ao link
Charity Digital
Search
Remember Login

New to Charity Digital?

User Menu
Remember Login

New to Charity Digital?

Remember Login

New to Charity Digital?

Search

Quiz: Do you know how to prevent a cyber attack?

Test your knowledge of the five core controls recommended by the Cyber Essentials scheme to mitigate cyber threats in the charity sector

Computer keyboard with a yellow post-it note with a question mark stuck to it
Quiz: Do you know how to prevent a cyber attack?

Charities of any size can experience a cyber breach. Around a third of charities in the UK reported experiencing some sort of cyber attack or breach over the last 12 months, according the UK Government’s 2024 Cyber Security Breaches Survey.  


Fortunately, there are measures that charities can take to
mitigate against this risk. The Cyber Essentials certification scheme, delivered by IASME in partnership with the National Cyber Security Centre, centres around five core controls that will reduce the impact of common cyber attacks
 

With these controls in place, charities can apply for the Cyber Essentials certification, allowing charities to take stock of their cyber security, communicate to their audiences how seriously they are taking it, and ultimately reduce the impact of common cyber attacks by up to 80%.  

 

During October, which is Charity Cyber Security Awareness month, if you are a registered charity and you sign up and pay for Cyber Essentials between 1 and 31 October you will receive a discount to the price of certification. Working in partnership with selected Certification Bodies around the UK and Crown Dependencies, IASME will be offering free support and guidance to help charities achieve certification. 

 

To test your knowledge on the five core controls that help protect against cyber threats, we’ve set six questions for charities to answer, helping them to understand more about how the Cyber Essentials requirements can help strengthen their cyber security.

 

Start the quiz below!  

 

 

Question 1: Cyber security in the UK charity sector 

 

What percentage of charities experienced a cyber breach or attack over the last 12 months, according to the 2024 Cyber Breaches report? 

 

Question 2: User access control  

 

User access control regulates who can access your data and services and what level of access they have. Charities should only provide privileged access to people who need it for their roles, keep track of who has these accounts and regularly review these privileges.  

 

For example, while an IT professional may have an administrator account, allowing them higher levels of control over devices and systems, a volunteer only has access to the digital tools they need for their day-to-day roles.

 

What actions can an administrator account take that a standard user account can’t? 

 

Question 3: Malware protection 

 

Charities can use anti-malware software to scan web pages and files when downloaded or opened to identify and deactivate viruses or malicious software before it can cause damage.  

 

Only approved applications should be used on each device. Organisations should have a robust approval process that includes keeping a regular list of apps that are allowed and what they can access.  

 

 

What is an “allow list”? 

 

Question 4: Secure configuration 

 

Secure configuration refers to the way a computer is set up to minimise the ways a cyber criminal can find a way in. This includes the use of passwords, multi-factor authentication, and the removal of software and accounts that you do not use.

 

 

When an account is protected by a password alone, according to the Cyber Essentials requirements, what is the minimum length of that password?  

 

Question 5: Firewalls

 

Firewalls are like a security filter between the internet and your network and on your device. Firewalls check and monitor data in both directions as it moves through the network and can block or permit the data according to the predefined firewall rules.   
 

 

Which of these statements about firewalls is false? 

 

Question 6: Security update management 

 

Within a piece of software’s functioning life span, as soon as an error or ‘vulnerability’ is discovered, the manufacturer creates an update that that will fix and close the opening to prevent its exploitation by cyber criminals. The process of applying an update is known as security update management or “patching.     

 

How soon should high risk and critical software updates be applied after their release? 

 


Answers 

  1. Incorrect!  

32% of charities reported experiencing a cyber breach or attack in the previous 12 months, according to the 2024 Cyber Breaches survey. 

 

  1. Incorrect!  

Administrator accounts provide a high level of control over systems. Unlike regular user accounts, they alone are able to create, modify, and delete user accounts, install new software, and change system settings. 

 

Click here to learn more about User Access Controls.  

 

Click here to go to the next question 

 


 

  1. Incorrect!  

An “allow list” is a list of applications that you know are safe to use and that you need to access. 

 

Click here to learn more about Malware Protection. 

 

Click here to go to the next question 

 


 

  1. Incorrect!  

In most cases, 12 characters is the minimum length of a password or pin code for Cyber Essentials. Exceptions include when unlocking a device (6 characters) or where multi-factor authentication is in use (8 characters).  

 

Click here to learn more about Secure Configuration. 

 

Click here to go to the next question

 

 

 

  1. Incorrect!  

The false statement is that a firewall is a physical device only. A firewall can also be a piece of software found in most common desktop and laptop operating systems.  

 

Click here to learn more about Firewalls. 

 

 

 

  1. Incorrect!  

All modern software will need to ‘update’ on a regular basis as part of its maintenance, ensuring that vulnerabilities are patched within 14 days of the update. 

 

Click here to learn more about Security Update Management. 

 

Click here to try again 

 

 

 


 

 

  1. Correct!  

Well done!  

 

 

 

  1. Correct!  

Well done! 

 

Click here to learn more about user access control.

 

Click here to go to back to the quiz!

 

 

 

  1. Correct!  

Well done!  

 

Click here to learn more about malware protection.

 

Click here to go to back to the quiz!

 

 

 

  1. Correct!  

Well done!  

 

Click here to learn more about secure configuration.

 

Click here to go to back to the quiz! 

 

 

 

  1. Correct!  

Well done! 

 

Click here to learn more about firewalls. 

 

Click here to go back to the quiz!

 

 
 


    6. Correct!  

 

All modern software will need to ‘update’ on a regular basis as part of its maintenance, ensuring that vulnerabilities are patched within 14 days of the update. 

 

Click here to find out more about security update management.

 

 

You’ve completed the quiz!  

 

Sounds like you’re ready for Cyber Essentials. Check out the Cyber Essentials Readiness Tool to understand whether the cyber security in your organisation meets the requirements for Cyber Essentials.  

 

Discover the Readiness Tool


Related Articles

A charity guide to maintaining Cyber Essentials all year roundA charity guide to maintaining Cyber Essentials all year round
Cyber Essentials from the National Cyber Security CentreCyber Essentials from the National Cyber Security Centre
Five key measures to prevent cyber attacksFive key measures to prevent cyber attacks
How cyber certification is empowering charitiesHow cyber certification is empowering charities
The fundamentals of third-party cyber securityThe fundamentals of third-party cyber security

More on this topic

How charity partnerships strengthen the sector 

How charity partnerships strengthen the sector Sponsored Article

How to stay cyber secure with volunteers

How to stay cyber secure with volunteersSponsored Article

Charity Digital Academy

Our courses aim, in just three hours, to enhance soft skills and hard skills, boost your knowledge of finance and artificial intelligence, and supercharge your digital capabilities. Check out some of the incredible options by clicking here.

 

Tell me more

Recite Me toolbar