Information and Security MCQ 2022

Network and Information Security MCQ

Note: The answers are marked in Red Bold.

Question 1: What does “s” on https:// at the beginning of a URL mean vs “http:// without the “S”?

• That the site has a fast connection (s for speedy)
• That information entered in this site is encrypted
• That the site has just been updated
• That the site is only accessible by people in USA

 

Question 2: What are your responsibilities for the protection of Company/Client information?

• Protection and proper use of Company/Client information
• Know the processes to protect Company/Client information
• Build proper security practices into your day
• All the above

 

Question 3: You have a project requirement document with you. A known person in the Company called you to share a copy of it for reading and project reference, are you permitted to share it?

• Yes
• No

 

Question 4: Which one of the following statements about a password is TRUE?

• It must be changed only if it is compromised.
• It cannot contain special character symbols.
• It must be registered with the system administrator.
• It should be changed regularly.

Question 5: Your team is working on an important deliverable and you have split the work into different modules. On the day of delivery one team member is on emergency leave, what would have been a best practice to implement to have access to information across the team members:

• Keep passwords handy within the team
• Use Company’s OneDrive
• Request Project Manager to revise the deliverable schedule
• Option 1 & 3

 

Question 6: You are going on a long leave; do you share your user credentials with the backup resource that you have trained so that they can use it in emergency:

• Never, I will never share my user credentials
• Yes, but I will ask not to misuse the credentials
• I will ask to use it only when there is an issue
• Option 2 & 3

 

Question 7: If you’re working in your company’s system/laptop and suddenly a pop-up window arises asking you to update your security application, you must ignore it.

• True
• False

 

Question 8: You’ve inadvertently opened a web link contained in a suspicious email and now your computer is behaving strangely. What would be your course of action?

• No action is needed since security software is in place to block malicious code getting into my computer
• I will update and run anti-virus software.
• I will contact IT help desk or Information Security team.
• Keep an eye on the performance of my computer and continue.

 

Question 9: Which of the following is a violation of Company/Client Security guidelines?

• Sharing user login credentials
• Posting any of the information pertaining to Client on social media
• Sharing Client information with anybody who is not related to your project/work.
• All the above

Question 10: You are planning a holiday to Spain. Using your smartphone, you find a nice hotel, but all the information is only in Spanish. You downloaded a free translation app into English from sources other than Apple App Store/Google Play store or Company recommended Portal. What is the biggest risk here?

• The app might steal the data from your smartphone, which could lead to the compromise of sensitive data or other applications on the device or in the cloud.
• The app might corrupt all the data on your smartphone
• The app might contain viruses.
• The app might give fraudulent information and might end-up being redirected to a fraudulent site.

 

Question 11: What is the best way to validate a legitimate email vs. a phishing email?

• Look at the email headers to see where it really came from.
• Look for poorly replicated logos.
• Contact the sender on some other medium besides email to verify whether they sent you the email.
• All the above

Question 12: Two-factor authentication works as an extra step in the security process that will

• Reconfirm Identity of the user
• Make attackers' life harder
• Reduce fraud risks
• All the above

 

Question 13: Why is it important to have a good understanding of Information Security policies and procedures?

• Helps protect individuals from being victims of security incidents.
• Provides an understanding of steps to follow in the event of a security incident
• Helps to understand levels of responsibility
• All of the above

 

Question 14: You have a highly sensitive document which you need to email to a trusted third-party. What is the safest way to send this?

• Make sure you scan the document with your anti-virus software first.
• Send the document from your work email account.
• Encrypt the document first. Then send the password to the third-party using a different communication method, such as SMS.
• Send the document using a file sharing application

 

Question 15: Which one of the following shows right treatment while handling confidential information?

• Discussing confidential information over the telephone.
• Disclosing confidential information only to authorized individuals.
• Uploading confidential information to a shared web site.
• Emailing confidential information to a colleague.

 

Question 16: When constructing a password, you should:

• Use your family member name, sports name, pet name and add a number on the end
• Use phrases or misspelled words with embedded numbers and special characters
• Use sequenced letters and numbers from your keyboard
• All the above

 

Question 17: You participate regularly in a technical discussion forum on Internet. What are the things you should do?

• Provide company or customer confidential information in the message
• Take prior approval from business head for the company information that you intend to share
• Share personal solutions or technical ideas which is not relevant to ITC infotech Business
• Option 2 & 3

 

Question 18: How can you protect your computer against viruses?

• Make sure you have virus protection on your computer up to date
• Do not click on the links that get delivered through the mails from unknown sources
• Never open unsolicited attachments especially from an unknown source
• All the above

 

Question 19: Ransomware is usually delivered in e-mails from unknown sources or by clicking on the non-reputed web sites. Which file extensions are the most dangerous in such a scenario?

• .doc, .docx, .xls, .xlsx, .ppt, .pptx.
• .exe, .zip, .js, .scr
• All the above

 

Question 20: Company provided system is protected from malwares through the

• Use of anti-virus software with frequent updates
• Use of hard-disk encryption on laptops
• Use of software according to license terms and agreements
• Download programs without permission of the copyright owner or licensee.

 

Question 21: When you are using Organizational Email facility allocated to you, following actions are allowed

• Forwarding Chain Mails
• Use email only for business purposes
• Use email for personal use
• Joining mailing lists

 

Question 22: You are a big fan of country music, recently got malware on your computer by clicking on a banner advertisement from a well-known country music website. What type of attack is this an example of?

• Trojan horse attack
• Malvertising
• Worm attack
• Browser plug-in attack.

 

Question 23: is the technique used for tricking users to disclose their username and passwords through fake pages

• Social Engineering
• Phishing
• Cookie Stealing
• Banner Grabbing

                     

Question 24: Your colleague sent a chat message telling you that there is an urgent deadline to meet. He/she has forgotten the password to the client database unfortunately. What should you do to help?

• Go to their computer terminal and login with your user credential in so they can meet their deadline.
• Suggest to your colleague that they call IT helpdesk for a password reset link.
• Give them your login credentials in chat message
• Tell your login credentials in phone

 

Question 25: How do you manage Confidential files?

• Protect it from unauthorized access
• Keep it accessible to only authorized people
• Mark it as Confidential Information. All rights reserved.
• All the above