Red Flags Information Security And Identity ThEFT Program

The correct answer includes various red flags identified by the FTC that indicate potential fraudulent activity. These red flags include a fraud alert or security freeze on a consumer report, address discrepancies, identification documents that appear altered or forged, a social security number that is not in range consistent with the date of birth, suspicious addresses supplied (such as drop boxes), and unusual credit activity (such as an increase in usage). These red flags can help identify potential instances of identity theft or fraud.

Verbal employment verification is necessary even when sufficient employment documentation is received. This is because documentation can be forged or inaccurate, and a verbal verification allows for direct confirmation of the information provided. It is a crucial step in ensuring the accuracy and legitimacy of employment records. Therefore, the given statement is false.

The given statement is true. Sierra Pacific's Red Flags policy primarily focuses on outlining measures to safeguard sensitive customer data. This policy is designed to identify and prevent potential instances of identity theft and fraud. By implementing this policy, Sierra Pacific aims to protect the privacy and security of their customers' personal information.

Good office security measures include locking doors and desks when employees are not around to prevent unauthorized access. Keeping desks free of papers with customer information helps to protect sensitive data from being seen or stolen. Never putting customer data on the hard drive helps to prevent data breaches in case of theft or unauthorized access to the computer. Shredding sensitive documents ensures that confidential information cannot be retrieved from discarded papers. Using passwords to access computers adds an extra layer of security to prevent unauthorized access. Encrypting data helps to protect sensitive information from being accessed or intercepted by unauthorized individuals.

The correct answer is "All of the above" because desktop security involves multiple measures to protect sensitive information. Logging out when leaving the area ensures that unauthorized individuals cannot access the desktop. A short timeout period on screen savers prevents unauthorized access when the desktop is left unattended. Keeping passwords private and changing them frequently adds an extra layer of security to prevent unauthorized access to the desktop and its contents. Therefore, all of these practices contribute to desktop security.

The statement is true because Sierra Pacific has a policy to retain loan documents for a minimum of 7 years. This means that any loan documents related to Sierra Pacific will be kept on record for at least 7 years, ensuring that the company complies with legal and regulatory requirements. This policy helps in maintaining accurate records and allows for easy access to loan documents when needed.

The given statement states that all application information must be kept in the company efolder. This means that it is necessary and required to store all application information in the designated efolder. Therefore, the correct answer is True, as it confirms the requirement of keeping all application information in the company efolder.

Sensitive customer data should not be sent through email because email is not considered secure. Emails can be intercepted or hacked, putting the sensitive information at risk of being accessed by unauthorized individuals. To ensure the security of sensitive customer data, it is recommended to use more secure methods of communication such as encrypted messaging platforms or secure file transfer protocols.

Data breaches must be immediately reported to IT, your manager, the Compliance Officer or Senior Management because they are responsible for handling and addressing such incidents. Reporting the breach allows the appropriate individuals to take necessary actions to mitigate the impact, investigate the cause, and implement measures to prevent future breaches. Prompt reporting also ensures compliance with organizational policies, legal requirements, and industry regulations. By involving the relevant parties, the breach can be properly managed, and appropriate steps can be taken to protect sensitive information and maintain the integrity of the organization's data security.

Because of the inherent risk, it is important to make sure that data security procedures are followed.