2018 Security Awareness Compliance Training Assessment

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Ramtin3
R
Ramtin3
Community Contributor
Quizzes Created: 1 | Total Attempts: 176
| Attempts: 176
SettingsSettings
Please wait...
  • 1/20 Questions

    You print a series of documents containing sensitive information for a client meeting. After the meeting is finished, what is the proper way to dispose of these documents?

    • Place the documents in the recycling bin.
    • Take the documents home and put them in your personal trash can.
    • Shred the documents.
    • Put the documents in the trash can at the office.
Please wait...
About This Quiz

Instructions:
1- Finish the questions in this assessment before 12 PM (noon) on August 13, 2018.
2- You must answer 85% of the questions correctly (17/20).
3- After you complete the assessment, a certificate will appear on your screen showing your score. Take a screenshot of the certificate and send the certificate to Ramtin Taheri (rtaheri@credly. Com).

2018 Security Awareness Compliance Training Assessment - Quiz

Quiz Preview

  • 2. 

    What should you do AS SOON AS you discover that a Security Incident occurred (or you have reason to believe one might have)?

    • Fix the problem on your own.

    • Notify a member of the Security Council.

    • Inform local and national media outlets.

    • Contact the hackers or entities that performed the attack.

    Correct Answer
    A. Notify a member of the Security Council.
    Explanation
    As soon as you discover a security incident or have reason to believe one might have occurred, the appropriate action is to notify a member of the Security Council. This is important because the Security Council is responsible for handling security incidents and has the expertise to assess the situation, investigate the incident, and take necessary actions to mitigate the impact and prevent further damage. Fixing the problem on your own may not be sufficient or effective, and contacting the hackers or entities that performed the attack is not recommended as it can compromise the investigation and potentially escalate the situation. Informing local and national media outlets is not the immediate priority and should be done only after the incident is properly addressed.

    Rate this question:

  • 3. 

    Where can the Credly Written Information Security Policy be found?

    • Www.credly.com

    • Www.youracclaim.com

    • Intranet.credly.com

    • Credly’s AWS (Amazon Web Services) account

    Correct Answer
    A. Intranet.credly.com
    Explanation
    The Credly Written Information Security Policy can be found on intranet.credly.com. This is the internal website of Credly where employees can access company-specific information and policies.

    Rate this question:

  • 4. 

    Which of the following security practices requires all Credly employees to take a screenshot when completed?

    • Locking your screen when stepping away from the computer.

    • Securely handling sensitive information.

    • Reporting security incidents.

    • Installing antivirus software.

    Correct Answer
    A. Installing antivirus software.
    Explanation
    Installing antivirus software is a security practice that requires all Credly employees to take a screenshot when completed. This is because taking a screenshot provides evidence that the antivirus software has been successfully installed on the computer. This practice ensures that all employees have the necessary protection against malware and other security threats.

    Rate this question:

  • 5. 

    Which one of the following statements about a password is TRUE?

    • It must be changed only if it is compromised.

    • It cannot contain special character symbols.

    • It must be registered with the system administrator.

    • It must be changed on a quarterly basis.

    Correct Answer
    A. It must be changed on a quarterly basis.
    Explanation
    The correct answer is that a password must be changed on a quarterly basis. This is a common security practice to ensure that passwords are regularly updated and to minimize the risk of unauthorized access. By changing passwords regularly, it reduces the likelihood of a compromised password being used maliciously.

    Rate this question:

  • 6. 

    Which of the following should you report to a member of the Security Council?

    • Theft of your company issued laptop.

    • Intentionally clicking a link in a phishing email.

    • Accidentally sending sensitive client information to the wrong person.

    • All of the above.

    Correct Answer
    A. All of the above.
    Explanation
    All of the mentioned incidents should be reported to a member of the Security Council because they all pose potential security risks. The theft of a company-issued laptop can result in unauthorized access to sensitive information. Intentionally clicking a link in a phishing email can lead to malware installation or unauthorized access to personal or company data. Accidentally sending sensitive client information to the wrong person can result in a data breach and compromise client confidentiality. Reporting these incidents allows for appropriate actions to be taken to mitigate the risks and prevent further security breaches.

    Rate this question:

  • 7. 

    Which one of the following statements about wireless networks is TRUE?

    • They cannot be intercepted by unknown users.

    • They limit accessibility to other users.

    • They limit visibility to other users.

    • They can be accessible to other users.

    Correct Answer
    A. They can be accessible to other users.
    Explanation
    Wireless networks can be accessed by other users because the signals are transmitted through the air and can be intercepted by anyone within range. This is why it is important to secure wireless networks with passwords and encryption to prevent unauthorized access.

    Rate this question:

  • 8. 

    Which one of the following is an example of phishing?

    • An email warning the recipient of a computer virus threat.

    • An email directing the recipient to forward the email to friends.

    • An email directing the recipient to enter personal details on a fake website made to look legitimate.

    • An email from your manager about an upcoming meeting.

    Correct Answer
    A. An email directing the recipient to enter personal details on a fake website made to look legitimate.
    Explanation
    An email directing the recipient to enter personal details on a fake website made to look legitimate is an example of phishing. Phishing is a type of cyber attack where the attacker pretends to be a trustworthy entity in order to deceive individuals into providing sensitive information such as passwords, credit card numbers, or social security numbers. In this case, the email is attempting to trick the recipient into thinking they are entering their personal details on a legitimate website, when in reality, it is a fake website created by the attacker.

    Rate this question:

  • 9. 

    What is NOT considered sensitive information under the Credly Written Information Security Policy?

    • An earner’s profile information.

    • A proposal sent to a client.

    • Your social media posts.

    • A document describing a client’s credential issuing strategy.

    Correct Answer
    A. Your social media posts.
    Explanation
    According to the Credly Written Information Security Policy, social media posts are not considered sensitive information. This implies that the information shared on social media platforms is not considered confidential or private. The policy likely classifies social media posts as public information that can be accessed and viewed by anyone, rather than sensitive data that needs to be protected.

    Rate this question:

  • 10. 

    When may you download and store Credly sensitive information on your local computer?

    • When the information is encrypted.

    • When the information is password protected.

    • When the password is in a hidden folder.

    • Never.

    Correct Answer
    A. Never.
    Explanation
    It is not recommended to download and store Credly sensitive information on a local computer, regardless of whether it is encrypted, password protected, or stored in a hidden folder. This is because storing sensitive information on a local computer increases the risk of unauthorized access, data breaches, and potential loss or theft of the information. It is safer to access and handle sensitive information directly through secure online platforms or systems provided by Credly.

    Rate this question:

  • 11. 

    Which of the following is an acceptable password?

    • H@ppyHol1dayz

    • Doktori23?

    • Password123!!

    • Kla4%

    Correct Answer
    A. H@ppyHol1dayz
    Explanation
    The password "H@ppyHol1dayz" is acceptable because it includes a combination of uppercase and lowercase letters, numbers, and special characters. This makes it more secure and harder to guess.

    Rate this question:

  • 12. 

    How frequently must you change your password?

    • Every 30 days.

    • Every 90 days.

    • Once Per Year.

    • Passwords need not be changed if they are automatically generated by a password manager such as “LastPass.”

    Correct Answer
    A. Every 90 days.
    Explanation
    Passwords should be changed every 90 days to ensure security. This time frame strikes a balance between ensuring that passwords are regularly updated to prevent unauthorized access and minimizing the inconvenience of frequently changing passwords. Changing passwords regularly helps protect against password guessing, brute force attacks, and unauthorized access to accounts. Additionally, it reduces the risk of compromised passwords being used for an extended period of time.

    Rate this question:

  • 13. 

    Which is not an acceptable method for locking a workstation?

    • Press Windows Key + L

    • Type LOCK on your keyboard, then press enter

    • Press Command + Option + Power

    • Press Command + Option + Eject

    Correct Answer
    A. Type LOCK on your keyboard, then press enter
    Explanation
    Typing "LOCK" on the keyboard and then pressing enter is not an acceptable method for locking a workstation. This is because there is no standard keyboard shortcut or command to lock a workstation by typing "LOCK" and pressing enter. The other options listed are valid methods for locking a workstation on different operating systems such as Windows and Mac.

    Rate this question:

  • 14. 

    Which of the following laws govern Credly’s treatment of personally identifiable data? 

    • European Union General Data Protection Regulation (GDPR)

    • The California Consumer Privacy Act of 2018

    • The Children’s Online Privacy Protection Act (COPPA)

    • All of the Above

    Correct Answer
    A. All of the Above
    Explanation
    All of the listed laws govern Credly's treatment of personally identifiable data. The European Union General Data Protection Regulation (GDPR) is a regulation that protects the personal data and privacy of European Union citizens. The California Consumer Privacy Act of 2018 (CCPA) is a state law that gives California residents rights over their personal information and requires businesses to be transparent about their data collection practices. The Children's Online Privacy Protection Act (COPPA) is a federal law that imposes certain requirements on websites and online services that collect personal information from children under the age of 13. Therefore, all three laws apply to Credly's treatment of personally identifiable data.

    Rate this question:

  • 15. 

    Which of the following are possible warning signs of a potential insider threat situation? Select all that apply.

    • A coworker is attempting to copy company proprietary data without being authorized to do so.

    • A coworker is downloading a large amount of company information.

    • Overhearing a coworker constantly expressing their dissatisfaction with working at Credly, and their desire to take adverse actions due to that dissatisfaction.

    • Overhearing a coworker discuss working for a competitor of Credly.

    Correct Answer(s)
    A. A coworker is attempting to copy company proprietary data without being authorized to do so.
    A. A coworker is downloading a large amount of company information.
    A. Overhearing a coworker constantly expressing their dissatisfaction with working at Credly, and their desire to take adverse actions due to that dissatisfaction.
    A. Overhearing a coworker discuss working for a competitor of Credly.
    Explanation
    The possible warning signs of a potential insider threat situation include a coworker attempting to copy company proprietary data without authorization, a coworker downloading a large amount of company information, overhearing a coworker expressing dissatisfaction with working at Credly and their desire to take adverse actions, and overhearing a coworker discussing working for a competitor of Credly. These actions suggest that the coworker may have malicious intentions or may be planning to misuse company resources or confidential information, making them potential insider threats.

    Rate this question:

  • 16. 

    How does a Credly employee determine if information is confidential? Choose the best answer.

    • The information is marked confidential AND a reasonable person would consider it to be confidential.

    • The information is marked confidential.

    • The information is marked confidential OR a reasonable person would consider it to be confidential.

    • A reasonable person would consider the information to be confidential.

    Correct Answer
    A. The information is marked confidential OR a reasonable person would consider it to be confidential.
    Explanation
    A Credly employee determines if information is confidential based on whether it is marked as confidential or if a reasonable person would consider it to be confidential.

    Rate this question:

  • 17. 

    Which of the following statements is TRUE?

    • A document must be marked as “confidential” to be treated as confidential under the Credly Written Information Security Policy.

    • The Credly Written Information Security Policy only applies to information that has never been disclosed to the public.

    • The Credly Written Information Security Policy covers non-confidential information belonging to Credly’s clients.

    • The Credly Written Information Security Policy only applies to employees who use earner profile Information.

    Correct Answer
    A. The Credly Written Information Security Policy covers non-confidential information belonging to Credly’s clients.
    Explanation
    The correct answer is that the Credly Written Information Security Policy covers non-confidential information belonging to Credly's clients. This means that the policy applies to information that is not marked as confidential, but still belongs to Credly's clients.

    Rate this question:

  • 18. 

    Sending email via Credly’s Gmail system means that the email is encrypted in transit.

    • True

    • False

    Correct Answer
    A. True
    Explanation
    When sending an email via Credly's Gmail system, the email is encrypted in transit. This means that the email message is converted into a secret code during transmission, making it difficult for unauthorized individuals to intercept and read the content of the email. Encryption ensures the privacy and security of the email, protecting sensitive information from being accessed by malicious actors during the transfer process. Therefore, the statement is true.

    Rate this question:

  • 19. 

    Which three positions make up the Company’s Security Council?

    • Chief Privacy Officer, Chief Security Officer, General Counsel

    • Chief Security Officer, Chief Privacy Officer, Chief Operating Officer

    • Chief Privacy Officer, Chief Security Officer, Software Development Manager

    • Vice President Product, General Counsel, Senior Legal Counsel

    Correct Answer
    A. Chief Privacy Officer, Chief Security Officer, Software Development Manager
    Explanation
    The correct answer is Chief Privacy Officer, Chief Security Officer, Software Development Manager. These three positions make up the Company's Security Council. The Chief Privacy Officer is responsible for ensuring the company's compliance with privacy laws and regulations. The Chief Security Officer is in charge of implementing and maintaining the company's security measures. The Software Development Manager is involved in ensuring the security of the company's software systems. Together, these three positions work together to address privacy and security concerns within the company.

    Rate this question:

  • 20. 

    It is ok to use a product that processes the personally identifiable data of Credly employees or users if: 

    • My manager says it is ok.

    • A member of the Security Council says it is ok.

    • It has been posted at Credly.com/Subprocessors for at least 30 days.

    • The product is in wide use or generally well-known.

    Correct Answer
    A. It has been posted at Credly.com/Subprocessors for at least 30 days.
    Explanation
    The correct answer is "It has been posted at Credly.com/Subprocessors for at least 30 days." This suggests that Credly has a specific process for vetting and approving products that process personally identifiable data. By ensuring that the product has been posted on their official website for at least 30 days, it allows for transparency and gives stakeholders an opportunity to review and assess the product's compliance with data protection regulations. This helps to ensure that the use of such a product is in line with Credly's data privacy and security policies.

    Rate this question:

Quiz Review Timeline (Updated): Mar 19, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 19, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Aug 05, 2018
    Quiz Created by
    Ramtin3
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.