Biology - Chapter 22: Evolution
You click on the browser bookmark for the webmail site that lets you access your work email account. After two failed login attempts, you verify your password in your password manager and make another attempt. Again, the website returns an error that your login information is incorrect. Of the three options below, which one is the most likely explanation?
A cyber attacker has gained access to your account and changed your password.
Which of the following is an example of two-step verification?
A verification code sent to your email
When downloading a new app, which criterion should you look for to keep your mobile device secure?
An app that is actively updated and maintained by the developer.
Which of the following is needed for a computer system or device to be vulnerable to malware?
An operating system
Which of the following is the most likely indicator of a phishing attack?
An urgent email claiming to be from a coworker, but was sent from a personal email address, such as one from @gmail.com.
Why do cyber attackers commonly use social engineering attacks?
Attackers can gain what they want while bypassing most technical security controls.
Felicia in Human Resources receives an urgent email from her boss stating that the database containing all employees' tax information is inaccessible. She is asked to reply with all employees' tax information to avoid paying substantial late fees. What should she do?
Call her boss to confirm whether her boss sent the email requesting employee tax information.
You receive an urgent email from your colleague warning you of a critical software update for an application you both use that needs to be installed immediately. They have included a link for the update. What should you do?
Call your colleague on the phone to confirm that they sent you this message.
Cybercriminals are planning a targeted attack on an organization's groundbreaking research data. Colin is an entry-level accounting employee at the organization. What is the most likely risk posed by Colin in this scenario?
Colin is used as a stepping stone to gain initial access to the network.
Why is it important to use a strong, unique passphrase for each of your social networking accounts?
If a cyber attacker compromises the password to one of your accounts, your other accounts will still be secure.
How does two-step verification help protect your social networking accounts?
It requires an extra layer of protection in order to gain access to the account.
Why is it important to disable Wi-Fi and Bluetooth when you are not using them?
Mobile devices can automatically connect to dangerous wireless networks.
What is the most effective way to detect and stop social engineering attacks?
Organization-wide training for recognizing common attacks.
Phishing is what type of attack?
Social engineering
How do targeted attacks differ from common opportunistic attacks?
Targeted attackers research their victims in order to launch customized attacks.
Who or what should be held responsible when sensitive data is mishandled?
The individual making use of the data.
Which of the following is the best way to confirm that your connection to a website is encrypted?
There is a padlock icon in the status bar.
Why is it important to secure your mobile device with a screen lock?
To protect the information on your mobile device if it is lost or stolen.
Which of the following is the best way to create a strong password?
Use a long and unique passphrase.
You receive an email that appears to come from the help desk asking for your password so a critical update can be installed on your computer. What should you do?
You suspect the email may be a phishing attack, so you report it immediately.
What should you do if you are worried about using a potentially outdated Internet browser?
Contact the help desk or your security team if you have questions about the use or status of your system's software.
Social engineering attacks rely on which of the following?
Convincing people to perform a harmful action.
What does HTTPS mean?
Data transmitted between the browser and web server is encrypted.
What is the best way to keep our organization secure when using social networking tools?
Do not post or share confidential information that could be used against our organization.
What should you do if you suspect you are experiencing a social engineering attack?
End contact with the person and report the suspected attack.
Which of the following describes the best practice for managing third-party access to our organization's sensitive data?
Ensuring our security requirements are documented in the contract, correctly followed and periodically reviewed.
What is the most important reason you should not attempt to fix a hacked computer, device, or work account by yourself?
Evidence needed to investigate and address the system compromise might be corrupted.
After visiting several websites, your computer exhibits behavior you recognize from your security awareness training as a sign of a hacked system. What should you do next?
Follow your organization's procedure for reporting the system behavior.
Which type of malware prevents you from accessing files stored on your computer?
Ransomware
Joe notices his camera is on. he did not turn it on or was asked permission. What should he do?
Report the possible malware attack.
What should you do with sensitive data that the organization no longer needs to retain for business use or legal reasons?
Securely dispose of the physical or digital data.
Which of the following is the best example of a strong and memorable password?
the-sound-of-rain-on-the-windowsill