Cybersecurity Quiz on Spyware and Data Protection

Questions and Answers

What type of information can spyware collect about users?

Usernames and passwords stored on the computer

Operating system specifications

Financial records and medical history

Internet surfing habits and visited sites (correct)

What is a botnet primarily used for?

To enhance computer performance

To transmit malware or spam (correct)

To regulate internet traffic

To improve internet security

What can a dialer program cause without the user's consent?

It can install anti-virus software.

It can upgrade the computer's operating system.

It can dial premium telephone numbers. (correct)

It can enhance computer connectivity.

What is the main function of anti-virus software?

To protect against most viruses

Why is it important to regularly update anti-virus software?

To ensure it can detect new virus types

What does keystroke logging allow a user to do?

Record consecutive key strokes on a keyboard

What could be a possible consequence of spyware installing itself on a computer?

Changes to computer settings leading to slow connection speeds

How do most anti-virus programs stay up to date with recognizing new viruses?

By regularly connecting to the Internet for updates

Which of the following is NOT a principle that data controllers should ensure when processing personal data?

Personal data should be maintained indefinitely.

What is one of the purposes of guidelines and policies in IT use within organizations?

To outline acceptable use of ICT resources.

Which action is associated with social engineering?

Manipulating individuals to disclose confidential information.

Which characteristic best describes the data processing principle of adequacy?

Data must be relevant to the processing purpose.

When is it acceptable for personal data to be processed beyond its original purpose?

Never, unless the new purpose is compatible.

What should data controllers do with incomplete or incorrect personal data?

Take reasonable measures to correct or erase it.

What is one main goal of developing guidelines and policies for ICT use in organizations?

To ensure compliance with legal obligations.

What typically drives social engineering tactics?

Manipulation and deception of individuals.

Which of the following is necessary to view available wireless networks on a Windows computer?

A wireless network adapter and driver

What must be entered the first time connecting to a protected wireless network?

Network security key

What is the minimum required length for a strong password for network accounts?

6 characters

Which of the following is a characteristic that biometric security systems may use?

Fingerprint

Which of the following should be avoided when creating a strong password?

Common dictionary words

Why should passwords be changed regularly?

To avoid security breaches

What can help to verify a person's identity in biometric security systems?

Voice recognition

What should a user do if they suspect that someone knows their password?

Change the password immediately

What is the purpose of a biometric scanner in a secure facility?

To match an individual's physical characteristics with stored records.

What does the 'https://' in a URL signify?

The website is secure and data transmission is encrypted.

What is a common characteristic of a secure website?

The presence of a padlock symbol in the browser.

What is pharming primarily concerned with?

Redirecting users to fake websites without their knowledge.

Why should users be cautious when receiving emails asking for personal details?

Reputable organizations will never ask for sensitive information via email.

What is a potential risk of shopping online regarding personal information?

Information can be intercepted during transmission.

What should a user do after completing online transactions?

Log off and close all browser windows.

Which describes phishing in comparison to pharming?

Phishing uses direct email while pharming redirects users silently.

What happens the first time you visit a web page?

A copy of all content is stored on the hard disk.

What triggers the browser to use cached files instead of downloading them again?

The last modified dates of the files are the same.

Which of the following statements regarding temporary Internet files is accurate?

Temporary Internet files remain until the cache is full.

What is one function of content-control software?

It restricts access to objectionable content.

Content-control software can be applied at which of the following levels?

At multiple levels including government, ISP, and home.

What type of software is often referred to as parental control software?

Content-control software used in homes.

Which of the following is not included when deleting browsing history in MS Internet Explorer?

Favorites.

Which of the following content is typically restricted by content-control software?

Objectionable content such as racially charged sites.

What is the primary focus of the ECDL Standard Module related to IT Security?

Protection of data and information

Which of the following is NOT considered a type of malware?

Firewall

What does encryption primarily aim to achieve in IT security?

Concealing data from unauthorized access

Which of the following best describes social engineering in the context of IT security?

Manipulating individuals into breaching security protocols

What is a common threat to personal information online?

Identity theft

What is the purpose of using antivirus software?

To search for and remove malware

What type of network connection typically offers more security?

Wired connection

Which of the following is an effective way to secure sensitive information online?

Using strong, unique passwords

What does a firewall do in network security?

Analyzes network traffic

What is a digital certificate used for in online security?

To verify the authenticity of a website

How can personal data be effectively managed to prevent loss?

Regularly backing up data

What role does a network administrator play in IT security?

Setting and enforcing security policies

What is phishing primarily associated with?

Fraudulently acquiring sensitive information

Which of the following describes the primary purpose of data protection legislation?

To regulate the handling of personal data

Study Notes

European Computer Driving Licence (ECDL) - IT Security

• The ECDL standard module covers IT security concepts, malware, network security, secure web use, and secure data management.
• Data refers to raw, unorganized facts, while information is processed, organized data that's meaningful.
• Cybercrime encompasses crimes using computers and networks, including hacking, cracking, and ethical hacking.
• Hacking is gaining unauthorized access to a computer or network, while cracking involves unauthorized modification/disabling of software features.
• Ethical hacking is gaining access with authorization, to identify weaknesses in a system for improvement.
• Threats to data include force majeure, employee misconduct, accidents, service provider failures, and external individuals.
• Password cracking involves recovering passwords for unauthorized access.
• Software cracking involves modifying software to disable features or remove limitations. This is illegal.

Malware

• Malware is malicious software that installs without consent.
• Malware includes Trojans (destructive code), rootkits (hidden files/processes), backdoors (access bypassing security), viruses (self-replicating code that infects files), worms (self-replicating code that spreads via networks), adware (displays ads), spyware (gathers info), botnets (networks of compromised computers), keystroke loggers (record keystrokes), and dialers (initiate premium rate calls).

Network Security

• Networks link computers to share resources and facilitate communication.
• Common network types include LANs (local area networks), WANs (wide area networks), and VPNs (virtual private networks).
• Network administrators manage, maintain, and upgrade network software/hardware.
• Firewalls prevent unauthorized access to networks, but are ineffective against employees who disclose credentials.

Secure Web Use

• Internet users worry about online payment security and data privacy during online activities.
• Secure websites use HTTPS (instead of HTTP) with digital certificates to verify authenticity.
• Users should be wary of phishing scams; these send fake messages, or links, to extract personal data.
• Pharming redirects users to fake websites unknowingly.
• Protecting your personal information online is critical.

Secure Data Management

• Physical security measures protect hardware and data from theft, damage, and unauthorized access.
• Servers, computers, and electronic devices should be secured (e.g. locked rooms).
• Data backup procedures, like regularly copying data to a secondary device, are essential for data recovery in case of loss or damage.
• Data destruction utilities permanently erase data to prevent unauthorized access.
• This process should be used for storage media containing sensitive data.

Description

Test your knowledge on the essentials of cybersecurity, specifically focusing on spyware, botnets, and anti-virus software. This quiz covers various aspects of data processing principles and the importance of IT guidelines. Ideal for students in cybersecurity or information technology courses.