October is recognized globally as Cybersecurity Awareness Month. Initiated by the Department of Homeland Security, Cybersecurity Awareness Month is commemorating its 15th year as an annual campaign. Supporters of this great initiative engage in activities to raise awareness around the importance of cybersecurity by educating businesses and consumers on industry trends, cybersecurity threats, and best practices.
Are You #CyberAware?
Review Herjavec Group’s Cybersecurity Awareness Quiz and Correct Answers Below
You came across a website that looks exactly like Facebook but it has a different domain which you have never heard of. Which of the following is the best course of action that should be taken?
(A): Hack that website and deface it, then post it on Facebook or Twitter.
(B): Launch DDoS (Distributed Denial of Service) attacks into that website with the help of your friends if you can’t hack it in order to take it offline then post it in Facebook or Twitter. #TangoDown!
(C): Do not login into that website and report it as a phishing page to Google Safe Browsing Team.
(D): Just ignore that website and login to https://facebook.com
While visiting your favorite website for downloading the Firefox browser, a popup appears that says “You just won 100,000 US dollars! Click this link to claim your prize!”. What should you do?
(A): Ignore that popup and just download the Firefox browser.
(B): Click the popup and claim your prize.
(C): Report the popup and the details to the website administrator and don’t download the Firefox browser.
(D): Share the link to your friends, classmates and colleagues so that they could also claim the prize because sharing is caring.
You went to your local coffee shop to buy a coffee and while waiting for your order, you decided to connect to their Free Wi-Fi. While browsing to your Google Mail, the page redirected to http://www.googlemail.andrew.net. What do you think should you do?
(A): Login to where Google Mail has redirected, it’s just one of Google’s web sites – not suspicious at all.
(B): Disconnect from the Wi-Fi network.
(C): Ask the person sitting next to you if his Google Mail also redirects to http://www.googlemail.andrew.net.
(D): Find the Wireless Access Point and reboot it.
Which of the following could help you mitigate malware and viruses from infecting your PC?
(A): Download software from trusted sources only
(B): Install an antivirus program and a two-way firewall
(C): Always update your PC when prompted for system updates
(D): All of the above
You need to install a certain software necessary for your job. Whom should you contact?
(A): Your direct manager
(B): The IT department
(C): Your friend in the tech department
(D): None of the above – just install it yourself
Your team member just sent you a shortened URL link via Skype chat (e.g. https://www.goo.gl/wZebR). What should you do?
(A): Open it – they’re your teammate so the link can’t be malicious
(B): Install antivirus software and then open the link
(C): Contact the IT Department and report that it may contain malicious information
(D): Check the link using an online tool to see where it really takes you
While Bob was away on vacation, one of his customers had a crisis. As Bob was unable to attend to the matter, he gave John access to his computer to solve the issue. Six months later, John used the access to upload confidential information to a private server. Who is responsible for this breach?
While working remotely, your home wireless network gets infected with malware. Which of the following should you do?
(A): Keep working – you have a deadline to worry about
(B): Go to your local coffee shop and use their free Wi-Fi to keep working
(C): Contact the IT Department immediately
(D): None of the above
Who has security responsibilities at your organization?
(A): Your CISO
(B): Executive Team
(C): IT Department
(D): All Departments
Which of the following are strong passwords according to the University Information Security Policy? (select all which apply)*
Which statement best describes how documents containing sensitive information (personal information, finances, sales forecasts, etc.) are to be handled?
(A): Documents are not handled in any special manner
(B): Sent via e-mail to non-Herjavec Group accounts
(C): Documents are to be restricted to those who require it
(D): Printed and left on desks
(E): Sensitive information may be shared
If I’m not going to be in the office who should I share my password with?
(A): My manager
(B): A co-worker
(C): Anyone who may need it – It’s my password and I’ll share if I want to
(D): No one
When accessing a website, a popup appears that says “Your computer has been infected with XYZ ransomware.” What should you do?
(A): Pay the ransom
(B): Shut down the computer and take it to IT immediately
(C): Ignore the popup and hope it goes away
(D): None of the above
What is the biggest threat to an organization’s cybersecurity and corporate network?
(A) Insider threat
(B) Nation state hackers
(D) Phishing emails
What are signs of a phishing attack?
(A): The message contains poor spelling and grammar
(B): Something just doesn’t look right
(C): The offer seems too good to be true
(D): The message asks for personal information
(E): All of the above
(F): A, C, D
The first step in Security Awareness is being able to ________ a security threat.
Why is it important to have a good understanding of your organization’s Information Security policies and procedures?
(A): Helps protect individuals from being victims of security incidents.
(B): Provides an understanding of steps to follow in the event of a security incident
(C): Helps to understand levels of responsibility
(D): All of the above
(E): None of the above
While taking a small break, you see your teammate using their personal computer to download the newest episodes of Game of Thrones using BitTorrent. What should you do?
(A): Ask for a copy so you can catch up
(B): Tell your manager about it
(C): Ignore it – they’re using their personal computer anyways so it doesn’t matter
(D): Bring in your laptop and do the same
You’re working on a project that requires you to use shared email. Whom should you contact to make it?
(A): You don’t need to contact anyone. If you have your manager’s approval, you can make it yourself.
(B): Your teammate and project lead should make it
(C): The IT department
(D): Your manager
When working remotely, how should you connect to public Wi-Fi?
(A): You can work remotely if you use your smartphone’s data to tether to the Internet.
(B): As you normally do – there’s no specific procedure!
(C): Using a VPN
(D): Don’t connect remotely to do work.