Phishing
What is the primary goal of phishing attacks?
Describe what a trojan virus is, and why it's so dangerous.
It is a virus that is disguised as a real program and can infect your system, deleting, giving access to, etc your data.
Suppose an employee consistently bypasses security protocols to access sensitive data, citing convenience as the reason. How would you address this situation while balancing security needs with employee productivity?
Addressing the situation of an employee bypassing security protocols would involve a combination of disciplinary action, retraining on security policies, and implementing technical controls such as multi-factor authentication. Balancing security and productivity requires clear communication of the risks associated with non-compliance and providing alternative solutions that meet both security and usability needs.
What is the primary goal of cybersecurity?
The primary goal of cybersecurity is to protect computer systems, networks, and data from unauthorized access, theft, and damage while ensuring confidentiality, integrity, and availability.
What is a firewall, and how does it contribute to network security?
A firewall is a network security device or software that monitors and controls incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between a trusted internal network and untrusted external networks, filtering traffic to prevent unauthorized access and protect against cyber threats.
What is a common red flag in phishing emails that creates a sense of urgency?
Urgent language, Typos, Fishy Domain Name, Incorrect email address, unfamiliar person
What is the term for malware that encrypts a user's files and demands a ransom for their release?
Ransomware.
You discover during a security audit that several employees have been sharing passwords to access company systems. How would you enforce stronger authentication practices while educating employees on the importance of maintaining individual account security?
Enforcing stronger authentication practices could involve implementing single sign-on solutions or password managers to simplify password management for employees while still maintaining security. Education on the risks of password sharing and the importance of safeguarding individual accounts is crucial to changing behavior.
What is a strong password, and why is it important for cybersecurity?
A strong password is one that is complex, long, and unique, consisting of a combination of letters, numbers, and special characters. It is important for cybersecurity because it helps prevent unauthorized access to accounts and systems by making it more difficult for attackers to guess or brute-force passwords.
What is encryption, and how does it enhance network security?
Encryption is the process of encoding data to make it unreadable to unauthorized users. In network security, encryption is used to protect data in transit over the network, such as emails, file transfers, and online transactions. By encrypting data, even if intercepted by attackers, it remains secure and unreadable without the decryption key.
How does multi-factor authentication enhance security against phishing?
It provides an extra layer of security, which will protect you if your first line of defense fails.
Imagine you are a network administrator and receive a report from an employee that their computer is displaying a ransomware message. What immediate steps would you take to contain the situation, and what measures would you implement to prevent such incidents in the future?
Immediate steps to contain the ransomware situation would include disconnecting the infected computer from the network to prevent further spread, notifying relevant stakeholders about the incident, and initiating a backup restoration process if available. To prevent such incidents in the future, measures could include regular software updates, employee training on recognizing phishing attempts, and implementing robust antivirus and intrusion detection systems.
A new security policy mandates that employees must use personal email accounts to communicate sensitive company information to clients. Is this an appropriate approach to safeguarding company data? Why or why not?
No, this is not an appropriate approach. Using personal email accounts for company communication increases the risk of data breaches and violates security best practices. Personal email accounts may lack the necessary encryption and security controls required to protect sensitive information, making it vulnerable to interception or unauthorized access.
What is phishing, and how can individuals recognize and avoid falling victim to phishing attacks?
Phishing is a type of cyber attack where attackers impersonate legitimate entities to trick individuals into revealing sensitive information such as passwords or credit card numbers. Individuals can recognize phishing attempts by checking for suspicious email addresses, links, or attachments, and by verifying requests for personal or financial information through alternative means of communication.
What is a Virtual Private Network (VPN), and how does it provide secure remote access to corporate networks?
A Virtual Private Network (VPN) is a technology that establishes a secure, encrypted connection over a public network, such as the internet, allowing users to access resources on a corporate network remotely. VPNs encrypt data transmitted between the user's device and the corporate network, protecting it from interception and ensuring confidentiality.
In phishing, what social engineering tactic relies on pretending to be a trustworthy entity?
Impersonation, pretending to be someone/a company you know, using prior knowledge to persuade.
You noticed that when you opened an email attachment, there was a file that instantly started downloading - you delete the file, so you think all is good. Do you do anything else?
Report it to the security response team and tell them what happened.
A security policy requires employees to change their passwords every month, but many employees find this practice burdensome and time-consuming. Would relaxing the password expiration policy compromise security, or are there alternative measures that could be implemented?
Relaxing the password expiration policy could compromise security by potentially allowing attackers more time to crack passwords. However, alternative measures such as implementing multi-factor authentication, using biometric authentication methods, or increasing password complexity requirements could enhance security without imposing frequent password changes.
What is antivirus software, and how does it protect against malware?
Antivirus software is a program designed to detect, prevent, and remove malicious software (malware) from computer systems. It works by scanning files and programs for known patterns or signatures associated with malware and by monitoring system activity for suspicious behavior.
What is an Intrusion Detection System (IDS), and how does it help detect and respond to network security threats?
An Intrusion Detection System (IDS) is a security tool that monitors network traffic for suspicious activity or signs of potential security threats. It analyzes network packets and system logs to detect anomalies, such as unauthorized access attempts or unusual traffic patterns. When suspicious activity is detected, the IDS generates alerts, enabling security personnel to investigate and respond to potential threats promptly.
What should individuals verify to confirm the legitimacy of a website before providing sensitive information?
Secure connection, trusted certificate, reviews online
Scenario: You click on a link while at work and suddenly, you are unable to access your computer, and a screen is displayed saying pay $1,000,000 to free your data! You have a $1,000,000 credit limit with your company card - what do you do?
Report it to manager, supervisor, Info Sec Team, or whatever steps are outlined in the incidence response plan.
In response to a recent security breach, management decides to implement a policy prohibiting employees from using USB flash drives on company computers. Is this an effective strategy for preventing future breaches, or are there potential drawbacks to this approach?
Prohibiting USB flash drives may reduce the risk of malware transmission via infected drives, but it may also hinder productivity and collaboration among employees who rely on USB drives for legitimate purposes. Additionally, this policy may not address other potential avenues for data exfiltration or unauthorized access. A more comprehensive approach to security, such as implementing endpoint security solutions or restricting access to sensitive data, may be necessary to mitigate risks effectively.
Why is it important to keep software and operating systems up to date with the latest security patches?
It is important to keep software and operating systems up to date with the latest security patches to mitigate vulnerabilities that could be exploited by attackers to gain unauthorized access or compromise system integrity. Patching vulnerabilities helps prevent security breaches and ensures the continued effectiveness of security measures.
What is Two-Factor Authentication (2FA), and why is it an important security measure for network access?
Two-Factor Authentication (2FA) is a security mechanism that requires users to provide two different authentication factors to verify their identity before granting access to a network or system. Typically, these factors include something the user knows (such as a password) and something the user has (such as a mobile device or security token). 2FA enhances network security by adding an extra layer of protection against unauthorized access, even if passwords are compromised.