5.6 Flashcards

Security awareness, user training

1
Q

An activity that an organization does to lure their employees into clicking a fake phishing link

A

Phishing campaign

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A process that searches for risky, unexpected, or unintentional behavior of a person or service. This process is often automated.

Ex. modifying host files, replacing core OS files uploading sensitive files

Logging in from another country, increase in data transfers

Typing the wrong domain name, misplacing USB drives, misconfiguring security settings

A

Anomalous behavior recognition

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A specialized team in an organization that establishes security awareness, integrates user training, assesses the performance of security awareness programs, and may even create customized training courses for the specific security standards in use for the organization.

A

Security awareness team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

An attribute of end users where they are always looking for security threats or unusual activity. They need to be ready for anything.

A

Situational awareness

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Security concerns for hybrid/remote work environments (3)

A

Access from family and friends
Endpoint security
Security policies for VPN access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A security perspective of looking at the network from the attacker’s perspective: What information is especially sensitive, and what will an attacker want? This data should have more security measures than others.

A

Operational security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly