Questions and Answers
What is the primary purpose of a hardware firewall?
To filter packets based on a set of rules
What is the goal of an email phishing attack?
To capture the user's ID and password
What is the primary function of an Intrusion Detection System (IDS)?
To identify if the network is being attacked
Why is it important to back up individual computers used throughout the organization?
Signup and view all the answers
What is the purpose of training employees not to give away passwords?
Signup and view all the answers
What is the primary purpose of a VPN in an organization?
Signup and view all the answers
What is the primary goal of a good information-security policy?
Signup and view all the answers
What is a potential consequence of implementing overly restrictive security measures?
Signup and view all the answers
What is an essential aspect of physical security?
Signup and view all the answers
What is a recommended practice for personal information security?
Signup and view all the answers
Study Notes
Security Measures
- Train employees to avoid giving away passwords to prevent cheating by security personnel.
Email Phishing
- Phishing occurs when a user receives an email that appears to be from a trusted source, such as a bank or employer.
- The user is asked to click a link and log in to a fake website that mimics the genuine website.
- The user's ID and password are then captured by the attacker.
Backups
- A comprehensive backup plan is essential for the entire organization.
- Data on corporate servers and individual computers should be backed up regularly.
Firewalls
- Firewalls can exist as hardware or software (or both).
- A hardware firewall is a device that filters packets based on a set of rules.
- A software firewall runs on the operating system and intercepts packets as they arrive.
- Firewalls protect all company servers and computers by stopping packets from outside the organization's network that do not meet a strict set of criteria.
Intrusion Detection Systems (IDS)
- IDS is a device that can be placed on the network for security purposes.
- IDS does not add any additional security, but instead, identifies if the network is being attacked.
- IDS can be configured to watch for specific types of activities and alert security personnel if that activity occurs.
Virtual Private Network (VPN)
- VPN allows users outside of a corporate network to access internal resources by taking a detour around the firewall.
- VPN uses firewalls and other security technologies to make internal resources invisible to the outside world.
Physical Security
- Physical security is the protection of the actual hardware and networking components that store and transmit information resources.
- Measures include locked doors, physical intrusion detection (cameras), and environmental monitoring (temperature, humidity, and airflow).
- Employee training is also essential for physical security.
Security Policies
- A good information-security policy lays out guidelines for employee use of company resources and provides recourse in case of policy violations.
- Policies must balance the need for security with users' need to access and use resources effectively.
Personal Information Security
- Keep software up to date.
- Install and update antivirus software regularly.
- Be cautious when making connections.
- Backup data regularly.
- Use two-factor authentication to secure accounts.
- Use long, strong, and unique passwords.
- Be suspicious of strange links and attachments.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
This quiz covers cybersecurity best practices, including training employees to keep passwords secure, recognizing email phishing scams, and creating comprehensive backup plans for organizations.
