Security Awareness Training

07 Dec

by zulfiqar

Comments

Welcome to your Security Awareness Training

Name

What is the most common delivery method for viruses?

Instant Message

Internet download

Portable media

None

How often should you backup your data?

Once a week.

Once a month.

In accordance with your organization’s backup policy and the criticality of the data in question.

Once a fortnight.

None

Unexpectedly, you get an email from a colleague who requests you to urgently click on an email link which they’ve sent you. What is the safest option?

The link is from a known person therefore it’s safe to open.

If the link was malicious the organization’s firewall would have flagged or blocked it, therefore it’s safe to open.

Reply to the sender to double-check if the link is safe to open as they might have sent it accidentally.

Do not click the link. Phone the sender for verification.

None

What should I do after I learn about a data breach of a website? Choose the best answer.

Nothing

Change the password of my account for that website

Change the password for my account for that website and of all other websites where I use that same password

None

Your friend is late to meet you at your local café, and the café has open Wi-Fi. You’ve been meaning to take a look at a jewelry website that your mom likes to beat the Black Friday rush. You should:

Only buy from the website when using a phone.

Only buy from the website if you think it is secure.

Only buy from the website when using a laptop.

Wait until you get back home and use a trusted network.

None

You’re waiting for a package from overseas, but then you get a shipping delayed notification saying your package is stuck in Halifax! It's going to be returned to sender unless you click a link and confirm your shipping address. What should you do first?

Click on the provided link right away to confirm your address.

Call the number provided in the email to speak to a service agent.

Double check the sender's email address and check the provided link by hovering over it without clicking on it.

Contact the seller to complain about the delayed shipment.

None

What is the most important security awareness training topic?

Physical security

Information Protection

Social engineering

Remote computing protections

All of the above

None

You’ve just got a warning from your bank that suspicious activity has been detected and to login immediately using a URL (link) provided. What is the best course of action to take?

Contact your bank using the telephone number on the back of your credit card.

Check the headers in the email and then login.

None

Which of the following statements best describes the modern-day hacker?

Bored and lonely anti-social teenagers who hack as a challenge and sometimes for profit.

Computer savvy people who hack individuals and businesses as a form of competition.

Highly-organized crime gangs run like businesses who deploy highly automated and sometimes highly targeted attacks against individuals and businesses for profit.

All of the above.

None

10.

A supplier has sent you a USB memory stick in the post which contains drawings of a project that you’re collaborating on. What is the safest course of action?

Perform a virus scan of the memory stick before opening any of its files.

Use the USB port in front of your computer instead of the back which enables you to disconnect the memory stick quickly if it’s infected.

Do not use the USB stick. Request the supplier to the send the file via email or upload it to a secure file sharing service.

Insert the USB memory stick but don’t click on any of the files.

None

11.

True or False: Is it considered safe to use the same complex password on all websites?

True

False

None

12.

Information security aims to provide which three key services?

Data Strategy, Data Integrity, Data Storage

Data Integrity, Data Availability, Data Confidentiality

Data Availability, Data Storage, Data Mining

Data mining, Data Confidentiality, Data Storage

None

13.

What does information security do?

Guards the library

Protects the network and information systems

Protects employee and citizen data

Protects information on the internet

B & C

None

14.

Which of the following is a good way to create a password?

Your children's or pet's names

Using look-alike substitutions of numbers or symbols

A combination of upper and lowercase letters mixed with numbers and symbols

Using common names or words from the dictionary

None

15.

A colleague calls you telling you they have an urgent deadline to meet. But unfortunately, they have forgotten their password to the client database. What should you do to help?

Go to a computer terminal and log the user in so they can meet their deadline.

Suggest to your colleague that they call your IT helpdesk for a password reset link.

Give them your login credentials temporarily so your colleague can meet their deadline.

Put your login credentials on an encrypted USB memory stick and hand it to them.

None

16.

You’ve inadvertently opened a web link contained in a suspicious email and now your computer is behaving strangely. What should course of action should you follow next?

The purpose of a firewall and security software is to block malicious code getting into your computer in the first place so no action is needed.

You need to update and run your anti-virus software.

You need to contact your IT help desk or Information Security team.

Keep an eye on the performance of your computer.

None

17.

You have a highly sensitive document which you need to email to a trusted third-party. What is the safest way to send this?

Make sure you scan the document with your anti-virus software first.

Send the document from your work email account.

Encrypt the document first. Then send the password to the third-party using a different communication method, such as SMS.

Send the document using a file sharing application.

None

18.

Where should you store the encryption passphrase for your laptop?

On a sticker underneath your laptop’s battery as it’s not visible to anyone using the laptop.

On a sticky note attached to the base of your laptop.

In a password-protected Word file stored on your laptop.

Either don’t store or use the password management tool supplied/authorized by your organization.

None

19.

What is the best way to validate a legitimate email vs. a phishing email?

Bad spelling, poor syntax and grammar are one of the tell-tale signs of a fake email.

Look at the email headers to see where it really came from.

Look for poorly replicated logos.

Contact the sender on some other medium besides email to verify whether they sent you the email.

None

20.

Why is it important to have a good understanding of Information Security policies and procedures?

Helps protect individuals from being victims of security incidents.

Provides an understanding of steps to follow in the event of a security incident

Helps to understand levels of responsibility

All of the above

None

21.

Why are humans still the weakest link despite security training and resources?

Threat actors spend their days thinking of new ways to exploit human vulnerabilities and are rewarded for their innovation.

Average people do not spend all their time thinking about security and may feel powerless in preventing attacks.

Cybersecurity practitioners may be the only people at their organizations who spend their workdays focused on prevention, protection and mitigation activities.

All of the above

None

22.

When travelling, you use a mobile disk carried in your laptop bag to back-up your system. What is the risk here?

Electromagnetic radiation from the laptop could corrupt the backup disk.

Backups should never be stored in the same location as the original data set.

Electromagnetic airport scanners can corrupt the backup disk.

Viruses from the laptop can corrupt the backup disk.

None

23.

Jim is planning a holiday to Spain. Using his smartphone, he finds a nice hotel, but all the information is only in Spanish. He downloads a free translation app to help him translate the information into English. What is the biggest risk here?

The app might steal the data from his smartphone, which could lead to the compromise of sensitive data or other applications on the device or in the cloud.

The app might corrupt all the data on his phone which he uses for work.

The app might contain viruses.

The app might give him fraudulent information and he might end-up be redirected to a fraudulent site.

None

24.

Your business email account has been compromised and leaked in a data breach. What is the best course of action(s)?

Change your password immediately

Inform the security team of your organization

Change the Password on all sites where you use the same password

All of above

None

25.

Your email account has been compromised. What is the best way of preventing further unauthorized access to your email account?

Change the password and enable two-factor authentication on the email account.

Change the password, then run an anti-virus scan an anti-malware scan.

Change the login password to your computer.

Updating your email application software to the latest version.

None

Thank you for the Quiz, Kindly check your email for the result.
Good Luck!