Podcast
Questions and Answers
What is the primary goal of a phishing attack?
What is the primary goal of a phishing attack?
- To spread malware
- To steal sensitive data (correct)
- To cause a denial of service
- To disrupt computer systems
Which type of malware is designed to extort money from victims?
Which type of malware is designed to extort money from victims?
- Virus
- Trojan horse
- Worm
- Ransomware (correct)
What is the primary difference between a malware and a virus?
What is the primary difference between a malware and a virus?
- A virus is a type of malware
- A virus is a type of Trojan horse
- Malware is a broader term that includes viruses (correct)
- Malware is a type of virus
What is the main purpose of a Man-in-the-Middle attack?
What is the main purpose of a Man-in-the-Middle attack?
What is a best practice for protecting sensitive paper documents?
What is a best practice for protecting sensitive paper documents?
What is the first step to verify the legitimacy of a link?
What is the first step to verify the legitimacy of a link?
What should you do if you encounter an IT-Security incident?
What should you do if you encounter an IT-Security incident?
What should you avoid when dealing with an IT-Security incident?
What should you avoid when dealing with an IT-Security incident?
What should you do when completing a training session?
What should you do when completing a training session?
What is a common tactic used by scammers to create a sense of urgency?
What is a common tactic used by scammers to create a sense of urgency?
Flashcards are hidden until you start studying
Study Notes
Security Awareness Training
- Security is everyone's responsibility.
Purposes
- The CIA Triangle is a model for security purposes.
Threats
- Phishing: fraudulent emails, text messages, phone calls, or websites trick people into sharing sensitive data, downloading malware, or exposing themselves to cybercrime.
- Malware: malicious software that steals data, disrupts computers, networks, and systems, with 669M malware variants (according to Symantec's 2018 report).
- Insider Threat: malicious, negligent, or compromised insiders.
- Supply Chain Attacks: attacks on an organization's supply chain.
- Denial of Service Attacks: volume-based attacks that saturate a target's bandwidth with large amounts of data, or application-layer attacks that target specific vulnerabilities.
- Man in the Middle Attacks: attacks that intercept communication between two parties.
Security Best Practices
- Use strong passwords with length, complexity, uniqueness, randomness, and password managers.
- Utilize multi-factor authentication.
- Perform hardware/software updates.
- Use VPNs.
- Do not use personal email accounts for work purposes.
- Avoid opening attachments from strange emails and clicking on suspicious links.
- Be cautious of 'too good to be true' offers.
- Do not download software from unknown sources.
- Avoid using public Wi-Fi for sensitive actions.
- Lock screens when away.
- Beware of shoulder surfing.
- Secure sensitive paper documents.
Safe Web Browsing
- Use a security padlock.
- Enable spelling checks.
- Avoid clicking on suspicious links.
- Use Command + W to close windows.
Avoid Phishing
- Verify links before clicking.
- Check for typos.
- Don't fall for urgency.
- Be cautious of 'too good to be true' offers.
IT-Security Incident Reporting
- Recognize security incidents.
- Report incidents immediately to it-security@coin98.in.
- Provide detailed information.
- Preserve evidence.
- Avoid unauthorized communication.
- Monitor for updates.
Training Completion
- Show QR code for participants to scan and join the survey.
- Complete questionnaires.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
