Basic Security Awareness Training
0 of 6 questions completed
Welcome to the Basic Security Awareness Training program
The Basic Security Awareness Training and Testing program provides a general cybersecurity hygiene and best-practices for a variety of aspects you will commonly come into contact with.
As an organization member, you need to understand these threats and take precautionary measures to avoid these threats posing a risk to your place of business but also to you personally.
Topics covered in this review
- Cybersecurity Basics
- Physical Security
- Vendor Security
After completing this course, you will be able to:
- Explain the key security principles related to the Basic Security Awareness Training and Testing program.
- Explain mitigation techniques for the common threats illustrated .
- Help your organization demonstrate security awareness training objectives for compliance and best-practice security purposes.
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
0 of 6 questions answered correctly
Time has elapsed
You have reached 0 of 0 points, (0)
The Basic Security Awareness Training and Testing program leverages a variety of best-practice cybersecurity guidance that is applicable to all organizations and individuals.
The Lazarus Alliance Blog: https://lazarusalliance.com/updates/
Get the latest in security news and awareness from the Lazarus Alliance Cybervisors as well as daily industry breach reports from the experts in Proactive Cyber Security.
We recommend you keep a copy of your results for your personal training records and continuing educational credit purposes. Additionally, your company audit, compliance, security or human resource department may require it so please forward a copy to them as well.
This concludes the Basic Security Awareness Training and Testing program. Please click the Exit Course button, or close this browser window to finish the course.
Thank you for participating and helping to improve security awareness. If Lazarus Alliance may ever be of service to you for audit & compliance, risk assessment & management, governance & policies, vulnerability & penetration testing or our Cybervisor® services, please let us know.
Question 1 of 6
Protecting your files and devices
- Update your software: This includes your apps, web browsers, and operating systems. Set updates to happen automatically.
- Secure your files: Back up important files offline, on an external hard drive, or in the cloud. Make sure you store your paper files securely, too.
- Require passwords: Use passwords for all laptops, tablets, and smartphones. Don’t leave these devices unattended in public places.
- Encrypt devices: Encrypt devices and other media that contain sensitive personal information. This includes laptops, tablets, smartphones, removable drives, backup tapes, and cloud storage solutions.
- Use multi-factor authentication: Require multi-factor authentication to access areas of your network with sensitive information. This requires additional steps beyond logging in with a password — like a temporary code on a smartphone or a key that’s inserted into a computer.
Protecting your wireless network
- Secure your router: Change the default name and password, turn off remote management, and log out as the administrator once the router is set up.
- Use at least WPA2 encryption: Make sure your router offers WPA2 or WPA3 encryption, and that it’s turned on. Encryption protects information sent over your network so it can’t be read by outsiders.
Which of the following techniques can be used to protect against phishing attacks?Correct
Question 2 of 6
How Phishing Works
- You get an email or text: It seems to be from someone you know, and it asks you to click a link, or give your password, business bank account, or other sensitive information.
- It looks real: It’s easy to spoof logos and make up fake email addresses. Scammers use familiar company names or pretend to be someone you know.
- It’s urgent: The message pressures you to act now — or something bad will happen.
- What happens next: If you click on a link, scammers can install ransomware or other programs that can lock you out of your data and spread to the entire company network. If you share passwords, scammers now have access to all those accounts.
What You Can Do
Before you click on a link or share any of your sensitive business information:
- Check it out: Look up the website or phone number for the company or person behind the text or email. Make sure that you’re getting the real company and not about to download malware or talk to a scammer.
- Talk to someone: Talking to a colleague might help you figure out if the request is real or a phishing attempt.
- Make a call if you’re not sure: Pick up the phone and call that vendor, colleague, or client who sent the email. Confirm that they really need information from you. Use a number you know to be correct, not the number in the email or text.
Which of the following strategies are effective ways to protect your business?Correct
Question 3 of 6
Malware includes viruses, spyware, and other unwanted software that gets installed on your computer or mobile device without your consent. These programs can cause your device to crash, and can be used to monitor and control your online activity. They also can make your computer vulnerable to viruses and deliver unwanted or inappropriate ads. Criminals use malware to steal personal information, send spam, and commit fraud.
Scam artists try to trick people into clicking on links that will download viruses, spyware, and other unwanted software — often by bundling it with popular free downloads. To reduce your risk of downloading malware:
- Install and update security software, and use a firewall. Set your security software, internet browser, and operating system (like Windows or Mac OS X) to update automatically.
- Don’t change your browser’s security settings. You can minimize “drive-by” or bundled downloads if you keep your browser’s default security settings.
- Pay attention to your browser’s security warnings. Many browsers come with built-in security scanners that warn you before you visit an infected webpage or download a malicious file.
- Instead of clicking on a link in an email, type the URL of a trusted site directly into your browser. Criminals send emails that appear to be from companies you know and trust. The links may look legitimate, but clicking on them could download malware or send you to a scam site.
- Don’t open attachments in emails unless you know who sent it and what it is. Opening the wrong attachment — even if it seems to be from friends or family — can install malware on your computer.
- Get well-known software directly from the source. Sites that offer lots of different browsers, PDF readers, and other popular software for free are more likely to include malware.
- Read each screen when installing new software. If you don’t recognize a program, or are prompted to install additional “bundled” software, decline the additional program or exit the installation process.
- Don’t click on popups or banner ads about your computer’s performance. Scammers insert unwanted software into banner ads that look legitimate, especially ads about your computer’s health. Avoid clicking on these ads if you don’t know the source.
- Scan USBs and other external devices before using them. These devices can be infected with malware, especially if you use them in high traffic places, like photo printing stations or public computers.
- Talk about safe computing. Tell your friends and family that some online actions can put the computer at risk: clicking on pop-ups, downloading “free” games or programs, opening chain emails, or posting personal information.
- Back up your data regularly. Whether it’s your taxes, photos, or other documents that are important to you, back up any data that you’d want to keep in case your computer crashes.
Monitor your computer for unusual behavior. Your computer may be infected with malware if it:
- slows down, crashes, or displays repeated error messages
- won’t shut down or restart
- serves a barrage of pop-ups
- serves inappropriate ads or ads that interfere with page content
- won’t let you remove unwanted software
- injects ads in places you typically wouldn’t see them, such as government websites
- displays web pages you didn’t intend to visit, or sends emails you didn’t write
Other warning signs of malware include:
- new and unexpected toolbars or icons in your browser or on your desktop
- unexpected changes in your browser, like using a new default search engine or displaying new tabs you didn’t open
- a sudden or repeated change in your computer’s internet home page
- a laptop battery that drains more quickly than it should
Get Rid of Malware
If you suspect there is malware on your computer, take these steps:
- Stop shopping, banking, and doing other online activities that involve user names, passwords, or other sensitive information.
- Update your security software, and then scan your computer for viruses and spyware. Delete anything it identifies as a problem. You may have to restart your computer for the changes to take effect.
- Check your browser to see if it has tools to delete malware or reset the browser to its original settings.
- If your computer is covered by a warranty that offers free tech support, contact the manufacturer. Before you call, write down the model and serial number of your computer, the name of any software you’ve installed, and a short description of the problem.
- Many companies — including some affiliated with retail stores — offer tech support. Telephone and online help usually are less expensive, but online search results might not be the best way to find help. Tech support scammers pay to boost their ranking in search results so their websites and phone numbers appear above those of legitimate companies. If you want tech support, look for a company’s contact information on their software package or on your receipt.
If you think your computer or server has malware, your security department wants to know. File a complaint!
Considering all the different ways your computer may become infected with malware, which if the following bad computing habits or activities will put you and your company at risk?Correct
Question 4 of 6
How It Happens
- Scam emails: with links and attachments that put your data and network at risk. These phishing emails make up most ransomware attacks.
- Server vulnerabilities: which can be exploited by hackers.
- Infected websites: that automatically download malicious software onto your computer.
- Online ads: that contain malicious code — even on websites you know and trust.
From the list below, which methods are effective to protect your business and yourself?Correct
Question 5 of 6
HOW TO PROTECT EQUIPMENT & PAPER FILES
Here are some tips for protecting information in paper files and on hard drives,
flash drives, laptops, point-of-sale devices, and other equipment.
- Store securely: When paper files or electronic devices contain sensitive information, store them in a locked cabinet or room.
- Limit physical: access When records or devices contain sensitive data, allow access only to those who need it.
- Send reminders: Remind employees to put paper files in locked file cabinets, log out of your network and applications, and never leave files or devices with sensitive data unattended.
- Keep stock: Keep track of and secure any devices that collect sensitive customer information. Only keep files and data you need and know who has access to them.
When protecting data on your devices, which of the following methods are effective?Correct
Question 6 of 6
HOW TO MONITOR YOUR VENDORS
- Put it in writing: Include provisions for security in your vendor contracts, like a plan to evaluate and update security controls, since threats change. Make the security provisions that are critical to your company non-negotiable.
- Verify compliance: Establish processes so you can confirm that vendors follow your rules. Don’t just take their word for it. Leveraging vendor risk automation is an effective way to help monitor vendors.
- Make changes as needed: Cybersecurity threats change rapidly. Make sure your vendors keep their security up to date.
What are the best steps below to follow if you suspect a data breach?Correct