PRESENTATION TITLE1

The Streetwise Security Awareness

Non-Trivial QuizVersion 1.0

Compiled by Scott WrightThe Streetwise Security Coach

http://www.streetwise-security-zone.com

Score 10 points for each correct

answer…

Creative Commons Licensed by Scott Wright.2 http://www.streetwise-security-zone.com

Identity Theft

Who had their Yahoo Email account hacked

in 2008?

1. Osama Bin Laden

2. Stephen Harper

3. Sarah Palin

4. Brittany Spears

Creative Commons Licensed by Scott Wright.3 http://www.streetwise-security-zone.com

Identity Theft

Who had their Yahoo Email account hacked

in 2008?

1. Osama Bin Laden

2. Stephen Harper

3. Sarah Palin

4. Brittany Spears

Most of the answers to Sarah Palin’s

Yahoo password reset questions were available from

Wikipedia. The hacker guessed where she met her husband…

Wasilla High School, Alaska

Creative Commons Licensed by Scott Wright.4 http://www.streetwise-security-zone.com

Safe Web Browsing

You can tell if a browser session is secure if…

1. The URL is prefixed with “secure://”

2. A pop-up dialog says “This is a secure session”

3. “Verified by Visa” appears on the web page

4. A “lock” icon appears beside the URL,or at the bottom of the browser window

Creative Commons Licensed by Scott Wright.5 http://www.streetwise-security-zone.com

Safe Web Browsing

You can tell if a browser session is secure if…

1. The URL is prefixed with “secure://”

2. A pop-up dialog says “This is a secure session”

3. “Verified by Visa” appears on the web page

4. A “lock” icon appears beside the URL,or at the bottom of the browser window

Creative Commons Licensed by Scott Wright.6 http://www.streetwise-security-zone.com

Endpoint Security

Antivirus programs are only effective when…

1. Viruses are at least 2 weeks old

2. Used together with Firewalls

3. Virus definitions are updated regularly

4. Computers are scanned in Safe Mode

Creative Commons Licensed by Scott Wright.7 http://www.streetwise-security-zone.com

Endpoint Security

Antivirus programs are only effective when…

1. Viruses are at least 2 weeks old

2. Used together with Firewalls

3. Virus definitions are updated regularly

4. Computers are scanned in Safe Mode

Creative Commons Licensed by Scott Wright.8 http://www.streetwise-security-zone.com

Information Security Risks

What is the most risky Internet application for enterprises?

(according to Ponemon Research Study 2008)

1. Limewire

2. Gmail

3. YouTube

4. Hotmail

Creative Commons Licensed by Scott Wright.9 http://www.streetwise-security-zone.com

Information Security Risks

What is the most risky Internet application for enterprises?

(according to Ponemon Research Study 2008)

1. Limewire

2. Gmail

3. YouTube

4. Hotmail

Top 10 risky applications…1- Limewire2- YouTube3- Gmail4- Hotmail5- Myspace6- Facebook7- Skype8- Google Desktop Search9- AIM10- Google Talk

Rated by IT Security Professionals in Enterprises (330

responses)

Creative Commons Licensed by Scott Wright.10 http://www.streetwise-security-zone.com

Information Security Risks

Use of unauthorized applications causes over half of reported…

1. Lost productivity

2. Identity theft

3. Virus infections on networks

4. Data loss incidents

Creative Commons Licensed by Scott Wright.11 http://www.streetwise-security-zone.com

Information Security Risks

Use of unauthorized applications causes over half of reported…

(according to InsightExpress Study 2008)

1. Lost productivity

2. Identity theft

3. Virus infections on networks

4. Data loss incidents

Other causes of Data Loss1- Misuse of corporate computers2- Unauthorized physical or network access3- Remote worker network copying4- Sharing of passwords, or weak passwords

100 IT professionals and 100 users surveyed.

Creative Commons Licensed by Scott Wright.12 http://www.streetwise-security-zone.com

Information Security Threats

Phishing is a type of attack where…

1. Hackers probe a network looking for valuable information

2. An employee takes property from work without permission

3. Emails contain links to forged websites that collectusernames, passwords and other personal information

4. An employee is bribed for inside information

Creative Commons Licensed by Scott Wright.13 http://www.streetwise-security-zone.com

Information Security Threats

Phishing is a type of attack where…

1. Hackers probe a network looking for valuable information

2. An employee takes property from work without permission

3. Emails contain links to forged websites that collectusernames, passwords and other personal information

4. An employee is bribed for inside information

Creative Commons Licensed by Scott Wright.14 http://www.streetwise-security-zone.com

Join The Streetwise Security Zone

Empower yourself and your team through

Governance by Graffiti -

Collaborating to secure your foundation for future growth

Customize this presentation yourself, or get updates from…http://www.streetwise-security-zone.com