Cybersecurity Awareness for Bank Employees and Contingent Workers 2024

Here are the pre- and post-test answers to the CBT titled "Cybersecurity Awareness for Bank Employees and Contingent Workers"

Question 1. You are a new hire in a Private Bank and need to translate a client document so you can properly advise them. As the last company you worked with, you used a great online transaction tool to get help. What do you think you should do?
A. Use it, but first check that it’s free.
B. Use it, but only if your manager approves first.
C. Use the Private Bank’s internal translation tool.✅
D. Perform an online search for translator pages and only trust the top 5 results.

Note: You should not use unapproved third-party apps to conduct business. Always check to see if there is an internal tool to accomplish the task.

Question 2. Hello, my name is Cuthie, and I work in Compliance. I’m going to be taking time off and want to make sure I share my passwords with my team members in the event they need access to any of my files. What should I do?
A. Share the passwords in a password-protected Excel document.
B. Share the passwords in a password-protected Excel document on SharePoint.
C. Write them down on paper and provide them to one employee in your same location.
D. Never share your passwords/phrases.✅

Question 3. I’m doing research on potential new clients in the travel sector. After typing in a client name into the search engine, I’m ready to select the first result. How do I know if the first choice is the best?
A. Ensure the website name and URL are spelled correctly.
B. Look for grammatical errors or spelling mistakes.
C. Hover over the link to check to validate that the URL makes sense.
D. You don’t need to do anything. The website is safe if you use a trusted browser or search engine to look for results.
E. A, B, and C.✅

Question 4. You are a branch employee and need to email your tax files and pay slips to your mortgage advisor. What should you do?
A. PDF the file, password-protect, and send.
B. Use SecureZip to encrypt the info and send it.
C. Visit the bank’s site from your personal device to view and download the files.✅
D. Ask your manager to send it for you.

Question 5. You just received a suspicious email, and you’re skimming it for any potential signs of phishing. Which of the below would you consider a potential sign of phishing?
A. The email contains a link and the URL (revealed by hovering a link) has transposed letters.✅
B. The sender’s name and email address don’t appear to match.✅
C. Email is an internal organization announcement linking to the Phonebook.
D. Email has an external banner.✅

Note: Seeing things like an external banner, mismatched sender’s name and email, and misspellings or transposed letters in URLs could all be signs of potential phishing.

Question 6. You’re a Project Manager in Operations. When you tried to send a Word document to your client it was blocked. What should you do next?
A. Remove the “Internal Use Only” watermark, since the document needs to be sent externally. Then try sending it again.
B. Review the automated “bounce back” reply and follow the instructions.✅
C. Ask a colleague to try sending the document on your behalf.
D. Convert the document to a PDF and try again.

Question 7. I was just promoted, and I’m so excited to announce my promotion and update my LinkedIn profile. I want to make sure I include as much information as possible, but I’m sure there’s some information I shouldn’t share or else I could give attackers information they can use to target me. What information should I not share?
A. Job title, high-level job responsibilities, industry certifications.
B. Company, city/state, job title
C. Client’s name, building location, and application names.✅

Question 8. I work in the Treasury Department. I received a call from someone named Alexis claiming to be an MD at the firm. She urgently needs me to provide phone numbers and email addresses for two employees. What should I do?
A. Request Alexis to send you a message on Skype or Teams to verify her request and identity.✅
B. Ask Alexis to verify her company ID and other information.
C. Since Alexis knew the employee names, you can fulfill her request.
D. Request their phone number and call them back.

Question 9. I’m a new hire and currently working from home. I want to print a document but I do not have remote print access. What should I do?
A. Send the document to my personal email and print only if I first password-protect the file.
B. Send the document to my personal email for printing then immediately delete the email.
C. I should wait until I am in the office to print the document.✅
D. Send the document to a co-worker in the office and ask them to print the file.

Question 10. I’m an Administrative Assistant for a senior leader. I just received an email regarding the company’s privacy updates. My manager is working at a different location today. What should I do?
A. Click the link to find out more before worrying my manager.
B. Report the email to Cyber Alert and follow the guidance provided.✅
C. This looks important, forward it to my manager for them to action.
D. Forward the mail to my colleague in IT for their opinion.

Note: You should always report suspicious emails. Hackers often use a tactic called Business Email Compromise (BEC) that targets employees, including senior management and colleagues. Criminals will try to compromise the executive’s email account and later spread malware to other employees via email.