Information Security Awareness Quiz
- Phishing
- Question 1
- Question 2
- Question 3
- Question 4
- Secure Passwords
- Question 5
- Question 6
- Various Topics
- Question 7
- Question 8
- Question 9
- Question 10
Phishing Information
Phishing is the act of masquerading as a trustworthy entity in electronic communications and attempting to acquire sensitive information. Attackers commonly pretend to be from organizations such as a bank, online payment processors, social media sites, or even an IT department.
Phishing attempts are a means to accomplish various goals of an attacker, the results of which can include identity theft, convincing victims to download malicious software, or even to perpetuate the attack to the victim's contacts. There are many effective ways to identify a phishing attack before falling victim to it:
- Does the sender's domain match the entity from which they claim to be?
- Do links use encryption? (https://)
- Does the sender request personal information? It is likely that a legitimate organization already has this info
- Does the email seem unprofessional?
- Spelling/grammar mistakes
- Plain text
- No company logo
- message body is an image
Question 1
Question 2
Question 3
Question 4
Business executives and industry leaders are often targeted by which type of electronic attack.
Secure Passwords
Making a secure password is a very important part of ensuring data safety. Some main points to be considered in password security are:
- Length
- Randomness
- Avoiding dictionary terms
- Avoiding proper nouns
- Character variety
- Passphrases
Question 5
Which one of these passwords is NOT one of the top 25 most used passwords? (according to CBS News)
Question 6
Which of these is the strongest password?
Email Attachments
Malicious email attachments are a popular way to distribute malware. When you get an email with an attachment, there are multiple points which you must first consider:
- Did this email come from a trusted source?
- Were you expecting to receive a file from the sender?
- What does the file extension correspond to?
- A ".exe" or ".pkg" could possibly install malicious software on your device.
- A ".apk" file can install malicious software on an Android device if it is set to allow software from outside the app store.
- A ".htm" file can contain malicious JavaScript that can redirect your browser to a malware-hosting site.
Question 7
Which one of these tags is a valid, non cross site scripting tag?
Question 8
Which of these could be a malicious email attachment?
Question 9
Which of these permissions does Facebook Messenger for Android NOT request?
Question 10
And finally, do you know about the Heartbleed openSSL bug?
