Information
Document providing direction on how to create, use, store and protect data.
What is The Information Systems Policy?
You look for me every morning...
What is the all clear signal?
A method for trying to get a target to try and provide information, or to complete an action that is not in their best interest?
What is Manipulation or persuasion?
They are people who traditionally tried to gain access to computers remotely to learn more and for intellectual curiosity, and love black hoodies.
Who are hackers?
The best defense against Stale Credentials
What is a MFA
Someone responsible for the safe handling of data.
What is a data custodian?
Used to detect an intruder entering through a window.
What is a Glass Break sensor?
A Social Engineering ploy used to trick a target into performing an action by masquerading as a co-worker
What is an Abuse of Trust
Is the risk presented to an organization by current or past employees who have knowledge of how the organization works and what and where the most valuable (damaging) information might reside.
What is Insider threat?
The list of computers, laptops, software, equipment owned by an organization.
What is Inventory?
Any combination of your name, your home address or phone number, credit card or account numbers or social security number.
What is PII? (or Personally Identifiable Information)
A type of lock that uses codes, found on doors to restricted areas
What is a cypher lock?
The process of attempting to acquire sensitive information through email by masquerading as a trustworthy entity
What is phishing?
These are well run groups of crooks who methodically look for computer vulnerabilities to steal large numbers of financial or credit card accounts for financial profit.
Who are organized crime groups?
We keep three copies, in more than two locations and one is off-site
What are Backups
The Principal of restricting users to only the information or systems that they need.
What is the principal of least privilege.
Overlapping layers of protection put in place so that if one layer fails other layers succeed in protecting is known as....
What is Defense in Depth?
Sending emails from a trusted account in order to fraudulently receive payments or gather information.
What is Business email Compromise?
The bar for entry to commit Cybercrime is low because of this common practice.
What is Credential Re-use
A method for separating portions of the network, and providing access to only those areas needed by a job role.
What is segmentation?
A legal notification directing you or the bank to preserve any documentary material that may be relevant to a pending or foreseeable lawsuit or administrative adjudication.
What is Litigation Hold?
The use of curved driveways, shrubs, trees, water features, and welcoming well lit areas.
What is Crime Prevention Through Environmental Design?
A social engineering ploy that turns our good Human Nature against us.
What is Norm Activation?
The reason People are the last and best line of defense is because we can apply...
What is Context
Combating Tactics, Techniques and Procedures (TTPs) used by attackers requires.....
What is PPT's (People Processes and Technology)