Online Safety
You post a picture of you and your best friend to your favorite social media platform. She doesn’t feel comfortable with the image, so you agree to take it down. Will this ensure that no one else sees the picture?
Answer: No. Once an image (or any information) is posted on the internet, it is virtually impossible to remove it from circulation. Taking it off of your social media page will help, but there is no guarantee that others have not already seen it and/or downloaded it to their own machines.
According to JJ Taylor's password policy the User account shall be locked due to inactivity of:
[A] 30 Days
[B] 45 Days
[C] 90 Days
[D] 180 Days
What is: [C] 90 Days
You receive an email from an online shopping site claiming that you were incorrectly charged for your last purchase and are due a refund. The email asks you to click a link where you will submit the necessary information. What should you do?
Answer: Do NOT click the link! Check the sender’s address and search the document for spelling/grammar mistakes. If you notice anything suspicious, the email is likely a scam. Even if it seems legitimate, navigate to the site yourself rather than clicking any links.
On an average, how long does it takes for an unprotected computer to be compromised once it is connected to the Internet:
[A] 20 minutes
[B] 1 week
[C] 10 hours
[D] 12 months
What is: [A] 20 minutes?
You receive an email from an online shopping site claiming that you were incorrectly charged for your last purchase and are due a refund. The email asks you to click a link where you will submit the necessary information. What should you do?
Answer: Do NOT click the link! Check the sender’s address and search the document for spelling/grammar mistakes. If you notice anything suspicious, the email is likely a scam. Even if it seems legitimate, navigate to the site yourself rather than clicking any links.
True or false: Automatically updating your machine poses a significant security concern, as it could install unwanted programs/features that disrupt your network or harm your computer.
Answer: False. Although updates can occasionally cause problems, they also contain vital patches to help protect your machine against attackers. Keep your machine up-to-date and install new patches as soon as possible. Don’t click, “Remind me later,” twelve times.
What are some key signs that an email might be a phishing attempt?
a.Unusual sender email address.
b.Urgent or threatening language.
c.Suspicious links or attachments.
d.Poor grammar or spelling mistakes.
e.Requests for sensitive information.
f.All of the above
Which agency has been tasked with improving national cybersecurity and protecting the nation’s critical infrastructure?
Answer: The Jamaica Cyber Incident Response Team (JCIRT) is a government agency tasked with enhancing the country's cybersecurity posture. It provides support and guidance to organizations in Jamaica regarding cyber threats and incidents.
What is the most common type of cyberattack that targets employees?
Phishing is the most common type of cyberattack targeting employees, where attackers send fraudulent emails to trick recipients into revealing sensitive information or clicking on malicious links.
True or false: Although they operate similarly to computers, most mobile devices (cell phones, tablets, etc.) are not full computers and do not require software, such as anti-virus, to be secure.
Answer: False. Almost all consumer devices, especially cell phones and tablets, are simply miniature computers. They contain important data (contacts, financial information, calendars) and require protection like any other device.
Which of the following are strong password practices? (Choose all that apply.)
1.Passwords should contain a mixture of upper and lower case letters, numbers, and special characters.
2.Passwords should have personal meaning to you (e.g. a relative’s birthday) so that you can remember them more easily.
3.You should immediately change your password in the case of a known data breach.
4.You should store your passwords on paper or in a text document, giving you a backup in the event that you forget them.
Answer: 1 & 3. While it is helpful for passwords to have some level of personal relevance, anything concrete or publicly-available (high schools, birthdates, pets’ names, etc.) can be easily researched and guessed by an attacker. Storing your passwords physically or in a text-document is also ill-advised, as someone could gain access to the copy.
What is multi-factor authentication (MFA), and why is it important?
Answer: Multi-factor authentication (MFA) adds an extra layer of security by requiring a second form of verification (e.g., a text message code or authentication app) in addition to your password. It makes it harder for attackers to access your account even if they have your password
You have a long commute. Thankfully, your JUTC bus just installed public Wi-Fi. Now you can listen to your favorite music or podcast. However, when you check for social media updates around lunch, you find that your account has been hacked. What steps could you take to prevent your mobile device or laptop data from being compromised in the future?
Answer(s):
•Turn off Wi-Fi and Bluetooth when not using them. These technologies leave you open to remote attacks.
•Make sure the network is legitimate. Hackers love to create fake networks that mimic real ones, enticing unsuspecting users to log on.
•Don’t connect. Though perhaps drastic, one near-certain way to circumvent the dangers of public Wi-Fi is simply to avoid using it whenever possible and if you do, always use a VPN
Which of the following devices could potentially be exploited by an attacker?
•Desktop computer
•Laptop computer
•Cell phone
•Television
•Refrigerator
•Digital assistant
Toaster
Answer: All of them. Yes, even the toaster – possibly.
On social networks like Facebook and Twitter – you can control your posts and who can see these posts by:
[A] Assuming it is safe from prying eyes
[B] Assuming nothing and doing nothing
[C] Assuming nothing and carefully check the privacy settings
[D] Assuming anti-virus software will make it safe and secure
What is: [C] Assuming nothing and carefully check the privacy settings?
Why is it important to report cyber incidents immediately, even if you are not sure what happened?
Answer: Reporting incidents immediately allows the IT team to investigate and mitigate potential threats before they escalate, minimizing the risk of widespread damage or data breaches.
Passwords often have complex requirements, and most online citizens will need to remember numerous different passwords to access their internet services. What is a way to help you keep track of all these different passwords?
Answer(s):
•Use a password manager. These are apps, devices, or cloud services that store your passwords in an encrypted vault that can only be unlocked with a single master password.
•Use a “password pattern.” This is simply a pattern (recognizable only to you) that you can use to help remember your passwords.
What is the method of access control by which users must present multiple, separate pieces of identification, such as a password and keycard, in order to access a system?
Answer: Multi-Factor Authentication (MFA). MFA greatly increases the security of access control. Even if a password is learned or an ID is stolen, it will not be enough to compromise a system. Many online services allow MFA options, such as requiring a one-time login code as well as a password.
What should you do if you receive a suspicious email?
Do not click on any links or download attachments. Verify the sender by contacting them through official communication channels, and report the email to the IT department.
This is the process of evaluating vulnerabilities and threats, identifying countermeasures, and applying mitigating actions to reduce risk to an acceptable level, based on the value of the information..
Risk Management