2019 Security Awareness Training Assessment

20 Questions | By Rtaheri | Last updated: Mar 19, 2022 | Total Attempts: 128

Questions

Settings

Create your own Quiz

2019 Security Awareness Training Assessment - Quiz

Questions and Answers

1.

What is the first thing you should do when receiving a phishing email to your Credly email address?
- A.
  
  Contact the Federal Bureau of Investigation
- B.
  
  Respond to the email to see what is going on
- C.
  
  Forward the email to the Security Council
- D.
  
  Ignore the email
2.

Which of the following is an acceptable password?
- A.
  
  Credly1234
- B.
  
  RamtinTaheri3
- C.
  
  Fr33d0m89?
- D.
  
  PY3%
3.

What is a phishing email?
- A.
  
  An email with an embedded virus
- B.
  
  An email that informs the sender when you have read it
- C.
  
  An email attempting to trick you into sending the sender your confidential information
- D.
  
  An email about jam bands
4.

What are the Credly Information Classification categories?
- A.
  
  Public Information, Intellectual Property, Confidential Information
- B.
  
  Confidential Information, Sensitive Information, Public Information
- C.
  
  Confidential Information, Proprietary Information, Legal Documents
- D.
  
  Customer Information, Source Code, Business Documents
5.

Which of the following security laws do NOT apply to Credly?
- A.
  
  Health Insurance Portability and Accountability Act (HIPPA)
- B.
  
  Family Educational Rights and Privacy Act (FERPA)
- C.
  
  Children's Online Privacy Protection Act (COPPA)
- D.
  
  The European Union General Data Protection Regulation (GDPR)
6.

Who manages the Credly security program?
- A.
  
  The Development Team
- B.
  
  The Legal Department
- C.
  
  The Security Council
- D.
  
  The Customer Success Team
7.

Which of the following is true about sensitive information?
- A.
  
  No Credly employee should ever see sensitive information
- B.
  
  Credly employees must follow the “minimum necessary” rule for disclosing sensitive information
- C.
  
  Sensitive information does not include earner personal information
- D.
  
  Sensitive information only includes data that is regulated by the GDPR
8.

What is piggybacking?
- A.
  
  Using another Credly employees username or login
- B.
  
  Hacking the Credly production server and stealing earner information
- C.
  
  Forgetting to unlock your laptop when walking away from your screen
- D.
  
  Following a Credly employee into a restricted area after they have already used their badge to gain access
9.

What are appropriate networks you can use when doing Credly work? (Select all that apply)
- A.
  
  Your secure home WiFi
- B.
  
  Public WiFi
- C.
  
  The WeWork WiFi
- D.
  
  Your friend’s WiFi network
10.

What policy governs emergencies at Credly?
- A.
  
  Acceptable Use Policy
- B.
  
  Business Continuity Plan
- C.
  
  Access Control Policy
- D.
  
  Risk Assessment Plan
11.

What is an insider threat?
- A.
  
  A virus residing on a Credly employee’s laptop
- B.
  
  A malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems
- C.
  
  A bug in the Credly source code that creates a security vulnerability that a hacker can exploit
- D.
  
  A phishing email sent to a Credly employee
12.

What policy governs workspace security?
- A.
  
  Access Control Policy
- B.
  
  Acceptable Use Policy
- C.
  
  Business Continuity Plan
- D.
  
  Clean Desk Policy
13.

What is an example of information that is sensitive but NOT confidential?
- A.
  
  A Credly employee’s birthday
- B.
  
  A press release that has been authorized for release by the VP of marketing
- C.
  
  Contract terms
- D.
  
  Badges that have been shared by Earners on social media websites
14.

What is the most important aspect of a Company’s security program?
- A.
  
  The Security Officer
- B.
  
  The General Counsel
- C.
  
  The company’s firewall software
- D.
  
  The company’s employees
15.

What is NOT a purpose of an Information Security Program
- A.
  
  Confidentiality
- B.
  
  Integrity
- C.
  
  Chiasmus
- D.
  
  Availability
16.

Which of the following statements about a password is TRUE?
- A.
  
  It must be changed only when compromised
- B.
  
  It cannot contain special character symbols.
- C.
  
  It must be changed on a quarterly basis.
- D.
  
  It must be registered with a system administrator.
17.

Where should Earner Information be stored?
- A.
  
  Google Drive
- B.
  
  Amazon Web Services production server
- C.
  
  Your personal laptop
- D.
  
  A and B
- E.
  
  A, B, and C
18.

Which of the following security practices requires all Credly employees to take a screenshot when completed?
- A.
  
  Locking your screen when stepping away from the computer
- B.
  
  Deleting confidential information
- C.
  
  Receiving phishing emails
- D.
  
  Installing antivirus software
19.

Which of the following constitutes confidential information? Select all that apply
- A.
  
  Documents or other information that are marked confidential
- B.
  
  Documents or other information that you reasonably believe to be confidential
- C.
  
  Credly’s social media postings
- D.
  
  Documents or other information that you are told are confidential
20.

What is the greatest security threat to Credly?
- A.
  
  An accident triggered by a non-malicious workforce member
- B.
  
  A failure of the AWS security apparatus
- C.
  
  Hackers from overseas
- D.
  
  Insider threats