Cybersecurity Best Practices

Study Notes

Password Management

Password Best Practices:
- Use unique and complex passwords for each account
- Avoid using easily guessable information (e.g., name, birthdate, common words)
- Use a mix of uppercase and lowercase letters, numbers, and special characters
- Passwords should be at least 12 characters long
Password Storage:
- Use a password manager to securely store and generate complex passwords
- Avoid storing passwords in plain text or in an unsecured manner
Password Rotation:
- Rotate passwords every 60-90 days to minimize damage in case of a breach
- Use a password manager to automate password rotation
Multi-Factor Authentication (MFA):
- Use MFA to add an extra layer of security to the authentication process
- MFA can include methods such as biometric authentication, one-time passwords, or smart cards

Phishing Identification

Common Phishing Techniques:
- Deceptive phishing: using fake emails or websites to trick users into revealing sensitive information
- Spear phishing: targeting specific individuals or groups with personalized emails
- Whaling: targeting high-level executives or officials with sophisticated phishing attacks
Phishing Red Flags:
- Urgency or scarcity tactics to prompt immediate action
- Misspelled URLs or suspicious domain names
- Poor grammar or spelling in emails
- Requests for sensitive information or login credentials
- Unusual sender email addresses or names
Phishing Prevention:
- Be cautious with emails or messages that ask for sensitive information
- Verify the authenticity of emails or messages by contacting the sender directly
- Use anti-phishing software and keep it up to date
- Educate users on how to identify and report phishing attempts

Description

Test your knowledge on password management and phishing identification. Learn how to create strong passwords, store them securely, and identify phishing attacks. Improve your online security and protect your sensitive information.