Biology Chapter 22: Evolution Flashcards

Questions and Answers

Social engineering attacks rely on which of the following?

Bypassing technical security

Infecting systems with malware

Hacking into networks

Convincing people to perform a harmful action (correct)

What should you do upon receiving an urgent email about a critical software update?

Call your colleague on the phone to confirm that they sent you this message.

What should you do if you suspect you are experiencing a social engineering attack?

End contact with the person and report the suspected attack.

Why do cyber attackers commonly use social engineering attacks?

Attackers can gain what they want while bypassing most technical security controls.

What is the most effective way to detect and stop social engineering attacks?

Organization-wide training for recognizing common attacks.

Which of the following is the most likely indicator of a phishing attack?

An urgent email claiming to be from a coworker, but was sent from a personal email address, such as one from @gmail.com.

Phishing is what type of attack?

Social engineering

What should you do if you receive an email from the help desk asking for your password?

You suspect the email may be a phishing attack, so you report it immediately.

Which of the following is the best way to confirm that your connection to a website is encrypted?

There is a padlock icon in the status bar.

What does HTTPS mean?

Data transmitted between the browser and web server is encrypted.

What should you do if you are worried about using a potentially outdated Internet browser?

Contact the help desk or your security team if you have questions about the use or status of your system's software.

What is the best way to keep our organization secure when using social networking tools?

Do not post or share confidential information that could be used against our organization.

Why is it important to use a strong, unique passphrase for each of your social networking accounts?

If a cyber attacker compromises the password to one of your accounts, your other accounts will still be secure.

How does two-step verification help protect your social networking accounts?

It requires an extra layer of protection in order to gain access to the account.

Why is it important to disable Wi-Fi and Bluetooth when you are not using them?

Mobile devices can automatically connect to dangerous wireless networks.

Why is it important to secure your mobile device with a screen lock?

To protect the information on your mobile device if it is lost or stolen.

When downloading a new app, which criterion should you look for to keep your mobile device secure?

An app that is actively updated and maintained by the developer.

Which of the following is an example of two-step verification?

A verification code sent to your email.

Which of the following is the best example of a strong and memorable password?

the-sound-of-rain-on-the-windowsill.

Which of the following is the best way to create a strong password?

Use a long and unique passphrase.

Who or what should be held responsible when sensitive data is mishandled?

The individual making use of the data.

What should you do with sensitive data that the organization no longer needs to retain for business use or legal reasons?

Securely dispose of the physical or digital data.

Which of the following describes the best practice for managing third-party access to our organization's sensitive data?

Ensuring our security requirements are documented in the contract, correctly followed and periodically reviewed.

After visiting several websites, your computer exhibits behavior you recognize from your security awareness training as a sign of a hacked system. What should you do next?

Follow your organization's procedure for reporting the system behavior.

Study Notes

Social Engineering Attacks

• Rely on convincing individuals to perform harmful actions.
• Urgent communication (e.g., software updates) should be confirmed through phone calls to avoid falling victim to scams.
• If a social engineering attack is suspected, cease contact and report it immediately.

Phishing Attacks

• Commonly disguised as legitimate emails, often appearing urgent.
• A major indicator is receiving an email from a coworker but originating from a personal email address (e.g., @gmail.com).
• Phishing is a form of social engineering.

Security Measures

• Organization-wide training is the most effective way to detect and prevent social engineering attacks.
• A padlock icon in the status bar indicates a secure, encrypted connection to a website (HTTPS).

Password and Account Security

• Use a strong, unique passphrase for each account to ensure that if one is compromised, others remain secure.
• Two-step verification adds an extra security layer, requiring an additional step (like a code sent to email) to access accounts.
• Strong and memorable passwords can be created using long phrases (e.g., “the-sound-of-rain-on-the-windowsill”).

Mobile Device Security

• Enable screen locks to protect information on mobile devices from unauthorized access if lost or stolen.
• Disable Wi-Fi and Bluetooth when not in use to prevent automatic connections to risky networks.
• Look for actively updated apps to maintain security when downloading.

Handling Sensitive Data

• Individuals are responsible for mishandling sensitive data.
• Once no longer needed, sensitive data must be securely disposed of, whether physical or digital.
• For third-party access to sensitive data, security requirements should be well-documented and periodically reviewed.

Response Protocols

• If unusual system behavior is observed after visiting websites, report it following the organization's protocol to address potential hacking concerns.

Description

Explore key concepts of evolution in this interactive set of flashcards. Each card presents a term or scenario relevant to the principles of evolution. Test your knowledge and reinforce your understanding of biological evolution through these engaging prompts.