General Cybersecurity Awareness Quiz

Questions and Answers

What is the first step in responding to a suspected security incident?

• Ignore it
• Report it to the IT team (correct)
• Disconnect from the internet
• Investigate on your own

Which of the following should be included in an incident report?

• Description of the event
• Date and time of the incident
• Actions taken in response
• All of the above (correct)

Why is it important to report security incidents immediately?

• To minimize damage
• To allow quick mitigation
• To prevent further attacks
• All of the above (correct)

True or False: Incident response is solely the responsibility of IT.

False (A)

What should you NOT do when responding to a security incident?

Tamper with evidence (A)

Why is it important to regularly update software and tools?

To fix security vulnerabilities (B)

Which is NOT a secure way to share sensitive files?

Using public file-sharing services (B)

What is the primary purpose of a VPN?

Encrypt and secure communication (B)

What is the biggest cybersecurity threat to organizations?

Software vulnerabilities (B)

What could be the consequence of plugging a personal device into a work computer?

It could introduce malware to the network (D)

Which statement is true regarding VPNs?

VPNs may enhance security but do not guarantee immunity (B)

What is the most secure type of password?

LongPhraseWithNumbers123! (C)

What should you verify before updating software?

Verify updates through official channels (C)

Which of the following best defines PII?

Personally Identifiable Information (C)

Which option is NOT considered PII?

Business phone number (D)

What is social engineering primarily concerned with?

Manipulating people to gain sensitive information (B)

What is the appropriate action to take if you suspect a phishing attempt?

Report it to IT security (C)

Which of the following is a NOT considered a social engineering tactic?

Enabling 2FA (A)

What is the first recommended step to protect against phishing attacks?

Enable email spam filters (B)

What primary action should be taken immediately after a ransomware attack occurs?

Disconnect the infected device (B)

Which of the following statements is true regarding ransomware?

Ransomware demands payment after encrypting files (A)

When working remotely, what should be used to secure public Wi-Fi connections?

VPN (B)

What is NOT an effective method for securing your home Wi-Fi network?

Leaving the default settings on the router (C)

What should you do if you suspect a security breach while working from home?

Report it to IT immediately (B)

Flashcards

Phishing

A type of attack that uses emails, websites, or other methods to trick users into revealing sensitive information, such as passwords or credit card details.

Social Engineering

An attempt to manipulate people into performing actions or divulging confidential information by exploiting their trust or curiosity.

Ransomware

A type of malware that encrypts a victim's files and demands payment in exchange for the decryption key.

Antivirus Software

Software designed to protect against malware, such as viruses, worms, and Trojans.

Unsecured Networks

A common risk of remote work that involves accessing sensitive data on unsecured networks, potentially exposing it to unauthorized parties.

VPN (Virtual Private Network)

A tool that encrypts your internet traffic, making it harder for hackers to intercept your data, especially when using public Wi-Fi.

Strong, Unique Passwords

A secure practice for remote work that involves using strong and unique passwords for all online accounts.

Secure Home Wi-Fi Network

A security measure that can prevent unauthorized access to your home Wi-Fi network by using a robust password and encryption protocol.

Reporting a Security Incident

The first step in handling a potential cybersecurity issue. Involves notifying the relevant IT personnel about the suspicion.

Incident Report

A detailed record of a security incident capturing its nature, timing, and the actions taken. It's crucial for understanding and addressing the issue thoroughly.

Why Report Immediately?

Promptly reporting security incidents helps minimize potential damage, facilitates quick response, and prevents further attacks. Early action is vital.

Software Updates

Regularly updating software and tools ensures they are patched against vulnerabilities. This helps safeguard your system from security threats.

Secure File Sharing

Public file-sharing services are insecure ways to share sensitive information. Encrypted file-sharing platforms or secure email with encryption are preferred options.

Password Manager

A tool for storing and managing your online passwords in an encrypted and organized manner, enhancing security and simplifying logins.

Secure Collaboration

Collaboration tools like MS Teams should be used securely. This includes avoiding clicking unknown links, restricting access to sensitive content, and employing strong passwords.

VPN's Purpose

A VPN encrypts your internet traffic, making it more secure and private, especially when using public Wi-Fi networks.

Software vulnerabilities

A type of cyberattack where malicious actors exploit vulnerabilities in software or operating systems to gain unauthorized access to systems or networks.

Malware

A type of malware that is designed to spread itself to other devices, often by attaching itself to legitimate files or programs. It can cause significant damage by corrupting data, stealing personal information, or taking control of infected devices.

Personally Identifiable Information (PII)

Data that can identify a specific individual, such as names, addresses, phone numbers, social security numbers, and financial information. It is highly sensitive and requires robust protection to prevent unauthorized access or misuse.

Insider threats

An employee or contractor who has authorized access to a company’s systems and information but intentionally or unintentionally acts in a way that harms the organization or its data. Insider threats can be just as damaging as external attacks.

VPN

A virtual private network (VPN) is a technology that encrypts and routes internet traffic through a secure server, providing an extra layer of security to protect sensitive data and prevent unauthorized access. It is often used to browse the web anonymously or to access restricted content.

Patching

A cybersecurity practice that involves regularly updating software and operating systems with the latest security patches to close vulnerabilities and prevent malicious actors from exploiting known weaknesses in software.

Study Notes

General Cybersecurity Awareness

• Biggest cybersecurity threat to organizations: Software vulnerabilities
• Plugging a personal device into a work computer: Introduces malware to the network
• VPN and cyberattacks: VPN does not guarantee complete immunity from cyberattacks
• Strongest password: LongPhraseWithNumbers123!
• Software updates: Verify updates through official channels

Protecting Personally Identifiable Information (PII)

• PII definition: Personally Identifiable Information
• PII examples: Credit card number, Social Security number, email address
• Not a PII example: Business phone number

Phishing and Social Engineering

• Phishing email signs: Urgent language, Mismatched email domains, Unexpected attachments
• Social engineering: Manipulating people to gain sensitive information
• Suspected phishing attempt action: Report to IT security
• Not a social engineering tactic: Enabling 2FA
• Phishing protection first step: Enable email spam filters

Ransomware and Malware

• Ransomware action: Encrypts files and demands payment
• Malware prevention: Keep software updated, Use antivirus software, Avoid clicking unknown links
• Ransomware attack response: Disconnect the infected device
• Ransomware and data recovery: Paying the ransom does not guarantee data recovery
• Not a type of malware: Firewall

Remote Work Security

• Remote work risk: All of the above (device theft, unsecured networks, sensitive data exposure).
• Public Wi-Fi security tool: VPN

Incident Reporting and Management

• First step in incident response: Report to the IT team
• Incident report components: Description of the event, Date and time of the incident, Actions taken in response
• Incident reporting importance: Minimize damage, allow quick mitigation, prevent further attacks
• Incident response responsibility: Not solely IT's responsibility.

Secure Use of Software and Tools

• Software update importance: Fixes security vulnerabilities.
• Secure file sharing: Use encrypted file-sharing platforms or secure email.
• Password manager purpose: Stores strong passwords securely.
• Collaboration tool security: All of the above (clicking unknown links, restricting access, strong passwords).
• VPN purpose: Encrypts and secures communication.