Data Security
Password Management
Fraud
Phishing Incident
Malware
Incident Reporting
Physical Security
100

This is the only Information Sensitivity Classification that includes PII.

What is Restricted?

100

Person you can share your password with.

What is no one?

100

This form of fraud occurs when an employee uses their position at SYF for personal enrichment

What is internal fraud?

100

Technique to check if a displayed email address is legitimate.

What is hover over the display name to check that the email matches the name?

100

Think before you click, keep your operating system up to date, use anti-virus software

What are best practices to avoid malware?

100

Time period to wait to report an incident or lost/stolen device.

What is none? Always report immediately!

100

Allowing others to gain entrance to a secure location or restricted zone without using their own badge, access card, or key card.

What is tailgating or piggy-backing?

200

These data types need to be encrypted when stored and transferred.

What are Restricted and Confidential?

200

Minimum number of characters for a password at Synchrony.  

What is 8? 

200

Art of manipulating people into performing certain actions or divulging confidential or sensitive information.

What is social engineering?

200

Found in the Outlook toolbar and used to report a suspicious email.

What is Report Phishing button?

200

Any software program that seeks to do harm or steal information.

What is malware?

200

Number of hours per day the JSOC (India or US) is monitored.

What is 24?

200

These are used to dispose of sensitive printed documents.

What is secure destruction bin or shredder?

300

This should never be shared on web-ex or jabber. 

What is sensitive information?

300

This is the frequency that passwords expire and must be changed at Synchrony.

What is 90-days?

300

Safeguard personal information, routinely monitor personal accounts, and report suspicious activity immediately.

What are key actions or best practices to protect yourself from fraud?

300

These two terms refer to phishing by voice or over text message [two terms]

What are vishing and SMShing?

300

Most common type of malware.

What is virus?

300

Email to contact the Joint Security Operation Center.

What are  JSOC@syf.com or cybersecurity@syf.com?

300

The act of a person watching what you do on your computer by looking at your mobile device or computer screen or a reflection of your actual screen.

What is shoulder surfing?

400

Synchrony's most secure and preferred method of continual bulk data transfers.  

What is Gentran?

400

Using a story to create a strong password that is easy to remember.

What is a passphrase?

400

Types of personal information criminals are trying to steal.

What are Credit card numbers, social security numbers, bank account information or passwords?

400

Email address for reporting a suspicious email. 

What is Phish@syf.com?

400

Number 1 delivery means for malware.

What is email?

400

This information should NOT be included in an incident report.

What are PII, passwords, sensitive information, customer-related inquiries, life-threatening/emergency issues?

400

Visitors to SYF sites need a(n) ____ with them at all times.

What is an escort?

500

___ is used when sensitive data is sent externally via email; 

___ is used when sensitive data is sent internally via email. 

What are Outlook Encrypted Email solution (Send Securely button) and PKZIP (with AES 256 bit encryption)?

500

Percent of data breaches due to stolen passwords.

What is 81? (Accept 70 to 90)

500

Actions such as: call ins asking SYF employees for procedural information over the phone, Callers asking for customer information, Callers rushing employees to skip verification procedures, Callers wanting to forgo authentication.

What are actions or red flags of social engineering?

500

By the end of 2017, the average user was receiving an average of # malicious emails per month according to Symantec's 2018 Internet Security Threat Report.

What is 16? (accept 10-20)

500

Country with the most reported computer infections from virus attacks.

What is China?

500

National campaign from the Department of Homeland Security that relies upon our shared and individual responsibility to report suspicious activity related to physical and information security.

What is "See Something, Say Something?"

500

Should be done whenever you leave your computer.

What is log-off or lock your computer?