Skip to Content
Home Core Security Awareness Core Security Awareness

Core Security Awareness

0 %

Completed

Course content

Core Security Awareness

10 XP
Prev Next
Fullscreen Share
Rating
0 0

There are no comments for now.

Join this Course
to be the first to leave a comment.

1. You receive an email from what appears to be Microsoft asking you to urgently re-enter your password due to “account suspension”. What is the safest action?
Click the link and reset your password immediately Forward the email to colleagues to ask if they received it Verify the request independently and report the email if suspicious Reply to the sender asking whether the email is genuine
2. Which of the following is the BEST example of a strong password practice?
Reusing one complex password across multiple systems Writing passwords in a notebook stored beside your laptop Using a unique passphrase and storing it securely in an approved password manager Sharing passwords with managers for backup purposes
3. What should you do if you receive repeated MFA approval prompts that you did not initiate?
Deny the requests and report the activity immediately Approve one request to stop the notifications Restart your device and continue working normally Ignore the prompts permanently
4. Which of the following is an example of social engineering?
A scheduled software update An attacker pretending to be IT support to obtain credentials An antivirus scan A failed hardware component
5. You receive a Teams message from a senior manager requesting confidential client information urgently. What should you do first?
Send the information immediately due to urgency Ignore the message completely Verify the request using a trusted communication method Send only partial information
6. Which of the following is the MOST secure practice when working remotely?
Using public Wi-Fi without protection for convenience Sharing work devices with family members Using secure Wi-Fi and approved company systems only Saving company files to personal cloud storage accounts
7. Why should employees lock their devices when unattended?
To improve device performance To prevent unauthorised access to information To extend battery life To reduce software update frequency
8. Which of the following is a warning sign of phishing?
Unexpected requests involving urgency or sensitive information Routine calendar invitations from known colleagues Scheduled security training notifications Approved software update reminders
9. What is the safest action before opening an unexpected attachment?
Disable antivirus software temporarily Verify the legitimacy of the sender and the attachment Upload the attachment to a public AI tool for analysis Forward it to your personal email account first
10. Why is it important to report security incidents promptly?
To ensure incidents remain confidential from IT teams To prevent management involvement To avoid changing passwords To help reduce the impact and support investigation efforts
11. Which of the following is an example of poor data handling practice?
Sharing files through approved secure systems Accessing only information required for your role Uploading client information into unauthorised public AI tools Encrypting sensitive files appropriately
12. What is “tailgating” in a physical security context?
Sharing passwords with colleagues temporarily Following an authorised person into a restricted area without permission Sending phishing emails from fake domains Leaving a laptop unlocked during meetings
13. You accidentally clicked a suspicious link in an email but nothing appeared to happen. What should you do?
Ignore the incident unless problems occur later Delete the email and continue working Report the incident immediately and follow security guidance Restart your computer only
14. Which statement about public AI tools is correct?
Client data can always be uploaded safely if anonymised slightly Sensitive company or client information should not be entered unless explicitly approved AI tools replace company security controls Passwords may be stored in AI prompts if encrypted
15. Which of the following BEST demonstrates good security awareness?
Trusting urgent requests from senior staff automatically Following approved procedures and verifying unusual requests Approving MFA prompts quickly to avoid delays Avoiding reporting incidents unless systems stop functioning
16. Why are cyber attackers increasingly successful against organisations?
Employees are often targeted through phishing and social engineering techniques Firewalls no longer exist Malware only affects outdated systems Passwords are no longer required for authentication
17. Which of the following should ALWAYS be reported?
Suspicious emails or credential requests Lost or stolen company devices Suspected unauthorised access All of the above
18. What is the BEST reason to use Multi-Factor Authentication (MFA)?
It eliminates the need for strong passwords It prevents all phishing attacks completely It allows credentials to be shared safely It provides an additional security layer beyond passwords
19. Why should employees avoid using personal cloud storage services for work data?
Personal services may lack approved security and compliance controls Personal services improve collaboration too much Company systems cannot store files larger than 1GB Personal cloud storage automatically deletes files
20. What is the BEST overall approach to maintaining security?
Relying entirely on IT and security teams Prioritising convenience over security controls Remaining vigilant, following policies, and reporting concerns promptly Ignoring low-risk incidents to reduce workload