Security Awareness Training

07 Dec

Welcome to your Security Awareness Training

Name

Jim is planning a holiday to Spain. Using his smartphone, he finds a nice hotel, but all the information is only in Spanish. He downloads a free translation app to help him translate the information into English. What is the biggest risk here?

The app might steal the data from his smartphone, which could lead to the compromise of sensitive data or other applications on the device or in the cloud.

The app might corrupt all the data on his phone which he uses for work.

The app might contain viruses.

The app might give him fraudulent information and he might end-up be redirected to a fraudulent site.

None

Your friend is late to meet you at your local café, and the café has open Wi-Fi. You’ve been meaning to take a look at a jewelry website that your mom likes to beat the Black Friday rush. You should:

Only buy from the website when using a phone.

Only buy from the website if you think it is secure.

Only buy from the website when using a laptop.

Wait until you get back home and use a trusted network.

None

Why is it important to have a good understanding of Information Security policies and procedures?

Helps protect individuals from being victims of security incidents.

Provides an understanding of steps to follow in the event of a security incident

Helps to understand levels of responsibility

All of the above

None

What does information security do?

Guards the library

Protects the network and information systems

Protects employee and citizen data

Protects information on the internet

B & C

None

You’re creating a new account with a trusted online retailer and it’s prompting you to set up a password. What should you do to make the password as secure as possible?

Don’t reuse other passwords that you currently use or have used for any of your personal or professional accounts, applications and devices.

Make the password longer rather than shorter.

Use a mix of special characters, numbers, uppercase, and lowercase letters.

Consider storing the password in a secure password manager for easy use.

All of the above.

None

Why are humans still the weakest link despite security training and resources?

Threat actors spend their days thinking of new ways to exploit human vulnerabilities and are rewarded for their innovation.

Average people do not spend all their time thinking about security and may feel powerless in preventing attacks.

Cybersecurity practitioners may be the only people at their organizations who spend their workdays focused on prevention, protection and mitigation activities.

All of the above

None

A colleague calls you telling you they have an urgent deadline to meet. But unfortunately, they have forgotten their password to the client database. What should you do to help?

Go to a computer terminal and log the user in so they can meet their deadline.

Suggest to your colleague that they call your IT helpdesk for a password reset link.

Give them your login credentials temporarily so your colleague can meet their deadline.

Put your login credentials on an encrypted USB memory stick and hand it to them.

None

True or False: Is it considered safe to use the same complex password on all websites?

True

False

None

Where should you store the encryption passphrase for your laptop?

On a sticker underneath your laptop’s battery as it’s not visible to anyone using the laptop.

On a sticky note attached to the base of your laptop.

In a password-protected Word file stored on your laptop.

Either don’t store or use the password management tool supplied/authorized by your organization.

None

10.

Your business email account has been compromised and leaked in a data breach. What is the best course of action(s)?

Change your password immediately

Inform the security team of your organization

Change the Password on all sites where you use the same password

All of above

None

11.

You have an old laptop with work-related files still stored on it. You want to give the system away to charity. What is the safest way to keep the file contents confidential?

Install a new copy of the operating system on the computer.

Remove the hard disk and give it to your IT or helpdesk team to be disposed of securely.

None

12.

You’ve just got a warning from your bank that suspicious activity has been detected and to login immediately using a URL (link) provided. What is the best course of action to take?

Contact your bank using the telephone number on the back of your credit card.

Check the headers in the email and then login.

None

13.

You’re waiting for a package from overseas, but then you get a shipping delayed notification saying your package is stuck in Halifax! It's going to be returned to sender unless you click a link and confirm your shipping address. What should you do first?

Click on the provided link right away to confirm your address.

Call the number provided in the email to speak to a service agent.

Double check the sender's email address and check the provided link by hovering over it without clicking on it.

Contact the seller to complain about the delayed shipment.

None

14.

Which of the following is a good way to create a password?

Your children's or pet's names

Using look-alike substitutions of numbers or symbols

A combination of upper and lowercase letters mixed with numbers and symbols

Using common names or words from the dictionary

None

15.

Your email account has been compromised. What is the best way of preventing further unauthorized access to your email account?

Change the password and enable two-factor authentication on the email account.

Change the password, then run an anti-virus scan an anti-malware scan.

Change the login password to your computer.

Updating your email application software to the latest version.

None

16.

Which of the following statements best describes the modern-day hacker?

Bored and lonely anti-social teenagers who hack as a challenge and sometimes for profit.

Computer savvy people who hack individuals and businesses as a form of competition.

Highly-organized crime gangs run like businesses who deploy highly automated and sometimes highly targeted attacks against individuals and businesses for profit.

All of the above.

None

17.

Information Security is the responsibility of

Information Services

All employees

Key employees handling sensitive or criminal justice data

All of the above

None of the above

None

18.

Information security aims to provide which three key services?

Data Strategy, Data Integrity, Data Storage

Data Integrity, Data Availability, Data Confidentiality

Data Availability, Data Storage, Data Mining

Data mining, Data Confidentiality, Data Storage

None

19.

What is the most important security awareness training topic?

Physical security

Information Protection

Social engineering

Remote computing protections

All of the above

None

20.

What is the most common delivery method for viruses?

Instant Message

Internet download

Portable media

None

21.

You get a call from your technical support helpdesk saying they are performing an urgent server upgrade. They ask you for your password. What should you do?

Refuse and contact your manager or Information Security team.

Get the agent's name and give him your login and password.

Get the agent's email address and email him your login and password.

Give the support representative your password, but not your login.

None

22.

Why is information security important?

To support and protect critical business processes and systems

To avoid potential fines

To protect employee and citizen data

None of the above

All of Above

None

23.

When travelling, you use a mobile disk carried in your laptop bag to back-up your system. What is the risk here?

Electromagnetic radiation from the laptop could corrupt the backup disk.

Backups should never be stored in the same location as the original data set.

Electromagnetic airport scanners can corrupt the backup disk.

Viruses from the laptop can corrupt the backup disk.

None

24.

You’ve inadvertently opened a web link contained in a suspicious email and now your computer is behaving strangely. What should course of action should you follow next?

The purpose of a firewall and security software is to block malicious code getting into your computer in the first place so no action is needed.

You need to update and run your anti-virus software.

You need to contact your IT help desk or Information Security team.

Keep an eye on the performance of your computer.

None

25.

How often should you backup your data?

Once a week.

Once a month.

In accordance with your organization’s backup policy and the criticality of the data in question.

Once a fortnight.

None

Thank you for the Quiz, Kindly check your email for the result.
Good Luck!

Security Awareness Training

Security Awareness Training

zulfiqar