Cyber Incident Quiz

The main type of cyber incident reported at CME was a phishing email, which is a common tactic used to deceive individuals into providing sensitive information, unlike ransomware or DDoS attacks.

Chelsi Geongran was the first employee to report the phishing incident, making her the correct choice among the options provided.

The phishing email included user passwords, which are highly sensitive as they grant access to personal accounts. Other options like credit card numbers and Social Security Numbers were not specified as included in the email.

The compromised passwords were likely obtained through a public data breach, where user credentials are exposed and can be accessed by malicious actors. This is a common method for acquiring passwords.

Writing down passwords in a notebook is a practical way to manage them securely, as it helps avoid forgetting them. Using the same password for all accounts is risky, and it's not advisable to rely solely on memory.

Advanced email filtering could have identified and blocked the phishing email before it reached Chelsi's inbox, preventing potential harm. Other options do not directly stop the email from arriving.

Phishing primarily relies on tricking users into providing sensitive information, such as passwords or credit card details, often through deceptive emails or websites, rather than exploiting software vulnerabilities or using brute-force methods.

The principle of password uniqueness ensures that each account has a distinct password, enhancing security by preventing unauthorized access through shared or reused passwords.

Implementing multi-factor authentication (MFA) is a proactive measure to protect against phishing. MFA adds an extra layer of security, making it harder for attackers to gain access even if they obtain login credentials.

A password manager is a tool designed to store and manage strong, unique passwords securely. It helps users generate, retrieve, and organize passwords, making it easier to maintain security across multiple accounts.