Drill

Question 1

Phising

Answer 1

attempting to get sensitive info such as usernames, passwords, and credit card details

Question 2

spear phishing

Answer 2

focused, targeted phishing attack on a specific person or organization, with the goal to penetrate their defenses

Question 3

phishing attack surface:

Answer 3

The amount of emails showing on the internet.

Question 4

Phish-prone Percentage:

Answer 4

that indicates the percentage of employees that are prone to click on phishing links. (A term coined by KnowBe4 )

Question 5

Console:

Answer 5

A user interface that manages and controls software and/or hardware.

Question 6

LMS (Learning Management System)

Answer 6

Is basically where e- learning content is housed, example Bridge

Question 7

Ransomware

Answer 7

Vicious malware that locks users out of their devices until a sum of money is paid.

Question 8

protected health information (PHI):

Answer 8

recorded info about a persons health status, including their health care coverage.

Question 9

personally identifiable information (PII)

Answer 9

Information that can be used on its own or with other info to identify, contact, or locate a single person

Question 10

PCI DSS (Payment Card Industry Data Security Standard):

Answer 10

A document published by Payment Card Industry.

Question 11

botnet:

Answer 11

network of robots that live on infected computers, and are controlled by the bad guys.

Question 12

security awareness training (SAT):

Answer 12

training that raises the awareness of a user to potential threats, and how to avoid them.

Question 13

Kevin Mitnick:

Answer 13

The World’s Most Famous Hacker.” and Kevin’s main contribution to KnowBe4 is his experience!

Question 14

The Six Steps to Successful Security Awareness Training (SAT)

Answer 14

Step 1: Have a security policy, and have each employee read and sign it.
Step 2: Have all employees take mandatory SAT (online), with a clear deadline and reasons why they’re taking the training.
Step 3: Make SAT part of the onboarding process (new hires in a company).
Step 4: Regularly test employees to reinforce the SAT its application.
Step 5: Employees who fails test to meet with HR
Step 6: Send regular hints and tips via email

Question 15

7 reasons why an organization would outsource security awareness training:

Answer 15

1. Reduce costs
2. Access to talent
3. Geographic reach and scalability
4. Compliance
5. Mitigate Risk
6. Business Focus
7. Leverage cost of technology.

Question 16

Defense in depth:

Answer 16

A security discipline that refers to having layers of protection in an IT infrastructure.

1. Policies, Procedures & Awareness
2. Perimeter
3. Internal Network
4. Host
5. Application
6. Data

Question 17

EEC (Email Exposure Check)

Answer 17

check to see how many emails are exposed of the company..

Question 18

Ransomware Simulator (RanSim):

Answer 18

allows users to see if their antivirus software is incorrectly blocking files.

Question 19

data breach:

Answer 19

The intentional or unintentional release of secure information to an un-trusted environment

Question 20

Phish Alert Button (PAB):

Answer 20

An email plugin that gives users a safe way to handle actual or potential phishing emails.