Keeping your company safe from cyberattacks is a huge challenge, and this is partly due to the confusing technical jargon used in the cybersecurity field. Failing to understand concepts like ransomware and DDoS may cause your company to overlook vital security measures and leave your company vulnerable to costly data breaches.
So how well do you know basic cybersecurity terms? Take our quiz to find out. Each question will examine various security aspects that businesses typically encounter. After taking this quiz, you should be more familiar with basic cybersecurity lingo and better equipped to handle future cyberthreats.
1. What do you call an application designed to harm computers and systems?
Correct answer: C. Malware
Short for malicious software, malware is an umbrella term for any program that can corrupt files, disable software and hardware, alter or delete data, or deny user access. Common types of malware include viruses, worms, Trojan horses, ransomware, botnets, spyware, and adware.
Malware can be delivered to systems via a USB drive or the internet. If your PCs are infected with malware, you may experience sluggish computer performance, frequent system crashes, or loss of access to files or the entire system.
To protect your computers from malware, do not download software from untrustworthy websites or peer-to-peer file transfer networks. Update your operating systems and software regularly to prevent cybercriminals from exploiting their vulnerabilities to attack your devices. Lastly, install anti-malware software to actively scan and block threats from harming your computers.
If your PCs are infected with malware, you may experience sluggish computer performance, frequent system crashes, or loss of access to files or the entire system.
2. ________ is a form of cyberattack where cybercriminals use legitimate-looking emails to steal personal and financial information.
A. DDoS attack
Correct answer: B. Phishing
A study by the FBI found that phishing was the most common cybercrime in 2020, as incidents more than doubled from 114,702 in 2019 to 241,324 in 2020. What’s more, the bureau found that there were more than 11 times as many phishing complaints in 2020 than in 2016.
Phishing emails typically come with a link that will take a user to a fraudulent website asking for sensitive information such as login credentials, Social Security numbers, and credit card information, among others. These emails may even come with attachments that install malware onto a computer.
Phishing scams can also be distributed through text messages or voice calls.
To protect your business from phishing attacks, refrain from opening unsolicited emails or attachments. You should also ignore text messages or calls from individuals or groups asking for personal information or urging you to click on suspicious links.
3. True or false: Multifactor authentication (MFA) identifies users using only two verification factors when logging in to an online account.
Correct answer: B. False
MFA uses two or more authentication factors when verifying the identity of a user. Authentication factors can be a password, one-time passcode, security token, fingerprints, or facial features. This means that after a user enters their username/email address and password, they will also be asked to provide additional authentication factors before they can gain access to their account.
4. What do you call a security risk that comes from people within an organization?
A. Employee threat
B. Company threat
C. Insider threat
Correct answer: C. Insider threat
Insider threats could involve employees who fall for online scams and phishing and malware attacks. They also include current and former employees, contractors, or business associates who intend to sabotage your company for their own gain.
Insider threats are one of the most dangerous cyberthreats to businesses today. The Ponemon Institute’s 2020 Cost of Insider Threats Global Report found that the number of insider threats increased from 3,200 in 2018 to 4,716 in 2020. What’s more, the cost of these incidents jumped from $8.76 million to $11.45 million within that same period.
Mitigating insider threats requires the implementation of a zero trust architecture. With zero trust, anyone who attempts to access corporate applications and data will be denied until their identity and access privileges are verified. Implementing MFA allows you to verify user identities while platforms such as Windows Server can help you set access restrictions based on job roles, data, and applications.
5. _________ refers to unauthorized IT systems, hardware, software, and services used within your organization.
A. Unvetted IT
B. Illegal IT
C. Shadow IT
Correct answer: C. Shadow IT
Shadow IT includes personal laptops used for work-related activities or any app that your employees installed on their computers to do work-related things without your consent.
Your employees' reasons for using shadow IT may not be malicious. It could be that your employees prefer a more familiar or better alternative to the solutions you’re currently implementing. While this may help boost their productivity, it comes with a few drawbacks. For one, using disparate IT solutions can create compatibility issues. Plus, unvetted tools may have vulnerabilities that cybercriminals can exploit to steal confidential information.
To address the risks of shadow IT, establish bring your own device guidelines on the apps and devices employees are permitted to use for work-related purposes.
Ensure that employee devices and tools are secure and compatible with your IT infrastructure. You must also have measures in place to secure company data. With laptops, for example, have employees create a separate account for work-related tasks. You should also install additional security measures such as role-based access controls and endpoint protection software.
How did you do?
4–5 correct answers: Great job! You know your cybersecurity lingo well.
2–3 correct answers: You know some terms, but there’s still lots to learn!
0–1 correct answer: You need to do better with your cybersecurity vocabulary.
Looking for the best cybersecurity solutions for your Baltimore, Annapolis, or Towson business? NetQuest is your best bet. Our affordable solutions will protect your company against online threats. What’s more, we will identify vulnerabilities in your IT infrastructure and suggest ways to fix them. Request a risk-free audit today.