10 Questions
What is the primary goal of information security?
To protect company data from unauthorized access
Strong passwords should be changed every 30 days.
True
What is phishing?
A type of social engineering attack where attackers send fraudulent emails that appear to come from a trusted source
Employees should report suspected security incidents to their _______________________.
supervisor or IT department
Match the following security best practices with their descriptions:
Use strong passwords = Use a combination of uppercase and lowercase letters, numbers, and special characters Verify sender information = Check the authenticity of emails or messages before responding or clicking on links Keep software up-to-date = Regularly update operating systems, browsers, and applications to patch security vulnerabilities Use public Wi-Fi cautiously = Avoid accessing sensitive information on public Wi-Fi networks
What is the recommended frequency for changing strong passwords?
Only when compromise is suspected
What should an employee do if they receive a suspicious email?
Report it to the IT department immediately
What is the primary action an employee should take in the event of a security incident?
Inform their supervisor and follow the incident response plan
What is the main reason employees should be aware of social engineering tactics?
To prevent unauthorized access to company data
What is the purpose of a security awareness training program?
To educate employees on security best practices
Study Notes
Information Security Fundamentals
- The primary goal of information security is to protect an organization's information and systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
Password Security
- Strong passwords should be changed every 30 days to ensure maximum security and minimize the risk of unauthorized access.
Phishing
- Phishing is a type of social engineering attack where an attacker attempts to trick individuals into revealing sensitive information such as passwords, credit card numbers, or personal data.
Incident Response
- Employees should report suspected security incidents to their supervisor or designated authority to ensure prompt action and minimize the impact of the incident.
Test your knowledge of information security best practices and policies, including password management, phishing, and incident reporting. Learn how to protect your organization's data and assets.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free
