Security Awareness Training - claymation artwork

Security Awareness Training Quiz

8 – 46 Questions 10 min

This security awareness training quiz focuses on everyday decisions employees make around email, chat, and document sharing that block real attacks. You will practice spotting phishing, social engineering, unsafe MFA approvals, weak password habits, and misuse of tools, including how SSL/TLS supports safer logins and online sessions.

Start Quiz Explore related quizzes

Part 1 — Questions

Answer each question on paper. Do not turn the page until you are ready to check your work.

In a general security awareness training quiz test question, which action is safest when you receive an unexpected email asking you to "reconfirm" your account password?

Ignore the email link and go to the official site using a known bookmark or typed address.
Forward the email to coworkers to ask what they think.
Reply and ask the sender if the email is legitimate.
Click the link and see if the website looks normal.

Attackers can copy real company logos and reuse existing email reply threads to make phishing messages look legitimate.

True
False

During a security awareness fundamentals quiz, you see a question about links. You receive an email with a short link claiming to be a shared document from your manager. What is the best first step?

Hover over the link or long-press it to preview the real destination.
Click the short link quickly so you do not delay work.
Copy and paste the link into a browser on your personal device.
Reply and ask the sender to resend the same link.

You see a message in your inbox that shows your CEO’s name, but when you expand the sender details the address ends in a free email domain. What is the best interpretation?

It is safe because the message is short and polite.
It is suspicious because the domain does not match your organization.
It must be legitimate because the display name is correct.
It is normal for executives to use personal email for work approvals.

It is acceptable to forward confidential work documents to your personal email account if you need to finish them at home and do not share them with anyone else.

True
False

A colleague asks you to upload sensitive customer data to a personal cloud drive so they can "work faster from home." What is the best response?

Agree as long as the file is password‑protected.
Send the data in a chat message instead of using cloud storage.
Refuse and suggest using the organization’s approved remote access or file‑sharing tool instead.
Comply but delete the files from the cloud when they are done.

Because your account is protected by MFA, it is safe to approve any authentication prompt that appears, even if you did not start a sign‑in yourself.

True
False

You receive an email that appears to be from a long‑time vendor asking you to update their bank account for future payments and to keep it confidential. What is the safest way to verify this request?

Reply to the email and ask for written confirmation on company letterhead.
Click the attached form, fill in the new details, and file it for audit.
Call the vendor using a phone number from your own vendor master record or portal and confirm the request.
Use the phone number in the email signature to call and confirm the change.

You are working as usual and your phone suddenly shows multiple MFA approval prompts for an application you are not trying to sign in to. What should you do first?

Approve one prompt so they stop appearing, then change your password later.
Ignore the prompts and continue working unless an admin contacts you.
Deny the prompts, stop what you are doing, and notify the security or IT team immediately.
Turn off MFA on your account so the prompts no longer appear.

10.

You see a QR code taped near a printer with the text "Scan to fix your print access". You were not having printing issues. What is the safest response?

Ignore it and assume facilities already approved it.
Report the QR code to security or facilities and do not scan it.
Take a picture to scan later from your personal device.
Scan the QR code and sign in to resolve any hidden issues.

11.

You should wait to report a suspected phishing email until you are certain it is malicious, so the security team is not overwhelmed with false alarms.

True
False

12.

You clicked a link in an email, entered your credentials, and then noticed the URL was slightly wrong and did not match your usual sign‑in page. What is the most appropriate next step?

Immediately change your password using the official portal and report the incident with time, app, and device details.
Post in a group chat to ask coworkers if they also received the same email.
Close the tab and wait to see if anything unusual happens.
Delete the email so there is no trace and keep working.

13.

Which of the following best describes the role of SSL/TLS in online gaming from a security awareness test perspective?

It stores player passwords securely on individual gaming devices.
It encrypts data between the game client and servers so attackers cannot easily read or alter it in transit.
It encrypts only graphics and voice chat so gameplay looks and sounds better.
It prevents all forms of cheating and hacking inside the game.

14.

If you open a suspicious attachment at work by mistake, you should still report it immediately even if nothing obvious seems wrong on your screen.

True
False

15.

An attacker calls pretending to be from IT, saying there is a "login problem" and asking you to read them your MFA code so they can complete a test sign‑in. What is the most secure way to handle this?

Provide the code but change your password afterward.
Refuse to share the code, end the call, and report the attempt through official channels.
Provide only the first half of the code so they cannot fully log in.
Ask the caller to send an email from the IT helpdesk and then share the code by email.

16.

You receive an email instructing you to urgently reroute a large payment to a "new account" for a known supplier. Select all that apply. Which signs suggest this may be a business email compromise attack?

A.The email includes wire instructions in an attached image instead of the usual portal.
B.The payment amount exactly matches a legitimate open invoice in your system.
C.The message arrives through your official ticketing system with standard templates.
D.The message stresses secrecy and urges you not to follow normal approval steps.
E.The sender’s address uses a slightly altered version of the supplier’s domain.

17.

Arrange the actions in the order you should take after you realize you clicked a phishing link at work.

Put these in the correct order (write 1–4 beside each):

____Report the incident using the official security or IT channel.
____Collect basic details such as time, sender, and link destination.
____Follow security team instructions to change credentials and review devices.
____Close the suspicious site and stop any further interaction.

18.

You receive an email about a bank detail change for a critical supplier. The domain is one character off from the real supplier, the message references a real invoice, and it asks you to bypass the normal approval workflow due to an "audit." What should you do?

Send the request to a colleague and ask them to update the bank details for you.
Call the supplier using a verified contact from your vendor system and require standard approval steps before any change.
Reply and ask the sender to confirm by sending a stamped PDF letter.
Process the change immediately so you do not delay payment.

19.

After clicking a link in a phishing email, you see a prompt asking you to grant a third‑party app long‑term access to your work email and files, using your organization’s sign‑in page. What is the safest action?

Ignore the prompt and close the browser without telling anyone.
Deny the consent request and report it to security with a screenshot of the permissions.
Grant access, then immediately change your password.
Grant access only to email but not files.

Part 2 — Answer key

Compare your answers after you have finished Part 1.

In a general security awareness training quiz test question, which action is safest when you receive an unexpected email asking you to "reconfirm" your account password?
Ignore the email link and go to the official site using a known bookmark or typed address.
Attackers can copy real company logos and reuse existing email reply threads to make phishing messages look legitimate.
True
During a security awareness fundamentals quiz, you see a question about links. You receive an email with a short link claiming to be a shared document from your manager. What is the best first step?
Click the short link quickly so you do not delay work.
You see a message in your inbox that shows your CEO’s name, but when you expand the sender details the address ends in a free email domain. What is the best interpretation?
It is safe because the message is short and polite.
It is acceptable to forward confidential work documents to your personal email account if you need to finish them at home and do not share them with anyone else.
False
A colleague asks you to upload sensitive customer data to a personal cloud drive so they can "work faster from home." What is the best response?
Send the data in a chat message instead of using cloud storage.
Because your account is protected by MFA, it is safe to approve any authentication prompt that appears, even if you did not start a sign‑in yourself.
False
You receive an email that appears to be from a long‑time vendor asking you to update their bank account for future payments and to keep it confidential. What is the safest way to verify this request?
Call the vendor using a phone number from your own vendor master record or portal and confirm the request.
You are working as usual and your phone suddenly shows multiple MFA approval prompts for an application you are not trying to sign in to. What should you do first?
Deny the prompts, stop what you are doing, and notify the security or IT team immediately.
You see a QR code taped near a printer with the text "Scan to fix your print access". You were not having printing issues. What is the safest response?
Scan the QR code and sign in to resolve any hidden issues.
You should wait to report a suspected phishing email until you are certain it is malicious, so the security team is not overwhelmed with false alarms.
False
You clicked a link in an email, entered your credentials, and then noticed the URL was slightly wrong and did not match your usual sign‑in page. What is the most appropriate next step?
Close the tab and wait to see if anything unusual happens.
Which of the following best describes the role of SSL/TLS in online gaming from a security awareness test perspective?
It encrypts data between the game client and servers so attackers cannot easily read or alter it in transit.
If you open a suspicious attachment at work by mistake, you should still report it immediately even if nothing obvious seems wrong on your screen.
True
An attacker calls pretending to be from IT, saying there is a "login problem" and asking you to read them your MFA code so they can complete a test sign‑in. What is the most secure way to handle this?
Refuse to share the code, end the call, and report the attempt through official channels.
You receive an email instructing you to urgently reroute a large payment to a "new account" for a known supplier. Select all that apply. Which signs suggest this may be a business email compromise attack?
The email includes wire instructions in an attached image instead of the usual portal.; The message stresses secrecy and urges you not to follow normal approval steps.; The sender’s address uses a slightly altered version of the supplier’s domain.
Arrange the actions in the order you should take after you realize you clicked a phishing link at work.
Correct order: Close the suspicious site and stop any further interaction. → Collect basic details such as time, sender, and link destination. → Report the incident using the official security or IT channel. → Follow security team instructions to change credentials and review devices.
You receive an email about a bank detail change for a critical supplier. The domain is one character off from the real supplier, the message references a real invoice, and it asks you to bypass the normal approval workflow due to an "audit." What should you do?
Call the supplier using a verified contact from your vendor system and require standard approval steps before any change.
After clicking a link in a phishing email, you see a prompt asking you to grant a third‑party app long‑term access to your work email and files, using your organization’s sign‑in page. What is the safest action?
Deny the consent request and report it to security with a screenshot of the permissions.

1In a general security awareness training quiz test question, which action is safest when you receive an unexpected email asking you to "reconfirm" your account password?

2Attackers can copy real company logos and reuse existing email reply threads to make phishing messages look legitimate.

True / False

3During a security awareness fundamentals quiz, you see a question about links. You receive an email with a short link claiming to be a shared document from your manager. What is the best first step?

4You see a message in your inbox that shows your CEO’s name, but when you expand the sender details the address ends in a free email domain. What is the best interpretation?

5It is acceptable to forward confidential work documents to your personal email account if you need to finish them at home and do not share them with anyone else.

True / False

6A colleague asks you to upload sensitive customer data to a personal cloud drive so they can "work faster from home." What is the best response?

7Because your account is protected by MFA, it is safe to approve any authentication prompt that appears, even if you did not start a sign‑in yourself.

True / False

8You receive an email that appears to be from a long‑time vendor asking you to update their bank account for future payments and to keep it confidential. What is the safest way to verify this request?

9You are working as usual and your phone suddenly shows multiple MFA approval prompts for an application you are not trying to sign in to. What should you do first?

10You see a QR code taped near a printer with the text "Scan to fix your print access". You were not having printing issues. What is the safest response?

11You should wait to report a suspected phishing email until you are certain it is malicious, so the security team is not overwhelmed with false alarms.

True / False

12You clicked a link in an email, entered your credentials, and then noticed the URL was slightly wrong and did not match your usual sign‑in page. What is the most appropriate next step?

13Which of the following best describes the role of SSL/TLS in online gaming from a security awareness test perspective?

14If you open a suspicious attachment at work by mistake, you should still report it immediately even if nothing obvious seems wrong on your screen.

True / False

15An attacker calls pretending to be from IT, saying there is a "login problem" and asking you to read them your MFA code so they can complete a test sign‑in. What is the most secure way to handle this?

16You receive an email instructing you to urgently reroute a large payment to a "new account" for a known supplier. Select all that apply. Which signs suggest this may be a business email compromise attack?

Select all that apply

17Arrange the actions in the order you should take after you realize you clicked a phishing link at work.

Put in order

1Report the incident using the official security or IT channel.

2Collect basic details such as time, sender, and link destination.

3Follow security team instructions to change credentials and review devices.

4Close the suspicious site and stop any further interaction.

18You receive an email about a bank detail change for a critical supplier. The domain is one character off from the real supplier, the message references a real invoice, and it asks you to bypass the normal approval workflow due to an "audit." What should you do?

19After clicking a link in a phishing email, you see a prompt asking you to grant a third‑party app long‑term access to your work email and files, using your organization’s sign‑in page. What is the safest action?

Disclaimer

This quiz is for educational and training purposes only and does not constitute legal, medical, or professional advice.

Security Awareness Decision Traps Highlighted By This Quiz

Trusting visual context as proof

Staff often assume logos, signatures, and ongoing threads prove a message is safe. Attackers copy all of these elements. Treat any request that moves money, changes payment details, grants access, or exposes data as untrusted until you confirm it through a phone number or portal you already know.

Reading only the display name

Many people skim the display name and subject line, then click. The quiz expects you to expand the sender details, check the actual domain, and compare it to past legitimate messages. Look for extra characters, swapped letters, unexpected country codes, or a Reply-To address that sends responses somewhere else.

Assuming MFA means approve everything

Some users treat every MFA prompt as routine. Attackers exploit this fatigue by flooding prompts after stealing passwords. Correct behavior is to deny any unexpected request, stop what you are doing, then report the prompt with the app name, device, and approximate time so security can investigate quickly.

Clicking links, QR codes, or attachments first

Rushed users open files or scan codes before checking them. Safer behavior is to hover to preview URLs, type important sites from bookmarks, and verify that a login page matches your normal single sign-on flow. For web services and online games, SSL/TLS protects data in transit but does not validate the sender.

Using personal tools for work data

Forwarding documents to personal email or uploading them to consumer storage removes company protections. The quiz favors answers that keep data inside approved systems, apply correct labels or classifications, and restrict access to specific people or managed groups.

Hiding mistakes instead of reporting

Employees sometimes stay silent after clicking a bad link or approving an MFA prompt out of embarrassment. The better approach is immediate reporting with details about what you clicked, what you entered, and when it happened so responders can contain damage and reset access.

Official References Supporting Security Awareness Training Practices

Authoritative Security Awareness and Phishing Resources

Use these references to align your quiz answers and training approach with widely accepted guidance on phishing, authentication, and business email compromise.

NIST SP 800-50 Rev. 1: Guidance for building cybersecurity and privacy learning programs, including awareness goals, behavior change, and role based content.
CISA Counter-Phishing Recommendations: Technical and human focused controls that reduce the chance employees interact with phishing messages.
FTC Phishing Guidance for Small Businesses: Plain language explanations of phishing patterns, red flags, and practical prevention steps for employees and managers.
FBI Business Email Compromise Guide: Detailed description of BEC scams, including payment change fraud and reporting expectations after a suspected incident.
SANS Phishing Awareness Training Resources: Professional guidance on simulating phishing, measuring user behavior, and strengthening ongoing awareness programs.

Security Awareness Training Quiz And Test Questions FAQ

Common Questions About This Security Awareness Training Quiz

What topics does this security awareness training quiz focus on?

The quiz concentrates on phishing, social engineering, business email compromise, safe use of MFA, secure document sharing, and early incident reporting. Scenarios mirror everyday actions in email, chat, ticketing systems, and cloud collaboration tools rather than abstract theory.

How should I approach scenario questions about payment changes or vendor banking updates?

Assume that any unexpected payment change, new bank account, or urgent transfer request may be malicious. Correct answers usually involve independently verifying through a trusted phone number or portal, slowing the process down, and documenting what you checked before approving or rejecting the request.

Which option is usually correct for questions about the role of SSL/TLS, including in online gaming?

SSL/TLS encrypts traffic between client and server, protects credentials and session data from eavesdropping, and helps confirm server identity. It does not guarantee game fairness, stop phishing, or hide unsafe clicks. Look for answer choices that emphasize confidentiality and integrity of data in transit.

How can managers use this security awareness test for employees?

Managers can review aggregate results to see patterns, such as weak MFA decisions or risky data sharing habits. They can then target coaching, adjust internal procedures, or schedule focused refreshers instead of relying only on annual slide based training.

How does this quiz connect with other workplace risk and compliance topics?

Security awareness overlaps with privacy, safety, and compliance expectations. For broader context on data handling, pair this quiz with the Data Privacy And Security Awareness Quiz. For physical safety and hazard basics, the OSHA 10 General Safety Awareness Test reinforces complementary workplace behaviors.