Information Security Awareness Quiz: MCQ!
.
- 1.
Why is it important to have a good understanding of Information Security policies and procedures?
- A.
Helps protect individuals from being victims of security incidents.
- B.
Provides an understanding of steps to follow in the event of a security incident
- C.
Helps to understand levels of responsibility
- D.
All of the above
Correct Answer
D. All of the aboveExplanation
Having a good understanding of Information Security policies and procedures is important because it helps protect individuals from being victims of security incidents. By knowing the policies and procedures, individuals can take necessary precautions to safeguard their information and prevent unauthorized access. Additionally, it provides an understanding of the steps to follow in the event of a security incident, enabling individuals to respond effectively and minimize the impact. Lastly, understanding levels of responsibility ensures that individuals are aware of their roles and obligations in maintaining information security, promoting a culture of accountability and compliance.Rate this question:
-
- 2.
Which of the following is a good way to create a password?
- A.
Your children's or pet's names
- B.
Using look-alike substitutions of numbers or symbols
- C.
A combination of upper and lowercase letters mixed with numbers and symbols
- D.
Using common names or words from the dictionary
Correct Answer
C. A combination of upper and lowercase letters mixed with numbers and symbolsExplanation
A combination of upper and lowercase letters mixed with numbers and symbols is a good way to create a password because it increases the complexity and makes it harder for hackers to guess or crack the password. Using a variety of characters and mixing different types of characters makes the password stronger and more secure.Rate this question:
-
- 3.
Which of the following would be the best password?
- A.
MySecret
- B.
Dp0si#Z$2
- C.
Abc123
- D.
Keyboard
Correct Answer
B. Dp0si#Z$2Explanation
The password "Dp0si#Z$2" would be the best choice because it is a combination of uppercase and lowercase letters, numbers, and special characters. This makes it more secure and harder for hackers to guess or crack. The other options, "mySecret," "abc123," and "keyboard," are all relatively weak passwords as they are easily guessable and lack complexity.Rate this question:
-
- 4.
What is the most common delivery method for viruses?
- A.
Email
- B.
Instant Message
- C.
Internet download
- D.
Portable media
Correct Answer(s)
A. Email
C. Internet downloadExplanation
The most common delivery method for viruses is through email and internet downloads. Viruses are often disguised as attachments or links in emails, which when opened or clicked, can infect the user's device. Similarly, internet downloads from untrusted sources can contain malicious software that can infect the user's system. These two methods are widely used by hackers and cybercriminals to distribute viruses as they can easily reach a large number of users and exploit vulnerabilities in their devices.Rate this question:
-
- 5.
When receiving an email from an unknown contact that has an attachment, you should:
- A.
Open the attachment to view its contents
- B.
Delete the email
- C.
Forward the email to your co-workers to allow them to open the attachment first
- D.
Forward the email to your personal email account so you can open it at home
Correct Answer
B. Delete the emailExplanation
When receiving an email from an unknown contact that has an attachment, it is advisable to delete the email. Opening the attachment can potentially expose your computer to viruses, malware, or other security threats. Forwarding the email to co-workers or personal email accounts can also put their devices at risk. Therefore, the safest course of action is to delete the email to protect your own and others' devices from potential harm.Rate this question:
-
- 6.
Which of the following is a good practice to avoid email viruses?
- A.
Delete an unexpected or unsolicited message
- B.
Use anti-virus software to scan attachments before opening
- C.
Delete similar messages that appears more than once in your Inbox
- D.
All the above
Correct Answer
D. All the aboveExplanation
To avoid email viruses, it is a good practice to delete unexpected or unsolicited messages as they may contain malicious attachments or links. Using anti-virus software to scan attachments before opening them is also recommended, as it helps detect and eliminate any potential viruses. Additionally, deleting similar messages that appear more than once in your Inbox can help prevent the spread of viruses through duplicate emails. Therefore, all of the above practices are effective in avoiding email viruses.Rate this question:
-
- 7.
Which of the following is a proper use of email?
- A.
Never email personal information
- B.
Send out pricelists for your home-based business products
- C.
Forward inspirational and humorous emails to your co-workers to brighten their day
- D.
Send an email to all your friends and co-workers to advertise a job opening in your area
Correct Answer
D. Send an email to all your friends and co-workers to advertise a job opening in your areaExplanation
This option is considered professional and potentially beneficial to recipients, assuming the email is sent in a respectful and non-intrusive manner. The other options can be problematic due to privacy concerns, potential violation of company policies regarding the use of business email for personal business promotion, or could be considered spammy or unprofessional behavior in a workplace setting.Rate this question:
-
- 8.
Instant Messaging is safer than regular email.
- A.
True
- B.
False
Correct Answer
B. FalseExplanation
Instant Messaging (IM) is not inherently safer than regular email. Both forms of communication have potential security risks such as phishing attacks, malware, and interception by unauthorized parties. The safety of either method depends on the security measures in place, such as encryption, secure connections, and user practices like strong passwords and not clicking on suspicious links.Rate this question:
-
- 9.
Which of the following life experiences might turn a trusted user into a malicious insider:
- A.
Frustration with co-workers
- B.
Stress
- C.
Promotion
- D.
Financial problems
Correct Answer(s)
A. Frustration with co-workers
B. Stress
D. Financial problemsExplanation
Experiencing frustration with co-workers, stress, and financial problems can potentially turn a trusted user into a malicious insider. Frustration with co-workers can lead to feelings of resentment and a desire for revenge, causing the individual to act maliciously. Stress can impair judgment and decision-making, making it easier for someone to engage in malicious activities. Financial problems can create desperation and a need for financial gain, leading an individual to exploit their trusted position for personal gain. These life experiences can contribute to a trusted user's motivation and willingness to engage in malicious insider activities.Rate this question:
-
- 10.
A malicious user can rely on email or webpage to launch a ____
- A.
Phishing attacks
- B.
Virus attacks
- C.
Spyware
- D.
All of the above
Correct Answer
D. All of the aboveExplanation
A malicious user can use email or webpages as a means to launch various types of attacks. Phishing attacks involve tricking individuals into revealing sensitive information, such as passwords or credit card details. Virus attacks involve infecting a system with harmful software that can damage files or steal information. Spyware refers to software that secretly gathers information about a user's activities without their consent. Therefore, all of the options listed in the question can be used by a malicious user to launch attacks.Rate this question:
-
- 11.
Which statement most accurately describes the virus?
- A.
A program that is secretly installed onto your computer and makes copies of itself which consumes your computer resources
- B.
A program that protects your computer from hackers
- C.
A program that is installed onto your computer that monitors your internet use
- D.
All of the above
Correct Answer
A. A program that is secretly installed onto your computer and makes copies of itself which consumes your computer resourcesExplanation
The correct answer is "A program that is secretly installed onto your computer and makes copies of itself which consumes your computer resources." This statement accurately describes a virus, which is a type of malicious software that replicates itself and consumes computer resources, often causing harm to the system it infects.Rate this question:
-
- 12.
Which of the following is a measure for preventing a social engineering attack:
- A.
Do not give out computer or network information
- B.
Do not complete confidential company tasks in an unsecure setting
- C.
Do not secure sensitive documents and media
- D.
Do not give out personal identifiable information
Correct Answer(s)
A. Do not give out computer or network information
B. Do not complete confidential company tasks in an unsecure setting
D. Do not give out personal identifiable informationExplanation
The correct answer is to not give out computer or network information, not complete confidential company tasks in an unsecure setting, and not give out personal identifiable information. These measures can help prevent a social engineering attack by limiting the amount of information an attacker can gather about an individual or organization. By not giving out computer or network information, individuals can protect their systems from being compromised. Not completing confidential tasks in an unsecure setting ensures that sensitive information is not exposed to potential attackers. Similarly, not giving out personal identifiable information helps prevent identity theft and unauthorized access to personal accounts.Rate this question:
-
- 13.
Which statement is allowed according to the user acceptance agreement?
- A.
Conducting business for personal gain
- B.
Using company resources for political purpose
- C.
Sending an occasional personal email
- D.
Downloading music and video files
Correct Answer
C. Sending an occasional personal emailExplanation
Sending an occasional personal email is allowed according to the user acceptance agreement. This implies that employees are permitted to use company resources for personal communication purposes, as long as it is done in moderation and does not interfere with their work responsibilities. It is important to note that conducting business for personal gain, using company resources for political purposes, and downloading music and video files are not allowed according to the user acceptance agreement.Rate this question:
-
- 14.
If you're not careful about your Internet browsing, which of the following can result?
- A.
Spyware or Adware installation
- B.
Browser Hijacking
- C.
Information or identity theft
- D.
All of the above
Correct Answer
D. All of the aboveExplanation
If you are not careful about your Internet browsing, it can result in the installation of spyware or adware, browser hijacking, and information or identity theft. This means that by not being cautious while browsing the internet, you are susceptible to having malicious software installed on your device, your browser being taken over by unauthorized parties, and your personal information or identity being stolen.Rate this question:
-
- 15.
The first step in Security Awareness is being able to ________ a security threat.
- A.
Avoid
- B.
Recognize
- C.
Challenge
- D.
Log
Correct Answer
B. RecognizeExplanation
The first step in Security Awareness is being able to recognize a security threat. This means being able to identify and understand potential risks or dangers to the security of a system or network. By recognizing these threats, individuals can take appropriate measures to protect themselves and their information from potential attacks or breaches. This could involve being able to identify suspicious emails, websites, or behaviors that may indicate a security threat. Recognizing security threats is crucial in maintaining a secure and safe environment.Rate this question:
-
- 16.
What should you not do if you think the email you received is a phishing attempt?
- A.
Do not reply to the message
- B.
Click the link so you can see what the site looks like
- C.
Keep your system up to date, and install up-to-date antivirus and antispyware software
- D.
Report the phishing email to the legitimate company or organization that has been spoofed
Correct Answer
B. Click the link so you can see what the site looks likeExplanation
If you think the email you received is a phishing attempt, you should not click the link to see what the site looks like. This action could expose your system to malicious software or lead to the compromise of your personal information. Instead, you should avoid interacting with any links or attachments in the email, report the email, and ensure your system is secure.Rate this question:
-
- 17.
What should you do if you think your password has been compromised?
- A.
Change your password
- B.
Report the incident to the proper authorities - such as a system administrator(s)
- C.
Check other systems that you have accounts on as they may be compromised as well
- D.
All the above
Correct Answer
D. All the aboveExplanation
If you think your password has been compromised, it is recommended to take multiple actions to ensure your security. Changing your password is important to prevent further unauthorized access to your accounts. Reporting the incident to the proper authorities, such as system administrators, helps them investigate and take necessary actions. Additionally, checking other systems where you have accounts is crucial as the compromise may extend beyond a single platform. Therefore, all the mentioned actions should be taken to effectively address the situation and protect your online presence.Rate this question:
-
- 18.
All of these are good physical security practices except?
- A.
Always wear your security badge when leaving work, even if just for a break. They should be worn outside of the office in public so other people know where you work
- B.
Control access to your office by ensuring the door closes completely behind when entering and exiting. Ensure that no one slips in behind you
- C.
When working in a public setting, prevent shoulder surfing by shielding your paperwork and keyboard from view using your body
- D.
Follow the Clear Desk and Screen Policy. Store confidential and sensitive items in a secure place
- E.
Dispose of Confidential Documents in Waste Paper Bins
Correct Answer(s)
A. Always wear your security badge when leaving work, even if just for a break. They should be worn outside of the office in public so other people know where you work
E. Dispose of Confidential Documents in Waste Paper BinsExplanation
The correct answer is "Always wear your security badge when leaving work, even if just for a break. They should be worn outside of the office in public so other people know where you work." This is not a good physical security practice because wearing a security badge outside of the office in public can make an individual a target for theft or unauthorized access. It is important to keep security badges concealed when outside of the office to maintain privacy and prevent potential security risks.Rate this question:
-
- 19.
What is the biggest vulnerability to computer information security?
- A.
Instant Messaging, Peer-to-Peer (P2P) applications
- B.
Malware - virus, worms, spyware
- C.
Spam, Phishing attacks
- D.
End Users
Correct Answer
D. End UsersExplanation
End Users are the biggest vulnerability to computer information security because they often lack awareness and understanding of security practices. They may fall victim to social engineering attacks, such as phishing, where they unknowingly provide sensitive information to attackers. They may also click on malicious links or download infected files, introducing malware into the system. Additionally, they may use weak passwords or fail to update their software regularly, leaving systems vulnerable to attacks. Therefore, it is crucial to educate and train end users on security best practices to mitigate these risks.Rate this question:
-
- 20.
What should everyone know about information security?
- A.
Computer security is part of everyone's job
- B.
Verify everything! Verify who the person is on the phone. Verify that the website is real. Verify that the visitor belongs where you find them..
- C.
Report anything suspicious to your system administrator at [email protected]
- D.
Do not ignore unusual computer functioning. It might be a sign of malware.
Correct Answer(s)
A. Computer security is part of everyone's job
B. Verify everything! Verify who the person is on the pHone. Verify that the website is real. Verify that the visitor belongs where you find them..
C. Report anything suspicious to your system administrator at [email protected]
D. Do not ignore unusual computer functioning. It might be a sign of malware.Explanation
There is no wrong answer here! Also, everyone should know:
- To use strong passwords and to protect their passwords.
- Practice safe computing while traveling.
- Prevent the loss of data, either electronically or physical.
- Take care in sending emails and using IM tools.
- Take the appropriate actions to protect againse virus', phishing attempts, spyware/adware installation at home and at work.
- Follow company usage policies.Rate this question:
-
Quiz Review Timeline +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
-
Current Version
-
Aug 18, 2024Quiz Edited by
ProProfs Editorial Team -
Jun 06, 2014Quiz Created by
ABasi
Back to top