Basic Security Awareness Training
0 of 5 questions completed
Welcome to the Basic Security Awareness Training program
The Basic Security Awareness Training and Testing program provides a general cybersecurity hygiene and best-practices for a variety of aspects you will commonly come into contact with.
As an organization member, you need to understand these threats and take precautionary measures to avoid these threats posing a risk to your place of business but also to you personally.
Topics covered in this review
- Cybersecurity Basics
- Physical Security
- Vendor Security
After completing this course, you will be able to:
- Explain the key security principles related to the Basic Security Awareness Training and Testing program.
- Explain mitigation techniques for the common threats illustrated .
- Help your organization demonstrate security awareness training objectives for compliance and best-practice security purposes.
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
0 of 5 questions answered correctly
Time has elapsed
You have reached 0 of 0 points, (0)
The Basic Security Awareness Training and Testing program leverages a variety of best-practice cybersecurity guidance that is applicable to all organizations and individuals.
The Lazarus Alliance Blog: https://lazarusalliance.com/updates/
Get the latest in security news and awareness from the Lazarus Alliance Cybervisors as well as daily industry breach reports from the experts in Proactive Cyber Security.
We recommend you keep a copy of your results for your personal training records and continuing educational credit purposes. Additionally, your company audit, compliance, security or human resource department may require it so please forward a copy to them as well.
This concludes the Basic Security Awareness Training and Testing program. Please click the Exit Course button, or close this browser window to finish the course.
Thank you for participating and helping to improve security awareness. If Lazarus Alliance may ever be of service to you for audit & compliance, risk assessment & management, governance & policies, vulnerability & penetration testing or our Cybervisor® services, please let us know.
Question 1 of 5
Protecting your files and devices
- Update your software: This includes your apps, web browsers, and operating systems. Set updates to happen automatically.
- Secure your files: Back up important files offline, on an external hard drive, or in the cloud. Make sure you store your paper files securely, too.
- Require passwords: Use passwords for all laptops, tablets, and smartphones. Don’t leave these devices unattended in public places.
- Encrypt devices: Encrypt devices and other media that contain sensitive personal information. This includes laptops, tablets, smartphones, removable drives, backup tapes, and cloud storage solutions.
- Use multi-factor authentication: Require multi-factor authentication to access areas of your network with sensitive information. This requires additional steps beyond logging in with a password — like a temporary code on a smartphone or a key that’s inserted into a computer.
Protecting your wireless network
- Secure your router: Change the default name and password, turn off remote management, and log out as the administrator once the router is set up.
- Use at least WPA2 encryption: Make sure your router offers WPA2 or WPA3 encryption, and that it’s turned on. Encryption protects information sent over your network so it can’t be read by outsiders.
Which of the following techniques can be used to protect against phishing attacks?Correct
Question 2 of 5
How Phishing Works
- You get an email or text: It seems to be from someone you know, and it asks you to click a link, or give your password, business bank account, or other sensitive information.
- It looks real: It’s easy to spoof logos and make up fake email addresses. Scammers use familiar company names or pretend to be someone you know.
- It’s urgent: The message pressures you to act now — or something bad will happen.
- What happens next: If you click on a link, scammers can install ransomware or other programs that can lock you out of your data and spread to the entire company network. If you share passwords, scammers now have access to all those accounts.
What You Can Do
Before you click on a link or share any of your sensitive business information:
- Check it out: Look up the website or phone number for the company or person behind the text or email. Make sure that you’re getting the real company and not about to download malware or talk to a scammer.
- Talk to someone: Talking to a colleague might help you figure out if the request is real or a phishing attempt.
- Make a call if you’re not sure: Pick up the phone and call that vendor, colleague, or client who sent the email. Confirm that they really need information from you. Use a number you know to be correct, not the number in the email or text.
Which of the following strategies are effective ways to protect your business?Correct
Question 3 of 5
How It Happens
- Scam emails: with links and attachments that put your data and network at risk. These phishing emails make up most ransomware attacks.
- Server vulnerabilities: which can be exploited by hackers.
- Infected websites: that automatically download malicious software onto your computer.
- Online ads: that contain malicious code — even on websites you know and trust.
From the list below, which methods are effective to protect your business and yourself?Correct
Question 4 of 5
HOW TO PROTECT EQUIPMENT & PAPER FILES
Here are some tips for protecting information in paper files and on hard drives,
flash drives, laptops, point-of-sale devices, and other equipment.
- Store securely: When paper files or electronic devices contain sensitive information, store them in a locked cabinet or room.
- Limit physical: access When records or devices contain sensitive data, allow access only to those who need it.
- Send reminders: Remind employees to put paper files in locked file cabinets, log out of your network and applications, and never leave files or devices with sensitive data unattended.
- Keep stock: Keep track of and secure any devices that collect sensitive customer information. Only keep files and data you need and know who has access to them.
When protecting data on your devices, which of the following methods are effective?Correct
Question 5 of 5
HOW TO MONITOR YOUR VENDORS
- Put it in writing: Include provisions for security in your vendor contracts, like a plan to evaluate and update security controls, since threats change. Make the security provisions that are critical to your company non-negotiable.
- Verify compliance: Establish processes so you can confirm that vendors follow your rules. Don’t just take their word for it. Leveraging vendor risk automation is an effective way to help monitor vendors.
- Make changes as needed: Cybersecurity threats change rapidly. Make sure your vendors keep their security up to date.
What are the best steps below to follow if you suspect a data breach?Correct