You receive a suspicious email. What is the most important reason to report it rather than just delete it?
- If you delete it, you might accidentally click on it from your deleted items folder.
- Others likely received the same email and might not know it was a phishing attempt.
- Phishing emails can still infect your computer even if they are deleted.
- You don’t have to report it; just delete it so you are safe from the attack and don’t have to worry about it at all.
You have been using AI to increase productivity on your projects. While interacting with an AI chatbot, it requests access to specific project details to provide tailored suggestions. What should you do?
- Provide the information since the AI programming assistant is already an approved software.
- Consult your organization’s security policy regarding sharing sensitive information with AI assistants.
- Check the terms and conditions of the AI programming assistant and how it uses the information you enter.
Why do cybercriminals often target large numbers of people at an organization rather than just those with access to bank accounts and organizational secrets?
- Because the more accounts they access, the more clout they have within the community of hackers.
- So they can use access to a computer or account within the organization to attack others “from the inside”.
- Just to embarrass that person and get credit for it on social media in hacker groups that they are a part of.
- As a test to make sure that they can access the network so they can then make the same attack from the outside on others.
You’re setting up your new smart home devices when you notice that your internet-enabled thermostat can be password protected. Which of the following steps is essential for password-protecting the device to ensure its security?
- Create a long but memorable password; longer passwords are harder to crack.
- Use the default password; it’s probably stronger than anything you can come up with.
- Choose a short, easy-to-remember password; you don’t want to get locked out.
You receive the following text message from your manager: "Hello! I am busy in an all-day meeting. I need you to upload our quarterly financial report by noon here: dropbx.us". What should you do? Select all that apply.
- Contact your manager at a number you know is legitimate.
- Upload the report; this message seems like a real message.
- Report the incident according to your organization's policy.
- Delete the message. This is obviously a phishing attempt.
You’re logging in to your favorite video streaming app from a new device when it says you need to enter the one-time passcode that was sent to your phone. You receive a text message with a six-digit code that looks like it is from the streaming service. What should you do?
- Delete the message with the passcode; you’ve never had to do this before and this feels like a scam.
- Enter the passcode into the appropriate location in the streaming app; there aren’t any obvious red flags.
- Respond to the message and ask what the code is for.
- Email customer support for help getting into your account.
You receive the following text: "There has been an unauthorized attempt to log in to your work email account. Please verify your identity by replying to this message with the passcode you will be receiving shortly. Failure to do so may result in a freeze of your account." What should you do?
- Send the passcode immediately so your account isn’t frozen.
- Respond to the message and ask follow-up questions.
- Do not respond. Delete the messages.
- Report the incident according to your organization's policy.
Which of the following is the most common factor in preventing security incidents?
- Individuals reporting the possibility of an incident quickly so security can respond and contain it.
- Systems that are designed to protect organizations from hackers that contain the attack automatically.
- The IT and security team telling individuals that they were hacked.
- All of the above.