Information Security Awareness Training Quiz

E-mailing business documents to a home computer can pose security risks. Home computers may not have the same level of security measures in place as business networks, making them more vulnerable to hacking or malware attacks. Additionally, transferring sensitive business information to a personal device increases the chances of unauthorized access or data breaches. It is advisable to use secure company networks and devices for working on business documents to ensure data protection.

The statement suggests that if a message appears multiple times in your email box, it is more likely to be carrying a virus. This is because viruses often replicate themselves and spread through multiple copies of the same message. Therefore, if you receive multiple identical messages, it is important to exercise caution and consider them as potentially suspicious or infected with a virus.

The statement "Physical security is NOT related to information security" is false. Physical security is closely related to information security as it involves protecting the physical assets and infrastructure that house and support the information systems. Physical security measures such as access controls, surveillance systems, and secure facilities are essential for safeguarding the confidentiality, integrity, and availability of information. A breach in physical security can lead to unauthorized access, theft, or damage to information assets, compromising the overall security of an organization. Therefore, physical security is an integral part of ensuring information security.

Opening email attachments that you are not expecting is the best defense against virus infection because many viruses and malware are spread through email attachments. By not opening attachments that you are not expecting, you minimize the risk of accidentally downloading and executing malicious code that can infect your computer and compromise your data. It is important to exercise caution and only open attachments from trusted sources to protect your computer and personal information.

Substituting numbers for letters, such as using "3" for "E," is a good way to create a password because it adds complexity and makes it harder for someone to guess. This method involves using a combination of letters and numbers, increasing the number of possible combinations and making the password more secure. By substituting numbers for letters, it becomes less predictable and less susceptible to dictionary-based attacks. This technique is commonly used in password creation to enhance the strength of the password and protect against unauthorized access.

Email is the most common delivery method for viruses because it is widely used for communication and file sharing. Viruses can be attached to emails as malicious attachments or embedded within hyperlinks. When users open these infected email attachments or click on malicious links, the virus is executed and can infect the user's computer. Since email is a common and convenient method of communication, it provides a large potential target for virus distribution. Additionally, email viruses can easily spread to multiple recipients when infected emails are forwarded or when the virus automatically sends itself to contacts in the user's address book.

A phishing attack can harm not only your personal computer but also your company's network. Phishing attacks involve tricking individuals into revealing sensitive information, such as login credentials or financial details, through deceptive emails or websites. If an employee falls victim to a phishing attack on their personal computer and unknowingly provides access to their company's network, the attacker can gain unauthorized access to sensitive company data, compromise systems, and potentially cause significant damage to the network's security and operations. Therefore, it is crucial to educate employees about phishing threats and implement robust security measures to protect both personal and company devices and networks.

Hackers can crack passwords by repeatedly trying different combinations until they find the correct one. This method is known as a brute-force attack. The attacker systematically tries all possible combinations of characters until the correct password is discovered. This method can be time-consuming and resource-intensive, but it is effective against weak passwords that can be easily guessed. The "G" attack and phishing attack are not valid terms or methods used in password cracking.

The first step in dealing with a security threat is to recognize it. Before any action can be taken to avoid, manage, or report a security threat, it is crucial to first identify and acknowledge its existence. Recognizing a security threat allows individuals or organizations to assess the situation, gather necessary information, and determine the appropriate course of action to address the threat effectively.

The correct answer is "Someplace easily seen from your computer" because it is important to have your passwords easily accessible in case you forget them, but it is also crucial to ensure that they are not visible to others. Writing them down and keeping them in a secure location that is easily seen from your computer allows you to have a reminder while still maintaining the confidentiality of your passwords.