Drill #7 Flashcards
Phishing Security Test (PST):
A simulated phishing attack performed by KnowBe4 on email addresses an organization provides us. The purpose of the test is to see how prone the organization’s employees are to click on phishing links.
Phishing Reply Test (PRT):
A simulated phishing attack similar to PST except there are no links or attachments in the email. PRT is looking to see who will reply to the phishing email by impersonating a trusted source.
Social Media Phishing Test (SPT):
A simulated phishing attack similar to the PST and the PRT. The purpose of this test is to see which users are likely to fall for social media related phishing attacks.
Automated Security Awareness Program (ASAP):
A tool that simplifies the process of creating customized Security Awareness Programs.
How it works: The user completes a questionnaire about their organization and goals. ASAP then generates a custom plan based on the user’s specific needs.
Breached Password Test (BPT):
A tool that checks to see if an organization’s users are currently using passwords that are in publicly available breaches associated with the org’s domain.
Phish Alert Button (PAB):
An email plugin that gives users a safe way to handle actual or potential phishing emails.
How it works: PAB forwards the suspect email to the organization’s security team for analysis. It also deletes the email from the user’s inbox, to prevent future exposure.
Email Exposure Check Pro (EEC Pro):
Identifies the at-risk users in an organization by searching business social media information and hundreds of data breach databases.
The EEC Pro works in two stages:
Stage 1: Does deep web searches to find any publicly available organizational data. This shows what an organizational structure looks like to an attacker.
Stage 2: Finds any users that have had their email account information exposed in any of several hundred data breaches. These users are particularly at risk because an attacker knows more about that user, up to and including their actual passwords!
Domain Spoof Test (DST):
A test that checks a domain name—for example, knowBe4.com—to see if it can be spoofed.
Mailserver Security Assessment (MSA):
Tests a user’s mailserver configuration to check the effectiveness of the mail filtering rules.
MSA gives the user a quick insight at how their mailserver handles test messages that contain a variety of different message types, email with attachments, or emails with spoofed domains.
Ransomware Simulator (RanSim):
Simulates 13 ransomware infection scenarios to determine if a user’s workstation is vulnerable to infection. RanSim also allows users to see if their antivirus software is incorrectly blocking files.
Second Chance:
A tool that checks links originated in email messages, including embedded links within attached Office Documents and PDFs. It asks the user if they’re sure they want to follow the link, giving them a second chance to evaluate the link.
USB Drive Test:
A tool that finds out how users react to unknown USB drives. The purpose is to see how many users will pick up the USB drive, plug them into their computer, and open files.
Weak Password Test (WPT):
Checks an organization’s Active Directory for several different types of weak password related threats.
How it works: Once the test is complete, it generates a report of the users who have weak passwords. It does not report the actual passwords of the users; rather it highlights which ones should be addressed.
Domain Doppelgänger (DD):
Look-alike domains can be a dangerous vector for phishing attacks. The Domain Doppelgänger tool makes it easy for admins to identify their potential “evil domain twins.”
Password Exposure Test (PET):
A tool that checks if an organization’s users have exposed emails publicly available on the web and checks the organization’s Active Directory to see if they are using weak or compromised passwords that are part of a known data breach.
How it works: First, PET checks to see if any of the organization’s email addresses have been a part of a data breach. Then, it tests against 10 types of weak password related threats associated with user accounts. Finally, it checks if any breached or weak passwords are currently in use in the Active Directory.
