Computer Security Awareness Training: Sports Edition

Computer Security Awareness Training: Sports EditionComputer Security Awareness Training: Sports EditionComputer Security Awareness Training: Sports Edition
Home
Games
Game Answer Key
Review
Review Answers
Key Takeaways

Computer Security Awareness Training: Sports Edition

Computer Security Awareness Training: Sports EditionComputer Security Awareness Training: Sports EditionComputer Security Awareness Training: Sports Edition
Home
Games
Game Answer Key
Review
Review Answers
Key Takeaways
More
  • Home
  • Games
  • Game Answer Key
  • Review
  • Review Answers
  • Key Takeaways
  • Home
  • Games
  • Game Answer Key
  • Review
  • Review Answers
  • Key Takeaways

ANswers To Review Questions

Below are possible answers to the review questions asked after every question. Please note that the answers provided are not the only possible correct answers.


Q1. There are many different assets, both on personal and business devices, that need to be protected. On a personal device, some assets that should be protected include personal data, such as photos, videos, and documents, as well as financial information, like credit card details and tax returns. In addition, the operating system, login credentials, stored messages, and health information should all be secure and protected. Business devices will contain extremely sensitive data that need to be protected. For example, intellectual property, customer data, company credentials, financial records, communication systems, and operations must be protected in order to ensure the business runs smoothly.


Q2. A type of attack that compromises all three components of the CIA Triad is ransomware. Ransomware holds a victim's sensitive assets hostage, usually by encryption, demanding a ransom in exchange for access to the affected data. Confidentiality is compromised as it exfiltrates sensitive data from the victim's system, allowing attackers to leak the data. Integrity is compromised as it modifies the data by encrypting it, making it unreadable. Availability is affected as it locks the victim out of their data, preventing proper operation.


Q3. There are several things you must do if you discover your password for an account is compromised. First, change the password for the account immediately to prevent the attack from continuing to access your account. If not already enabled, you should also activate multi-factor authentication to provide layers of defense to your account even if your password is compromised. Next, you should check for all unauthorized access on the account, as well as other accounts, to allow you to mitigate any damage. Lastly, you should check for any sign of identity theft, like unusual credit activity, and freeze your credit if needed.


Q4. Since it is urging you to download a file, you should automatically become suspicious as technical support does not usually email you to download a file. In addition, since it uses urgent language, you should check the email address to see if it is suspicious at all. Then, it would be beneficial to contact the security team directly to see if it is legit. If you receive confirmation that it is not valid, you should report and then delete the email to avoid any accidental interaction.


Q5. Since you do not recognize the man at all, you should handle the situation cautiously to prevent unauthorized access. First, you should verify their identity by asking for credentials to prove that they are a coach. If the man has no way to prove he is a coach, do not let them in as it is probably a social engineering attack. You should report the situation to a coach or security, and they will then handle the rest of the situation.


Q6. Properly securing a brand-new computer is important in protecting it from threats. First you should create a strong, admin password, as well as set up a standard user account for daily activities. Then you should install any security software, like anti-virus or firewalls, to block any malicious software. In addition, you should update the operating system, as well as turn on automatic updates, to ensure the operating system is as secure as possible. Lastly, you can secure the device to proper internet, as well as remove any unneeded features that may create additional vulnerabilities.


Q7. Determining if a link is suspicious is crucial in protecting your device against malware. To do so, inspect the link carefully by hovering over it to view the full URL destination, as well as checking for any misspellings. In addition, you should verify the source, examining if the link if from a trusted or official source. Also, there are online tools available to scans links to analyze it for potential threats. If you are at all suspicious, do not click the link and report it to the proper party.


Q8. Some signs that malware is running on your device is slower performance or frequent crashes, as the malware will be taking up resources. In addition, you may begin to notice unauthorized changes like homepage changes or new programs. Also, malware may corrupt, delete, or create files. Lastly, malware can cause an increase in suspicious network activity, showing that something is wrong. If you suspect malware in on your device, disconnect from the Internet, run a malware scan, and get professional help.


Q9. No, you should never let any family member, or anyone outside the company, use a company device. First, family members may not have the same computer security training that you have, potentially leading the vulnerabilities like downloads malware. In addition, the data on company devices must be confidential. By allowing family members to use the device, they may accidentally access sensitive information. In addition, many companies have strict data protection and compliance requirements that may be broken by a family member. Therefore, it is crucial that while working remotely, you ensure that only you have access to any company device.


Q10. First, you must contact your credit card company immediately, and they will freeze your account to prevent further transactions. In addition, you should review recent transactions as well as set up alerts for future transactions to examine if there are any new transactions. In addition, if your credit card information was breached, there is a decent chance that other passwords were compromised, so it may be wise to change all passwords. Lastly, it is important to continue to monitor your credit, as well as remain cautious in the future, to prevent additional breaches.


Q11. While compliance regulations lie more on businesses, they also effect individuals. If any individual stores data, it is important that they also follow regulations to protect it. In addition, individuals can rely on different frameworks to learn better security practices. Lastly, compliance regulations can increase individuals' confidence that their data is being protected.


Q12. The principle of least privilege is an extremely important component of computer security since it ensures users and systems are granted the minimum level of access to perform specific tasks. It limits the impact of security breaches, as most users only have access to public data and systems. In addition, it lowers the likelihood of an attack as only a very few amounts of people should have access to sensitive data. Lastly, it does an excellent job at facilitating compliance and regulations.


Q13. Using a defense-in-depth strategy to protect the files on a personal device will require implementing multiple layers of security that work together. To do this, you can start by implementing physical security, like locking your computer with a physical lock and password. Then you can use multi-factor authentication. In addition, you can encrypt the content of your files so attackers will not be able to understand them if they gain access. Lastly, firewalls and anti-virus will help block any malicious program or behavior, keeping your files secure.