Email Security and Social Engineering Quiz

Questions and Answers

What is the recommended action if you suspect your computer is infected with malware?

• Run multiple antivirus scans simultaneously.
• Share the issue on social media for help.
• Continue using it until symptoms become severe.
• Disconnect it from the network and notify your IT department. (correct)

How can you identify potential identity theft attempts?

• Sharing detailed personal information on social media.
• Verifying anyone claiming to be from a company before providing information. (correct)
• Responding to all unsolicited emails asking for personal information.
• Wearing an official uniform of a known company.

What should you do if you receive an email that seems like a phishing attempt?

• Provide your personal information to confirm the sender's identity.
• Immediately report it to the IT department. (correct)
• Click on links provided in the email to verify if it's safe.
• Forward it to all your contacts for awareness.

Which action is NOT recommended to protect against social engineering?

Sharing non-public company information on social media. (D)

If someone claiming to be from your phone company requests personal information, what should you do?

Verify their identity before providing any personal details. (A)

When encountering an individual wearing an official uniform of a known company in your workplace, what is the best initial action?

Request identifying credentials to confirm their identity. (C)

What is the recommended action if you suspect a phishing email in your corporate inbox?

Forward the email to a close coworker for verification. (B)

What should you do if an email requests your corporate credentials and you suspect it is a phishing attempt?

Report the email to IT help desk for further investigation. (A)

Why is it important to forward suspected phishing emails promptly to IT?

To save time by handling potential threats quickly. (D)

If you receive an email asking for sensitive information, what should you do first?

Reply with a request for more information to test the sender. (B)

What is a common misconception users might have when responding to suspicious emails?

Replying with sensitive information will deter attackers. (A)

How can users contribute to enhancing organizational security when suspecting a phishing attempt?

Report the incident promptly to IT help desk. (A)

What action should you take if you suspect that your computer is infected with malware?

Run a full system scan using an up-to-date antivirus software. (A)

What should you do if you believe you are a victim of identity theft?

Contact the relevant financial institutions and credit bureaus to report the incident. (A)

Which of the following is a correct action to take if you encounter a suspicious individual at your workplace?

Report the individual to the appropriate security personnel or manager. (B)

What is the best way to handle a potential social engineering attempt?

Verify the identity of the person making the request through official channels. (D)

If someone promises you a monetary reward in exchange for confidential information, what should you do?

Report the incident to your organization's IT security team or IT help desk. (C)

How should you react if someone claims that your account will be deactivated unless you provide specific details?

Immediately contact the appropriate IT help desk or security team in your organization. (A)

Study Notes

Phishing Emails

• If you suspect a phishing email, forward it to a close coworker to verify your suspicion before reporting it to the IT help desk or service desk.
• Do not open the attachment or reply to the sender; instead, report the email to IT to minimize the risk of others falling for the phishing attack.

Responding to Suspicious Emails

• If an email asks for sensitive information, report it to the IT help desk or service desk; do not reply or send credentials.
• Verify the sender's identity before sending sensitive information, and report suspected phishing emails to IT.

Protecting Confidential Information

• When sending confidential information over email, protect it by using encryption or a password-protected zip file.

Social Engineering Protection

• To protect yourself and your organization from social engineering, limit personal information on social media, get to know your IT department, and verify anyone claiming to be from an internet service provider, phone company, or vendor.
• Measures to protect against social engineering include limiting personal information on social media, completing confidential company tasks on secure websites, and not responding to unsolicited emails.

Identifying Social Engineering Attempts

• Be cautious if someone promises a monetary reward, threatens to deactivate your account, or claims you've won a contest you didn't enter; these are indicators of an attempted social engineering.
• Always ask for identifying credentials if someone enters your workplace claiming to be from a known company.

Social Engineering Prevention

• The best way to protect yourself and your organization from social engineering is to limit personal information on social media, get to know your IT department, and verify anyone claiming to be from an internet service provider, phone company, or vendor.

Description

Test your knowledge on email security and protecting confidential information from unauthorized access, as well as how to defend against social engineering attacks. Learn about encryption, password protection, and best practices for keeping your organization safe from cyber threats.