Remote Access Domain Online Quiz
1. Remote access allows individuals to work from home or while traveling making it an extremely valuable asset to businesses productivity. Give an example of common remote computing activities.
a. Checking/ Writing company emails from a mobile device such as a Smart phone or laptop.
b. Accessing a corporate intranet while away from the office to use company resources to complete work.
c. Performing administrative tasks on a network such as resetting passwords while away from the office.
2. While on vacation you receive a phone call from the office. Your coworker who’s taken over your responsibilities while you’re away hasn’t been given access to the project you were working on. Your coworker asks if they can have your user name and password to login and get started on the project they’ve taken over for you. Should you do this?
a. No. You should never share your logon credentials with anyone. Refer your coworker to a manager who can give them their own access to the project instead.
3. Still on vacation you are at a café that has free unsecured WiFi. You are wondering how the project your team was working on is going before you left and consider logging onto check your company email. Is this advisable?
a. No. It is not advisable to use unsecured WiFi connections, especially with regard to logging into access sensitive content such as company email. Unsecured WiFi connections especially are prone to packet sniffing by outside entities who may gain information they can use maliciously.
4. Strong passwords are a first line of defense in protecting the remote domain. Using the guidelines discussed in the remote access domain manual please give an example of a strong password.
a. Minimum 8 characters in length
b. Contains 3/4 of the following items:
- Uppercase Letters
- Lowercase Letters
- Numbers
- Symbols
5. Email is an invaluable tool for conducting business. Should you use your personal email account to send business emails?
a. No. Corporate email servers should have extra security to protect the potentially sensitive information they distribute. Using your private email to send work-related messages could increase your company’s exposure to outside threats and malware. Using corporate email, for business communication only, provides you with some liability protection.
6. Mobile devices have become indispensible in our every day work and play. In the remote access domain manual five (6) potential attack vectors mobile device users should be aware of were discussed. Please name two (2).
a. Bluetooth
b. Unsecured WiFi
c. Infrared Connection (IrDA)
d. Near Field Communication (NFC)
e. Quick Response Codes (QR Codes)
f. Phone is stolen or physically compromised
7. Wireless connection features in mobile devices such as NFC, IrDA, and Bluetooth are convenient when used responsibly. Unfortunately these features are also potential attack vectors. What is one simple way to add security to your phone if you have these features?
a. Turn off Bluetooth, NFC, and IrDA functions when not in use
8. QR Codes are widely used and popular, there are many available applications for mobile devices that read QR codes. What is an important feature to look for in a QR reader application?
a. Use a QR scanner that shows the URL and asks if you want to go there.
9. Smart phones can potentially contain a lot of sensitive information, such as contact lists, personal schedules, emails, and geosynchronous data. What is one simple thing that everyone who owns a mobile phone should do, that would greatly help increase the security of information contained on their phone?
a. Password protect the phone
10. Spy ware on mobile phones is now its own industry. There is no way to be 100% sure a phone is spyware free. One way to potentially get rid of spyware is to perform a factory reset. What is an unfortunate consequence of a factory reset?
a. You would lose all files, photos, etc. stored on the phone
Questions 11 and 12 refer to the following section:
The social media policy applies to all types of social networking activity (a) using the station’s computers, mobile devices, or other technology, and (b) using non-company technology when linked to the station’s systems. Nevertheless, when engaged in social networking on non-company technology that is not linked to the station’s systems, employees should use this policy as a guide. In addition, they should never attribute such postings to the station or imply that they are endorsed or written by the station; if work affiliation is listed, the posting should include the following disclaimer: “The statements and views expressed in this posting are my own and do not reflect those of my employer.”
11. What types of social networking activity does the social media policy apply to?
a. Station’s computer, mobile devices, other technology, and non-company technology
12. If you are writing a blog and you list the area where you are employed what should you include in your post?
a. A disclaimer.
Question 13 refers to the following section:
Some social networking sites may provide an appropriate forum to keep current on matters of interest, to make professional connections, and to locate links to other pertinent sources. Users must be careful, however, that their online postings do not adversely impact or create problems for the station or its audience. Users are personally responsible for all content they post on social networking sites. Remember that it is difficult to delete content once posted to a site, so be cautious when writing any posting.
13. Who is responsible for all content they post on social networking sites?
a. The user.
Questions 14 and 15 refer to the following section:
The contents of our IT resources and communications systems are the company’s property. Therefore, staff should have no expectation of privacy in any message, files, data, document, facsimile, telephone conversation, social media post conversation or message, or any other kind of information or communications transmitted to, received or printed from, or stored or recorded on our electronic information and communications systems.
We reserve the right to monitor, intercept and review, without further notice, staff activities using our IT resources and communications systems, including but not limited to social media postings and activities, to ensure that our rules are being complied with and for legitimate business purposes and you consent to such monitoring by your acknowledgement of this policy and your use of such resources and systems. This might include, without limitation, the monitoring, interception, accessing, recording, disclosing, inspecting, reviewing, retrieving and printing of transactions, messages, communications, postings, log-ins, recordings and other uses of the systems as well as keystroke capturing and other network monitoring technologies.
14. Does the company deserve the right to monitor, intercept and review all staff activities?
a. Yes
15. What are three possible ways the company can monitor the network of staff members?
a. Keystroke capturing, recordings, log-ins, retrieving and printing transactions, reviewing communications and messages