Information Security Quiz Questions And Answers

20 Questions | Total Attempts: 6313

SettingsSettingsSettings
Please wait...
Information Security Quiz Questions And Answers

Please take this quiz individually. This will help with both gauging knowledge in core Information Security principles and also acting as an interactive educational tool. This is a 20 question quiz. Each question is worth 5 points.


Questions and Answers
  • 1. 
    What is SSL also referred to as in web browsers?
    • A. 

      SecureNow

    • B. 

      SMTP

    • C. 

      FTP

    • D. 

      HTTPS

  • 2. 
    Your personal computer come out of the box a month ago with an operating system (like Windows or MAC OS X) and a web browser (like Firefox or Internet Explorer). You haven't updated either since then. You should:
    • A. 

      Go buy another computer right away

    • B. 

      Reformat the hard drive

    • C. 

      Take no action

    • D. 

      Change the settings on both to increase your online security, and then set your operating system to automatically download and install security updates.

  • 3. 
    Anti virus software is the most effective product/service/practice against malicious code.
    • A. 

      True

    • B. 

      False

  • 4. 
    If SFCU wanted to post an email address on the website, can a format be chosen that makes it more difficult for spammers to collect it?
    • A. 

      Yes

    • B. 

      No

    • C. 

      Spammers don't collect email addresses this way

  • 5. 
    As part of annual audits conducted by NCUA, they evaluate information security aspects of the organization?
    • A. 

      True

    • B. 

      False

  • 6. 
    What best describes phishing?
    • A. 

      In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.

    • B. 

      Password cracking

    • C. 

      In the field of computer security, phishing is the criminally fraudulent process of a keylogger attempting to capture keyboard keystrokes of the user.

    • D. 

      This is a made up term

  • 7. 
    Music and picture files (jpg, bmp, avi, mp3, mp4, etc.) that do NOT contain a hidden extension can still execute malicious code on the computer?
    • A. 

      True

    • B. 

      False

  • 8. 
    A web browser pop-up appears on your personal computer offering an "anti-spyware product" What's your best course of action?
    • A. 

      Click on the link and provide your credit card information as the more protection prompted to install the better.

    • B. 

      Click on the link in the ad to learn more about the company its products before your decide.

    • C. 

      Close the window. If want spyware protection software, better to get it from a provider with extensive reviews and downloads on a reputable site such as download.com.

  • 9. 
    Numbers/names that show up on Caller ID displays can be easily forged
    • A. 

      True

    • B. 

      False

  • 10. 
    What is the most secure wireless encryption standard of the items listed below?
    • A. 

      WPA2

    • B. 

      WPA

    • C. 

      WEP

    • D. 

      SWP

    • E. 

      WEP9

  • 11. 
    The Sonicwall network appliances that FedComp is providing to SFCU will filter out majority of malicious code and outsider attempts to breach security?
    • A. 

      True

    • B. 

      False

  • 12. 
    In what circumstances is it appropriate for an SFCU staff member to request a members online banking password?
    • A. 

      To confirm the account is disabled and no other reasons

    • B. 

      For technical troubleshooting and no other reasons

    • C. 

      For account verification

    • D. 

      Never

  • 13. 
    Who should be familiar with internal information security related policies?
    • A. 

      Executive Board

    • B. 

      IT Staff

    • C. 

      All SFCU staff

    • D. 

      All SFCU staff and members

  • 14. 
    Due to the intimidation factor and strong federal and state laws existing, financial institutions generally have to worry less about threats such as malicious code and phishing compared to other industries?
    • A. 

      True

    • B. 

      False

  • 15. 
    Being that SFCU is a student run organization members should not expect the same level of security/privacy of their information  compared to large financial institutions such as PNC Bank and TDBank.
    • A. 

      True

    • B. 

      False

  • 16. 
    If a member sends a conventional email to an SFCU mailbox such as [email protected] What is the hypothetical threat while the email is in transmission?
    • A. 

      If SFCU mailbox is typed correctly, there is no threat

    • B. 

      IF SFCU mailbox is typed correctly AND browser/OS is up to date there is no threat

    • C. 

      An unscrupulous individual using a packet sniffer on the network captures the information

    • D. 

      None of the above

  • 17. 
    If a member uses an encrypted form of communication to contact SFCU such as LiveChat what hypothetical threat remains (if any) for it to be intercepted?
    • A. 

      Keylogger (form of malicious code) installed on the computer

    • B. 

      An unscrupulous individual knowing the date/time of a user contacting SFCU

    • C. 

      An unscrupulous individual using a packet sniffer on the network captures the information

    • D. 

      This is no threat

  • 18. 
    In what circumstance is SFCU is legally and morally responsible for members falling victim to scams and repercussions caused by malicious code on their computer?
    • A. 

      Always

    • B. 

      If member is using the partner product Prevx SafeOnline

    • C. 

      If member notifies SFCU in advance they have a computer infected with malicious code or that they aren't knowledgeable in using technology

    • D. 

      Very rare cases such as SFCU staff member sending a malicious file to the member

  • 19. 
    If proper information security procedures and planning are in place on all servers which kind of server is the most vulnerable to remote attackers/hackers.
    • A. 

      Mail server

    • B. 

      Web server

    • C. 

      DNS server

    • D. 

      Core Financial database

    • E. 

      Equally vulnerable

  • 20. 
    What is the most effective way for an individual to ensure they are going to the intended website they receive as a link within an email that is from an unknown sender?
    • A. 

      Hover mouse over the link and if looks legit then click it

    • B. 

      Manually type in URL/use previously saved bookmark

    • C. 

      Google key search terms

    • D. 

      Pray

Back to Top Back to top