CtrlAiHub

1.Which of the following statements best describes the modern-day hacker ?

1.Bored and lonely anti-social teenagers who hack as a challenge and sometimes for profit.
2.Highly-organised crime gangs run like businesses who deploy highly automated and sometimes highly targeted attacks against individuals and businesses for profit.
3.Computer savvy people who hack individuals and businesses as a form of competition.
4.All of the above.

2.You’ve inadvertently opened a web link contained in a suspicious email and now your computer is behaving strangely. What should course of action should you follow next ?

1.The purpose of a firewall and security software is to block malicious code getting into your computer in the first place so no action is needed.
2.You need to update and run your anti-virus software.
3.Keep an eye on the performance of your computer.
4.You need to contact your IT help desk or Information Security team.

3.Who are the targets of modern day hackers ?

1.Any organisation or individual is liable to be the victim of hackers.
2.Banks and finance companies who process a lot of payments.
3.Companies which hold a lot of proprietary information.
4.Companies which hold credit card numbers of customers.

4.What is the best way to validate a legitimate email vs. a phishing email ?

1.Bad spelling, poor syntax and grammar are one of the tell-tale signs of a fake email.
2.Look at the email headers to see where it really came from.
3.Look for poorly replicated logos.
4.Contact the sender on some other medium besides email to verify whether they sent you the email.

5.Unexpectedly, you get an email from a colleague who requests you to urgently click on an email link which they’ve sent you. What is the safest option ?

1.The link is from a known person therefore it’s safe to open.
2.If the link was malicious the organisation’s firewall would have flagged or blocked it, therefore it’s safe to open.
3.Reply to the sender to double-check if the link is safe to open as they might have sent it accidentally.
4.Do not click the link.Phone the sender for verification.

6.You see a person in your building who is acting suspiciously. He is holding a clipboard and is wearing a high visibility jacket. You approach him and ask him if everything is okay and he claims to be inspecting the fire safety equipment. What should you do next ?

1.Report the incident to Physical Security personnel.
2.In compliance with fire safety regulations, this is standard procedure and no action needs to be taken.
3.Ask to see his identity card to verify his identity.
4.Ask him the name of his company and verify it using Google.

7.How often should you backup your data ?

1.Once a week.
2.In accordance with your organisation’s backup policy and the criticality of the data in question.
3.Once a month.
4.Once a fortnight.

8.Where should you store the encryption passphrase for your laptop ?

1.Use the password management tool supplied/authorised by your organisation.
2.On a sticker underneath your laptop’s battery as it’s not visible to anyone using the laptop.
3.On a sticky note attached to the base of your laptop.
4.In a password-protected Word file stored on your laptop.

9. You have a highly sensitive document which you need to email to a trusted third-party. What is the safest way to send this ?

1.Make sure you scan the document with your anti-virus software first.
2.Encrypt the document first. Then send the password to the third-party using a different communication method, such as SMS
3.Send the document using a file sharing application.
4.Send the document from your work email account.

10.A colleague calls you telling you they have an urgent deadline to meet. But unfortunately, they have forgotten their password to the client database. What should you do to help ?

1.Suggest to your colleague that they call your IT helpdesk for a password reset link.
2.Go to a computer terminal and log the user in so they can meet their deadline.
3.Give them your login credentials temporarily so your colleague can meet their deadline.
4.Put your login credentials on an encrypted USB memory stick and hand it to them.

11.You’ve just moved to a new department and have been issued with a new set of passwords. Which one of these methods offers you the safest option for storing them ?

1.Write them down in a notebook beside your desk for handy reference
2.Use a sticky note making sure you place under your keyboard instead of on or near your computer.
3.Use the password management tool supplied/authorised by your organisation.
4.Store them in an Excel file on your computer but give the file name something unrelated to passwords.

12.Not long after joining your present company, you get an email containing a weblink from the Revenue Commissioners. It informs you that there is a tax rebate owed to you from your previous job ?

1.Scan the email with anti-virus, then open it.
2.Open the email on your home network instead.
3.Open the email as a standard user, not as an administrative user.
4.None of the above.

13.You have an old laptop with work-related files still stored on it. You want to give the system away to charity. What is the safest way to keep the file contents confidential ?

1.Remove the hard disk and give it to your IT or helpdesk team to be disposed of securely.
2.Install a new copy of the operating system on the computer.
3.Login to the computer, delete the files and then empty the recycle bin.
4.Login to the computer to delete the files and un-install programs.

14.Your existing password is “Northwave” and your IT department has requested that you change it. Which one of these would be the safest to use ?

1.Yellowbuscamerahorse.
2.Northwave1.
3.Northwave!.
4.W@venorth.

15.You get a call from your technical support helpdesk saying they are performing an urgent server upgrade. They ask you for your password. What should you do ?

1.Refuse and contact your manager or Information Security team.
2.Get the agent's name and give him your login and password.
3.Get the agent's email address and email him your login and password.
4.Give the support representative your password, but not your login.