< All End User Security Awareness - 30 Minutes Notes

Raul | End User Security Awareness – 30 Minutes | End User's Guide to Security

By: Raul Pop | Related Course: End User Security Awareness - 30 Minutes | Published: May 6, 2017 | Modified: May 6, 2017
Join Cybrary

NotepadEmail Precautions and Procedures

Often email attachments are means of distributing malicious code

Many viruses will read an infected user’s email list and replicate itself to those users.Just because an email indicates it originates with a trusted source doesn’t mean that is true

Often by clicking these links your system becomes infected and you too will be propagating those links

Do not download files from unsolicited sources

Watch for poor grammar missspellings,urgent messages,pleas for money, etc.

Do not click on links in messages

Verifiy with known parties

Check the email address does it really match the text of the email?Use known links and contact.

 


NotepadFacility

The safety for our employees is PRIORITY NUMBER ONE!

Often a succesful attack originates with the attacker on the premise

Attackers can use a physical attack to lower a company’s defense 

Regulations/Laws apply even in the event of an emergency

Physical access can lead to theft or allow us to launch a network or other attack.


NotepadIntroduction

Protect the network, computers,application and data from attack on CIA Triad 

we care because estimates 250 billion loss

these attacks come from:

organized crime

terrorists

foreign nations

insiders

hacktivist

common thieves

Protecting your CIA also known as Covering your assets

CIA:

Confidentiality

Integrity

Availability 


NotepadMobile Devices

Portability makes them vulnerability

applications often share information

contact  are often available

secure blueetooth


NotepadProtecting Identities

We life in world of information sharing

PII=Personally Identifiable Information

-17 million people were victims of identity theft

-dont share information:

full name,mother’s maiden name,social security number,address,phone number,vehicle registration number,biometrics,other uniquely indentifying characteristics

 

What can we do?

Security your social security number

don’t respond to unsolicited requests

watch out for shulder surfers

review your receipts

shred receipt 

store personal information in a safe place

install firewalls and virus-detection software on your home computer


NotepadProtecting the Network

Network Attacks are the most common technical threat to a network

Can range from eavesdropping on data transfer to Denial of Service

Can cause compliance and regulartory issues

Can lead to compromise of customer data resulting in loss of revenue and law suits

Our systems can be used to attack others

 

What can we do?

 

use secure protocols(https)

protect psysical acces to your system

dont connect system to the network without the knowledge of the security team

don’t bring media to work from home without prior approval

scan all files before download

download from trusted sites

encrypt mail and other sensitive files


NotepadSocial Engineering

 Social Engineering may present the greatest threat to confidentiality today

-Phishing

-Pretexting

-Baiting

-Quid Pro Quo

-Tailgating

 

what can we do?

require multifactor authentification

trust no one

follow company policy

don’t succumb to pressure

install anti-malware

dont’ leave valueble information on your desk

when in doubt call your security team


NotepadWebsites

Protect against Malicious websites

Rogue websites are used to collect information,intercept information and distribute malicious software

 

Browser hijacking if a site wnt allow you to acces any other site be suspicious has your homepage or search engine been modified without your permission

 

Sites inundated with Buy now offers and pop-ups indicates trouble

Sites that say they have Scanned your computer and have detected viruses should always be treated with suspicious

Poorly built sites where it is difficult to find the information you are looking for.If every link seems to lead to an advertisement find a more legitimate site to conduct your business

 

Avoid suspicious sites

Use https

Dont download files

Dont ignore security warning

Dont change browser security settings


< All End User Security Awareness - 30 Minutes Notes
Join Cybrary

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel