Drill #1, #2

Question 1

Human Firewall

Answer 1

With our information systems under aggressive attack, we cannot ignore any layer of the defense-in-depth model. The human element of cyber security is too often overlooked. Workforce cyber preparedness is urgently needed. Security Awareness Training can pay off by training users on what they can do to prevent malicious activity and what to do in the event of such activity. It helps people to see their identity as an important part of keeping their organization secure and that what they do matters.

Question 2

KMSAT

Answer 2

(Kevin Mitnick Security Awareness Training) is KnowBe4’s signature product. It provides security awareness training and simulated phishing attacks.

Question 3

KCM

Answer 3

Organization tool for risk and compliance related projects. Separate product that helps a business get and stay in compliance.

Question 4

PhishER

Answer 4

is the newest KnowBe4 product. It is designed to prioritize and analyze the messages that users report as potentially malicious.

Question 5

What does KnowBe4 do?

Answer 5

We manage the ongoing problem of social engineering, not a solution..

Question 6

Motto

Answer 6

Do it right the first time, do it fast, and have fun while you do it!

Question 7

Applications (apps):

Answer 7

A type of software that allows a user to perform specific tasks and activities.

Question 8

utilities

Answer 8

Applications designed to help analyze, configure, optimize, or maintain a computer. Unlike application software (which focuses on benefiting the user), utilities are used to support the computer.

Question 9

operating system (OS):

Answer 9

Software that manages the computer hardware and software. It’s a system that sits between the applications and hardware.

Question 10

platform:

Answer 10

The environment in which a piece of software is executed. It may be the hardware, operating system, a web browser, or other underlying software.

Question 11

feature

Answer 11

Particular part of software or hardware that handles a specific piece of functionality.

Question 12

plugin

Answer 12

A component that adds a specific feature to software. Also referred to as an extension.

Question 13

Software as a service (SaaS):

Answer 13

Software licensed on a subscription basis. The software is stored centrally on a server. It’s sometimes referred to as “on-demand software.”

Question 14

API (application program interface):

Answer 14

A set of methods of communication between software.

Question 15

console

Answer 15

A user interface that manages and controls software and/or hardware.
KnowBe4 customers access our products through a console (shown below).

Question 16

dashboard

Answer 16

At-a-glance views of key info, relevant to a particular business objective. Displayed as charts and/or other graphical images.

Question 17

server

Answer 17

system that manages access to centralized resources or data

Question 18

domain

Answer 18

Short for “domain name,” a unique name that identifies a website.

Question 19

directory

Answer 19

Like physical folders, a directory organizes files or data on a hard drive or in a program. Directories can contain other directories, which are then called sub-directories.

Question 20

AD (Active Directory):

Answer 20

A directory service (definition 2 above), developed by Microsoft for use on Windows operating systems.

Question 21

protocol

Answer 21

communication rules between computers.

Question 22

Hypertext Transfer Protocol (HTTP):

Answer 22

protocol used to transfer information over the Internet.

Question 23

Hypertext Transfer Protocol Secure (HTTPS):

Answer 23

The same as HTTP but secure. Secures the data by changing it to special code that requires special translation.

Question 24

white paper

Answer 24

mix of a marketing and technical document for a product

Question 25

whitelist

Answer 25

A list of trusted email address, domains and/or internet addresses that are permitted to pass through a system or filter.

Question 26

Hackers

Answer 26

The bad guys are those who either attempt to or succeed in breaking into networks and/or computers for the purpose of carrying out criminal activities.”

Question 27

Phishing is…

Answer 27

masquerading as a trustworthy entity attempting to acquire sensitive information

Question 28

spear phishing

Answer 28

targeted phishing attack on a specific person or organization with a specific personalized component

Question 29

phishing attack surface:

Answer 29

The quantity of emails exposed on the internet. The more email addresses exposed, the bigger the attack footprint is and the higher the risk for phishing attacks.

Question 30

Phish-prone Percentage:

Answer 30

A term coined by KnowBe4 that indicates the percentage of employees that are prone to click on phishing links. The customer starts with a baseline (a starting point used for comparison) percentage, which is the percentage of users who click on phishing links before being trained. Once trained, the test is done again 12 months later, to see the improvement.

Question 31

social engineering:

Answer 31

The act of manipulating people into performing actions or divulging confidential information.

Question 32

CEO fraud:

Answer 32

A spear phishing attack in which the hacker claims to be the CEO, that targets high-risk users— and urges an employee to do something unauthorized

Question 33

vishing (voice phishing):

Answer 33

A phishing attack conducted by telephone. Vishing is the phone equivalent of a phishing attack.

Question 34

smishing

Answer 34

Phishing conducted via Short Message Service (SMS), a telephone-based text messaging service.

Question 35

email spoofing:

Answer 35

Spoofing (tricking or deceiving) computer systems or other computer users. Email spoofing involves sending messages from a bogus email address or faking the email address of another user. It’s a tactic used in phishing because people are more likely to open an email when they think it has been sent by a legitimate source.