Cyber Security and Information Security

Questions and Answers

What is the Massachusetts Data Privacy Act also known as?

• Data Privacy Regulation 2010
• Revised Cybersecurity Act
• MA - 201 CMR 17.00 (correct)
• Massachusetts Data Security Law

When did the Massachusetts Data Privacy Act become effective?

• March 1, 2010 (correct)
• April 11, 2019
• February 28, 2020
• January 1, 2009

The Massachusetts Data Privacy Act applies to all businesses, regardless of their size or industry.

True (A)

Public WiFi hotspots are not covered under Cybersecurity Best Practices.

False (B)

The Massachusetts Data Privacy Act requires companies to have a Written Information Security Program (WISP).

True (A)

Social Engineering Attacks may include on-site baiting to entice users to plug in infected media like USB drives.

True (A)

Vishing Phone Calls involve using phone calls to impersonate a trusted client or vendor to obtain confidential information.

True (A)

Public WiFi networks are always safe and secure for use, with minimal risk of cyber attacks.

False (B)

What is a common method used in Remote Phishing Emails?

Attempting to trick recipients into clicking on a link or opening an attachment (B)

What should individuals do to detect and avoid Vishing Attacks?

Be wary of automated calls and call back confirmation (D)

Flashcards

What is the official name of the Massachusetts Data Privacy Act?

The Massachusetts Data Privacy Act (MDPA) is also known as 201 CMR 17.00, a regulation that outlines data privacy requirements in Massachusetts.

When did the MDPA become effective?

The MDPA went into effect on March 1, 2010, meaning companies must have been compliant since then.

Does MDPA apply to all businesses in MA?

The MDPA applies to all businesses, regardless of size or industry, operating in Massachusetts.

Are Public WiFi hotspots safe from cyberattacks?

Public WiFi hotspots are not exempt from cybersecurity best practices; they require security precautions.

What does the MDPA require for data security?

The MDPA mandates a Written Information Security Program (WISP) for companies to demonstrate their commitment to data security.

How can social engineering be used?

Social engineering attacks can involve leaving infected USB drives in public locations to trick users into plugging them in.

What is Vishing?

Vishing attacks use phone calls to impersonate trusted entities to gain confidential information.

Are Public WiFi networks inherently secure?

Public WiFi networks can be insecure and pose a risk of cyberattacks. Always use caution and consider secure alternatives.

How do remote phishing emails work?

Remote phishing emails may contain malicious links or attachments that trick recipients into giving away their information.

How can individuals protect themselves from Vishing attacks?

To avoid Vishing attacks, be wary of automated calls and always confirm details with verified contacts.