Information Security Session 3 Assessment

05 May

Information Security Session 3 Assessment

by Cybrone Solutions

Comments

Welcome to your Information Security Session 3 Quiz

Name

What is a common sign that a website is not secure?

The website has a lock icon in the address bar

The website's URL starts with "https://"

The website has a lot of pop-up ads

The website asks for personal information before displaying any content

None

What is the best way to prevent web attacks?

Using a firewall to block all incoming traffic

Regularly updating software to fix vulnerabilities

Disabling all security features on a system

Sharing login credentials with others

None

What is the purpose of using a static code analysis tool?

To find and fix security vulnerabilities in code

To encrypt data sent over the network

To store passwords securely

To implement secure coding frameworks and libraries

None

What is information security?

Protecting information from unauthorized access, use, disclosure, disruption, modification or destruction

Creating information to be used for business purposes

Storing information in a central database for easy access

None

What is a common technique used in website spoofing attacks?

Sending fake emails that contain malicious links

Creating fake login pages that look like legitimate ones

Hacking into a legitimate website's server

Creating fake social media profiles

None

What is the primary goal of a safe browsing policy?

To prevent users from accessing any website

To allow users to access any website without restriction

To ensure users only access trusted and secure websites

To block all incoming network traffic

None

What is the purpose of threat modeling in secure coding practices?

To identify and prioritize potential security threats and vulnerabilities

To implement secure coding frameworks and libraries

To encrypt data sent over the network

To store passwords securely

None

What is a common vulnerability in code that can lead to security breaches?

Using secure coding frameworks and libraries

Ignoring input validation and sanitization

Using strong encryption algorithms

Regularly updating software and its dependencies

None

Which of the following is a best practice for secure coding related to error handling?

Ignoring error messages generated by the application

Displaying detailed error messages to users

Logging error messages without any context

Displaying generic error messages to users

None

10.

What is a common technique used by attackers to gain access to a user's device?

Social engineering

Brute-force attacks

Denial-of-service attacks

None

11.

Which of the following is an example of a password policy best practice?

Allowing users to reuse their previous passwords

Requiring users to change their password every month

Allowing users to share their passwords with others

Using simple and easy-to-guess passwords

None

12.

What is the primary goal of a password policy?

To ensure that users choose simple and easy-to-guess passwords

To allow users to reuse their previous passwords

To prevent unauthorized access to a system or data

To force users to change their password every day

None

13.

. What is the primary purpose of encryption in information security?

To ensure the confidentiality and integrity of data

To make data accessible to anyone

To delete data permanently from a device

To prevent data from being transmitted over a network

None

14.

What is the primary purpose of phishing attacks?

To steal sensitive information by tricking users into giving away their login credentials

To install malware on a user's device

To launch a denial-of-service attack

None

15.

Which of the following is NOT an example of a password attack?

Brute-force attack

Dictionary attack

Trojan horse attack

None

16.

What is a common technique used in vishing scams?

Claiming to be a friend or family member in distress

Asking the victim to click on a link in an email

Claiming that the victim has won a prize and needs to provide personal information

Threatening the victim with legal action

None

17.

What is a common technique used in online tech support scams?

Offering legitimate technical support services

Calling potential victims on the phone

Claiming that the victim's device is infected with malware

Providing a money-back guarantee for their services

None

18.

What is the best way to protect against password attacks?

Using complex passwords

Using the same password for all accounts

Sharing passwords with others

Writing passwords down on a piece of paper

None

19.

What is the most effective way to prevent phishing attacks?

Training employees to identify and report phishing attempts

Installing the latest antivirus software on all devices

Blocking all incoming emails from unknown senders

None

20.

How can you protect yourself from vishing scams?

Never provide personal information over the phone unless you initiated the call

Click on any links provided in the call to verify the legitimacy of the call

Provide your personal information to the caller to avoid any legal trouble

Agree to pay any fees or charges requested by the caller

None

21.

What is a common type of web attack that involves exploiting vulnerabilities in a web application's input validation?

Cross-site scripting (XSS)

Cross-site request forgery (CSRF)

SQL injection

Session hijacking

None

22.

What is a common technique used by attackers to deliver malware to a user's device?

Phishing emails

Physical access to the device

Social engineering attacks

Denial-of-service attacks

None

23.

Which of the following is an example of a web attack?

Installing a virus on a user's device

Cracking a user's password

Redirecting a user to a fake website

None

24.

What is a common sign that an online investment opportunity is a scam?

The offer promises high returns with no risk

The investment is backed by a reputable financial institution

The investment requires a large upfront payment

The offer is only available to a select group of people

None

25.

What is a common characteristic of an online phishing scam?

It involves sending unsolicited phone calls to potential victims

It relies on social engineering tactics to trick users into revealing sensitive information

It only targets large corporations and never individuals

It requires physical access to a victim's device

None

Thank you for the Quiz, Kindly check your email for the result.
Good Luck!