Password Security Best Practices

Questions and Answers

What should you look for in an email to recognize a phishing attack?

• Use of emojis in the email
• Use of emojis in the email (correct)
• Email content alignment
• Number of attachments in the email

What is one way to avoid falling victim to phishing attacks?

• Providing personal information in response to all emails
• Refraining from providing personal information in suspicious emails (correct)
• Clicking on all URLs in emails
• Downloading all attachments without verification

Why are passwords essential for security and authentication?

• To encourage long-term memory retention
• To enhance creativity in online activities
• To prevent unauthorized access to online accounts (correct)
• To increase the number of logins required

Which of the following information should passwords NOT include?

Favorite color (D)

What is a common mistake to avoid when creating a password?

Using famous statements or song lyrics (D)

Why is exercise caution necessary when asked for sensitive data in emails?

To safeguard personal and financial information (C)

What is one of the most common ways hackers obtain passwords?

Finding passwords written down and stored in visible places (D)

What is a good practice for creating strong passwords?

Using a mix of characters, numbers, and symbols (C)

What is multi-factor authentication (MFA)?

A method of authentication that requires multiple forms of verification (A)

Why are public Wi-Fi networks prime targets for cyber attacks?

Because they are often unsecured (C)

What is a good practice for using public Wi-Fi networks?

Using a virtual private network (VPN) to encrypt data (B)

What is a common tactic used in phishing attacks?

Sending emails that appear to be from trusted sources but contain malicious links or attachments (B)

What is a recommended action for recognizing a potential phishing email?

Check for grammatical errors and inconsistencies in the email content. (C)

What should you do to protect your device from malware and cyber risks while working remotely?

Keep your devices updated with security patches and antivirus software. (D)

What is the best way to secure your sensitive information while working in a public area?

Be wary of those who could be trying to 'shoulder surf' for sensitive information. (C)

What is the purpose of a cybersecurity incident report?

To help organizations figure out what happened, find security holes, and prevent similar problems from happening again. (D)

What should you do if you suspect a phishing attempt?

Report the email to your organization's IT department. (C)

What is a best practice for passwords and authentication while working remotely?

Use strong, unique passwords and enable multi-factor authentication. (C)

Study Notes

Recognizing Phishing Attacks

• Be cautious of unexpected emails, especially from unfamiliar sources.
• Check the sender's email address for authenticity.
• Look for grammatical errors and inconsistencies in the email content.

Avoiding Phishing Attacks

• Verify URLs before clicking on any links or attachments in emails.
• Refrain from providing personal information in response to suspicious emails.
• Exercise caution when asked for sensitive data such as passwords or financial details.

Password Best Practices

• Use unique, complex passwords for each account.
• Avoid predictable information like birthdays or common words.
• Consider using a strong passphrase with a mix of characters.
• Update passwords regularly and utilize multi-factor authentication.

Password Security Risks

• Avoid using passwords that include your name, username, age, address, or family members' names.
• Avoid easy passwords like "password" or "123456".
• Avoid using famous statements, phrases, or lyrics from songs, movies, or literature.
• Avoid writing down and storing passwords in visible places.

Public Wi-Fi Risks

• Public Wi-Fi networks are often unsecured, making them prime targets for cyber attacks.
• Hackers can easily intercept data transmitted over public Wi-Fi networks, including personal information.

Wi-Fi Best Practices

• Use a virtual private network (VPN) when connecting to public Wi-Fi networks to encrypt data and protect privacy.
• Avoid conducting sensitive transactions, such as online banking or shopping, over public Wi-Fi networks.
• Always verify the legitimacy of the public Wi-Fi network you are connecting to.

Remote Work Best Practices

• Use a VPN to prevent eavesdropping and data interception when accessing company networks and sensitive data remotely.
• Keep devices updated with security patches and antivirus software to avoid malware and cyber risks.
• Avoid using public Wi-Fi networks for work-related activities, and instead use a secure personal hotspot or VPN.
• Be wary of "shoulder surfing" when working in a public area.

Incident Reporting

• A cybersecurity incident report is essential for organizing and reviewing security breaches or events.
• It helps organizations understand what happened, identify security holes, and fix them to prevent similar problems.

Description

Learn about the dangers of storing passwords in visible places and how to create secure passwords. This quiz covers tips such as using unique, complex passwords, avoiding predictable information, updating passwords regularly, and implementing multi-factor authentication.