Communication Security
This is an un-solicited email that is requesting your personal information like social security number or bank details, for verification.
What is a phishing email?
You find a USB flash drive on the street; you take it back and plug it into your office/home computer. You risk spreading this into your network.
What is "virus"/"worm"/"malware"?
This is how public Wi-Fi generally passes information, which is readable by other computers and users.
What is "clear text"?
This is the proper way to dispose of confidential or sensitive paper documents.
What is "shredding/crosscut shredding"?
You can use this setting on your social media sites such as Facebook or twitter to prevent people unknown to you from accessing your information.
What is "privacy"?
This action involves using the mouse cursor to show the actual link, without clicking on the link, in an email or web page?
What is the "mouse hover"?
These are tools primarily focused on detecting and investigating suspicious activity on hosts or endpoints.
What is "Endpoint Defend and Response (EDR)"?
This type of information should never be accessed or transmitted over unencrypted networks.
What is "confidential or sensitive"?
This free tool, available to anyone, stops all access to credit reports until removed.
What is a "credit freeze"?
This type of software provides a safe way to store your passwords securely.
What is a password manager?
This person is in the front-line of defense against Phishing.
Who is the "individual person" / "user" / "end user" / "I" / "me" ?
Your computer has a new file on the desktop that describes that all your files were encrypted and demands ransom via bitcoin for their release. This is the best defense against losing information from such a ransomware.
What are "backups" or "offline backups"?
You should use this setting in your home Wi-Fi router for wireless network privacy, performance and security.
What is "WPA2/higher with AES encryption"?
This government website helps individuals who have been victims of identity theft or data breaches get started with recovery.
What is "www.identitytheft.gov"?
This is an internet-based practice of researching and publicly broadcasting private or identifying information about an individual or organization for malicious intent.
What is "doxing/doxxing"?
This email attack targets an individual or department by incorporating personal information such as name, title or address in an attempt to legitimize the email.
What is "spear phishing"?
Most websites use this technique to prevent malicious actors/computer programs repeatedly submitting junk by verifying the submitter is human. The technique often involves reading and typing text from an image or identifying same type images such as cars or other items in them. Name the technique.
What is a "CAPTCHA" "Re-CAPTCHA"?
This type of network attack originates from many sources, floods the victim's system or service with superfluous requests to attempt overloading the service and prevent some or all legitimate requests.
What is "Distributed Denial of Service"?
You maintain a customer database that includes Social Security Numbers, Personally Identifiable Information (PII). You have been notified that the company hosting your customer database has been compromised. This response activity demonstrates due diligence to affected parties.
What is "Notification of affected businesses and individuals"?
This is a form of protection grounded in the US Constitution and granted by law for original works of authorship in a tangible medium of expression.
What is a "Copyright"?
This type of attack uses manipulation by tapping into powerful emotions such as relationship, authority, fear, urgency, and greed.
What is "social engineering"?
This refers to a category of security solutions that defend against sophisticated malware or hacking based attacks targeting sensitive data. It includes a combination of endpoint agents, network devices, email gateways, malware protection systems and a management console to coordinate alerts and manage defenses.
What is "Advanced Threat Protection (ATP)"?
This network security device monitors incoming and outgoing traffic and decides whether to allow or block. It also performs Intrusion Prevention, controls and blocks risky apps.
What is "Next generation firewall" or "Unified Threat Management"?
This extra layer of security protection to an account that requires something you know (password), and something you have such as an app, a token, or code sent to your phone.
What is "Multi-factor authentication"?
Your enterprise buys software from a vendor. Recently your anti-virus detects malicious code in the software. This would be an example of.
What is "Software Supply Chain Attack"?