Cyber security
certificate

Are you a Clone Trooper, Padawan, or Jedi Master? This 30-minute learning and test will determine whether you are enlightened or not. Enter your details below to begin learning and receive a certificate of acceptance upon successful completion

Cyberattacks

There are two broad categorized types of cyberattacks - passive attacks and active attacks. These two broad categories of attacks are defined as follows:

Passive attack

A passive attack is a hacking attempt where data and hardware is monitored and tracked, but no alterations are made. Often, a program or human hacker gain access to a computer or network and monitor the activity of the user, tracking emails, internet usage, and even using the system's microphone or camera to spy on the user.

Active attack

An active attack is a hacking attempt where the attacker attempts to alter, add or control data or hardware. This is the type of attack most commonly associated with hacking and includes attack types like Denial of Service and Malware.

While these general types of cyberattacks remain largely the same, the specific types of cyberattacks are constantly changing with technology.

8

Types of Cyberattacks

There are many specific types of cyberattacks being used today, posing threats from a variety of sources. Below is a list of the kinds of cyberattacks most commonly faced by businesses, what they are and some cybersecurity examples. This learning is intended to help users avoid cyberattacks and identify threats early.

1Man-in-the-Middle (MITM)
2Ransomware
3Password Attacks – Brute force
4Malware/Adware/Spyware/Viruses

5Insider Attacks
6Denial of Service (DoS)
7Phishing
8Advanced Persistent Threats (APT)

Start Training

2. Ransomware

question 5

Which of the following is an indication of ransomware?

File encryption – If a file is suddenly encrypted without your intent

File renaming – Suddenly you notice a file name has been changed

File extension alteration – You notice a file extension has changed

A ransom note is left on the screen

You are unable to access certain files, they are blocked or encrypted

All of the above

3. Password Attacks – Brute force

question 6

The following password policies should be used <br> (Check all that apply)

Using only known family names such as pets or nicknames

Using a name with at least 8 or 9 characters

Changing my passwords every 2-5 years

Using a 10-character password with capitals, lower case, numbers, and special characters

Using a 12-character password with capitals, lower case, numbers, and special characters

5. Insider Attacks

question 16

If I notice unusual user activity, who should I report it to?

Talk about it with co-workers and see what they would do?

Talk to a supervisor or security personnel?

Call the police:

6. Denial of Service (DoS)

question 17

Which of these are potential DDoS attack targets?

Banks & Casinos?

Online shopping websites?

Government websites?

Public-facing websites people are logging in to?

Healthcare company websites?

Hospitality company websites?

All of the above

question 18

Can my computer be used as a DDoS by a hacker?

Yes

7. Phishing

question 19

How do I verify if an email or link is legitimate?<br />(Check all that apply)

By following the instructions and seeing what happens? I will be able to know.

By replying got the email or clicking on the link going to the website to make sure it looks like the company.

By looking at the email reply-to address or mouse over the hyperlink. If it's slightly different, then ignore.

If I am not expecting something, then don't do anything, be cautious and check with the IT dept.

question 20

When you visit a website and are interested in their marketing, advertising:

Do you click on advertiser promotions?

Do your own research using Google, Bing, or other search engines?

8. Advanced Persistent Threats (APT)

question 21

Is it okay to connect a personal USB or device into a computer?

Yes - I know it is safe only I use it

Yes - providing I only use it for the task I need and then quickly remove it

No - it is against company policy

Cyber security certificate

Cyberattacks

Passive attack

Active attack

8

Types of Cyberattacks

1. Man-in-the-Middle (MITM)

question 1

Is it safe to connect your laptop or mobile device into the following networks? (Mark all that apply)

question 2

If I connect into an open unknown or neighboring network, is it safe to enter private information such as passwords, bank account information, etc.?

question 3

What is an SSL certificate, and what does it do?<br>(Check all that apply)

question 4

Should I enter private information into a website that doesn’t have an SSL?

2. Ransomware

question 5

Which of the following is an indication of ransomware?

3. Password Attacks – Brute force

question 6

The following password policies should be used <br> (Check all that apply)

4. Malware/Adware/Spyware/Viruses

question 7

If you receive an alert while visiting a website prompting you to do a scan on your computer because a virus was detected, what should you do?

question 8

How does a virus/adware/malware become installed?

question 9

What is more dangerous?

question 10

Define Malware

question 11

Define Adware

question 12

Define a Virus

question 13

When downloading something from your web browser (Chrome, Firefox, Edge, Safari, etc.), and a window opens offering free trial software, (i.e. free anti-virus from McAfee), what should you do?

question 14

When a browser asks me to save cookies, what are they, and what should I do? (Mark all that apply)

question 15

When you receive pop-ups requesting you to perform an update, what should you do?