Organizations and individuals can thwart many of the common attacks with some simple steps. This includes using up-to-date antivirus software and educating users. If you’re planning to take the Security+ exam, you should have a basic understanding of identifying new viruses and preventing these attacks.
For example, can you answer this question?
Q. Social engineers have launched several successful phone-based attacks against your organization resulting in several data leaks. Which of the following would be the MOST effective at reducing the success of these attacks?
A. Implement a BYOD policy.
B. Update the AUP.
C. Provide training on data handling.
D. Implement a program to increase security awareness.
More, do you know why the correct answer is correct and the incorrect answers are incorrect? The answer and explanation is available at the end of this post.
Educating Users
The single best protection against many attacks such as social engineering and other attacks mentioned is to train and raise the security awareness of users. Many users simply aren’t aware of the attackers’ methods. However, once they understand the risks and methods used by social engineers and other attackers, they are less likely to fall prey to these attacks. Similarly, raising users’ security awareness helps them recognize and respond appropriately to new threats and security trends.
Security-related awareness and training programs take many forms. Some common methods include formal classes, short informal live training sessions, online courses, posters, newsletters, logon banners, and periodic emails. These programs often keep users aware of new threats and new security trends and alerts, such as new viruses, current phishing attacks, and zero-day exploits.
New Viruses
Criminals are constantly releasing new viruses and some prove to be exceptionally damaging. Many of these require administrators to take quick action to mitigate the threat, but other times, users need to take action.
As an example, security experts discovered Heartbleed in early 2014 and sent out alerts. Administrators managing servers using OpenSSL needed to take steps to eliminate the vulnerability. However, the Heartbleed vulnerability existed on systems for as long as two years and allowed attackers to view information in secure Hypertext Transfer Protocol Secure (HTTPS) sessions. This included passwords and other secure data.
The 601 Version of the Study Guide
The CompTIA Security+: Get Certified Get Ahead: SY0-601 Study GuideEach of the eleven chapters presents topics in an easy to understand manner and includes real-world examples of security principles in action.
You’ll understand the important and relevant security topics for the Security+ exam, without being overloaded with unnecessary details. Additionally, each chapter includes a comprehensive review section to help you focus on what’s important.
Over 300 realistic practice test questions with in-depth explanations will help you test your comprehension and readiness for the exam. The book includes:
- A 75 question pre-test
- A 75 question post-test
- Practice test questions at the end of every chapter.
Each practice test question includes a detailed explanation to help you understand the content and the reasoning behind the question. You’ll be ready to take and pass the exam the first time you take it.
If you plan to pursue any of the advanced security certifications, this guide will also help you lay a solid foundation of security knowledge. Learn this material, and you’ll be a step ahead for other exams. This SY0-601 study guide is for any IT or security professional interested in advancing in their field, and a must-read for anyone striving to master the basics of IT security.
Several alerts told users they should change all the passwords they used on the Internet. The operating system or platform didn’t matter. If users logged on to a vulnerable site using a desktop computer, a mobile iOS device, an Android device, or anything else, attackers might have their credentials. Users who were aware of security issues took note and changed their passwords immediately.
If users simply ignore alerts about new threats such as Heartbleed, they remain at risk. Providing training to users on how important these alerts are helps them pay attention and respond when security experts release them.
Phishing Attacks
In addition to releasing new viruses regularly, criminals are also launching new phishing attacks. Some new attempts are tricky and fool many people. The best way to prevent successful attacks is to educate people about what the criminals are doing now.
As an example, criminals hijacked a server in a foreign country and installed drive-by malware on it. If a user visited, the drive-by malware downloaded and installed itself on the user’s system. This allowed criminals to access users’ systems remotely and gather user data, such as passwords and financial information. Now all they needed to do is get users to visit. They lured users with this message:
From: Eubank Funeral Home
Subject: Death and funeral announcement
For this unprecedented event, we offer our deepest prayers of condolence and invite to you to be present at the celebration of your friends life service on Thursday, February 6, 2014 that will take place at Eubank Funeral Home at 11:00 a.m.
Please find invitation and more detailed information about the farewell ceremony here.
Best wishes and prayers,
Many users clicked and the server in the foreign country downloaded malware onto their systems. Worse, users thought that the Eubank Funeral Home (which is real) launched the attack. The funeral home received 50 to 100 complaints a day from people all over the world. Obviously, this seriously disrupted their business. In time, the Eubank Funeral Home phishing emails stopped. Criminals replaced them with other legitimate funeral homes, such as the Hubbell Funeral Home.
Q. Social engineers have launched several successful phone-based attacks against your organization resulting in several data leaks. Which of the following would be the MOST effective at reducing the success of these attacks?
A. Implement a BYOD policy.
B. Update the AUP.
C. Provide training on data handling.
D. Implement a program to increase security awareness.
Answer is D. The best choice of the available answers is to implement a program to increase security awareness, and it could focus on social engineering attacks.
A bring your own device (BYOD) policy or an acceptable use policy (AUP) doesn’t apply in this scenario.
Training is useful, but training users on data handling won’t necessarily educate them on social engineering attacks.
