assessment

by Cybrone Solutions

Comments

Welcome to your Information Security Session 3 Quiz

Name

Which of the following is an example of a password policy best practice?

Allowing users to reuse their previous passwords

Requiring users to change their password every month

Allowing users to share their passwords with others

Using simple and easy-to-guess passwords

None

What is a common sign that a website is not secure?

The website has a lock icon in the address bar

The website's URL starts with "https://"

The website has a lot of pop-up ads

The website asks for personal information before displaying any content

None

What is a common vulnerability in code related to session management?

Allowing users to create weak passwords

Storing session tokens in plain text

Using strong encryption for network communication

Using secure hashing algorithms to store passwords

None

What is a common vulnerability in code that can lead to security breaches?

Using secure coding frameworks and libraries

Ignoring input validation and sanitization

Using strong encryption algorithms

Regularly updating software and its dependencies

None

What is the primary purpose of phishing attacks?

To steal sensitive information by tricking users into giving away their login credentials

To install malware on a user's device

To launch a denial-of-service attack

None

What is the purpose of threat modeling in secure coding practices?

To identify and prioritize potential security threats and vulnerabilities

To implement secure coding frameworks and libraries

To encrypt data sent over the network

To store passwords securely

None

What is a common technique used in online tech support scams?

Offering legitimate technical support services

Calling potential victims on the phone

Claiming that the victim's device is infected with malware

Providing a money-back guarantee for their services

None

What is a common technique used by attackers to deliver malware to a user's device?

Phishing emails

Physical access to the device

Social engineering attacks

Denial-of-service attacks

None

How can you protect your web browser from malware?

Disable your browser's security settings

Install browser extensions from unknown sources

Regularly update your browser and its extensions

Allow all cookies to be saved

None

10.

What is the best way to prevent web attacks?

Using a firewall to block all incoming traffic

Regularly updating software to fix vulnerabilities

Disabling all security features on a system

Sharing login credentials with others

None

11.

What is the primary goal of a web application attack?

To steal sensitive information by exploiting vulnerabilities in a web application

To install malware on a user's device

To launch a denial-of-service attack

None

12.

What is the most effective way to prevent phishing attacks?

Training employees to identify and report phishing attempts

Installing the latest antivirus software on all devices

Blocking all incoming emails from unknown senders

None

13.

Which of the following is a best practice for secure coding related to error handling?

Ignoring error messages generated by the application

Displaying detailed error messages to users

Logging error messages without any context

Displaying generic error messages to users

None

14.

How can you protect yourself from vishing scams?

Never provide personal information over the phone unless you initiated the call

Click on any links provided in the call to verify the legitimacy of the call

Provide your personal information to the caller to avoid any legal trouble

Agree to pay any fees or charges requested by the caller

None

15.

What is vishing?

A type of scam that targets mobile devices

A type of scam that involves impersonating a legitimate organization/person over the phone

A type of scam that involves infecting a victim's computer with malware

A type of scam that relies on social media to trick victims

None

16.

What is information security?

Protecting information from unauthorized access, use, disclosure, disruption, modification or destruction

Creating information to be used for business purposes

Storing information in a central database for easy access

None

17.

Which of the following is NOT an example of a password policy best practice?

Requiring passwords to be changed every 90 days

Allowing users to reuse their previous passwords

Enforcing minimum password length and complexity requirements

None

18.

Which of the following is an example of a web attack?

Installing a virus on a user's device

Cracking a user's password

Redirecting a user to a fake website

None

19.

What is a common technique used in website spoofing attacks?

Sending fake emails that contain malicious links

Creating fake login pages that look like legitimate ones

Hacking into a legitimate website's server

Creating fake social media profiles

None

20.

What is the primary goal of a safe browsing policy?

To prevent users from accessing any website

To allow users to access any website without restriction

To ensure users only access trusted and secure websites

To block all incoming network traffic

None

21.

What is a common type of web attack that involves exploiting vulnerabilities in a web application's input validation?

Cross-site scripting (XSS)

Cross-site request forgery (CSRF)

SQL injection

Session hijacking

None

22.

What is a common sign that an online investment opportunity is a scam?

The offer promises high returns with no risk

The investment is backed by a reputable financial institution

The investment requires a large upfront payment

The offer is only available to a select group of people

None

23.

What is the best way to protect against password attacks?

Using complex passwords

Using the same password for all accounts

Sharing passwords with others

Writing passwords down on a piece of paper

None

24.

What is a common technique used by attackers to gain access to a user's device?

Social engineering

Brute-force attacks

Denial-of-service attacks

None

25.

. What is the primary purpose of encryption in information security?

To ensure the confidentiality and integrity of data

To make data accessible to anyone

To delete data permanently from a device

To prevent data from being transmitted over a network

None

Thank you for the Quiz, Kindly check your email for the result.
Good Luck!