Welcome to your Interactive Awareness Challenge - Cybersecurity Month 2025 1. You receive an SMS claiming your SAB account has been locked and asking you to click a link to “verify your identity.” What should you do? Social Engineering Awareness Challenge: Click the link and follow instructions Call the bank using the number on the official website Reply asking for more details Forward the message to colleagues None 2. A visitor without a badge asks you to hold the door open because they “forgot theirs at home.” What is the right response? Social Engineering Awareness Challenge: Let them in Walk them to reception/security for verification Ignore them completely Ask another colleague if they know the person None 3. You get an email offering free gift cards if you complete a quick employee survey. The sender’s address looks odd. What should you do? Social Engineering Awareness Challenge: Complete the survey for the reward Delete the email and move on Report the email as suspicious to ISR Share it with colleagues so they can benefit too None 4. On social media, someone claiming to be a recruiter asks detailed questions about SAB’s systems. How should you handle this? Social Engineering Awareness Challenge: Answer to make a good impression Share only non-technical information Decline to share details Ask them for their company profile first None 5. What is the new minimum password length for SAB Windows login? Password Security Awareness Challenge: 8 characters 10 characters 12 characters 14 characters None 6. Which of the following passwords meets the new complexity requirements? Password Security Awareness Challenge: Password2025 I@OCyber!23456 myypasswordraf 12345678901234 None 7. How often must SAB users change their Windows login password under the updated policy? Password Security Awareness Challenge: Every 30 days Every 60 days Every 90 days Never, unless breached None 8. Why is SAB increasing the password length requirement from 8 to 14 characters? Password Security Awareness Challenge: To follow best security practices To comply with PCI DSS and SAMA Cybersecurity Framework Because users requested longer passwords To slow down system performance None Time's upTime is Up!
