IT Safety Training Quiz

1.

One set of standards that we are required to comply with is the PCI-DSS standards. PCI-DSS stands for Personal Cardholder Information – Data Security Standards. Adherence to these standards is required by all companies that process credit card payments. Non-compliance can
- A.
  
  Result in large fines and revocation of our rights to process payments via Credit or Debit cards.
- B.
  
  Result in small fines and revocation of our rights to process payments via Credit or Debit cards.
- C.
  
  Result in large fines and revocation of our rights to process payments via Debit cards.
- D.
  
  Result in large fines and revocation of our rights to process payments and possible jail time.
Correct Answer
A. Result in large fines and revocation of our rights to process payments via Credit or Debit cards.

Explanation
Adherence to the PCI-DSS standards is required by all companies that process credit card payments. Failure to comply with these standards can result in large fines and the revocation of the company's rights to process payments via Credit or Debit cards. This emphasizes the importance of following the PCI-DSS standards to ensure the security and protection of personal cardholder information.

Rate this question:
2.

You should login with only your user name and password. If you think that your password has been compromised, please
- A.
  
  Change your password within one day.
- B.
  
  Change your password within one week.
- C.
  
  Change your password immediately.
- D.
  
  Change your password within 30 minutes.
Correct Answer
C. Change your password immediately.

Explanation
The correct answer is "change your password immediately" because the statement emphasizes the urgency of the situation. If the user believes their password has been compromised, it is crucial to take immediate action to protect their account and prevent unauthorized access. Waiting for a day, a week, or even 30 minutes could provide ample time for an attacker to exploit the compromised password. Therefore, the most appropriate course of action is to change the password immediately.

Rate this question:
3.

Identity thieves will sometimes attempt to deceive you by impersonating members of the IT staff. No one from IT should be asking you to
- A.
  
  Reveal your employee ID.
- B.
  
  Reveal your password
- C.
  
  Reveal your supervisor's name.
- D.
  
  All of the above.
Correct Answer
B. Reveal your password

Explanation
Identity thieves often try to trick individuals by pretending to be part of the IT department. They may ask for sensitive information, such as passwords, in order to gain unauthorized access to personal accounts or systems. Therefore, it is important not to disclose your password to anyone, including members of the IT staff, as legitimate IT professionals would never ask for this information. Revealing your password can put your personal and professional data at risk of being compromised.

Rate this question:
4.

In order to detect the Red Flags associated with establishing a new Covered Account, GreenPath employees will take the following steps to obtain and verify the identity of the individual opening the Covered Account:
- A.
  
  Obtain specific Personal Information for individuals interested in opening a Covered Account. This information should include: first name, last name, address, telephone number, date of birth, social security number and email address, at a minimum.
- B.
  
  Establish a password for the individual or obtain a full or partial social security number.
- C.
  
  Verify that Personal Information provided does not match information already in FMS for an existing Client.
- D.
  
  All of the above
Correct Answer
D. All of the above

Explanation
The explanation for the given correct answer is that in order to detect the Red Flags associated with establishing a new Covered Account, GreenPath employees will take all of the mentioned steps to obtain and verify the identity of the individual opening the Covered Account. This includes obtaining specific personal information such as first name, last name, address, telephone number, date of birth, social security number, and email address. They will also establish a password for the individual or obtain a full or partial social security number. Additionally, they will verify that the personal information provided does not match information already in FMS for an existing client. Therefore, all of the above steps are necessary for detecting red flags and ensuring the security of the covered account.

Rate this question:
5.

If you feel that you need to obtain new software, you will need permission
- A.
  
  From IT or your manager.
- B.
  
  From IT and your manager.
- C.
  
  From only your manager.
- D.
  
  From IT and your manager and your director.
Correct Answer
B. From IT and your manager.

Explanation
If you feel that you need to obtain new software, you will need permission from IT and your manager. This is because IT is responsible for managing and maintaining the software and technology infrastructure within the organization, while your manager is responsible for overseeing your work and ensuring that any new software aligns with your job responsibilities and objectives. Therefore, both IT and your manager need to give their approval before you can obtain new software.

Rate this question:
6.

Email is not a secure way to transmit sensitive information.
- A.
  
  True
- B.
  
  False
Correct Answer
A. True

Explanation
Email is not a secure way to transmit sensitive information because it can easily be intercepted by unauthorized individuals. Emails are typically transmitted over the internet in plain text, which means that anyone with access to the network can potentially read the contents of the email. Additionally, email accounts can be hacked, allowing attackers to gain access to sensitive information. To ensure the security of sensitive information, it is recommended to use encrypted communication methods such as secure file transfer protocols or encrypted messaging platforms.

Rate this question:
7.

Which item below is not suspicious and would not require further investigation?
- A.
  
  An identification document that expires in a month.
- B.
  
  An identification document that appears forged or altered.
- C.
  
  An identification document containing a photo that does not match the person presenting the document.
- D.
  
  An identification document that contains personal information that is inconsistent with existing GreenPath records.
Correct Answer
A. An identification document that expires in a month.

Explanation
An identification document that expires in a month is not suspicious and would not require further investigation because it is a common occurrence for identification documents to have expiration dates. The expiration date indicates that the document will no longer be valid after a certain period, but it does not necessarily imply any wrongdoing or alteration.

Rate this question:
8.

If you are entering the building during non-regular business hours, and another person whom you recognize does not have their Employee Access Badge, you should
- A.
  
  Tell them to leave a note at the front desk.
- B.
  
  Refuse to let them in and ask them to contact their supervisor, manager, or the help desk for assistance.
- C.
  
  Allow the person to come in, but e-mail their supervisor, manager or help desk to alert them of what happened
- D.
  
  Ask that they enter through the visitor's entrance.
Correct Answer
B. Refuse to let them in and ask them to contact their supervisor, manager, or the help desk for assistance.

Explanation
If you are entering the building during non-regular business hours and see someone you recognize without an Employee Access Badge, it is important to prioritize security. Refusing to let them in and asking them to contact their supervisor, manager, or the help desk for assistance ensures that the situation is properly addressed and that unauthorized individuals are not granted access to the building. This action helps maintain the safety and security protocols in place.

Rate this question:
9.

When printing a document with client information, it’s important to
- A.
  
  Never leave any documents on the printer unattended.
- B.
  
  Walk over to the printer after 20 minutes.
- C.
  
  Tell the client that you have printed out their information.
- D.
  
  Always send the client a copy of what you printed.
Correct Answer
A. Never leave any documents on the printer unattended.

Explanation
Leaving documents on the printer unattended can pose a security risk as anyone passing by can access and potentially misuse the client's sensitive information. It is important to always ensure that documents are promptly collected from the printer to maintain confidentiality and protect client privacy.

Rate this question:
10.

If you need to include account information in an email, you should only include:
- A.
  
  The account name, and no numbers
- B.
  
  The first four numbers
- C.
  
  The last six numbers
- D.
  
  The last four numbers
Correct Answer
D. The last four numbers

Explanation
When including account information in an email, it is important to prioritize the security and privacy of the information. Including the last four numbers of the account is a safe option as it provides enough identification without revealing the complete account number. This helps to minimize the risk of unauthorized access or misuse of the account information.

Rate this question:

IT Safety Training Quiz

One set of standards that we are required to comply with is the PCI-DSS standards. PCI-DSS stands for Personal Cardholder Information – Data Security Standards. Adherence to these standards is required by all companies that process credit card payments. Non-compliance can

You should login with only your user name and password. If you think that your password has been compromised, please

Identity thieves will sometimes attempt to deceive you by impersonating members of the IT staff. No one from IT should be asking you to

In order to detect the Red Flags associated with establishing a new Covered Account, GreenPath employees will take the following steps to obtain and verify the identity of the individual opening the Covered Account:

If you feel that you need to obtain new software, you will need permission

Email is not a secure way to transmit sensitive information.

Which item below is not suspicious and would not require further investigation?

If you are entering the building during non-regular business hours, and another person whom you recognize does not have their Employee Access Badge, you should

When printing a document with client information, it’s important to

If you need to include account information in an email, you should only include: