Information Security Session 3 Assessment

05 May

Information Security Session 3 Assessment

by Cybrone Solutions

Comments

Welcome to your Information Security Session 3 Quiz

Name

Which of the following is an example of a web attack?

Installing a virus on a user's device

Cracking a user's password

Redirecting a user to a fake website

What is a common technique used in online tech support scams?

Offering legitimate technical support services

Calling potential victims on the phone

Claiming that the victim's device is infected with malware

Providing a money-back guarantee for their services

What is a common technique used in website spoofing attacks?

Sending fake emails that contain malicious links

Creating fake login pages that look like legitimate ones

Hacking into a legitimate website's server

Creating fake social media profiles

What is a common technique used in vishing scams?

Claiming to be a friend or family member in distress

Asking the victim to click on a link in an email

Claiming that the victim has won a prize and needs to provide personal information

Threatening the victim with legal action

What is a common vulnerability in code that can lead to security breaches?

Using secure coding frameworks and libraries

Ignoring input validation and sanitization

Using strong encryption algorithms

Regularly updating software and its dependencies

What is information security?

Protecting information from unauthorized access, use, disclosure, disruption, modification or destruction

Creating information to be used for business purposes

Storing information in a central database for easy access

What is a common sign that a website is not secure?

The website has a lock icon in the address bar

The website's URL starts with "https://"

The website has a lot of pop-up ads

The website asks for personal information before displaying any content

Which of the following is NOT an example of a password policy best practice?

Requiring passwords to be changed every 90 days

Allowing users to reuse their previous passwords

Enforcing minimum password length and complexity requirements

What is a common sign that an online investment opportunity is a scam?

The offer promises high returns with no risk

The investment is backed by a reputable financial institution

The investment requires a large upfront payment

The offer is only available to a select group of people

10.

How can you protect yourself from vishing scams?

Never provide personal information over the phone unless you initiated the call

Click on any links provided in the call to verify the legitimacy of the call

Provide your personal information to the caller to avoid any legal trouble

Agree to pay any fees or charges requested by the caller

11.

What is a safe way to browse the web?

Only visiting untrusted websites

Clicking on every link and attachment received in emails

Only visiting trusted websites and verifying their security certificates

Disabling antivirus software and firewalls

12.

What is the primary goal of a web application attack?

To steal sensitive information by exploiting vulnerabilities in a web application

To install malware on a user's device

To launch a denial-of-service attack

13.

. What is the primary purpose of encryption in information security?

To ensure the confidentiality and integrity of data

To make data accessible to anyone

To delete data permanently from a device

To prevent data from being transmitted over a network

14.

What is the best way to prevent web attacks?

Using a firewall to block all incoming traffic

Regularly updating software to fix vulnerabilities

Disabling all security features on a system

Sharing login credentials with others

15.

What is the purpose of threat modeling in secure coding practices?

To identify and prioritize potential security threats and vulnerabilities

To implement secure coding frameworks and libraries

To encrypt data sent over the network

To store passwords securely

16.

Which of the following is NOT an example of a password attack?

Brute-force attack

Dictionary attack

Trojan horse attack

17.

What is a common vulnerability in code related to session management?

Allowing users to create weak passwords

Storing session tokens in plain text

Using strong encryption for network communication

Using secure hashing algorithms to store passwords

18.

What is the best way to protect against password attacks?

Using complex passwords

Using the same password for all accounts

Sharing passwords with others

Writing passwords down on a piece of paper

19.

Which of the following is an example of a social engineering attack?

Using a software vulnerability to gain access to a system

Tricking a user into revealing their login credentials

Bombarding a system with traffic to cause a denial-of-service

Encrypting a system's files and demanding a ransom

20.

What is a common technique used by attackers to deliver malware to a user's device?

Phishing emails

Physical access to the device

Social engineering attacks

Denial-of-service attacks

21.

What is a common characteristic of an online phishing scam?

It involves sending unsolicited phone calls to potential victims

It relies on social engineering tactics to trick users into revealing sensitive information

It only targets large corporations and never individuals

It requires physical access to a victim's device

22.

What is vishing?

A type of scam that targets mobile devices

A type of scam that involves impersonating a legitimate organization/person over the phone

A type of scam that involves infecting a victim's computer with malware

A type of scam that relies on social media to trick victims

23.

What is the primary goal of a password policy?

To ensure that users choose simple and easy-to-guess passwords

To allow users to reuse their previous passwords

To prevent unauthorized access to a system or data

To force users to change their password every day

24.

What is the primary purpose of phishing attacks?

To steal sensitive information by tricking users into giving away their login credentials

To install malware on a user's device

To launch a denial-of-service attack

25.

How can you protect your web browser from malware?

Disable your browser's security settings

Install browser extensions from unknown sources

Regularly update your browser and its extensions

Allow all cookies to be saved

Thank you for the Quiz, Kindly check your email for the result.
Good Luck!