True or False: Cybersecurity is only IT's responsibility.
False - everyone plays a role in keeping Ally safe
What is phishing?
When bad actors send fraudulent communications that appear to come from a legitimate and reputable source
SOC?
Security Operations Center
Is it okay to use the same password on multiple accounts?
No
False - you should never share your username and password
What should you do before leaving your computer?
Lock your screen.
Two potential red flags in a phishing email?
Sense of urgency, grammar or spelling errors, request for money, or an unfamiliar sender
PII?
Personally Identifiable Information
True or False: "Password123!" is a strong password.
False - this password is easy to guess and commonly used
What is a clean desk policy?
Keep sensitive information off your desk
True or False: Cyber threats only target top executives.
False - anyone can be a target
What should you do if you receive a suspicious email?
Don't click any links in the email and report it using the Report a Phish button
MFA?
Multi-Factor Authentication
What should you avoid including in your password?
Personal info like name and birthdate
True or False: I should not write my password on a sticky note.
True - writing your password down is an easy way for someone to steal your credentials
What are examples of sensitive information?
Social Security Number, DOB, First and Last name, Address
This term describes a phishing attempt sent by text message.
Smishing
VPN?
Virtual Private Network
What makes a strong password?
A mix of upper and lower case letters, numbers, and special characters that's at least 12 characters long
What do you do before throwing away sensitive printed documents?
Shred papers with confidential info
What does it mean when a website URL starts with “https”?
It’s a secure website that encrypts data you send.
What is “spear phishing”?
A targeted phishing attack aimed at a specific person or group, often using personal info to seem more convincing.
OSINT?
Open Source Intelligence
What does a password manager do?
Securely stores and generates strong passwords
What’s a good habit when hosting meetings with sensitive topics?
Make sure only authorized attendees are present