SANS ASLP Security Awareness Training Study Guide UPDATED ACTUAL Exam Questions and CORRECT Answers

SANS ASLP Security Awareness Training
Study Guide UPDATED ACTUAL Exam
Questions and CORRECT Answers
Which type of malware prevents you from accessing files stored on your computer? - CORRECT
ANSWER - Ransomware


Which of the following is needed for a computer system or device to be vulnerable to malware? -
CORRECT ANSWER - An Operating system


Joe is browsing the web and notices the light by his webcam is on. The website he is on did not
ask permission to access his webcam and he knows he did not turn it on. What should Joe do? -
CORRECT ANSWER - Report the possible malware attack.


Which of the following provides the most protection against malware? - CORRECT
ANSWER - Updates


What method would a cyber attacker use to infect a system with malware? - CORRECT
ANSWER - Tricking a person into opening an infected file attached to a message.



Phishing is what type of attack? - CORRECT ANSWER - Social engineering


You receive an email that appears to come from the help desk asking for your password so a
critical update can be installed on your computer. What should you do? - CORRECT
ANSWER - You suspect the email may be a phishing attack, so you report it immediately.


You receive an email from your bank informing you that their privacy policy has been updated
and asking you to review it on their website. What is the safest way to visit your bank's website?
- CORRECT ANSWER - Open your browser and click on a bookmark you saved earlier
for your bank's website.

, Which of the following is the most likely indicator of a phishing attack? - CORRECT
ANSWER - An urgent email claiming to be from a coworker, but was sent from a personal
email address, such as one from @gmail.com.


Rudy accidentally sent a sensitive work report to a friend named James instead one of his co-
workers, who is also named James. What should Rudy have done to prevent this? - CORRECT
ANSWER - Double check the TO address before hitting the send button.


Which of the following is the best way to create a strong password? - CORRECT
ANSWER - Use a long and unique passphrase.


Which of the following is the best example of a strong and memorable password? - CORRECT
ANSWER - Elphant-Blue-42 (something Like this)


Why it is important to add two-step verification to all accounts that offer it? - CORRECT
ANSWER - It provides an extra layer of protection beyond just a password.



Which of the following is an example of two-step verification? - CORRECT ANSWER -A
one-time code sent via text message to your mobile device.


What is the purpose of a password manager? - CORRECT ANSWER - The secure storage
and retrieval of multiple passwords.


Felicia in Human Resources receives an urgent email from her boss stating that the database
containing all employees' tax information is inaccessible. She is asked to reply with all
employees' tax information to avoid paying substantial late fees. What should she do? -
CORRECT ANSWER - Call her boss to confirm whether her boss sent the email
requesting employee tax information.


Cybercriminals are planning a targeted attack on an organization's groundbreaking research data.
Colin is an entry-level accounting employee at the organization. What is the most likely risk
posed by Colin in this scenario? - CORRECT ANSWER - Colin is used as a stepping stone
to gain initial access to the network.