Security Basics Collection

Security Basics

Audience: General End User (All)
Difficulty Level: Foundational
Time: 22 modules, ≈1-2 minutes each + 3 Questions per module
Availability: Available on Training as Independent Modules. Do not need to be assigned or watched together, designed to stand independently.
Modules: 

• Data Classification (0:58 Video)
• Device Security (1:00 Video)
• Encryption (1:13 Video)
• Insider Threats (1:03 Video)
• Internet of Things (IoT) (1:03 Video)
• Malware (0:58 Video)
• Multifactor Authentication (MFA) (1:15 Video)
• Mobile Security (1:00 Video)
• Password Managers (1:05 Video)
• Phishing (1:14 Video)
• Physical Security (1:08 Video)
• Policy Violations (0:58 Video)
• Reusing Passwords (1:04 Video)
• Securing Your Apps (0:55 Video)
• Shadow IT (1:24 Video)
• Sharing Passwords (0:57 Video)
• Smishing (1:00 Video)
• Spearphishing (1:02 Video)
• Tailgating (0:54 Video)
• Vishing (1:33 Video)
• Whaling (0:58 Video)
• Working Remotely (1:14 Video)

---

Trailer:

Marketing Materials: Security Basics Marketing Kit

---

Major Themes: For the end user starting at square one, jumping into the deep end of cybersecurity training can be overwhelming. Help them get their feet wet first with these awareness-oriented, introductory training modules.

Major Learning Concepts:

• Data Classification
  • Definition of data classification
  • Public vs private data
  • Filing information correctly
  • Organizing data
  • Shredding physical documents

• Device Security
  • Locking unattended devices
  • Updating devices
  • Stowing unattended devices

• Encryption
  • How encryption
  • Uses of encryption
  • Encrypting devices
  • When to encrypt

• Insider Threats
  • Definition of an insider
  • Dangers of insider threats
  • Intentional vs accidental insiders
  • Following policy

• Internet of Things (IoT)
  • Internet connected devices
  • Changing default passwords
  • Device updates

• Malware
  • Definition of malware
  • Uses of malware
  • Updating devices
  • Shady internet downloads
  • Malicious links

• Multifactor Authentication (MFA)
  • Definition of multifactor authentication
  • Types of MFA
  • Credentials on the dark web
  • Dangers of reusing passwords

• Mobile Security
  • Sensitive data on mobile phones
  • Strong passcodes
  • Auto-connecting to unknown networks
  • Spoofed WiFi networks
  • Remote wiping

• Password Managers
  • Functions of a password manager
  • Password encryption
  • Sharing passwords

• Phishing
  • Definition of phishing
  • Malicious links and attachments
  • Red flags for phishing
  • Reporting suspicious messages

• Physical Security
  • Purpose of physical security
  • Relationship between physical and cyber security
  • Reporting suspicious activity

• Policy Violations
  • Clean desk policy
  • Password length
  • ID badges
  • Importance of following policy

• Reusing Passwords
  • Dangers of reusing passwords
  • Password compromise
  • Passphrases
  • Password managers

• Secure Your Apps
  • Avoiding untrusted app downloads
  • Malicious apps

• Shadow IT
  • Definition of Shadow IT
  • Dangers of untrusted software
  • Personal responsibility
  • IT approval of new software

• Sharing Passwords
  • Expanding circle of trust
  • Keeping control of accounts

• Smishing
  • Smishing definition
  • Personal responsibility
  • Staying safe

• Spearphishing
  • Spear-Phishing definition
  • Red flags for spear-phishing
  • Who’s at risk

• Tailgating
  • Tailgating definition
  • Staying safe
  • Reporting suspicious activity

• Vishing
  • Vishing definition
  • Staying safe

• Whaling
  • Whaling definition
  • Who’s at risk
  • Reporting suspicious activity

• Working Remotely
  
  • Untrusted WiFi
  • VPNs
  • Shoulder surfing
  • Locking unattended devices