UC Cyber Security Fundamentals Answers
You've received a text from your bank asking you to call the number provided to verify recent changes made to your account. Which of the following actions will help keep you and your organization secured?
Call the bank using the number you found on their verified website or the back of your bank card.
You get a message through social media from a colleague. The message says, "My account was hacked, so I had to create a new one. Please accept my connection request!" Which of the following actions will help keep you and your organization secured?
Call their verified phone number and ask if the request is legitimate.
Most of the attacks against your organization's network are successful because ...
People, just like you, are tricked into performing an action that lets the hacker in.
Listen to each phone message. After reviewing them all, select the one you think contains the most vishing red flags based on what you have learned. (1/3) Message 1: Hi, this is Tim from A1A Heating and Cooling. I'm reaching out to you today to check on your air conditioner's health. Summer is coming, and I'd like to schedule 30 minutes where I could do a complimentary evaluation of your unit and go over the results with you.
Sorry. That's not the right answer. Keep in mind, look for red flags such as an urgent request or a message that is asking you to take an action, like going to a web site. Try again!
Listen to each phone message. After reviewing them all, select the one you think contains the most vishing red flags based on what you have learned. (2/3) Message 2: Good morning! My name is Tina. I work at the local urgent care center. I saw your head of HR at a local networking event, and she said you could post a flyer with some tips on how to stay safe from airborne diseases on the employee bulletin board. Can you call me back at 555-0150 to discuss this further? Thanks!
Sorry. That's not the right answer. Keep in mind, look for red flags such as an urgent request or a message that is asking you to take an action, like going to a web site. Try again!
Review each of the following social media connection requests. Select which of these is likely to be an attempt at social engineering. (1/3) Request 1: Hey Gina, Although I haven't worked directly with you, we share a number of connections. As a result, I've seen some of your posts and have to admit to incorporating some of your suggestions into my work routine. I hope you wouldn't mind accepting my connection request so that I can be notified when you post something new. Thanks so much! Julie
Sorry. That's not the right answer. Look to see if any of the other examples had a greater number of red flags. Try again!
Review each of the following social media connection requests. Select which of these is likely to be an attempt at social engineering. (3/3) Request 3: Hi! I use LinkedIn to share content about the work I do with clients, helping to build and expand their professional skills so they can move ahead and advance in their careers. I'm looking to grow my network so more people can share their experiences and motivate others to become rock stars at work. Andrew
Sorry. That's not the right answer. Look to see if any of the other examples had a greater number of red flags. Try again!
Review three digital communications you might receive by clicking on each of the numbers below. Select which of these is likely to be an attempt at social engineering. (1/3) Option 1: By Rose The girls and I are putting together a group where we can share our ideas about gardening during a pandemic. We would love for you to be a part of our group. Sincerely, Rose 2 hours ago
Sorry. That's not the right answer. Try again!
Review three digital communications you might receive by clicking on each of the numbers below. Select which of these is likely to be an attempt at social engineering. (3/3) Option 3: Thanks for providing your contact information at the recent convention. We hope you enjoyed yourself as much as we enjoyed having you. Please accept our friend request to stay in the loop on our upcoming events! Spencer Membership Committee Chair 1 hour ago
Sorry. That's not the right answer. Try again!
Review three digital communications you might receive by clicking on each of the options below. Select the one that represents a possible phishing attack. (1/3) Option 1: From Claudia Ortiz - CEO Subject - Board Meeting Wednesday, January 3, 2024 at 4:30:07 PM Dear James, During my upcoming conference call with the board, I will need to showcase the progress we are making towards our annual financial goals. Will you put together some visual aids I can use? Cheers, Claudia *********** Claudia Ortiz CEO
Sorry. That's not the right answer. Try again!
Review three digital communications you might receive by clicking on each of the options below. Select the one that represents a possible phishing attack. (3/3) Option 3: From Unknown Today James, Invest in yourself! Earn a degree at home in under 6 months. Visit us for more details. Received at: 3:00 PM
Sorry. That's not the right answer. Try again!
What should you do to prevent becoming a victim of a phishing attack?
Stop, look, and think before clicking a link or opening an attachment.
Halfway through your day, you receive an unexpected message asking you to re-enter your username and password. This is strange because you're already logged in. What is the best course of action?
Stop, look, and think before providing the requested information.
Most phishing attacks try to get you to ...
Take a dangerous action, like clicking on a link or downloading an infected attachment.
Review each of the following social media connection requests. Select which of these is likely to be an attempt at social engineering. (2/3) Request 2: Dear Gina, I read your profile on linked-in, and you caught my eye, and if you don't mind i would love to communicate, and sharing more about me with you, I am interested in communicating more this is me being honest and i hope no offense is taken, I understand the medium is a business networking medium and not a dating or social networking website and I don't intend to use it for one. I will wait for your response soon hopefully, I will send you pictures on my next email. Talk soon, Riley
That's right! This is likely an example of a fake profile.
If an email arrives from someone you trust containing an unexpected attachment, it is ...
Unsafe to open until you confirm it is legitimate.
Listen to each phone message. After reviewing them all, select the one you think contains the most vishing red flags based on what you have learned. (3/3) Message 3: This is Tyler from Microsoft calling to inform you that your email password has been hacked. We need you to login to msftemail.com and change your password as soon as possible so that criminals aren't able to access your account.
Yes, that's right! Message 3 contained the most vishing red flags.
Review three digital communications you might receive by clicking on each of the options below. Select the one that represents a possible phishing attack. (2/3) Option 2: From Your Hometown Bank Wednesday, January 3, 2024 at 4:30:27 PM Dear James, Due to suspicious recent activity, YOUR ACCOUNT HAS BEEN DISABLED TEMPORARILY. When you are in a secure location, please download the attachment and review the included transactions. Then reply back to this message, letting us know if this activity was yours. Thank you for your prompt attention to this matter,Your Hometown Banking Team *Scanned and Cleaned by AntiVirus* Attachment: transctions.pdf
Yes, that's right! This is an example of phishing—the most common type of cyberattack in the threat landscape.
Review three digital communications you might receive by clicking on each of the numbers below. Select which of these is likely to be an attempt at social engineering. (2/3) Option 2: I saw your profile online and am impressed with your skills and volunteer work (and your profile pic). I am hoping you help me. I am nurse in Nigeria with UNICEF and need a strong, successful person like yourself to mentor me through a situation. Please Instance Message me so I can get your advise. Helen Christiana Terry 3 hours ago
Yes, that's right! This is likely an example of a fake profile.
You receive an email from an online music service you subscribe to. The message indicates there was a problem while processing a recent payment. It also says your account will be deactivated if you don't update your payment information within 60 minutes of reading this message. The bottom of the message includes a reassuring notification that the included link has been scanned and is clean of any viruses. Which of the following is the biggest red flag in this scenario?
You'll have to act with 60 minutes of reading the message.
You receive a call from "Credit Services." The person on the line compliments you on your great credit history and also informs you that you have qualified for a card with better features and a lower rate. They'll only need a few minutes of your time to go over some personal information before they can get the card out to you. Which of the following is the biggest red flag in this scenario?
You'll have to provide personal information.
Your manager is attending a meeting that is out of town. You receive a text message from her late at night indicating she lost her purse and asking you to urgently send her some funds until she can get to the bank in the morning. Which of the following is the biggest red flag in this scenario?
Your manager urgently needs you to send her money.
Which of the following scenarios might be a social engineering attack?
All of the above. Scenarios: 1. An email from your organization asking you to submit your password to a website that checks password strength. 2. A social media connection request from one of your "coworkers." 3. A text message from your bank, asking you to verify some suspicious charges. 4. A food delivery person asking you to hold the door to the office because their hands are full.
True or false? Cybercriminals only use malicious software against computers and not mobile devices to try to gain access to an organization's resources.
False.
You receive an email containing an attachment that you were not expecting. Which of the following actions will help keep you and your organization secured?
Follow your organization's security policy for reporting suyspicious attachments.
How common is cybercrime? Cybercrime is big business and a growing global concern. Review each of the cybercrime scenarios below. Then, using the dropdown menus, guess if each scenario actually happened and, if so, if it made the news. (1/3) Scenario 1: A global social media platform's employees were tricked into thinking a hacker was a coworker and gave him access to all accounts. The criminals used the theme of partnering with a made-up COVID-19 non-profit to scam people out of $117,000 in about three hours.
Happened and made the news.
How common is cybercrime? Cybercrime is big business and a growing global concern. Review each of the cybercrime scenarios below. Then, using the dropdown menus, guess if each scenario actually happened and, if so, if it made the news. (2/3) Scenario 2: A manager at a major university in Australia accidentally entered his username and password into a link sent to him via email by criminals. This allowed the criminals to capture the login information and gave the hackers access to all the systems this manager could access. The criminals stole names, addresses, phone numbers, dates of birth, emergency contact details, tax ID numbers, payroll information, bank account details, and student academic records.
Happened and made the news.
How common is cybercrime? Cybercrime is big business and a growing global concern. Review each of the cybercrime scenarios below. Then, using the dropdown menus, guess if each scenario actually happened and, if so, if it made the news. (3/3) Scenario 3: Employees of the largest internet service provider in Argentina were tricked into installing a program that locked their computers, spread to other computers on the network, and denied access to files until a ransom of $7.5 Million was paid.
Happened and made the news.
Select all the correct options. Social engineering attacks happen ...
Online. In-person. Through text message. Over the phone.
