TAKE HOME QUIZ

LIVING IN AN IT ERA
Name:_____________________
Section: ___________________
Directions: Read each item carefully. Choose the letter of the correct answer.
1. Government authority in the Philippines that monitors and ensures compliance of the country with
international standards set for data protection
A. Intellectual Property Office
B. National Privacy Commission
C. Bureau of Legal affairs
D. Documentation, Information and Technology Transfer Bureau
2. Data privacy issues may arise in response to information from a wide range of sources, such as:
A. Healthcare records
B. Academic research
C. Privacy breach
D. All of the above
3. It is the policy of the State to protect fundamental human right of privacy of communication while
ensuring the free flow of information to promote innovation and growth.
A. Data Privacy Act
B. Computer Privacy
C. Computer Security
D. Intellectual Property Code
4. Which of the following should you do when providing information at an e-commerce website?
A. Use a PC that you know is secure
B. Make sure firewalls and anti-virus software features are enabled.
C. Make sure that you log off from the Website at the end of the session.
D. All of the above
5. It protects individuals from unauthorized processing of personal information.
A. RA 8293
B. RA 10173
C. RA 7277
D. RA 8293
6. Which of the following is/are TRUE about Data Privacy Act of 2012?
I. Personal information must be collected for reasons that are specified, legitimate, and
reasonable.
II. Personal information must be handled properly.
III. Information must be kept accurate and relevant, used only for the stated purposes, and
retained only for as long as reasonably needed.
IV. Personal information must be discarded in a way that does not make it visible and accessible to
unauthorized third parties.
A. I, and II
B. II and III
C. I, II and III
D. I, II, III and IV
7. Which of the following states the rights of data subjects?
A. Data subject has the right to know if their personal information is being processed.
B. The person can demand information such as the source of info, how their personal information
is being used, and copy of their information.
 C. One has the right to request removal and destruction of one’s personal data unless there is a
legal obligation that required for it to be kept or processed.
D. All of the above
8. An act prescribing the Intellectual Property Code and establishing the Intellectual Property Office,
providing for its powers and functions, and for other purposes.
A. RA 8293
B. RA 10173
C. RA 7277
D. RA 8293
9. It is the protection of computer systems from the theft of or damage to their hardware, software,
or electronic data, as well as from the disruption or misdirection of the services they provide.
A. Computer vulnerabilities
B. Computer threats
C. Cyber security
D. Data Privacy
10. Defect or flaws in a system that can leave the computer or network open to attack or exposed to a
threat.
A. Denial-of-Service Attack
B. Direct Access Attack
C. Vulnerabilities
D. Backdoor
11. It prevents legitimate users from accessing the service
A. Denial-of-Service Attack
B. Direct Access Attack
C. Vulnerabilities
D. Backdoor
12. Jailbreaking is bypassing the manufacturer’s programming restrictions to take full control of
smartphone or other device. What is this type of vulnerability?
A. Phishing
B. Eavesdropping
C. Privilege escalation
D. Direct Access Attack
13. It is the totality of patterns of behavior in an organization that contribute to the protection of
information of all kinds.
A. Eavesdropping
B. Internet of things
C. Social engineering
D. Information Security Culture
14. What does the “https://” at the beginning of a URL denote, as opposed to "http://" (without the
“s”)?
A. That the site has special high definition
B. That information entered into the site is encrypted
C. That the site is the newest version available
D. That the site is not accessible to certain computers
15. Which of the following is an example of a “phishing” attack?
A. Sending someone an email that contains a malicious link that is disguised to look like an email
from someone the person knows
 B. Creating a fake website that looks nearly identical to a real website in order to trick users into
entering their login information
C. Sending someone a text message that contains a malicious link that is disguised to look like a
notification that the person has won a contest
D. All of the above
16. It requires "something you know"; a password or PIN, and "something you have"; a card, dongle,
cellphone, or other piece of hardware.
A. Firewall
B. Antivirus Software
C. Two factor authentication
D. Virtual Private Network
17. Which of the following four passwords is the most secure?
A. Boat123
B. WTh!5Z
C. into*48
D. 123456
18. Criminals access someone’s computer and encrypt the user’s personal files and data. The user is
unable to access this data unless they pay the criminals to decrypt the files. This practice is called
__________.
A. Ransomware
B. Phishing
C. Botnet
D. Spam
19. If a public Wi-Fi network (such as in an airport or café) requires a password to access, is it generally
safe to use that network for sensitive activities such as online banking?
A. Yes, it is safe
B. No, it is not safe
C. Not sure
D. Maybe
20. What kind of cybersecurity risks can be minimized by using a Virtual Private Network (VPN)?
A. Use of unsecured Wi-Fi networks
B. Key-logging
C. De-anonymization by network operators
D. Phishing attacks
21. To be as safe as possible, what is the best account setting?
A. Private (only you)
B. Private (only friends)
C. Public (Friends of friends)
D. Public (Everyone)
22. Your internet banking profile is being hacked. What should you do?
A. Call the providers and shut down the profile
B. Start a new accout and dont tell anyone
C. Dont do anything - they might be dangerous
23. E-mail programs provide_________ so you don’t become fallen victim to scams and identity theft.
A. encryption
B. phising filters
C. spam filters
D. all of the above
24. Which of the following is/are the best measure to protect the computer system?
A. Make sure that individuals can only access data and services for which they are authorized
B. Make sure you have the latest version of software installed
C. Make your password difficult to guess
D. All of the above
25. Without your knowledge, a _____________ can make charges to your phone bill, send unsolicited
messages to your contact list, or give an attacker control over your device.
A. Worms
B. Phishing
C. Spyware
D. Malware
26. Unauthorized individuals who use another person’s name to receive credit cards, driver licenses and
various other items in their victim’s name
A. Scam
B. Phishing
C. Identity Theft
D. Confidentiality Breach
27. Which of these is NOT a wise idea when it comes to password security?
A. Avoiding the use of your personal information as password to your online account.
B. Writing your passwords down on a sticky note that you keep near your computer.
C. Changing your passwords on a regular basis, such as every three-to-six months.
D. Creating unique, long, complex passwords for each and every online account you have.
28. How can using geolocation services put your privacy at risk?
A. Data stored within the photos you take can expose your exact location.
B. Certain apps may record and use information about places you go without you knowing it.
C. Savvy criminals, governments and others can track your every move.
D. All of the above.
29. The method by which companies analyze customer data or other types of information in an effort to
identify patterns and discover relationships between different data elements is often referred to as:
A. Customer data management
B. Data mining
C. Data digging
D. None of the above
30. Machine learning is
A. The selective acquisition of knowledge through the use of manual programs
B. The autonomous acquisition of knowledge through the use of manual programs
C. The selective acquisition of knowledge through the use of computer programs
D. The autonomous acquisition of knowledge through the use of computer programs
31. In cryptography, what is cipher?
A. none of the mentioned
B. encrypted message
C. both algorithm for performing encryption and decryption and encrypted message
D. algorithm for performing encryption and decryption
32. Many applications use _________________, where two independent factors are used to identify a
user.
A. Cross-site request forgery
B. Cross-site scoring scripting
C. Two-factor authentication
 D. Cross-site scripting
33. Secret words or numbers used for protection of devices is called
A. Biometrics data
B. Private words
C. Backup
D. Passwords
34. The process of converting data into a format that can not be read by another user
A. Registering
B. Locking
C. Encryption
D. Keying
35. The process of indentifying a person before giving an access?
A. Authentication
B. Encryption
C. Auditing
D. Access control
36. What do you call the security discipline that requires that a user is given no more privileges
necessary to perform his or her job?
A. Defense in Depth
B. Risk transfer
C. Principle of least privilege
D. Reduction of attack surface
37. What is the best way to protect against social engineering?
A. Employee awareness
B. Risk mitigation
C. Stronger authentication
D. Strong encryption
38. What type of attack tries to guess password by trying common words?
A. Dictionary attack
B. Brute force attack
C. Man in the middle attack
D. Smurf attack
39. What type of authentication method identifies and recognizes people based o physical traits such as
finger prints?
A. WEP
B. Digital certificates
C. Biometrics
D. RADIUS
40. Which of the following terms indicates that information is to be read only by those people for whom
it is intended?
A. Availability
B. Accounting
C. Integrity
D. Confidentiality