Security Awareness Training

07 Dec

Welcome to your Security Awareness Training

Name

Your email account has been compromised. What is the best way of preventing further unauthorized access to your email account?

Change the password and enable two-factor authentication on the email account.

Change the password, then run an anti-virus scan an anti-malware scan.

Change the login password to your computer.

Updating your email application software to the latest version.

None

What should I do after I learn about a data breach of a website? Choose the best answer.

Nothing

Change the password of my account for that website

Change the password for my account for that website and of all other websites where I use that same password

None

You’ve just got a warning from your bank that suspicious activity has been detected and to login immediately using a URL (link) provided. What is the best course of action to take?

Contact your bank using the telephone number on the back of your credit card.

Check the headers in the email and then login.

None

You’ve inadvertently opened a web link contained in a suspicious email and now your computer is behaving strangely. What should course of action should you follow next?

The purpose of a firewall and security software is to block malicious code getting into your computer in the first place so no action is needed.

You need to update and run your anti-virus software.

You need to contact your IT help desk or Information Security team.

Keep an eye on the performance of your computer.

None

Which of the following is a good way to create a password?

Your children's or pet's names

Using look-alike substitutions of numbers or symbols

A combination of upper and lowercase letters mixed with numbers and symbols

Using common names or words from the dictionary

None

You have a highly sensitive document which you need to email to a trusted third-party. What is the safest way to send this?

Make sure you scan the document with your anti-virus software first.

Send the document from your work email account.

Encrypt the document first. Then send the password to the third-party using a different communication method, such as SMS.

Send the document using a file sharing application.

None

A colleague calls you telling you they have an urgent deadline to meet. But unfortunately, they have forgotten their password to the client database. What should you do to help?

Go to a computer terminal and log the user in so they can meet their deadline.

Suggest to your colleague that they call your IT helpdesk for a password reset link.

Give them your login credentials temporarily so your colleague can meet their deadline.

Put your login credentials on an encrypted USB memory stick and hand it to them.

None

You receive an email with subject: "$5 million donation from Bill Gates" and in the email they ask you to provide your telephone number and full postal address to claim the money. What's the best action?

Reply with my phone number and postal address, I want the 5 million dollars

Forward the email to friends, because sharing is caring

Report the email as spam and delete it

None

A supplier has sent you a USB memory stick in the post which contains drawings of a project that you’re collaborating on. What is the safest course of action?

Perform a virus scan of the memory stick before opening any of its files.

Use the USB port in front of your computer instead of the back which enables you to disconnect the memory stick quickly if it’s infected.

Do not use the USB stick. Request the supplier to the send the file via email or upload it to a secure file sharing service.

Insert the USB memory stick but don’t click on any of the files.

None

10.

Information security aims to provide which three key services?

Data Strategy, Data Integrity, Data Storage

Data Integrity, Data Availability, Data Confidentiality

Data Availability, Data Storage, Data Mining

Data mining, Data Confidentiality, Data Storage

None

11.

True or False: Is it considered safe to use the same complex password on all websites?

True

False

None

12.

You’re waiting for a package from overseas, but then you get a shipping delayed notification saying your package is stuck in Halifax! It's going to be returned to sender unless you click a link and confirm your shipping address. What should you do first?

Click on the provided link right away to confirm your address.

Call the number provided in the email to speak to a service agent.

Double check the sender's email address and check the provided link by hovering over it without clicking on it.

Contact the seller to complain about the delayed shipment.

None

13.

You’re creating a new account with a trusted online retailer and it’s prompting you to set up a password. What should you do to make the password as secure as possible?

Don’t reuse other passwords that you currently use or have used for any of your personal or professional accounts, applications and devices.

Make the password longer rather than shorter.

Use a mix of special characters, numbers, uppercase, and lowercase letters.

Consider storing the password in a secure password manager for easy use.

All of the above.

None

14.

What is the most important security awareness training topic?

Physical security

Information Protection

Social engineering

Remote computing protections

All of the above

None

15.

Why is it important to have a good understanding of Information Security policies and procedures?

Helps protect individuals from being victims of security incidents.

Provides an understanding of steps to follow in the event of a security incident

Helps to understand levels of responsibility

All of the above

None

16.

When travelling, you use a mobile disk carried in your laptop bag to back-up your system. What is the risk here?

Electromagnetic radiation from the laptop could corrupt the backup disk.

Backups should never be stored in the same location as the original data set.

Electromagnetic airport scanners can corrupt the backup disk.

Viruses from the laptop can corrupt the backup disk.

None

17.

Your friend is late to meet you at your local café, and the café has open Wi-Fi. You’ve been meaning to take a look at a jewelry website that your mom likes to beat the Black Friday rush. You should:

Only buy from the website when using a phone.

Only buy from the website if you think it is secure.

Only buy from the website when using a laptop.

Wait until you get back home and use a trusted network.

None

18.

You have an old laptop with work-related files still stored on it. You want to give the system away to charity. What is the safest way to keep the file contents confidential?

Install a new copy of the operating system on the computer.

Remove the hard disk and give it to your IT or helpdesk team to be disposed of securely.

None

19.

Jim is planning a holiday to Spain. Using his smartphone, he finds a nice hotel, but all the information is only in Spanish. He downloads a free translation app to help him translate the information into English. What is the biggest risk here?

The app might steal the data from his smartphone, which could lead to the compromise of sensitive data or other applications on the device or in the cloud.

The app might corrupt all the data on his phone which he uses for work.

The app might contain viruses.

The app might give him fraudulent information and he might end-up be redirected to a fraudulent site.

None

20.

What is the most common delivery method for viruses?

Instant Message

Internet download

Portable media

None

21.

What is the best way to validate a legitimate email vs. a phishing email?

Bad spelling, poor syntax and grammar are one of the tell-tale signs of a fake email.

Look at the email headers to see where it really came from.

Look for poorly replicated logos.

Contact the sender on some other medium besides email to verify whether they sent you the email.

None

22.

Where should you store the encryption passphrase for your laptop?

On a sticker underneath your laptop’s battery as it’s not visible to anyone using the laptop.

On a sticky note attached to the base of your laptop.

In a password-protected Word file stored on your laptop.

Either don’t store or use the password management tool supplied/authorized by your organization.

None

23.

Unexpectedly, you get an email from a colleague who requests you to urgently click on an email link which they’ve sent you. What is the safest option?

The link is from a known person therefore it’s safe to open.

If the link was malicious the organization’s firewall would have flagged or blocked it, therefore it’s safe to open.

Reply to the sender to double-check if the link is safe to open as they might have sent it accidentally.

Do not click the link. Phone the sender for verification.

None

24.

You get a call from your technical support helpdesk saying they are performing an urgent server upgrade. They ask you for your password. What should you do?

Refuse and contact your manager or Information Security team.

Get the agent's name and give him your login and password.

Get the agent's email address and email him your login and password.

Give the support representative your password, but not your login.

None

25.

Which of the following statements best describes the modern-day hacker?

Bored and lonely anti-social teenagers who hack as a challenge and sometimes for profit.

Computer savvy people who hack individuals and businesses as a form of competition.

Highly-organized crime gangs run like businesses who deploy highly automated and sometimes highly targeted attacks against individuals and businesses for profit.

All of the above.

None

Thank you for the Quiz, Kindly check your email for the result.
Good Luck!

Security Awareness Training

Security Awareness Training

zulfiqar