Social media provides a lot of benefits that improve our daily lives. But it also presents numerous security challenges when not handled properly. What are a few ways to stay safe on social media? Choose all that apply.

By vetting anyone who adds you as a friend or connection.

By never sharing anything that could be deemed confidential.

By thinking critically before sharing anything that might be false information.

By reviewing and maximizing privacy settings.

You receive a suspicious email from an unknown sender claiming that your bank account has been suspended due to fraudulent activity. It urges you to click on a link and change your login credentials immediately, or your account will be permanently terminated. What should you do next?

Immediately report it as a phishing attack, and contact your bank directly to confirm.

Click on the link so you don't lose control of the account.

Forward it to a co-worker and see if they think it's a phishing scam.

Delete the email, and get back to work.

How do social engineers successfully manipulate people? Choose all that apply.

By collecting personal information found on public forums like social media.

By impersonating members of our organization, such as the IT department.

By following closely behind real employees as they enter the building.

By planting malicious USB flash drives around our organization.

While so much of security focuses on cyberattacks, social engineers also attempt to compromise physical security. What can you do to prevent physical security incident? Choose all that apply.

Ensure no one can see your screen or hear your conversations in public.

Destroy physical copies of sensitive information.

Avoid plugging in random USB flash drives and other USB devices.

Lock you workstation, even if you'll only be away for a few minutes.

What do the attackers do to create a sophisticated and convincing message? Select the correct answer out of the following options:

Imitate your business contacts or friends

Use fake profiles to meet new people

Send random official newsletters

You receive an email with attachments from someone you know; however, the attachments are unusual. What should you do?

Check with the sender by phone, to see if the email if legitimate.

Reply to the email requesting further information.

Since it's someone you know, it is safe to open the attachments.

Which of the following behaviors should you avoid to ensure your data remains secure?

Accessing your email using public devices or public Wi-Fi.

Being calm and paying attention to detail.

Hovering your mouse over links to reveal their true destination URL.

Which of the following is the best practice to avoid falling victim to a phishing attack?

Verify the email is legitimate, and when in doubt, don't click.

Keep you browser and computer software up to date.

Download the files you received to check if they are real.

Everyone suffers when data breaches occur and PII is lost. What can you do to prevent it from happening? Select all that apply.

Always follow organizational policies.

Know and understand the type of PII you handle.

Stay alert for social engineering attacks.

You just received an email that asks you to click on a link to view a business document. What should you do next? Select the best responses.

Check for poor grammar, misspelled words or awkward phrasing.

If the email has a sense of urgency or threatening language and comes from an unknown person, report it immediately.

If the email has an attachment, delete it and go back to work.

Forward it to a co-worker and ask them to open the document.

Which of the following represent ways to avoid becoming a ransomware victim? Choose all that apply.

Staying alert for common warning signs of phishing attacks.

Never plugging in random USB flash drives or cables.

Why are phishing attacks so successful? Choose all that apply.

Because they leverage human emotions.

Because data breaches expose a lot of personal information that cybercriminals use to create convincing attacks

Because sometimes busy workers fail to carefully inspect a message and are hasty to click

Because cybercriminals always use highly advanced technology and processes to trick people

Why it is so important to report phishing attacks immediately?

Because the longer an attack goes unreported, the more damage it could cause.

Trick question. It's not that important to report an attack, so long as you don't click on a link.

An attack doesn't need to be reported immediately; it can wait until the end of the day.

Because reporting an attack helps law enforcement identify and arrest the attacker.

How do you avoid falling for phishing, smishing, and vishing scams? Choose all that apply.

Carefully inspect messages before taking an action.

Never assume someone is who they claim to be.

Familiarize yourself with common red flags.

Hover over links to reveal their true URL.

Immediately delete any emails that contain attachments.

You receive a suspicious phone call from someone at your bank. They claim your account has been hacked and need you to verify your banking information or the account will remain unlocked. How should you handle this situation?

Hang up, and contact your bank directly either by calling the number on your card, or by visiting their legitimate website.

Provide the information as requested so you can get access to your money.

Ask the bank representative to send you an email so you can log in and update your account.

Strike up a conversation with the representative and try to determine if they're legitimate or if they're scamming you.

Which of the four following behavior patterns are best practices for ensuring data privacy? Select all correct responses.

Locking doors when leaving the office

Doing business without personal business cards

Using pseudonyms when eating lunch in public spaces

Which of the following responses correctly reflect the fundamentals of data protection? Select all correct responses.

Rights of publicity must be ensured at any time and in any place.

Careless handling data can lead to the loss of trust from customers, the public, employees and investors.

Conversations do not fall under data protection.

Data protection only applies to customers.

Select all correct responses: Data protection is a...

Responsibility that employees share with their organization.

Voluntary service from organizations.

Mandate that only affects data protection officers.

Why do phishing emails appear harmless at first?

They appear to come from trusted contacts or organizations.

They prompt me to take action quickly.

What do cybercriminals want to get hold of with their phishing emails?

Data that is important for an organization's work.

They don't want to get hold of anything. They are lonely and want to make new friends.

Statistics on how employees react when they receive fraudulent emails.

What can happen if you follow a link or download an attachment in a phishing email?

Cybercriminals can steal important data.

Nothing will happen - the IT department will stop any potential cyberattacks.

Your computer will be restore to factory settings.

What should you do when an email prompts you to take immediate action?

Check the email for red flags and if in doubt, report it.

Respond to the request as quickly as possible.

Ignore the email and any instructions given.

You want to charge your work tablet at home, but you forgot the cable for it. Could you use your own cable instead?

No, you should only use accessories that have been approved by your organization.

Yes, in an emergency that's perfectly okay.

Yes, if your boss allows it, it's fine.

The battery on your private cellphone is running low. Are you allowed to charge it on your work computer?

No, because this increases the risk of malware getting onto the work computer and into the network.

Yes, as long as the operating system and software on the computer are up to date.

When suspicious email messages arrive in your inbox, you ...

Share the responsibility of protecting the organization.

Can safely open the message and any links and attachments.

Should rely entirely on IT to protect the organization.

Can trust the security software to protect the organization.

Which of the following types of organizational information must be kept confidential? Select all that apply.

Design specifications for a new product

Press release still being drafted

Quarterly earnings statement released to the public

Which of the following does NOT contain personal information?

Order form with a credit card number

Which action upholds a privacy principle?

Using personal information for purposes that were not disclosed

Collecting as much personal information as possible

Correcting personal information when requested

Keeping personal information after it has served its purpose

Which statement best describes how most hacking is accomplished? Select the best answer.

By tricking any member of the organization into letting them in.

By tricking executives or IT staff into letting them in.

By hacking into IT systems that give them access to all of the computers on the network.

By hacking into on-site desktop systems that give them access to all of the computers on the network.

You receive a message that is clearly a scam; what should you do? Select the best answer.

Report the message right away, so others don't fall for it.

Save the messages and see if others report it just to be sure.

Don't take any action the message asks and delete it.

Which of the following is the best advice for updating software? Select the best answer.

Follow your organization's policy for software updates.

Go to a third-party website to find the software and update it.

Don't do any updates because they might be part of cyberattack.

Perform updates received via email or text message so that you have the latest protection.

Which statement best describes the use of technology, such as 2FA, in security?

It's an extra security step, but you must still remain alert because it's not perfect.

As technology advances, you can rely entirely on technological solutions to keep you safe.

It is useless against these types of attacks and it is up to you to stop them.

With the right technology, you can solve all cyberattacks.

Which action protects the confidentiality of organizational information?

Sharing information with authorized individuals who have a need to know

Discussing manufacturing processes with friends

Posting sales figures on social media

Assuming all information can be shared unless told otherwise

Security Awareness Quiz

Authored by Steve Lim IT

Used 4+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

50 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You receive an email from someone that you don't recognize but is listed as an executive at your organization. The message contains a link to a shared file. Which of the following actions will help keep you and your organization secure?

Reply to the email and ask if they intended to send it to you before you open it.

Review the link carefully before taking any other action and notify IT/Security if it seems suspicious.

Click on the link; it's ok because the message came from someone you work with.

Ignore the request; they most likely accidentally typed the wrong email address.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You receive an unexpected email that appears to be from a co-worker, but you don't recognize the email address. The email is asking you to complete a wire transfer because your co-worker is out of the office, and the request was urgent from your CEO. Which of the following actions will help keep you and your organization secure?

Complete the transfer; it's from someone you trust.

Ignore the message; let someone else report it.

Call your co-worker using a phone number you know is correct and ask if they sent this message.

Complete the transfer, then confirm if the request was legitimate.

MULTIPLE SELECT QUESTION

45 sec • 1 pt

Alma needs to create a new password for one of her organization's systems. What are some best practices for creating a new password? Select all that apply

Never reuse the same password.

Use numbers and special characters.

Use a familiar password, but change a character or two to make it unique.

Create a unique, complex password with at least 16 characters.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You notice one of your co-workers is inquiring about information unrelated to their job. In addition, you have also noticed they are on the phone more often than usual. What is the most appropriate action you should take regarding this observation?

Follow you organization's policy for reporting suspicious behavior.

Listen closely to their phone call to get the definitive proof you need.

Ignore it; whatever is going on does not impact your work.

Reach out to them to find out what is really going on and if you can help them with anything.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Is this a phishing email, or is it legitimate?

It's a phish

It's real

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Is the following post real, or is it disinformation?

Disinformation

It's real

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which one is more dangerous: misinformation or disinformation?

Misinformation because it's an example of someone not bothering to research or think critically about what they share.

Disinformation because it's intentionally spread to maliciously influence public opinion.

Neither causes much harm and are not something to worry about.

They are equally dangerous because they both spread false information.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

50 questions

Vital Villages and Thriving Towns and Major landforms

Quiz

•

6th Grade

45 questions

Module I: Understanding Operating Systems

Quiz

•

12th Grade - University

45 questions

English Quiz

Quiz

•

6th Grade

50 questions

8th Grade Year Review 2

Quiz

•

8th Grade

51 questions

UF0351 Aplicaciones informáticas de la Gestión comercial

Quiz

•

Professional Development

51 questions

Grade 6_Ixtirolar

Quiz

•

10th - 11th Grade

51 questions

Fun Facts

Quiz

•

6th Grade

45 questions

Accusative case (падеж #4)

Quiz

•

University

Popular Resources on Wayground

7 questions

History of Valentine's Day

Interactive video

•

4th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

15 questions

Valentine's Day Trivia

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

Discover more resources for

7 questions

History of Valentine's Day

Interactive video

•

4th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

15 questions

Valentine's Day Trivia

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade