Meet The Experts

Preface: Computer Security Day

Computer Security Day was started in 1988 to help raise awareness of computer related security issues. Their goal is to remind people to protect their computers and information. This annual event is held around the world on November 30th.

The 2005 Ernst & Young’s Global Information Security Survey validates the need for awareness that Computer Security Day strives to instill. When it comes to the use of emerging technology (mobile computing, removable media, wireless networks, VoIP, etc.), although widely recognized as security concerns, not all organizations are taking sufficient measures to manage the risks. According to the survey, less than half of the 1,300 organizations surveyed—representing some of the leading companies in 55 countries—make provisions for general users of information to be trained or made aware about the impact of information security issues associated with emerging technologies, and even fewer receive training on responding to security incidents.

The following quiz developed by Lee Futch of Symantec will challenge your awareness and perhaps open your eyes to the significant role you can play in securing their corporate networks?

Security Awareness Quiz

By Lee Futch

1. Which three risks are associated with Web browsing? (Choose three.)

Remote surveillance
Identity theft
Viruses
Credit card fraud

2. Which three steps are important to perform when you receive instant messages? (Choose three.)

Verify the source of the message
Verify the size of any attachment sent to you
Verify the purpose of the attachment sent to you
Verify that your security updates and antivirus updates have been applied before you download or open any attachment

3. Which three types of information should you avoid adding to your instant messaging (IM) account details? (Choose three.)

Addresses
Organization names
Nicknames
Phone numbers

4. Which three elements should your password include? (Choose three.)

Upper case letters
Lower case letters
Numbers at the beginning
Numbers at the end
Special characters

5. Which two best practices will help you reduce your spam susceptibility? (Choose two.)

Be selective when registering personal or business information on Web sites
Read Web site privacy statements to ensure that your information is not used for marketing purposes
Encrypt all email messages to addresses outside your organization's network
Delete all attachments from unknown senders

6. Which two types of mobile storage devices can potentially store confidential information and should be protected at all times? (Choose two.)

Remote Access Memory (RAM)
USB Flash drives
CD-ROM disks
Virtual Private Networks (VPNs)

7. Which two are common objectives of social engineers? (Choose two.)

Obtain classified information about your organization, products, or customers
Work with the organization to create new processes and procedures
Influence employees to take actions they would not normally take
Confirm the appropriateness of information held on all of the organization's publicly accessible servers

8. Which PDA security best practice will help protect the information on your PDA?

Clearly identify your PDA with company stickers or logos
Never remove your PDA from your bag for airport security
Store your PDA passwords in a safe location
Synchronize your PDA data regularly

9. Which three remote worker best practices will help maintain physical security? (Choose three.)

Maintain a "clean desk" policy
Immediately contact management and law enforcement when equipment is stolen
Dispose of hardcopy securely
Run antivirus software on your home office computer

10. Which negative outcome can result from hoax virus warnings and malicious spam?

Denial of service
Data loss
Reduced account privileges
Credit card fraud

To find out the answers to the security quiz, click here.

About the Author
Lee Futch is Senior Product Manager for Symantec. He can be reached at LFutch@symantec.com or for more information visit Symantec on the web at www.symantec.com