Cybersecurity Essentials Quiz

Questions and Answers

Which principle ensures that data is only collected for its intended purpose?

• Kept longer than necessary
• Maintained for excess usage
• Processed for the stated purpose (correct)
• Fairly and lawfully processed

How should data be maintained to comply with privacy standards?

• Shared freely without restrictions
• Accessible to all users
• Kept secure and accurate (correct)
• Stored indefinitely

What is the primary use of user accounts in a computing environment?

• To run applications
• To monitor online activities
• To manage hardware resources
• To authenticate a user (correct)

What method is commonly used to authenticate a user?

Password and biometric data (D)

Which of the following characteristics should a strong password include?

At least one capital letter (A), At least one keyboard character such as @, *, & (D)

What is one primary function of firewalls?

Log all incoming and outgoing traffic (B)

What should be avoided when transferring data internationally?

Transferring without necessary safeguards (B)

Which of the following is NOT a way to protect passwords?

Forget to change passwords (C)

How do firewalls assist in protecting devices?

Block traffic that doesn't match specific criteria (A)

What is a key component of maintaining user security in online activities?

Maintaining hard-to-crack passwords (A)

Which of the following is NOT a recommended practice for creating secure passwords?

Using your date of birth (C)

What types of firewalls exist?

Both software and hardware-based (D)

Why is it necessary to regularly change passwords?

To enhance security against unauthorized access (B)

What alert feature do firewalls provide?

Warn users if software connects to the internet (C)

What is one of the threats that firewalls help protect against?

Harmful IP addresses (B)

Which of the following is a misconception about strong passwords?

They should include personal information for easy recall (D)

What is a primary function of antivirus software?

Comparing files with a known virus database (C)

What does the process of encryption primarily aim to achieve?

Transforming readable data into unreadable format (B)

Which of the following is NOT a type of biometric recognition?

Password complexity (D)

How do ethical hackers differ from malicious hackers?

They operate legally with permission. (C)

Which method is recommended to detect dormant viruses?

Full system scans on a weekly basis (A)

What assurance does encryption provide?

Safeguarding of data confidentiality and integrity (D)

What is a common mitigation strategy against malicious hacking?

Employing strong passwords (C)

What is the primary risk associated with malware?

Compromising the security and integrity of data (A)

What should you avoid doing to respect others' privacy online?

Sharing others' private information (B)

Why is it important to share personal information wisely?

It may affect your future job prospects. (B)

What is a key aspect of acknowledging cultural differences online?

Recognizing that not all social values are the same (D)

What is an appropriate action to take regarding trolling or harassment online?

Refuse to empower abuse and harassment (C)

Which of the following is a recommendation for managing content shared online?

Limit sharing of spam and irrelevant content (A)

What is a characteristic of worms in the context of computer security?

They are standalone viruses seeking vulnerable computers. (B)

What action should be taken to help prevent phishing attacks?

Use anti-phishing toolbars on web browsers. (D)

Which of the following best describes a Trojan in computer security?

A harmful program disguising itself as legitimate software. (C)

What does two-factor authentication (2FA) provide?

A second layer of security beyond just a username and password. (D)

What is spy software primarily used for?

Monitoring user keystrokes and sending information to the sender. (D)

How can users verify unsecured links in emails?

By conducting a web search to identify reported scams. (A)

Which statement is a misconception about preventing phishing?

All phishing emails are obvious and easy to detect. (A)

Which description best fits logic bombs?

Embedded codes that activate under specified conditions. (B)

Flashcards are hidden until you start studying

Study Notes

Strong Passwords

• Strong passwords are difficult to crack or guess.
• Should include at least one capital letter.
• Should include at least one numerical value.
• Should include at least one other keyboard character (such as @, *, &).

Firewalls

• Act as a barrier between your device and the internet.
• Can be software or hardware-based.
• Monitor and filter information going in and out of your device.
• Allow users to approve or deny communication from external sources.
• Tasks:
  • Examine traffic between devices and public networks.
  • Block traffic that doesn't match specific criteria.
  • Log all incoming and outgoing traffic for future analysis.
  • Prevent access to harmful IP addresses.
  • Help protect against viruses and hackers.
  • Warn users if any software tries connecting to external data sources.

Antivirus Software

• Continuously monitors for virus attacks in the background.
• Common functions:
  • Checking software/files prior to execution.
  • Comparison with known virus database.
  • Heuristic checking for suspicious behavior.
  • Quarantine suspect files; allowing automatic removal or manual review.
• Requires regular updates due to constant discovery of new viruses.
• Weekly full system scans are recommended to detect dormant viruses.

Encryption

• Alters readable data (plaintext) into an unreadable format (ciphertext).
• Uses a mathematical process with an encryption algorithm and a key.
• The key and process are complex enough to make brute force attack extremely unlikely.
• Decryption reverses the process using the same key or a different decryption key.
• Offers no protection against file deletion.
• Safeguards data integrity and confidentiality.

Biometrics

• Uses the unique characteristics of human beings to enhance security.
• Examples include fingerprint scans, retina scans, face recognition, and voice recognition.

Hacking

• Unauthorized access to a system with the intent to cause harm.
• Types:
  • Malicious: Aims at stealing sensitive information, modifying files.
  • Ethical: Authorized testing, evaluating cyber security strength, legal, commissioned by organizations.

Malware

• Small programs that pose a threat to data integrity and security.
• Types:
  • Viruses: Self-replicate, delete or corrupt files, need active host programs.
  • Worms: Standalone viruses seeking other vulnerable computers via networks.
  • Logic Bombs: Embedded codes triggered under specific conditions.
  • Trojans: Harmful programs disguised as legitimate software.
  • Bots: Automated scripts vulnerable to unauthorized takeover and attacks.
  • Spyware: Monitors keystrokes, sends gathered information to a sender (keylogging).

Phishing

• Emails that look legitimate but contain links or attachments that lead to fake websites or trick users into revealing personal information.
• How to prevent:
  • Be vigilant for new scams.
  • Avoid clicking unconfirmed links and unknown file downloads.
  • Be cautious of offers that are too good to be true.
  • Utilize anti-phishing toolbars on web browsers for warnings.
  • Periodically examine digital accounts and modify passwords routinely.

Two-Factor Authentication (2FA)

• Requires two forms of authentication for account login.
• Uses username/password combo with a second authentication factor like a phone number, fingerprint, or security code.
• Often involves a one-time code (OTP) sent to a mobile device or email address.
• Confirms account ownership before granting access.

Internet Ethics

• Acknowledge and accept cultural differences online.
• Refuse to participate in online abuse and harassment.
• Keep spam to a minimum.
• Share content that is meaningful.
• Respect others' privacy.
• Be cautious about sharing personal information online.