Question 1: Which practice strengthens the physical security of your work environment?
- Ensure that your software is up-to-date and that the latest patches are applied.
- Recycle all paper, CDs, DVDs, hard drives etc. into their appropriate bins.
- Pile all confidential documents neatly to one corner of your desk.
- Shred and destroy all documents that contain sensitive personal or organizational information rather than tossing them into the waste bin.
Question 2: Why are insider threats one of the most challenging attack vectors?
- Insider attacks are common, obvious, and overwhelm IT security.
- There is little that can be done to prevent a denial of service attack.
- Employees are trusted users who have legitimate access to an organization’s data and resources.
- Network security is designed to defend against outsiders, not insiders.
Question 3: If a suspicious package appears at your desk, which action is best aligned with good physical security practices?
- Get your neighbour to open the package.
- Report the package and do not open or touch it.
- Carefully open the package and report what you find.
- Destroy the package using an industrial shredder.
Question 4: Identify two best practices for physical security awareness. (Choose two.)
- Always be considerate, such as holding the door open for people, even if you don’t know them.
- Keep your desk free of any proprietary or confidential information.
- Lock your computer screen and mobile devices every time you step away.
- Follow your organization’s security policies unless they hinder efficiency.
Question 5: What is the root cause of almost every data breach?
- Zero-day attack
- Human error
- Poorly crafted password
- Unpatched device
Question 6: Who are included as insider threats?
- Ambitious people
- Another organization or person who see themselves as competitors
- Any person with network security skills who works outside an organization
- Employees who sometimes do not follow security practices
Question 7: Which method is a defense against potential insider threats?
- Confront any person you suspect of being an insider threat.
- Monitor your co-workers’ daily activities.
- Investigate and if possible resolve the threat on your own.
- Identify and report any suspicious activity.