Security Best Practices Quiz
You are using Google Chrome, and you want to ensure that when you type in your first name to a web page, all of your other information fills in the fields for you. What should you do?
Enable autofill. Autofill is the name of the service that remembers your personal information. When you begin to type your information into an online form, autofill will populate more of it (whatever it has stored) for you.
The managers at your company have decided to implement stricter security policies on the company's local network. Which of the following should they do? (Choose two.) A. Enforce password policies. B. Develop written policies and procedures. C. Disable host firewalls. D. Enable HTTPS on the corporate web server.
Enforce password policies. Written policies and procedures should be established for enabling stricter security policies. Develop written policies and procedures. Password policies that enforce length, complexity, expiration, and limited reuse are good to implement.
You are in a library that has free computers to use for Internet browsing. Which of the following should you possibly be concerned about? A. Shoulder surfing B. Keyloggers C. Unsecured wireless network D. A and B E. A, B, and C
A, B, and C Shoulder surfing, keyloggers, and unsecured wireless networks are all potential security risks associated with public workstations.
Which of the following are considered characteristics of a strong password? (Choose two.) A. Long B. Uses patterns C. Uses symbols, numbers, and letters D. Contains PII
A. Long Strong passwords are long, are complex, and use a variety of symbols, numbers, and letters. Passwords should not contain any personally identifiable information (PII), and patterns in passwords make them easier to guess. C. Uses symbols, numbers, and letters Strong passwords are long, are complex, and use a variety of symbols, numbers, and letters. Passwords should not contain any personally identifiable information (PII), and patterns in passwords make them easier to guess.
Which of the following statements is true regarding web browser plugins, toolbars, and extensions? A. They should be updated to the newest versions. B. They are dangerous and should be deleted C. They will be detected and removed by antivirus software. D. They only function in Microsoft Edge or Internet Explorer.
A. They should be updated to the newest versions. Web browser plugins, toolbars, and extensions can add functionality to your web browser. To make sure you maintain the best security possible, ensure that they are updated to their most current versions.
You just read an article about an Internet worm recently causing problems. What type of software should you install to protect yourself from this worm?
Antivirus Antivirus software programs protect against worms and Trojan horses. Software firewalls can prevent malicious network traffic but do not recognize viruses or worms
Your co-worker Rachel has recently discovered that when she starts typing her name into a field in a web browser, her whole name appears as well as her address in the appropriate boxes. What is this due to?
Autofill Rachel is experiencing autofill, which is a feature in a browser that automatically populates your information in the right fields when you start entering any of the information. It can be convenient, but it can also be a potential security risk.
You have just landed at an airport and have an unexpected six-hour layover. You want to use your smartphone to get some work done. What should you disable as a precautionary device-hardening measure to help prevent potential attacks? (Choose two.) A. Autofill B. Bluetooth C. NFC D. FFC
Bluetooth You should disable Bluetooth and near field communication (NFC) to help prevent attacks. Autofill is a browser setting. There is no FFC in this context. NFC You should disable Bluetooth and near field communication (NFC) to help prevent attacks. Autofill is a browser setting. There is no FFC in this context.
Which of the following types of data should be considered confidential and handled appropriately? (Choose two.) A. Financial information B. Social networking site C. Customer information D. Contact information
Financial information Financial information and customer lists are confidential and should be protected. Some contact information may also be confidential, but in many cases external people need to know how to reach people in a company. Customer information Financial information and customer lists are confidential and should be protected. Some contact information may also be confidential, but in many cases external people need to know how to reach people in a company.
Your manager just got a new workstation. He wants to know which user accounts he should disable to increase security. What should you tell him to disable?
Guest Disabling the Guest account is a good security measure to reduce the number of entry points a potential attacker could use. You cannot disable the Administrator account, although renaming it is a good idea.
Claire, a co-worker, is browsing the Internet and wants to know whether it's safe to enter her credit card information into a website. What do you tell her to look for?
HTTPS:// Secure websites start with HTTPS://. Also tell her to look for the lock symbol nearby.
You recently received a new workstation and need to secure it properly before browsing the Internet. Which actions should you take? (Choose two.) A. Enable autofill. B. Enable acceptable cookies. C. Upgrade your browser to the newest version D. Install an antivirus package
C. Upgrade your browser to the newest version Two things that you can do are to upgrade your browser to the newest version (as well as any plugins, toolbars, and extensions) and ensure that you have a good antivirus package. Enabling autofill and accepting all cookies can increase your security risk. D. Install an antivirus package Two things that you can do are to upgrade your browser to the newest version (as well as any plugins, toolbars, and extensions) and ensure that you have a good antivirus package. Enabling autofill and accepting all cookies can increase your security risk.
You receive an email in your inbox from your friend Sara. The title of the email is "This is so cool!" and inside the email is an attachment with an .exe extension. What should you do?
Call Sara to see if she sent you the email. It's possible that your friend sent you a very cool executable file. It's also possible that her email has been hijacked and you've just been sent a virus or other malware. Don't click it until you talk to her first and verify that it's legitimate.
You have been asked to give training on network security. For your section on password management, which options should you recommend to users? (Choose two.) A. Do not use complex passwords because they are easy to forget. B. Change default passwords on systems. C. Use the same password on multiple systems so that they are easy to remember. D. Do not reuse the same password after you are required to change it
Change default passwords on systems. B. Changing default passwords is a good idea, as is not reusing a password on multiple systems or after it has been changed. D. Do not reuse the same password after you are required to change it You should use complex passwords that are still easy for you to remember.
Which of the following actions is not considered a web browsing best practice? A. Limiting the use of PII B. Disabling autofill C. Closing untrusted source warnings D. Updating plugins and toolbars
Closing untrusted source warnings You should recognize untrusted source warnings and act on them appropriately. Good practices include limiting the use of personally identifiable information; disabling autofill; and updating plugins, toolbars, and extensions.
Because of a recent string of thefts in your office, you need to harden your local system. What two actions are most appropriate for your situation? (Choose two.) A. Install a hardware lock. B. Disable unused services. C. Install anti-malware. D. Enable encryption.
Install a hardware lock. All four answers are device-hardening options. If you are worried about local theft, installing a hardware lock is a must. In addition, if your device does get stolen, encryption will prevent thieves from accessing your files unless they know your username and password. Enable encryption. All four answers are device-hardening options. If you are worried about local theft, installing a hardware lock is a must. In addition, if your device does get stolen, encryption will prevent thieves from accessing your files unless they know your username and password.
What option can you configure on your workstation to increase security when you leave your desk?
Screensaver password A screensaver password will require someone to enter your password to gain access to the computer.
Which type of software will help protect your computer from malicious network traffic?
Software firewall A software firewall protects your computer against malicious network traffic. Antispyware and antivirus software packages are good, but they protect against malicious programs
You enabled file encryption on your local computer. While you were on vacation, one of your co-workers managed to get onto your computer and share your important files with other users. How did they do this?
They logged on with your username and password. The only plausible answer is that someone else had your username and password and logged onto the computer as you.
You have remotely logged into your corporate network. Which of the following is used to ensure encryption of data in transit between your laptop and corporate servers?
VPN A virtual private network (VPN) is a secured, encrypted connection between two computers. When logging into a corporate network, VPNs are often used to secure communications.
