2019 Security Awareness Training Assessment

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Rtaheri
R
Rtaheri
Community Contributor
Quizzes Created: 2 | Total Attempts: 539
Questions: 20 | Attempts: 204

SettingsSettingsSettings
2019 Security Awareness Training Assessment - Quiz


Questions and Answers
  • 1. 

    What is the first thing you should do when receiving a phishing email to your Credly email address?

    • A.

      ​​​​​​Contact the Federal Bureau of Investigation

    • B.

      ​​​​​​Respond to the email to see what is going on

    • C.

      ​​​​​​Forward the email to the Security Council

    • D.

      Ignore the email

    Correct Answer
    C. ​​​​​​Forward the email to the Security Council
    Explanation
    When receiving a phishing email to your Credly email address, the first thing you should do is forward the email to the Security Council. This is because the Security Council is responsible for handling security-related issues, including phishing attempts. By forwarding the email to them, you are alerting the appropriate team who can investigate and take necessary actions to mitigate the threat.

    Rate this question:

  • 2. 

    Which of the following is an acceptable password?

    • A.

      ​​​​​​Credly1234

    • B.

      ​​​​​​RamtinTaheri3

    • C.

      ​​​​​​Fr33d0m89?

    • D.

      ​​​​​​PY3%

    Correct Answer
    C. ​​​​​​Fr33d0m89?
    Explanation
    The password "Fr33d0m89?" is an acceptable password because it meets the criteria for a strong password. It includes a combination of uppercase and lowercase letters, numbers, and special characters. The use of numbers and special characters adds complexity to the password, making it harder for hackers to guess or crack. Additionally, the password is at least 8 characters long, which is generally considered a minimum requirement for a secure password.

    Rate this question:

  • 3. 

    What is a phishing email?

    • A.

      ​​​​​​An email with an embedded virus

    • B.

      ​​​​​​An email that informs the sender when you have read it

    • C.

      ​​​​​​An email attempting to trick you into sending the sender your confidential information

    • D.

      ​​​​​​An email about jam bands

    Correct Answer
    C. ​​​​​​An email attempting to trick you into sending the sender your confidential information
    Explanation
    A phishing email is an email that is designed to deceive and trick the recipient into revealing their confidential information, such as passwords, credit card numbers, or social security numbers. The sender of the email pretends to be a trustworthy entity, such as a bank or a reputable company, in order to gain the recipient's trust and convince them to provide their sensitive information. This type of email is a common method used by cybercriminals to carry out identity theft and financial fraud.

    Rate this question:

  • 4. 

    What are the Credly Information Classification categories?

    • A.

      ​​​​​​Public Information, Intellectual Property, Confidential Information

    • B.

      ​​​​​​Confidential Information, Sensitive Information, Public Information

    • C.

      ​​​​​​Confidential Information, Proprietary Information, Legal Documents

    • D.

      ​​​​​​Customer Information, Source Code, Business Documents

    Correct Answer
    B. ​​​​​​Confidential Information, Sensitive Information, Public Information
    Explanation
    The Credly Information Classification categories include Confidential Information, Sensitive Information, and Public Information. These categories help classify and protect different types of information based on their level of sensitivity and importance. Confidential Information refers to data that should only be accessed by authorized individuals, while Sensitive Information includes data that requires special handling and protection. Public Information is data that can be freely accessed and shared by anyone.

    Rate this question:

  • 5. 

    Which of the following security laws do NOT apply to Credly?

    • A.

      ​​​​​​Health Insurance Portability and Accountability Act (HIPPA)

    • B.

      ​​​​​​Family Educational Rights and Privacy Act (FERPA)

    • C.

      ​​​​​​Children's Online Privacy Protection Act (COPPA)

    • D.

      The European Union General Data Protection Regulation (GDPR)

    Correct Answer
    A. ​​​​​​Health Insurance Portability and Accountability Act (HIPPA)
    Explanation
    The Health Insurance Portability and Accountability Act (HIPPA) does not apply to Credly. HIPPA is a US law that ensures the privacy and security of health information. However, Credly is a digital credentialing platform and does not deal with health information. Therefore, HIPPA does not apply to Credly.

    Rate this question:

  • 6. 

    Who manages the Credly security program?

    • A.

      ​​​​​​The Development Team

    • B.

      The Legal Department

    • C.

      ​​​​​​The Security Council

    • D.

      The Customer Success Team

    Correct Answer
    C. ​​​​​​The Security Council
    Explanation
    The Security Council manages the Credly security program.

    Rate this question:

  • 7. 

    Which of the following is true about sensitive information?

    • A.

      ​​​​​​No Credly employee should ever see sensitive information

    • B.

      ​​​​​​Credly employees must follow the “minimum necessary” rule for disclosing sensitive information

    • C.

      Sensitive information does not include earner personal information

    • D.

      Sensitive information only includes data that is regulated by the GDPR

    Correct Answer
    B. ​​​​​​Credly employees must follow the “minimum necessary” rule for disclosing sensitive information
    Explanation
    Credly employees must follow the "minimum necessary" rule for disclosing sensitive information means that employees should only access and disclose sensitive information when it is necessary for their job responsibilities. This ensures that sensitive information is protected and only accessed by authorized individuals who need it to perform their duties.

    Rate this question:

  • 8. 

    What is piggybacking?

    • A.

      Using another Credly employees username or login

    • B.

      Hacking the Credly production server and stealing earner information

    • C.

      Forgetting to unlock your laptop when walking away from your screen

    • D.

      Following a Credly employee into a restricted area after they have already used their badge to gain access

    Correct Answer
    D. Following a Credly employee into a restricted area after they have already used their badge to gain access
  • 9. 

    What are appropriate networks you can use when doing Credly work? (Select all that apply)

    • A.

      Your secure home WiFi

    • B.

      Public WiFi

    • C.

      The WeWork WiFi

    • D.

      Your friend’s WiFi network

    Correct Answer(s)
    A. Your secure home WiFi
    C. The WeWork WiFi
    Explanation
    Appropriate networks that can be used when doing Credly work include your secure home WiFi and The WeWork WiFi. These networks are considered suitable because they are secure and provide a stable internet connection, ensuring the safety and reliability of the work being done on Credly. Public WiFi and your friend's WiFi network may not be as secure or stable, making them less appropriate for Credly work.

    Rate this question:

  • 10. 

    What policy governs emergencies at Credly?

    • A.

      Acceptable Use Policy

    • B.

      Business Continuity Plan

    • C.

      Access Control Policy

    • D.

      Risk Assessment Plan

    Correct Answer
    B. Business Continuity Plan
    Explanation
    The Business Continuity Plan governs emergencies at Credly. This plan outlines the procedures and protocols to be followed in the event of an emergency or disruption to normal business operations. It ensures that essential functions and services can continue to operate during and after an emergency, minimizing the impact on the organization. The Business Continuity Plan includes strategies for disaster recovery, communication, resource allocation, and coordination of response efforts.

    Rate this question:

  • 11. 

    What is an insider threat?

    • A.

      A virus residing on a Credly employee’s laptop

    • B.

      A malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems

    • C.

      A bug in the Credly source code that creates a security vulnerability that a hacker can exploit

    • D.

      A phishing email sent to a Credly employee

    Correct Answer
    B. A malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates, who have inside information concerning the organization's security practices, data and computer systems
    Explanation
    The correct answer is the definition of an insider threat, which refers to a malicious threat that originates from individuals within an organization. These individuals, including employees, former employees, contractors, or business associates, possess insider knowledge about the organization's security practices, data, and computer systems. This type of threat can pose a significant risk to the organization's security and can lead to unauthorized access, data breaches, or other malicious activities.

    Rate this question:

  • 12. 

    What policy governs workspace security?

    • A.

      Access Control Policy

    • B.

      Acceptable Use Policy

    • C.

      Business Continuity Plan

    • D.

      Clean Desk Policy

    Correct Answer
    D. Clean Desk Policy
    Explanation
    The Clean Desk Policy is a policy that governs workspace security by requiring employees to keep their work areas clean and free of sensitive or confidential information. This policy helps prevent unauthorized access to sensitive data and reduces the risk of information theft or loss. By implementing the Clean Desk Policy, organizations can ensure that employees properly secure and protect sensitive information when they are not at their desks, promoting a culture of security awareness and accountability.

    Rate this question:

  • 13. 

    What is an example of information that is sensitive but NOT confidential?

    • A.

      ​​​​​​A Credly employee’s birthday

    • B.

      ​​​​​​A press release that has been authorized for release by the VP of marketing

    • C.

      Contract terms

    • D.

      ​​​​​​Badges that have been shared by Earners on social media websites

    Correct Answer
    D. ​​​​​​Badges that have been shared by Earners on social media websites
    Explanation
    Badges that have been shared by Earners on social media websites can be considered sensitive information because they may reveal someone's skills, achievements, or affiliations. However, they are not confidential because they have been willingly shared by the Earners on public platforms.

    Rate this question:

  • 14. 

    What is the most important aspect of a Company’s security program?

    • A.

      The Security Officer

    • B.

      The General Counsel

    • C.

      ​​​​​​The company’s firewall software

    • D.

      The company’s employees

    Correct Answer
    D. The company’s employees
    Explanation
    The most important aspect of a company's security program is the company's employees. This is because employees are often the weakest link in a company's security system. They have access to sensitive information and systems, and can inadvertently or intentionally compromise security. Therefore, it is crucial for companies to educate and train their employees on security best practices, enforce strong password policies, and implement measures such as multi-factor authentication to ensure the security of their systems and data.

    Rate this question:

  • 15. 

    What is NOT a purpose of an Information Security Program

    • A.

      Confidentiality 

    • B.

      Integrity

    • C.

      Chiasmus

    • D.

      Availability

    Correct Answer
    C. Chiasmus
  • 16. 

    Which of the following statements about a password is TRUE?

    • A.

      It must be changed only when compromised

    • B.

      It cannot contain special character symbols.

    • C.

      It must be changed on a quarterly basis.

    • D.

      ​​​​​​It must be registered with a system administrator.

    Correct Answer
    C. It must be changed on a quarterly basis.
    Explanation
    A password must be changed on a quarterly basis to ensure security. Regularly changing passwords helps to prevent unauthorized access to accounts or systems. By changing passwords every three months, it reduces the risk of passwords being compromised and provides an additional layer of protection.

    Rate this question:

  • 17. 

    Where should Earner Information be stored?

    • A.

      Google Drive

    • B.

      Amazon Web Services production server

    • C.

      ​​​​​​​Your personal laptop

    • D.

      ​​​​​​​A and B

    • E.

      ​​​​​​​A, B, and C

    Correct Answer
    B. Amazon Web Services production server
    Explanation
    Earner Information should be stored on the Amazon Web Services (AWS) production server. This is because AWS provides a secure and reliable platform for storing and managing sensitive data. Storing the information on a personal laptop or Google Drive may not provide the same level of security and accessibility as an AWS production server. Additionally, using both AWS and a personal laptop (option C) or using all three options (option D) would not be necessary if the AWS production server is already available.

    Rate this question:

  • 18. 

    Which of the following security practices requires all Credly employees to take a screenshot when completed?

    • A.

      Locking your screen when stepping away from the computer

    • B.

      ​​​​​​​Deleting confidential information

    • C.

      ​​​​​​​Receiving phishing emails

    • D.

      ​​​​​​​Installing antivirus software

    Correct Answer
    D. ​​​​​​​Installing antivirus software
  • 19. 

    Which of the following constitutes confidential information? Select all that apply

    • A.

      ​​​​​​​Documents or other information that are marked confidential

    • B.

      ​​​​​​​Documents or other information that you reasonably believe to be confidential

    • C.

      ​​​​​​​Credly’s social media postings

    • D.

      ​​​​​​​Documents or other information that you are told are confidential

    Correct Answer(s)
    A. ​​​​​​​Documents or other information that are marked confidential
    B. ​​​​​​​Documents or other information that you reasonably believe to be confidential
    D. ​​​​​​​Documents or other information that you are told are confidential
    Explanation
    The correct answer is that confidential information includes documents or other information that are marked confidential, documents or other information that you reasonably believe to be confidential, and documents or other information that you are told are confidential. This means that any information or documents that are explicitly labeled as confidential, any information or documents that you have a reasonable belief are confidential, and any information or documents that someone explicitly tells you are confidential are considered confidential information.

    Rate this question:

  • 20. 

    What is the greatest security threat to Credly?

    • A.

      ​​​​​​​An accident triggered by a non-malicious workforce member

    • B.

      ​​​​​​​A failure of the AWS security apparatus

    • C.

      ​​​​​​​Hackers from overseas

    • D.

      Insider threats

    Correct Answer
    A. ​​​​​​​An accident triggered by a non-malicious workforce member
    Explanation
    An accident triggered by a non-malicious workforce member can be the greatest security threat to Credly because it is difficult to anticipate and prevent such incidents. While hackers from overseas and insider threats can pose significant risks, they are often intentional and can be detected and mitigated with proper security measures. On the other hand, accidents caused by non-malicious employees can lead to unintentional data breaches or system failures, potentially causing significant damage to Credly's security and operations. It is important for organizations to have robust training and protocols in place to minimize the risk of accidents caused by employees.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Jan 30, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Aug 05, 2019
    Quiz Created by
    Rtaheri
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.