SecurED
ED [Q/A]
Phishing
Grab Bag
FINAL JEOPARDY
100

An authentication method that requires the user to provide two or more verification factors to gain access

What is Multi-Factor?

100

Must be 12 characters long and must contain three of the following four character types:

  • Uppercase characters (A, B, C, D, E, ...) 
  • Lowercase characters (a, b, c, d, e, ...) 
  • Numerals (0, 1, 2, 3, ...) 
  • Special characters (#, $, *, %, ...) 

What is an ED Password



100

 Vishing, Whaling, and Smishing

What are types of phishing attacks?

100

DAILY DOUBLE

Should be at least  characters long, include a mix of upper and lowercase letters, numbers and a special character

What are the characteristics of a strong password?

200

Securely connects your device to an internet server so that no one can monitor your activity or access your data through your internet connection.

What is a VPN?

200

The name of the Department's wireless internet network.

What is ED-Guest

200

This type of phishing attack is rated as the top (#1) phishing attack.

What is spear phishing?

Spear phishing is a more advanced form of phishing. Spear phishing is a specific and targeted attack on one or a select number of victims, while regular phishing attempts to scam masses of people.

200

Only visit trusted websites (check for HTTPS in the URL), avoid clicking on pop-ups or suspicious ads & always use a secure browser

What is Safe Internet Browsing

300

Software used to keep your data protected from all possible threats

What is anti virus software/firewall?

300

Authorizes ED employees to obtain secure access to @ed.gov services (email, contacts and calendar) for personally-owned mobile device, including smartphones and tablets.  

What is BYOD

Bring Your Own Device

300

DAILY DOUBLE

Making phone calls or leaving voice messages purporting to be from reputable organizations to induce individuals to reveal information about themselves or others.

What is Vishing?

300

Unusual sender email address, suspicious links or attachments, poor grammar or spelling mistakes 


What are signs of a phishing attempt?

400

Disguises the content of email messages to protect potentially sensitive information from being read by anyone other than intended recipients.

What is encryption?

400

Enables ED network users to quickly, easily and directly report suspicious emails to the Department of Education Security Operations Center (EDSOC) with a single click

What is the Report Phishing Button?

400

A cybercrime that happens when someone impersonates a trusted contact or brand, pretending to be someone you trust in order to access sensitive personal information.

What is Spoofing

400

Video sharing app recently banned from ED GFES and BYOD. 

What is Tik Tok?

500

An electronic, encrypted, stamp of authentication on digital information such as email messages, macros, or electronic documents.

What is a digital signature?

500

ED CSPAT Course #3 must be completed by this date.

What is August 31, 2023?

500

Phishing attacks conducted using text messages or SMS.

What is Smishing?

500

This Directive establishes the Department's Standards for acceptable behaviors in response to authorized simulated phishing exercises.

What is Directive 3-114?

500

The percentage of OSERS staff who reported the "phish" during FY23 Phishing Exercise #5, conducted June 27 - 28,  2023.

What is 13.3%