General
Security Awareness
Security Awareness
The group responsible for information security.
Who is everyone?
When a person enters a secured building right after another person without badging in.
What is piggybacking?
A string of words that must be used to gain access to a computer system or service.
What is a passphrase?
An attack in which the threat actor poses as a trusted person or organization to trick potential victims into sharing sensitive information or sending them money.
What is phishing?
A formal document that outlines the guidelines, principles and expectations governing various aspects of an organization's expectations.
What is a Policy?
The ongoing process of educating and training individuals to understand cyber threats, such as phishing and malware, and to adopt behaviors that protect sensitive information and systems from compromise
Cybersecurity Awareness
Visitors to our company locations are required to sign-in at the reception desk upon entering the facility. Sign-in tracking will be accomplished through the use of this type of documentation.
What is a visitor control log?
Writing down passwords on this makes it easier to remember, but increases the risk of someone finding it.
What is a post-it note?
The action you should take when your receive a suspicious email.
What is report as suspicious? (Phish Alert Button)
A cybersecurity exercise where an organization sends fake phishing emails to its employees to assess their ability to recognize and respond to phishing attempts
What is ta phishing test?
This type of information consists of 18 identifiers such as: Name, Address, Birthday, Phone Number, Fax Number, Email Address, Social Security Number, Medical Record Number, Health plan beneficiary number, etc.
What is PII?
A good practice that consists of locking up confidential documents, locking your screen, and ensuring your area is secure before walking away.
What is a clean desk?
A technology tool that helps internet users create, save, manage and use passwords across different online services.
What is a password manager?
The use of personality, knowledge of human nature and social skills to steal passwords, key tokens or other credentials to gain access to systems.
What is Social Engineering?
Where are all polices located for review?
SharePoint
The action one should take in the event a work device is lost or stolen.
What is report? (or notify IT)
A place to dispose of confidential documents.
What is a secure shred bin?
An identification method that enables users to log in to multiple applications and websites with one set of credentials.
What is SSO? (or Single Sign On)
An umbrella term for different kinds of malicious software and is defined as any executable code that uses a computer in a way not authorized by it's owner.
What is malware?
This policy requires annual review and sign off by all employees.
What is the Comprehensive Information Security Policy (CISP)?
Instances where personal information is lost, stolen, hacked into, or accessed without permission.
What is a data breach?
A security protection that automatically occurs when a device has been inactive for a certain amount of time.
What is screen lockout?
123456, 123456789, qwerty, password, 12345, qwerty123, 1q2w3e, 12345678, 111111, 1234567890
What are the 2022 top 10 most common passwords?
A video of a person in which their face or body has been digitally altered so that they appear to be someone else, typically used maliciously or to spread false information.
What is a deepfake?