Information Security & Cyber Security Awareness Program and Quiz(C) – Calsoft

Security

Information Security & Cyber Security Awareness Program and Quiz(C) - Calsoft

Information Security & Cyber Security Awareness Program and Quiz (C) - Calsoft

Please watch all the Security presentations and videos entirely, then complete the quiz using what you learned in the videos!

Please fill your correct Name and mail address which will be used for records and generating Cyber Security Awareness Program - Quiz (C) and sending confirmation email as well, so re-check and then submit Full Name and correct mail ID(@calsoftinc.com).

Thank you and all the best!

NameEmailEmployee ID

1 / 12

Scenario: You receive a call from "IT Support." They say: "We are auditing network speed. Please go to this website and download the remote support tool so we can run a check."

What is the red flag?

IT never calls to ask users to download tools.

IT can perform checks remotely without user intervention if the domain is joined.

You should verify the caller's identity by calling the official IT helpdesk number.

All of the above.

2 / 12

Your company requires employees to complete annual cybersecurity training. Why is this important?

It makes employees experts in coding

It replaces the need for firewalls

It ensures compliance and reduces human error

It eliminates phishing attacks completely

3 / 12

You get a text message with a link to track a courier package. The link looks unusual and asks for personal details. What should you do?

Enter your details to track the package

Ignore the message and delete it

Forward the link to friends for awareness

Call the number in the message directly

4 / 12

Scenario: A notification pops up on your laptop: "Critical Security Update Available. Restart Required." You are in the middle of a report.

Why should you prioritize the update?

To get new features.

To fix vulnerabilities (Zero-days) that hackers are actively using to break into systems.

To make the laptop run slower.

It is not urgent; you can wait a month.

5 / 12

A coworker accidentally shares sensitive data in a public Slack channel. What’s the best response?

Save the data for future use

Delete the message and notify IT/security

Ignore it since it was accidental

Forward the data to your manager

6 / 12

Scenario: You receive a video call on WhatsApp. The person on the call looks and sounds exactly like a police officer (CBI). They claim your Aadhaar was used to open a bank account for money laundering. They tell you that you are under "Digital Arrest" and must stay on the video call until the investigation is over, transferring money to an "escrow account" to prove innocence.

What should you do?

Stay on the call and transfer the money to avoid arrest.

Hang up immediately. Dial 112 or your local police station to verify. Real police do not conduct interrogations via WhatsApp video calls or "Digital Arrests."

Ask to see their ID badge closely through the camera.

Tell them you will call your lawyer and keep the video call running while doing so.

7 / 12

An employee shares Personally Identifiable Information (PII) of customers with an external vendor without proper authorization. What is the best response?

Ignore it since the vendor is trusted

Report the incident to the Data Protection Officer/IT security

Save the data for future use

Forward the data to another external partner

8 / 12

Scenario: An email claims to be from Microsoft 365. It says: "We have detected unusual sign-in activity. Click here to approve the login if it was you." You didn't try to log in.

What happens if you click?

You will be logged into your account safely.

You might inadvertently grant permission to a malicious app via OAuth (Consent Phishing).

Microsoft will block the attacker.

Your password will be automatically reset.

9 / 12

Your company is implementing Zero Trust architecture in 2026. What does this mean?

Trusting all internal users automatically

Allowing unrestricted access to employees

Assuming no user or device is trusted by default

Eliminating firewalls completely

10 / 12

You receive a notification that your password was found in a data breach. What’s the best immediate action?

Wait until IT contacts you

Change the password immediately and enable MFA

Ignore it since breaches are common

Use the same password across accounts for convenience

11 / 12

Scenario: You are leaving the company. As a goodbye, you decide to keep some of the code you wrote on a personal hard drive because "you wrote it" and it might be useful for your portfolio.

Is this allowed?

Yes, you own the code you wrote.

No, the code is Intellectual Property (IP) owned by the company. Taking it is theft.

Yes, as long as you don't share it.

Yes, if you delete it after 6 months.

12 / 12

You notice unusual login attempts from multiple countries on your cloud account. What is the most immediate step?

Contact the attackers directly

Ignore it since cloud services are secure

Change your password and enable MFA

Log out and wait to see if it continues

Your score is

0%

Leave a Reply Cancel reply