Give a definition of physical security
Physical security is the protection of personal, hardware, software, networks and data from physical actions, intrusions, and other events that could damage an organisation.
What characteristics make a password strong?
strong password should be long, include both uppercase and lowercase letters, numbers, and special characters. It’s also important not to reuse the same password for different accounts.
What is malware?
Malware, or malicious software, is a type of software which is intended to cause damage to a computer system, or to steal private information from a system.
Name some ways to avoid computer infection
Avoid unsavory Web sites; do not click pop-up ads; keep software patches and OS service packs up to date; install and activate security software/antivirus program.
Give a definition of information security
Information security (infosec) encompasses a broad set of strategies for managing the process, tools and policies that aim to prevent, detect and respond to assaults to both digital and non-digital information assets
How does two-factor authentication enhance account security?
Two-factor authentication requires users to provide two forms of identification (e.g., password and a one-time code sent to their phone) to access an account. It adds an extra layer of security beyond just a password.
Give some examples of malware and describe it briefly
Computer virus (replicates itself by modifying other computer programs), Trojan horse (seems to perform one action but actually does smth else), worm (can replicate itself without human interaction, transmitted via software vulnerabilities), spyware (monitors your online behavior without your knowledge).
Why is regular data backup crucial
Regular backups protect against data loss due to hardware failure, malware, or accidental deletion
What is an authentication protocol?
An authentication protocol is passwords, user IDs and biometric measures used to verify a person’s identity.
What is social engineering?
It is a manipulation technique that exploits human errors to gain private information, access, or valuables.
What are common signs of a phishing email?
Signs of phishing emails include misspelled URLs, urgent requests for personal information, and suspicious attachments
Name several security tips on computer theft
Never leave your portable computer unattended; use tracking and recovery software; if your computer got stolen, call IT to change your logins asap; secure your portable computers with anti-theft devices such as security locks.
Name some of the most common authentication protocols
User IDs, passwords, PIN, biometrics, etc
Name some common methods of social engineering.
Shouldering (shoulder surfing), pharming, phishing, baiting, tailgating, rogue antivirus, etc.
What’s the difference between phishing and vishing?
Phishing is a way of obtaining secret information by an attacker, in which the offender, using social engineering tools, makes the client to share his personal data. Vishing is one of the types of phishing, which also uses social engineering methods, but with the help of a phone call.
Measures to protect smartphones
Users should set strong device passwords, keep their operating systems and apps updated, avoid downloading apps from unofficial sources, and enable remote tracking and wiping features