Security Awareness Test Section 7

1. If you receive a SPAM message soliciting pharmaceuticals what should you do?

Respond to the message explaining that you're not interested

Tag the message as SPAM and delete

Sign up for a months' supply

Forward the e-mail to a personal e-mail account

If you receive a SPAM message soliciting pharmaceuticals, the correct action to take is to tag the message as SPAM and delete it. This helps to filter out similar messages in the future and prevents you from engaging with potentially harmful or illegal activities. Responding to the message or forwarding it to a personal email account can lead to further spamming or phishing attempts. Signing up for a months' supply is also not recommended as it may result in financial loss or receiving counterfeit products.

Explanation

If you receive a SPAM message soliciting pharmaceuticals, the correct action to take is to tag the message as SPAM and delete it. This helps to filter out similar messages in the future and prevents you from engaging with potentially harmful or illegal activities. Responding to the message or forwarding it to a personal email account can lead to further spamming or phishing attempts. Signing up for a months' supply is also not recommended as it may result in financial loss or receiving counterfeit products.

2. If you receive a chain e-mail, what should you do?

Forward it to co-workers for a good laugh

Send it to a client that is also a good friend

Post it on SharePoint

None of the above

It is not advisable to forward a chain e-mail to co-workers for a good laugh as it may contain inappropriate or offensive content. Similarly, sending it to a client that is also a good friend can be unprofessional and may harm the professional relationship. Posting it on SharePoint is also not recommended as it may violate company policies or confidentiality agreements. Therefore, the correct answer is "None of the above" as it is best to avoid forwarding chain e-mails altogether.

Explanation

It is not advisable to forward a chain e-mail to co-workers for a good laugh as it may contain inappropriate or offensive content. Similarly, sending it to a client that is also a good friend can be unprofessional and may harm the professional relationship. Posting it on SharePoint is also not recommended as it may violate company policies or confidentiality agreements. Therefore, the correct answer is "None of the above" as it is best to avoid forwarding chain e-mails altogether.

3. What is spyware?

Gadgets used by secret agents

Clothing worn by the iSpy characters

A & B

Software used to spy on a user's computer activity

Spyware refers to software that is specifically designed to secretly gather information about a user's computer activity without their knowledge or consent. It can monitor and record keystrokes, capture screenshots, track internet browsing habits, and collect personal information. This information is often used for malicious purposes, such as identity theft or unauthorized access to sensitive data. Therefore, spyware poses a significant threat to user privacy and security.

Explanation

Spyware refers to software that is specifically designed to secretly gather information about a user's computer activity without their knowledge or consent. It can monitor and record keystrokes, capture screenshots, track internet browsing habits, and collect personal information. This information is often used for malicious purposes, such as identity theft or unauthorized access to sensitive data. Therefore, spyware poses a significant threat to user privacy and security.

4. What is a Trojan?

Brad Pitt

A descendant of the legendary city of Troy

The famed Trojan horse that caused the fall of Troy

Computer code designed to allow a hacker remote control of a user's system

A Trojan is a type of computer code that is designed with malicious intent to allow a hacker to gain remote control of a user's system. It is named after the famous Trojan horse from Greek mythology, which was used by the Greeks to infiltrate and conquer the city of Troy. Similarly, a Trojan code disguises itself as a harmless or legitimate program, tricking the user into installing it. Once installed, it opens a backdoor for the hacker to access and control the system, often leading to unauthorized activities or stealing of sensitive information.

Explanation

A Trojan is a type of computer code that is designed with malicious intent to allow a hacker to gain remote control of a user's system. It is named after the famous Trojan horse from Greek mythology, which was used by the Greeks to infiltrate and conquer the city of Troy. Similarly, a Trojan code disguises itself as a harmless or legitimate program, tricking the user into installing it. Once installed, it opens a backdoor for the hacker to access and control the system, often leading to unauthorized activities or stealing of sensitive information.

5. An old college buddy would like to send you pics of his trip to Cancun, what should you do?

Give him your work e-mail account

Have him upload it to your company's FTP site for retrieval at a later date

Give him your personal e-mail account

Tell him your not interested

Giving your old college buddy your personal email account is the most appropriate option in this situation. Since the pictures are personal in nature and it is a friend from college, it is more suitable to use personal communication channels. Using your work email account may not be appropriate as it is meant for professional purposes. Having him upload the pictures to the company's FTP site is also not necessary as it may not be accessible to him and could potentially violate company policies. Declining his offer by saying you're not interested is not a polite response.

Explanation

Giving your old college buddy your personal email account is the most appropriate option in this situation. Since the pictures are personal in nature and it is a friend from college, it is more suitable to use personal communication channels. Using your work email account may not be appropriate as it is meant for professional purposes. Having him upload the pictures to the company's FTP site is also not necessary as it may not be accessible to him and could potentially violate company policies. Declining his offer by saying you're not interested is not a polite response.

6. Key loggers are used for what purpose?

Log each time you open a door

Monitor and log the keys that are pressed on a keyboard

Monitor remote access to a PC

Log key events in the windows system log

Key loggers are used to monitor and record the keys that are pressed on a keyboard. This can be done for various purposes, such as monitoring employee activities, tracking computer usage, or capturing sensitive information like passwords and credit card details. By logging the keys pressed, key loggers can provide insight into a user's online activities and help identify any unauthorized or malicious actions.

Explanation

Key loggers are used to monitor and record the keys that are pressed on a keyboard. This can be done for various purposes, such as monitoring employee activities, tracking computer usage, or capturing sensitive information like passwords and credit card details. By logging the keys pressed, key loggers can provide insight into a user's online activities and help identify any unauthorized or malicious actions.

7. A visitor would like to connect to your WiFi guest network, what should be done?

Give him/her the WiFi code and grant them access

Confirm that the visitor's system is protected by Antivirus and then grant them access to the WiFi network

Apologize and explain that this access is ONLY for privileged visitors

All of the above

The correct answer is to confirm that the visitor's system is protected by Antivirus and then grant them access to the WiFi network. This is important because connecting to a WiFi network without antivirus protection can put the network and other connected devices at risk of malware and cyber attacks. By ensuring that the visitor's system is protected, the risk of potential security breaches is minimized.

Explanation

The correct answer is to confirm that the visitor's system is protected by Antivirus and then grant them access to the WiFi network. This is important because connecting to a WiFi network without antivirus protection can put the network and other connected devices at risk of malware and cyber attacks. By ensuring that the visitor's system is protected, the risk of potential security breaches is minimized.

8. If an e-mail is received from an unknown recipient with an attachment, what should you do?

Delete it immediately

Investigate by opening and launching the attachment

Inform your IT department of the suspicious message

Move it to the junk folder

If an email is received from an unknown recipient with an attachment, it is best to inform the IT department of the suspicious message. This is the most cautious and responsible approach as the IT department can assess the potential risks associated with the email and take appropriate action. Opening or launching the attachment without proper investigation can potentially expose the system to malware or other security threats. Deleting it immediately may not provide the necessary information for the IT department to analyze the situation, and moving it to the junk folder may not effectively address the potential threat.

Explanation

If an email is received from an unknown recipient with an attachment, it is best to inform the IT department of the suspicious message. This is the most cautious and responsible approach as the IT department can assess the potential risks associated with the email and take appropriate action. Opening or launching the attachment without proper investigation can potentially expose the system to malware or other security threats. Deleting it immediately may not provide the necessary information for the IT department to analyze the situation, and moving it to the junk folder may not effectively address the potential threat.

9. What impact does SPAM have on an organization?

None whatsoever

SPAM impacts network bandwidth and storage on mail servers

Very little

B & D

SPAM has a significant impact on an organization as it affects network bandwidth and storage on mail servers. This means that the organization's resources are being consumed by unwanted and unsolicited emails, leading to decreased efficiency and increased costs. Additionally, SPAM can also transmit malware, viruses, and trojans through hyperlinks or attachments, posing a serious threat to the organization's network security. Therefore, both options B and D are correct as they highlight the negative consequences of SPAM on an organization.

Explanation

SPAM has a significant impact on an organization as it affects network bandwidth and storage on mail servers. This means that the organization's resources are being consumed by unwanted and unsolicited emails, leading to decreased efficiency and increased costs. Additionally, SPAM can also transmit malware, viruses, and trojans through hyperlinks or attachments, posing a serious threat to the organization's network security. Therefore, both options B and D are correct as they highlight the negative consequences of SPAM on an organization.

10. What is the one proven method that can be taken at the firewall level to prevent an end-users PC from sending SPAM?

Upgrade the firewall firmware

Make sure the Exchange server does not permit an open relay

Block outbound port 25 traffic from all devices except the mail server

Block port 25 on each user's PC

not-available-via-ai

Explanation

not-available-via-ai