Online Safety
You post a picture of you and your best friend to your favorite social media platform. She doesn’t feel comfortable with the image, so you agree to take it down. Will this ensure that no one else sees the picture?
Answer: No. Once an image (or any information) is posted on the internet, it is virtually impossible to remove it from circulation. Taking it off of your social media page will help, but there is no guarantee that others have not already seen it and/or downloaded it to their own machines.
According to JJ Taylor's password policy the User account shall be locked due to inactivity of:
[A] 30 Days
[B] 45 Days
[C] 90 Days
[D] 180 Days
What is: [C] 90 Days
You receive an email from an online shopping site claiming that you were incorrectly charged for your last purchase and are due a refund. The email asks you to click a link where you will submit the necessary information. What should you do?
Answer: Do NOT click the link! Check the sender’s address and search the document for spelling/grammar mistakes. If you notice anything suspicious, the email is likely a scam. Even if it seems legitimate, navigate to the site yourself rather than clicking any links.
On an average, how long does it takes for an unprotected computer to be compromised once it is connected to the Internet:
[A] 20 minutes
[B] 1 week
[C] 10 hours
[D] 12 months
What is: [A] 20 minutes?
You receive an email from an online shopping site claiming that you were incorrectly charged for your last purchase and are due a refund. The email asks you to click a link where you will submit the necessary information. What should you do?
Answer: Do NOT click the link! Check the sender’s address and search the document for spelling/grammar mistakes. If you notice anything suspicious, the email is likely a scam. Even if it seems legitimate, navigate to the site yourself rather than clicking any links.
True or false: Automatically updating your machine poses a significant security concern, as it could install unwanted programs/features that disrupt your network or harm your computer.
Answer: False. Although updates can occasionally cause problems, they also contain vital patches to help protect your machine against attackers. Keep your machine up-to-date and install new patches as soon as possible. Don’t click, “Remind me later,” twelve times.
According to JJ Taylor's password policy all passwords must be changed
[A] Monthly basis
[B] Every other month basis
[C] Quarterly basis
[D] Semi-annual Basis
What is: [C] Quarterly basis
Which United States federal agency has been tasked with improving national cybersecurity and protecting the nation’s critical infrastructure?
Answer: The Department of Homeland Security. Specifically, the Cybersecurity and Infrastructure Security Agency (CISA), which is responsible for protecting the Nation’s critical infrastructure from physical and cyber threats.
The first Computer Virus was called:
Creeper Virus :
As noted by Discovery, the Creeper program, often regarded as the first virus, was created in 1971 by Bob Thomas of BBN
True or false: Although they operate similarly to computers, most mobile devices (cell phones, tablets, etc.) are not full computers and do not require software, such as anti-virus, to be secure.
Answer: False. Almost all consumer devices, especially cell phones and tablets, are simply miniature computers. They contain important data (contacts, financial information, calendars) and require protection like any other device.
Which of the following are strong password practices? (Choose all that apply.)
1.Passwords should contain a mixture of upper and lower case letters, numbers, and special characters.
2.Passwords should have personal meaning to you (e.g. a relative’s birthday) so that you can remember them more easily.
3.You should immediately change your password in the case of a known data breach.
4.You should store your passwords on paper or in a text document, giving you a backup in the event that you forget them.
Answer: 1 & 3. While it is helpful for passwords to have some level of personal relevance, anything concrete or publicly-available (high schools, birthdates, pets’ names, etc.) can be easily researched and guessed by an attacker. Storing your passwords physically or in a text-document is also ill-advised, as someone could gain access to the copy.
This core principle of information security ensures systems, networks and devices needed to protect data are up and running.
Availability
You have a long commute. Thankfully, your train just installed public Wi-Fi. Now you can listen to your favorite music or podcast. However, when you check for social media updates around lunch, you find that your account has been hacked. What steps could you take to prevent your mobile device or laptop data from being compromised in the future?
Answer(s):
•Turn off Wi-Fi and Bluetooth when not using them. These technologies leave you open to remote attacks.
•Make sure the network is legitimate. Hackers love to create fake networks that mimic real ones, enticing unsuspecting users to log on.
•Don’t connect. Though perhaps drastic, one near-certain way to circumvent the dangers of public Wi-Fi is simply to avoid using it whenever possible.
Which of the following devices could potentially be exploited by an attacker?
•Desktop computer
•Laptop computer
•Cell phone
•Television
•Refrigerator
•Digital assistant
Toaster
Answer: All of them. Yes, even the toaster – possibly.
On social networks like Facebook and Twitter – you can control your posts and who can see these posts by:
[A] Assuming it is safe from prying eyes
[B] Assuming nothing and doing nothing
[C] Assuming nothing and carefully check the privacy settings
[D] Assuming anti-virus software will make it safe and secure
What is: [C] Assuming nothing and carefully check the privacy settings?
In May 2017, this worldwide cyber attack used ransomware to exploit approximately 400,000 unpatched machines, resulting in damages totaling to over $4,000,000,000 (4 billion USD).
Answer: WannaCry. This ransomware attack propagated through an exploit called EternalBlue. Infected machines had their data involuntarily encrypted, with a demand of Bitcoin payment.
Passwords often have complex requirements, and most online citizens will need to remember numerous different passwords to access their internet services. What is a way to help you keep track of all these different passwords?
Answer(s):
•Use a password manager. These are apps, devices, or cloud services that store your passwords in an encrypted vault that can only be unlocked with a single master password.
•Use a “password pattern.” This is simply a pattern (recognizable only to you) that you can use to help remember your passwords.
What is the method of access control by which users must present multiple, separate pieces of identification, such as a password and keycard, in order to access a system?
Answer: Multi-Factor Authentication (MFA). MFA greatly increases the security of access control. Even if a password is learned or an ID is stolen, it will not be enough to compromise a system. Many online services allow MFA options, such as requiring a one-time login code as well as a password.
Viruses, worms, bots, phishing and the like in context of computers are examples of:
[A] Firmware
[B] Hardware
[C] Malware
[D] Spamware
What is: [C] Malware?
This is the process of evaluating vulnerabilities and threats, identifying countermeasures, and applying mitigating actions to reduce risk to an acceptable level, based on the value of the information..
Risk Management