Network and Information Security MCQ
Note: The answers are marked in Red
Bold.
Question 1: What does “s” on https:// at the beginning of
a URL mean vs “http:// without the “S”?
- That the site has a fast connection (s for speedy)
- That information entered in this site is encrypted
- That the site has just been updated
- That the site is only accessible by people in USA
Question 2: What are your responsibilities for the
protection of Company/Client information?
- Protection and proper use of Company/Client information
- Know the processes to protect Company/Client information
- Build proper security practices into your day
- All the above
Question 3: You have a project requirement document with
you. A known person in the Company called you to share a copy of it for reading
and project reference, are you permitted to share it?
- Yes
- No
Question 4: Which one of the following statements about a
password is TRUE?
- It must be changed only if it is compromised.
- It cannot contain special character symbols.
- It must be registered with the system administrator.
- It should be changed regularly.
Question 5: Your team is working on an important deliverable and you
have split the work into different modules. On the day of delivery one team
member is on emergency leave, what would have been a best practice to implement
to have access to information across the team members:
- Keep passwords handy within the team
- Use Company’s OneDrive
- Request Project Manager to revise the deliverable schedule
- Option 1 & 3
Question 6: You are going on a long leave; do you share
your user credentials with the backup resource that you have trained so that
they can use it in emergency:
- Never, I will never share my user credentials
- Yes, but I will ask not to misuse the credentials
- I will ask to use it only when there is an issue
- Option 2 & 3
Question 7: If you’re working in your company’s
system/laptop and suddenly a pop-up window arises asking you to update your
security application, you must ignore it.
- True
- False
Question 8: You’ve inadvertently opened a web link
contained in a suspicious email and now your computer is behaving strangely.
What would be your course of action?
- No action is needed since security software is in place to block malicious code getting into my computer
- I will update and run anti-virus software.
- I will contact IT help desk or
Information Security team.
- Keep an eye on the performance of my computer and continue.
Question 9: Which of the following is a violation of
Company/Client Security guidelines?
- Sharing user login credentials
- Posting any of the information pertaining to Client on social media
- Sharing Client information with anybody who is not related to your project/work.
- All the above
Question 10: You are planning a holiday to Spain. Using your
smartphone, you find a nice hotel, but all the information is only in Spanish.
You downloaded a free translation app into English from sources other than
Apple App Store/Google Play store or Company recommended Portal. What is the
biggest risk here?
- The app might steal the data from your smartphone, which could lead to the compromise of sensitive data or other applications on the device or in the cloud.
- The app might corrupt all the data on your smartphone
- The app might contain viruses.
- The app might give fraudulent information and might end-up being redirected to a fraudulent site.
Question 11: What is the best way to validate a
legitimate email vs. a phishing email?
- Look at the email headers to see where it really came from.
- Look for poorly replicated logos.
- Contact the sender on some other medium besides email to verify whether they sent you the email.
- All the above
Question 12: Two-factor authentication works as an extra
step in the security process that will
- Reconfirm Identity of the user
- Make attackers' life harder
- Reduce fraud risks
- All the above
Question 13: Why is it important to have a good
understanding of Information Security policies and procedures?
- Helps protect individuals from being victims of security incidents.
- Provides an understanding of steps to follow in the event of a security incident
- Helps to understand levels of responsibility
- All of the above
Question 14: You have a highly sensitive document which
you need to email to a trusted third-party. What is the safest way to send
this?
- Make sure you scan the document with your anti-virus software first.
- Send the document from your work email account.
- Encrypt the document first. Then send the password to the third-party using a different communication method, such as SMS.
- Send the document using a file sharing application
Question 15: Which one of the following shows right
treatment while handling confidential information?
- Discussing confidential information over the telephone.
- Disclosing confidential
information only to authorized individuals.
- Uploading confidential information to a shared web site.
- Emailing confidential information to a colleague.
Question 16: When constructing a password, you should:
- Use your family member name, sports name, pet name and add a number on the end
- Use phrases or misspelled words with embedded numbers and special characters
- Use sequenced letters and numbers from your keyboard
- All the above
Question 17: You participate regularly in a technical
discussion forum on Internet. What are the things you should do?
- Provide company or customer confidential information in the message
- Take prior approval from business head for the company information that you intend to share
- Share personal solutions or technical ideas which is not relevant to ITC infotech Business
- Option 2 & 3
Question 18: How can you protect your computer against
viruses?
- Make sure you have virus protection on your computer up to date
- Do not click on the links that get delivered through the mails from unknown sources
- Never open unsolicited attachments especially from an unknown source
- All the above
Question 19: Ransomware is usually delivered in e-mails
from unknown sources or by clicking on the non-reputed web sites. Which file
extensions are the most dangerous in such a scenario?
- .doc, .docx, .xls, .xlsx, .ppt, .pptx.
- .exe, .zip, .js, .scr
- All the above
Question 20: Company provided system is protected from
malwares through the
- Use of anti-virus software with frequent updates
- Use of hard-disk encryption on laptops
- Use of software according to license terms and agreements
- Download programs without permission of the copyright owner or licensee.
Question 21: When you are using Organizational Email
facility allocated to you, following actions are allowed
- Forwarding Chain Mails
- Use email only for business purposes
- Use email for personal use
- Joining mailing lists
Question 22: You are a big fan of country music, recently
got malware on your computer by clicking on a banner advertisement from a
well-known country music website. What type of attack is this an example of?
- Trojan horse attack
- Malvertising
- Worm attack
- Browser plug-in attack.
Question 23: is the technique used for tricking users to
disclose their username and passwords through fake pages
- Social Engineering
- Phishing
- Cookie Stealing
- Banner Grabbing
Question 24: Your colleague sent a chat message telling
you that there is an urgent deadline to meet. He/she has forgotten the password
to the client database unfortunately. What should you do to help?
- Go to their computer terminal and login with your user credential in so they can meet their deadline.
- Suggest to your colleague that they call IT helpdesk for a password reset link.
- Give them your login credentials in chat message
- Tell your login credentials in phone
Question 25: How do you manage Confidential files?
- Protect it from unauthorized access
- Keep it accessible to only authorized people
- Mark it as Confidential Information. All rights reserved.
- All the above