Security Awareness Month Quiz

Approved & Edited by ProProfs Editorial Team
At ProProfs Quizzes, our dedicated in-house team of experts takes pride in their work. With a sharp eye for detail, they meticulously review each quiz. This ensures that every quiz, taken by over 100 million users, meets our standards of accuracy, clarity, and engagement.
Learn about Our Editorial Process
| Written by Bubbanc
B
Bubbanc
Community Contributor
Quizzes Created: 1 | Total Attempts: 502
Questions: 25 | Attempts: 502
SettingsSettingsSettings
Please wait...
Create your own Quiz
Security Awareness Month Quiz - Quiz

Happy Security Awareness Month! There’s no better time to educate yourself – or reassure your existing knowledge, as the case may be – about the dos and don’ts of security and being safe with computers. Let’s see how much you know!

Questions and Answers
  • 1. 

    It's safe to open e-mail attachments and click on e-mail links, even if the message is from someone you don't know.

    • A. 

      True

    • B. 

      False

    Correct Answer
    B. False
    Explanation
    Even though email messages get scanned via multiple vendors for malware, spyware and phishing, there is no guarantee that they will catch every instance of malware. It is recommended that you only open attachments and click on links if messages are from an individual you know. Enabling Safe Senders for Outlook is a good way to accomplish this.

    Rate this question:

  • 2. 

    It's ok to share your work password with others. 

    • A. 

      True

    • B. 

      False

    Correct Answer
    B. False
    Explanation
    Your work password should never be shared with anyone; even your manager.

    Rate this question:

  • 3. 

    The following are characteristics of a good work password:

    • A. 

      The password is the same as another online account

    • B. 

      The password is at least 4 characters long

    • C. 

      The password uses a combination of lowercase, uppercase, and special characters

    • D. 

      The password contains part of a family members birthday

    • E. 

      All of the above

    Correct Answer
    C. The password uses a combination of lowercase, uppercase, and special characters
    Explanation
    You should never choose your work password to be the same as any other accounts. You should also not use family birthdays, names, or other publicly available information about you or your family as part of your password.

    Rate this question:

  • 4. 

    If you received a message that you suspect may be spam or a phishing attempt, what should you do with the message?  

    • A. 

      Open it up and click any links or attachments in the message

    • B. 

      Delete the message

    • C. 

      Forward it to a co-worker to see if they can open it

    Correct Answer
    B. Delete the message
    Explanation
    If it looks suspicious it is safest to delete the message and not expose yourself and SAS to risk.

    Rate this question:

  • 5. 

    Which of the following should you not do with your password?

    • A. 

      Say it out loud

    • B. 

      Email it to an associate

    • C. 

      Provide it to your manager

    • D. 

      All of the above

    Correct Answer
    D. All of the above
    Explanation
    Passwords are meant to be secret and only known by you and not shared in any way.

    Rate this question:

  • 6. 

    Where should keep your password in case you forget it?

    • A. 

      Someplace easily seen from your computer

    • B. 

      Someplace out of sight like in a drawer or under your keyboard

    • C. 

      If you have to write down your password, it should be stored in a password keeper or vault.

    Correct Answer
    C. If you have to write down your password, it should be stored in a password keeper or vault.
    Explanation
    Passwords should never be written down unless they are being stored in a password vault or storage utility and protected by a master password.

    Rate this question:

  • 7. 

    Password challenge questions, used for resetting passwords on some Internet sites, should not be used if they contain publicly available information. 

    • A. 

      True

    • B. 

      False

    Correct Answer
    A. True
    Explanation
    Know what you've posted about yourself. A common way that hackers break into financial or other accounts is by clicking the "Forgot your password?" link on the account login page. To break into your account, they search for the answers to your security questions, such as your birthday, home town, high school class, or mother's middle name. If the site allows, make up your own password questions, and don't draw them from material anyone could find with a quick search.

    Rate this question:

  • 8. 

    It is safe to connect a USB drive that you found in the parking lot to your work computer. 

    • A. 

      True

    • B. 

      False

    Correct Answer
    B. False
    Explanation
    GIS should be contacted to clean the device or you can contact Security to put the drive in lost and found.

    Rate this question:

  • 9. 

    If someone calls you and requests information about where you work, the employees, your work account, passwords, or personal information about yourself you should:

    • A. 

      Answer them as truthfully as possible

    • B. 

      Give them your work e-mail address so they can email you the information they need

    • C. 

      Deny their request and contact Security about the call.

    Correct Answer
    C. Deny their request and contact Security about the call.
    Explanation
    Cases like this is when someone is trying to social engineer you for information about your workplace.

    Rate this question:

  • 10. 

    It's ok to setup a rule to auto-forward all of your work e-mail to an external e-mail account like Gmail or Hotmail. 

    • A. 

      True

    • B. 

      False

    Correct Answer
    B. False
    Explanation
    Auto-forwarding rules are prohibited by company policy. You can forward individual mails to your personal account as long as the communications are not company confidential.

    Rate this question:

  • 11. 

    It's not OK to accept 3rd party/customer data without permissions from Information Security.

    • A. 

      True

    • B. 

      False

    Correct Answer
    A. True
    Explanation
    Information Security has a request form that will walk you through the process of accepting 3rd party data.

    Rate this question:

  • 12. 

    An 8 character password containing a mix of uppercase, lowercase and special characters can be cracked in under a day.  

    • A. 

      True

    • B. 

      False

    Correct Answer
    A. True
    Explanation
    Hackers are now using Graphics cards in order to help brute force passwords. The 8 character keyspace can be traversed in under 24 hours with multi-GPU machines: http://arstechnica.com/security/2012/08/passwords-under-assault/

    Rate this question:

  • 13. 

    If you set your anti-virus software to auto-update then you don't need Windows Automatic Updates.

    • A. 

      True

    • B. 

      False

    Correct Answer
    B. False
    Explanation
    Anti-virus is not a replacement for regularly applying patches and security updates.

    Rate this question:

  • 14. 

    According to the FBI and the Computer Security Institute, most information security breaches occur due to what?

    • A. 

      External Hackers

    • B. 

      Poor Programming Techniques

    • C. 

      Internal Employees

    • D. 

      Bad Firewall Settings

    Correct Answer
    C. Internal Employees
    Explanation
    Internal employees tend to be the cause of the most information security breaches

    Rate this question:

  • 15. 

    It is not safe to e-mail business documents to your home computer to work on them.

    • A. 

      True

    • B. 

      False

    Correct Answer
    A. True
    Explanation
    You should work on business documents on a corporate issued machine by either working on it in the office, or remotely connecting to your work machine and working on them remotely

    Rate this question:

  • 16. 

    If you are browsing the Internet and suddenly you get a prompt asking you to download a file and run it, what should you do?

    • A. 

      Download the file and run it.

    • B. 

      Cancel the download and close your browser.

    • C. 

      Download the file and e-mail it to a co-worker to see if it is legitimate.

    Correct Answer
    B. Cancel the download and close your browser.
    Explanation
    If you are prompted to download a file when simply browsing the internet, then chances are you've navigated to a site that is infected and is trying to infect you. It is best to cancel the download, close the browser and run a full AV scan on your machine.

    Rate this question:

  • 17. 

    What type of attack relies on the trusting nature of employees and the art of deception?

    • A. 

      Fraud

    • B. 

      Phishing

    • C. 

      Social Engineering

    • D. 

      Dumpster Diving

    Correct Answer
    C. Social Engineering
    Explanation
    Social Engineering is when an attacker tries to gain information about an attack based on information they already know about you or pretending to misrepresent themselves to you in hopes that you will trust them.

    Rate this question:

  • 18. 

    You receive an e-mail message from a deposed Prince of Nigeria. What do you do?

    • A. 

      Forward it to all of your friends

    • B. 

      Follow all his instructions to the letter and wait for your check in the mail

    • C. 

      Highlight the message and hit "Control + Shift + Delete" to completely remove the message

    Correct Answer
    C. Highlight the message and hit "Control + Shift + Delete" to completely remove the message
    Explanation
    These types of e-mails are called 419 or 411 scams. These are e-mails that try to encourage you to perform fraudulent activities on behalf of someone in another country (such as laundering money).

    Rate this question:

  • 19. 

    You are using e-mail to send and receive private information (e.g. medical data, salary information, social security numbers, passwords) for an approved, business need. What should you do?

    • A. 

      Encrypt the information before sending it through e-mail

    • B. 

      Put the information in many small messages so that only a small information will be exposed if it falls into the wrong hands

    • C. 

      Put all of the information in one large message before sending it to reduce the chance that it will fall into the wrong hands

    Correct Answer
    A. Encrypt the information before sending it through e-mail
    Explanation
    Encrypting the information before sending it through email ensures that the data is protected and cannot be accessed by unauthorized individuals. Encryption converts the information into a code that can only be deciphered with a decryption key, making it extremely difficult for anyone else to read or understand the content of the email. This helps to maintain the confidentiality and integrity of the private information being transmitted.

    Rate this question:

  • 20. 

    It's OK to post personal information about yourself on Twitter or Facebook.

    • A. 

      True

    • B. 

      False

    Correct Answer
    B. False
    Explanation
    You should limit the personal information you post about yourself and your family on Twitter, Facebook and other social media sites. This information could be used in order to perform social engineering on you or your family. You should configure privacy settings to be as strict as possible on such sites to limit prying eyes. All information posted to social media sites should be considered permanent, no matter what the privacy policies of the sites state.

    Rate this question:

  • 21. 

    It's OK to click website links in e-mails, from other untrusted websites, or in IM messages that go to sites that I trust (Facebook, Twitter, Google, etc).  

    • A. 

      True

    • B. 

      False

    Correct Answer
    B. False
    Explanation
    You should only access trusted sites (Google, Facebook, Twitter, etc) by entering the URL directly or via a bookmark. Clicking on links in e-mail and from other untrusted sites may allow an attacker to steal or capture your credentials.

    Rate this question:

  • 22. 

    When entering personal data such as credit card information into a website, it is important to look for the lock symbol or verify the url starts with 'https" to insure the transaction is protected by SSL encryption. 

    • A. 

      True

    • B. 

      False

    Correct Answer
    A. True
    Explanation
    Before you enter sensitive data in a web form or on a webpage, look for signs—like a web address with https and a closed padlock beside it—that it is secure.

    Rate this question:

  • 23. 

    Which of the following is the best protection technique for a home wireless network

    • A. 

      MAC address filtering

    • B. 

      Hidden SSID

    • C. 

      WEP encryption

    • D. 

      WPA2 encryption

    Correct Answer
    D. WPA2 encryption
    Explanation
    MAC filters are not protection from an intruder as MAC information can be obtained via wireless sniffers and this information be spoofed. Hiding your SSID will also not keep intruders out since the SSID can still be detected via a wireless sniffer. WEP is not a suitable wireless protection mechanism because this encryption technique can easily be cracked in a number of minutes. WPA2 Pre-shared key with a lengthy key is the preferred standard.

    Rate this question:

  • 24. 

    If you receive an e-mail plea from a family member asking for money, it's OK to repond and wire them money since they sent the message from their e-mail account. 

    • A. 

      True

    • B. 

      False

    Correct Answer
    B. False
    Explanation
    These types of scams are common when an e-mail account has been hacked. The first course of action is to try and contact the person (not via e-mail) and confirm if they really need money and let them know that their e-mail account may have been hacked.

    Rate this question:

  • 25. 

    If you've spoken to your kids about being safe on the Internet, then there is no need to filter web content for them.

    • A. 

      True

    • B. 

      False

    Correct Answer
    B. False
    Explanation
    Web content should always be filtered for children. OpenDNS provides DNS-based protections for free. Other Anti-Virus companies also provide protections and filters for children accessing the Internet.

    Rate this question:

Related Topics

Recent Quizzes

Discovia Security Awareness Training Discovia Security Awareness Training
NextiraOne Security Awareness Quiz NextiraOne Security Awareness Quiz
Security Awareness Test Section 13 Security Awareness Test Section 13
Security Awareness Test Section 7 Security Awareness Test Section 7
Business Quiz: Security Awareness Training Business Quiz: Security Awareness Training
QualityNet Security Awareness Quiz QualityNet Security Awareness Quiz

Featured Quizzes

Quiz: Does He Want To Marry Me? Quiz: Does He Want To Marry Me?
Pottermore Sorting Hat Quiz Pottermore Sorting Hat Quiz
Quiz: Am I Pretty, Cute Or Beautiful? Quiz: Am I Pretty, Cute Or Beautiful?
Quiz: Does My Boyfriend Love Me? Quiz: Does My Boyfriend Love Me?
Fashion Style Quiz: What Clothing Style Suits Me? Fashion Style Quiz: What Clothing Style Suits Me?
Take the Does He Like Me Quiz to Decode His True Feelings Take the Does He Like Me Quiz to Decode His True Feelings
Back to Top Back to top
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.