Security 101
Scams
Physical Security
Cyber Attacks
Cyber Facts
100
******** SECURITY 101 is REVERSED, you are given the question, please provide the answer ********* Why should we NOT be allowed to share passwords?
To protect ourselves from potential fraud.
100
Received from a Nigerian prince via email asking you to give him your bank account information so he can share the million dollars he has in an account that he must transfer somewhere to retrieve.
What is an email scam?
100
From passwords on sticky notes to sensitive documents left in a pile by the printer or on your desk, many office workers make the same basic security errors.
What is NOT adhering to our clean desk policy?
100
This is a computer program that spreads or self-replicates and requires user interaction to activate. Both are programs that self-replicate (can download automatically), but only this one requires you to do something, such as click on an email link, to actually activate it.
What is a virus?
100
If using a windows-based PC, you do this to QUICKLY lock your computer before stepping away.
What is press the Windows key and the letter L?
200
******** SECURITY 101 is REVERSED, you are given the question, please provide the answer ********* Who owns my office email account?
The oagbermuda.bm domain is registered to and owned by the Office of the Auditor General of Bermuda, therefore all correspondence sent and received by an employee is the property of the office.
200
Bad grammar, all words beginning with an upper-case letter, a link to click so that you can update your information, or a request for personal information are all examples of these.
What are things you should look for in an email that may indicate it is a scam?
200
Service technicians are allowed to roam freely throughout the office without being signed in and monitored. Staff members allow a visitor access to secure areas.
What are examples of a breach of the office's physical security access?
200
It is contained in a valid program and usually offers the promise of something you might be interested in, such as a screen saver or photograph, but is deisgned to give hackers access to your computer or files.
What is a Trojan Horse?
200
This image in the lower-right corner of your web browser indicates you are on a secure website.
What is the lock icon?
300
******** SECURITY 101 is REVERSED, you are given the question, please provide the answer ********* What is social engineering?
An approach to gain access to information through misrepresentation-the conscious manipulation of people to obtain information without having them realize that a security breach may be occurring. This may take the form of impersonation via telephone, in person, or email.
300
A claim that there is a "problem" with your account, a request to "verify your identity," a request from an IT department that you provide passwords or other information, or a request to fax information to a number are all examples of this.
What are things you might see in an email if it is a phishing scam?
300
It is after normal working hours and Sally, Jane and Tom are still signed in on SharePoint. Jane is about to sign out and notices that Sally and Tom are still signed in and she leaves without setting the alarm. However, Sally and Tom have left and did not sign out.
What is an example of a security violation?
300
Defined as programs that track where you go on the Internet and what you type into your keyboard.
What is spyware?
300
Eight to twelve characters, upper- and lower-case letters, numbers as well as alphanumeric characters, easy to remember but hard to guess, never shared with anyone, and never written down and left near your computer.
What is a strong password?
400
******** SECURITY 101 is REVERSED, you are given the question, please provide the answer ********* When you "delete" files from your computer, is the data permanently deleted?
NO. Deleted data remains on the computer in hidden folders until the hard drive is wiped, scrubbed or formatted.
400
When you receive an email with a link in it, you are advised to open a separate browser and type (or retrieve from favorites) the URL you already know for the website instead of clicking on the link in the mail.
What is one way to verify a scam email link?
400
******** This is REVERSED, you are given the question, please provide the answer ********* You are working late at night, you leave the office 10:00pm to go home. Your car is parked on the top level at Bulls Head car park. On your way you are attacked and robbed. What could you have done to mitigate this security risk?
* Leave the office before it gets dark * Move your car closer to the office * Have your cell phone accessible * Have someone meet you at the office * Wear comfortable shoes (no heels)
400
A piece of code that automatically reproduces itself over the network. It doesn't need user intervention to propagate (autonomous).
What is a worm?
400
Flash drive with classified data on it left in a public computer is an example of this.
What is a potential cyber security breach?
500
******** SECURITY 101 is REVERSED, you are given the question, please provide the answer ********* Why should the use of personal cell phones NOT be allowed in the office?
To prevent a potential data breach.
500
When you purchase software, you are actually purchasing a license to use it, not the actual software. When you are casually making a few copies for friends, loaning CDs, or buying a single software program and then installing it on multiple computers, you are committing this.
What is software piracy?
500
******** This is REVERSED, you are given the question, please provide the answer ********* !!!!!!!!!!!!!!!!!!!DOUBLE JEOPARDY!!!!!!!!!!!!!!!!!!!!!!!!! You are working on a Case Ware file at your desk and your manager comes to you and asks you to delete the entire 100 section of your file. Two months have passed and the principal notices the files are missing and required to complete the audit. Through further investigation the files are located in the recycle bin with your credentials attached. You recall deleting the files based on your manager's instructions but your manager denies instructing you to do so. You are reprimanded based on the evidence. What could have been done to prevent this scenario?
Never allow someone else to make changes to /and or delete files using my credentials (your manager should have logged on as him/herself and deleted the files or should have given you the instructions in writing).
500
Erratic computer behavior, lack of response to keyboard or mouse commands, crashing or restarting on its own, or running slower than usual are potential symptoms of this.
What is a malware infection?
500
Watching (either in person or using a recording device) what you do on your computer by looking at a reflection of, or the actual screen of your computer or mobile device.
What is shoulder surfing?
M
e
n
u