Introduction to Security
Course Learning Objectives
- Students will learn about everyday IT security risks in the workplace and what they should or should not do when understanding these risks.
- With scenario-driven examples, students learn an awareness topic, see how it affects their job, and are asked to make the right decision to reinforce the concept.
- Covers the latest in security awareness risks including mobile devices, cloud storage, social engineering and phishing attacks.
- Helps satisfy PCI-DSS requirement 12.6.1a
Students will explore a number of important security awareness concepts within the workplace. They will be introduced to powerful yet simple ways to manage password strength, avoid email phishing attacks, recognize social engineering, configure mobile devices, and more. Students learn by scenario based examples. Students are presented a highly interactive environment where their actions tell a story and have direct consequences. Understanding these impacts is key to appreciating why Security Awareness is imperative to any organization.
Tailored learning - 30 minutes total
- Social Engineering
- Recognizing phone-based social engineering
- Recognizing in-person social engineering
- Recognizing more forms of social engineering
- What is dumpster diving?
- Why is it important to have a clean desk policy?
- Workstation Security
- How to protect your workstation / desktop
- Using lock screens and screensavers
- Physically securing removable workstations
- Mobile devices
- Protecting your mobile device with a PIN or password
- Why use only approved mobile applications
- Keeping your mobile device updated
- General mobile device best practices
- Business vs. personal use
- Wireless Networks
- Risks to unsecured wireless networks
- Identifying insecure wireless
- Secure browsing and HTTPS
- Checking valid HTTPS connections
- Virtual Private Networks (VPNs)
- Appropriate Use
- Appropriate Internet use
- Appropriate use of social media
- Appropriate use of cloud services
- General best practices
- Tailgating Prevention
- What is tailgating and what are the risks?
- Tailgating best practices
- Questions to prevent tailgaters
- General best practices
- PCI Compliance module (optional)
- About the Payment Card Industry Data Security Standard
- What is cardholder data?
- Who can access cardholder data?
- Newsflash Ð Credit cards stolen from wireless access point
- Best practices to processing and storing credit card data
- Best practices to transmitting credit card data
- + Expand Course Outline