Cybersecurity Awareness Test Quiz!

1. You have a hard copy of a design document that you want to dispose of. What would you do?

Throw it in any dustbin

Shred it using a shredder

Give it to the office boy to reuse it for other purposes

Be environment friendly and reuse it for writing

Shredding the hard copy of the design document is the correct answer because it ensures that the sensitive information contained in the document is destroyed and cannot be accessed by unauthorized individuals. This helps to protect the confidentiality of the information and prevent any potential misuse or data breaches. Shredding is a secure and reliable method of disposing of confidential documents.

Explanation

Shredding the hard copy of the design document is the correct answer because it ensures that the sensitive information contained in the document is destroyed and cannot be accessed by unauthorized individuals. This helps to protect the confidentiality of the information and prevent any potential misuse or data breaches. Shredding is a secure and reliable method of disposing of confidential documents.

2. You went to Starbucks/CCD to buy a coffee and then while waiting for your order, you decided to connect to their Free WIIFI. While browsing your Google Mail (https://mail.google.com/), the page redirects to https://www.googlemail.anish.net. What do you think should you do?

Login to where Google Mail has redirected, it’s just one of Google’s web sites – not suspicious at all.

Disconnect to Starbucks/CCD WIFI network.

Ask the person sitting next to you if his Google Mail also redirects to http://www.googlemail.anish.net.

Find the Wireless Access Point (Wi-Fi device) and reboot it

The correct answer is to disconnect from the Starbucks/CCD WIFI network. This is because when browsing Google Mail, the page redirects to a suspicious website (http://www.googlemail.anish.net) instead of the legitimate Google Mail website (https://mail.google.com/). This could indicate a potential security threat or a man-in-the-middle attack. To ensure the safety of personal information, it is best to disconnect from the WIFI network to prevent any unauthorized access or data breach.

Explanation

The correct answer is to disconnect from the Starbucks/CCD WIFI network. This is because when browsing Google Mail, the page redirects to a suspicious website (http://www.googlemail.anish.net) instead of the legitimate Google Mail website (https://mail.google.com/). This could indicate a potential security threat or a man-in-the-middle attack. To ensure the safety of personal information, it is best to disconnect from the WIFI network to prevent any unauthorized access or data breach.

3. When receiving a Email from a unknown contact that has an attachment, you should:

Open the attachment to view its contents

Delete the mail

Forward the email to your co-workers to allow them to open the attachment first

Forward the email to your personal email account so you can open it at home

When receiving an email from an unknown contact that has an attachment, it is recommended to delete the mail. Opening the attachment can pose a security risk as it may contain malware or viruses that can harm your computer or compromise your personal information. Forwarding the email to co-workers or personal email accounts can potentially spread the risk to others or expose personal information to unauthorized individuals. Therefore, the safest course of action is to delete the email to protect yourself and your system from potential harm.

Explanation

When receiving an email from an unknown contact that has an attachment, it is recommended to delete the mail. Opening the attachment can pose a security risk as it may contain malware or viruses that can harm your computer or compromise your personal information. Forwarding the email to co-workers or personal email accounts can potentially spread the risk to others or expose personal information to unauthorized individuals. Therefore, the safest course of action is to delete the email to protect yourself and your system from potential harm.

4. The mouse on your computer begins moving across the screen and clicking on things without you even touching it. What will you do?

Unplug your mouse

Disconnect your computer from the network & call the IT Support Desk

Turn your computer OFF

Call your colleagues over so they can see this miracle!

If the mouse on your computer is moving and clicking on things without you touching it, it is likely that your computer has been compromised by malware or a hacker. Disconnecting your computer from the network is important to prevent further unauthorized access or potential damage. Calling the IT Support Desk is necessary to report the incident and seek assistance in resolving the issue and ensuring the security of your computer system.

Explanation

If the mouse on your computer is moving and clicking on things without you touching it, it is likely that your computer has been compromised by malware or a hacker. Disconnecting your computer from the network is important to prevent further unauthorized access or potential damage. Calling the IT Support Desk is necessary to report the incident and seek assistance in resolving the issue and ensuring the security of your computer system.

5. You see a non familiar face in the access controlled areas of our office, the person does not have the a ITZCASH ID/Visitor/Vendor tag with him. What would you do?

None of my business, let some body else take care of it

Ask the person to leave the facility

Escort the person to the security and raise a security incident

Scream and yell till the person leaves

If a non-familiar face is seen in the access controlled areas of the office without any proper identification, the appropriate action would be to escort the person to the security and raise a security incident. This ensures that the person is properly addressed and investigated by the security team, maintaining the safety and security protocols of the office.

Explanation

If a non-familiar face is seen in the access controlled areas of the office without any proper identification, the appropriate action would be to escort the person to the security and raise a security incident. This ensures that the person is properly addressed and investigated by the security team, maintaining the safety and security protocols of the office.

6. Which of the below is not a part of the appropriate use - Laptop Security Policy?

Return your laptop when you resign

Prevent damage to loss/theft of Laptop

Report loss of Laptop to HR & IT Department

Install any software without approval

The correct answer is "Install any software without approval." This is not a part of the appropriate use - Laptop Security Policy because it can pose a security risk to the laptop and the network. Installing software without approval can introduce malware or other malicious programs, compromise the laptop's security, and violate company policies. It is important to obtain proper approval before installing any software to ensure the security and integrity of the laptop and the organization's network.

Explanation

The correct answer is "Install any software without approval." This is not a part of the appropriate use - Laptop Security Policy because it can pose a security risk to the laptop and the network. Installing software without approval can introduce malware or other malicious programs, compromise the laptop's security, and violate company policies. It is important to obtain proper approval before installing any software to ensure the security and integrity of the laptop and the organization's network.

7. How can you report a security incident?

Email

Phone

Any of the above

None of the above

The correct answer is "Any of the above" because reporting a security incident can be done through various means, including email and phone. This allows individuals to choose the most convenient method for them to report the incident and ensure that it is communicated to the appropriate authorities.

Explanation

The correct answer is "Any of the above" because reporting a security incident can be done through various means, including email and phone. This allows individuals to choose the most convenient method for them to report the incident and ensure that it is communicated to the appropriate authorities.

8. When is the best time to lie to your information security auditor or officer?

If you want to cover up your best friend’s faults or mistakes

If the security auditor is not your friend and cannot be trusted

If it impacts the termination of the key people in your organization

None of the above

The best time to lie to your information security auditor or officer is never. Lying to cover up someone else's faults or mistakes, or because you don't trust the auditor, or to protect key people in your organization is unethical and can have serious consequences. It is always best to be honest and transparent with auditors and officers to maintain the integrity and security of the organization's information.

Explanation

The best time to lie to your information security auditor or officer is never. Lying to cover up someone else's faults or mistakes, or because you don't trust the auditor, or to protect key people in your organization is unethical and can have serious consequences. It is always best to be honest and transparent with auditors and officers to maintain the integrity and security of the organization's information.

9. Which of the following could help you mitigate malwares and viruses from infecting your PC?

Download software from trusted sources only

Install an antivirus program and enable firewall

Always update your PC when prompted for system updates

Monitor and analyze the network traffic of your PC

Installing an antivirus program and enabling a firewall can help mitigate malwares and viruses from infecting your PC. Antivirus software can detect and remove malicious programs, while a firewall can block unauthorized access to your computer, protecting it from potential threats. By having both of these security measures in place, you can significantly reduce the risk of malware and virus infections on your PC.

Explanation

Installing an antivirus program and enabling a firewall can help mitigate malwares and viruses from infecting your PC. Antivirus software can detect and remove malicious programs, while a firewall can block unauthorized access to your computer, protecting it from potential threats. By having both of these security measures in place, you can significantly reduce the risk of malware and virus infections on your PC.

10. Which of the below is not a part of the Clean Desk Policy?

Tidy your desk

Lock your screen

Hiding passwords below keyboard

Put away sensitive documents

The Clean Desk Policy aims to maintain a clutter-free and secure work environment. Tidying your desk, locking your screen, and putting away sensitive documents are all practices that align with this policy. However, hiding passwords below the keyboard is not a part of the Clean Desk Policy. This action poses a security risk as it makes it easier for unauthorized individuals to access sensitive information.

Explanation

The Clean Desk Policy aims to maintain a clutter-free and secure work environment. Tidying your desk, locking your screen, and putting away sensitive documents are all practices that align with this policy. However, hiding passwords below the keyboard is not a part of the Clean Desk Policy. This action poses a security risk as it makes it easier for unauthorized individuals to access sensitive information.

11. What is social engineering?

A group planning for a social activity in the organization

Creating a situation wherein a third party gains confidential information from you

The organization planning an activity for welfare of the neighbourhood

None of the above

Social engineering refers to the act of manipulating individuals into divulging confidential information or performing actions that may compromise their security. This can be done through various techniques such as impersonation, deception, or psychological manipulation. The correct answer states that social engineering involves creating a situation where a third party gains confidential information from the individual, which accurately describes the concept. It is important to be aware of social engineering tactics to protect oneself from potential security breaches.

Explanation

Social engineering refers to the act of manipulating individuals into divulging confidential information or performing actions that may compromise their security. This can be done through various techniques such as impersonation, deception, or psychological manipulation. The correct answer states that social engineering involves creating a situation where a third party gains confidential information from the individual, which accurately describes the concept. It is important to be aware of social engineering tactics to protect oneself from potential security breaches.

12. Which of the following is an Online Malware Scanning Service for suspicious files and URLs?

Www.serials.ws

Www.crackme.us

Www.totalvirus.com

Www.virustotal.com

www.virustotal.com is an online malware scanning service that allows users to scan suspicious files and URLs for potential malware or viruses. It provides a comprehensive analysis by using multiple antivirus engines and other tools to detect any malicious content. Users can upload files or enter URLs to be scanned, and the service provides detailed reports on the potential threats found. It is a trusted platform used by individuals and organizations to ensure the safety of their files and websites.

Explanation

www.virustotal.com is an online malware scanning service that allows users to scan suspicious files and URLs for potential malware or viruses. It provides a comprehensive analysis by using multiple antivirus engines and other tools to detect any malicious content. Users can upload files or enter URLs to be scanned, and the service provides detailed reports on the potential threats found. It is a trusted platform used by individuals and organizations to ensure the safety of their files and websites.

13. Which of the below is not a best practice of choosing Strong Passwords?

Make it impersonal

Make it long

Make it diverse

Make it numeric

Making a password numeric is actually a best practice for choosing strong passwords. Including numbers in a password adds complexity and makes it harder for attackers to guess or crack the password. Therefore, the given answer is incorrect.

Explanation

Making a password numeric is actually a best practice for choosing strong passwords. Including numbers in a password adds complexity and makes it harder for attackers to guess or crack the password. Therefore, the given answer is incorrect.

14. Which of the below is not a part of the appropriate use - Email Security Policy?

Don't access your personal email account

Use official Email ID for personal purposes

Don't send spam

Don't do Email Forging

The statement "Use official Email ID for personal purposes" is not a part of the appropriate use - Email Security Policy. This policy is designed to ensure the security and confidentiality of email communication within an organization. Using official email IDs for personal purposes may compromise the security of sensitive information and increase the risk of unauthorized access or data breaches. It is important to separate personal and official email accounts to maintain the integrity of the organization's email security policy.

Explanation

The statement "Use official Email ID for personal purposes" is not a part of the appropriate use - Email Security Policy. This policy is designed to ensure the security and confidentiality of email communication within an organization. Using official email IDs for personal purposes may compromise the security of sensitive information and increase the risk of unauthorized access or data breaches. It is important to separate personal and official email accounts to maintain the integrity of the organization's email security policy.

15. Which of the below is not used for Multi-factor authentication?

Something you do

Something you have

Something you know

Something you are

"Something you do" is not used for multi-factor authentication. Multi-factor authentication typically involves using a combination of two or more factors to verify a user's identity. These factors can include "something you have" (such as a physical token or a mobile device), "something you know" (such as a password or PIN), and "something you are" (such as biometric data like fingerprints or facial recognition). However, "something you do" refers to behavioral biometrics, which is a separate authentication method that analyzes patterns of behavior, such as typing speed or mouse movements, to verify identity.

Explanation

"Something you do" is not used for multi-factor authentication. Multi-factor authentication typically involves using a combination of two or more factors to verify a user's identity. These factors can include "something you have" (such as a physical token or a mobile device), "something you know" (such as a password or PIN), and "something you are" (such as biometric data like fingerprints or facial recognition). However, "something you do" refers to behavioral biometrics, which is a separate authentication method that analyzes patterns of behavior, such as typing speed or mouse movements, to verify identity.

CyberSecurity Awareness Test Quiz!