Security Awareness Training

07 Dec

Welcome to your Security Awareness Training

Name

Why are humans still the weakest link despite security training and resources?

Threat actors spend their days thinking of new ways to exploit human vulnerabilities and are rewarded for their innovation.

Average people do not spend all their time thinking about security and may feel powerless in preventing attacks.

Cybersecurity practitioners may be the only people at their organizations who spend their workdays focused on prevention, protection and mitigation activities.

All of the above

None

You’ve just got a warning from your bank that suspicious activity has been detected and to login immediately using a URL (link) provided. What is the best course of action to take?

Contact your bank using the telephone number on the back of your credit card.

Check the headers in the email and then login.

None

Your email account has been compromised. What is the best way of preventing further unauthorized access to your email account?

Change the password and enable two-factor authentication on the email account.

Change the password, then run an anti-virus scan an anti-malware scan.

Change the login password to your computer.

Updating your email application software to the latest version.

None

Information Security is the responsibility of

Information Services

All employees

Key employees handling sensitive or criminal justice data

All of the above

None of the above

None

When travelling, you use a mobile disk carried in your laptop bag to back-up your system. What is the risk here?

Electromagnetic radiation from the laptop could corrupt the backup disk.

Backups should never be stored in the same location as the original data set.

Electromagnetic airport scanners can corrupt the backup disk.

Viruses from the laptop can corrupt the backup disk.

None

You’re creating a new account with a trusted online retailer and it’s prompting you to set up a password. What should you do to make the password as secure as possible?

Don’t reuse other passwords that you currently use or have used for any of your personal or professional accounts, applications and devices.

Make the password longer rather than shorter.

Use a mix of special characters, numbers, uppercase, and lowercase letters.

Consider storing the password in a secure password manager for easy use.

All of the above.

None

While browsing on a shopping site, you see an ad banner for one of your favorite charities, asking you to donate for a worthy cause. You decide to donate. You should

Click on the convenient banner and enter your payment information.

Contact the charity directly to donate by going to their official website.

Contact the website that you found the ad banner on and demand to know why they are advertising false information.

None of the above.

None

Jim is planning a holiday to Spain. Using his smartphone, he finds a nice hotel, but all the information is only in Spanish. He downloads a free translation app to help him translate the information into English. What is the biggest risk here?

The app might steal the data from his smartphone, which could lead to the compromise of sensitive data or other applications on the device or in the cloud.

The app might corrupt all the data on his phone which he uses for work.

The app might contain viruses.

The app might give him fraudulent information and he might end-up be redirected to a fraudulent site.

None

You have a highly sensitive document which you need to email to a trusted third-party. What is the safest way to send this?

Make sure you scan the document with your anti-virus software first.

Send the document from your work email account.

Encrypt the document first. Then send the password to the third-party using a different communication method, such as SMS.

Send the document using a file sharing application.

None

10.

What does information security do?

Guards the library

Protects the network and information systems

Protects employee and citizen data

Protects information on the internet

B & C

None

11.

Where should you store the encryption passphrase for your laptop?

On a sticker underneath your laptop’s battery as it’s not visible to anyone using the laptop.

On a sticky note attached to the base of your laptop.

In a password-protected Word file stored on your laptop.

Either don’t store or use the password management tool supplied/authorized by your organization.

None

12.

A colleague calls you telling you they have an urgent deadline to meet. But unfortunately, they have forgotten their password to the client database. What should you do to help?

Go to a computer terminal and log the user in so they can meet their deadline.

Suggest to your colleague that they call your IT helpdesk for a password reset link.

Give them your login credentials temporarily so your colleague can meet their deadline.

Put your login credentials on an encrypted USB memory stick and hand it to them.

None

13.

Your friend is late to meet you at your local café, and the café has open Wi-Fi. You’ve been meaning to take a look at a jewelry website that your mom likes to beat the Black Friday rush. You should:

Only buy from the website when using a phone.

Only buy from the website if you think it is secure.

Only buy from the website when using a laptop.

Wait until you get back home and use a trusted network.

None

14.

What should I do after I learn about a data breach of a website? Choose the best answer.

Nothing

Change the password of my account for that website

Change the password for my account for that website and of all other websites where I use that same password

None

15.

You get a call from your technical support helpdesk saying they are performing an urgent server upgrade. They ask you for your password. What should you do?

Refuse and contact your manager or Information Security team.

Get the agent's name and give him your login and password.

Get the agent's email address and email him your login and password.

Give the support representative your password, but not your login.

None

16.

What is the most common delivery method for viruses?

Instant Message

Internet download

Portable media

None

17.

You receive an email with subject: "$5 million donation from Bill Gates" and in the email they ask you to provide your telephone number and full postal address to claim the money. What's the best action?

Reply with my phone number and postal address, I want the 5 million dollars

Forward the email to friends, because sharing is caring

Report the email as spam and delete it

None

18.

How often should you backup your data?

Once a week.

Once a month.

In accordance with your organization’s backup policy and the criticality of the data in question.

Once a fortnight.

None

19.

Why is it important to have a good understanding of Information Security policies and procedures?

Helps protect individuals from being victims of security incidents.

Provides an understanding of steps to follow in the event of a security incident

Helps to understand levels of responsibility

All of the above

None

20.

Which of the following statements best describes the modern-day hacker?

Bored and lonely anti-social teenagers who hack as a challenge and sometimes for profit.

Computer savvy people who hack individuals and businesses as a form of competition.

Highly-organized crime gangs run like businesses who deploy highly automated and sometimes highly targeted attacks against individuals and businesses for profit.

All of the above.

None

21.

What is the best way to validate a legitimate email vs. a phishing email?

Bad spelling, poor syntax and grammar are one of the tell-tale signs of a fake email.

Look at the email headers to see where it really came from.

Look for poorly replicated logos.

Contact the sender on some other medium besides email to verify whether they sent you the email.

None

22.

Unexpectedly, you get an email from a colleague who requests you to urgently click on an email link which they’ve sent you. What is the safest option?

The link is from a known person therefore it’s safe to open.

If the link was malicious the organization’s firewall would have flagged or blocked it, therefore it’s safe to open.

Reply to the sender to double-check if the link is safe to open as they might have sent it accidentally.

Do not click the link. Phone the sender for verification.

None

23.

You’ve inadvertently opened a web link contained in a suspicious email and now your computer is behaving strangely. What should course of action should you follow next?

The purpose of a firewall and security software is to block malicious code getting into your computer in the first place so no action is needed.

You need to update and run your anti-virus software.

You need to contact your IT help desk or Information Security team.

Keep an eye on the performance of your computer.

None

24.

You have an old laptop with work-related files still stored on it. You want to give the system away to charity. What is the safest way to keep the file contents confidential?

Install a new copy of the operating system on the computer.

Remove the hard disk and give it to your IT or helpdesk team to be disposed of securely.

None

25.

Which of the following is a good way to create a password?

Your children's or pet's names

Using look-alike substitutions of numbers or symbols

A combination of upper and lowercase letters mixed with numbers and symbols

Using common names or words from the dictionary

None

Thank you for the Quiz, Kindly check your email for the result.
Good Luck!

Security Awareness Training

Security Awareness Training

zulfiqar