Professional Documents
Culture Documents
Development
network
osi model
ip addresses
mac addresses
Data packaging
Signal transmission
Wiring
Wireless
Delivery to destination
Packet filtering and firewalls: Inadequate configuration of firewalls or filtering rules that allow
unwanted traffic.
Denial-of-service (DoS) attacks: Attempts to overload a network or service with malicious traffic
to make it inaccessible.
Distributed denial of service (DDoS) attacks: Variant of DoS attacks in which multiple devices
coordinate to carry out the attack.
Internet insecurities:
Phishing: Attacks that seek to trick users into revealing sensitive information, such as
passwords or credit card information.
Malware: Malicious software, such as viruses, Trojans and ransomware, that installs itself on
systems without permission and can damage or steal data.
SQL injection: Malicious insertion of SQL code into forms or URLs to gain unauthorized access
to databases.
Session hijacking: Attacks that take control of a valid user session to perform malicious actions
on their behalf.
Use strong passwords: Create unique and complex passwords for your online accounts. Avoid
obvious passwords such as "123456" or "password". Consider using password managers to
securely manage passwords.
Guard your personal data: Be cautious about the personal information you share online. Don't
reveal sensitive information such as your social security number, address or financial details
unless it is necessary and reliable.
Avoid phishing: Be wary of suspicious emails or messages asking for personal information or
passwords. Don't click on links or download attachments from untrusted sources.
Use secure connections: When entering sensitive information, make sure you are on a secure
website (HTTPS) and avoid using unsecured public Wi-Fi networks for sensitive transactions.
Maintain antivirus software: Install and regularly update antivirus and antimalware software on
your device to protect against online threats.
Set up firewalls: Use a firewall to monitor network traffic and block potential threats. Most
operating systems have built-in firewalls.
Do not share passwords: Do not share your passwords with anyone. Also, do not write your
passwords in public or shared places.
Protect your mobile devices: Make sure your mobile devices have screen locking and remote
tracking and wiping functions in case of loss or theft.
Verify the authenticity of websites and emails: Before providing information online, verify that
websites are legitimate and that emails come from trusted sources.
Cyber security education: Learn about the latest cyber threats and how to protect yourself.
Security education is essential to staying safe online.
Data backup: Make regular backups of your important data in case of data loss due to attacks
or technical problems.
Social networking: Set up privacy settings on your social networking accounts and be selective
about the people you accept as contacts.
Safe downloads: Download software and applications only from trusted sources, such as
official app stores.
Materials:
We will all need our computers or mobile devices with Internet access.
Introduction (5 minutes):
I will show on screen several examples of phishing emails and discuss the common
characteristics we should look for to identify them.
I will ask them to analyze the emails and discuss whether they think they are legitimate or
phishing.
We will compare the groups' responses and discuss the differences in their analyses.
I will invite them to ask questions or share their experiences about online security.
Conclusion (5 minutes):
I will summarize the key points and lessons learned during the activity.
I will reinforce the importance of staying vigilant online and responsible use of technology.
I will provide more examples of phishing emails and allow them to practice identification in
groups.
Closing (5 minutes):
I will provide additional resources, such as links to online safety websites and tips for staying
safe on the Internet.
What is phishing? a) A method of safe Internet browsing. b) A type of malware that infects
devices. c) An attempt to trick people into revealing personal information. d) An online data
protection service.
What is the best practice when receiving a suspicious email? a) Click on all links to verify its
authenticity. b) Reply to the email with personal information. c) Ignore the email altogether. d)
Verify the legitimacy of the email through other sources.
Which of the following actions is NOT recommended when identifying a phishing email? a)
Forward the email to your contacts. b) Click on the links to see where they take you. c) Verify
the sender of the email. d) Do not provide personal or financial information.
Why is it important to verify the domain of a suspicious email? a) To earn points in an online
game. b) To make sure the email is legitimate. c) To block the sender immediately. d) To share
the information with friends and family.
What is a key indicator of phishing in an email? a) Known sender's name. b) Use of clear and
concise language. c) Urgent request for personal information. d) Inclusion of a contact phone
number.
What is the primary purpose of a phishing attack? a) To steal personal or financial information.
b) To provide online security advice. c) To promote legitimate products and services. d) To
disseminate information of public interest.
What should people do if they believe they have fallen for a phishing scam? a) Ignore the
incident and wait for it to go away. b) Immediately report it to cybersecurity authorities. c) Share
the experience on social networks. d) Provide more information to the scammers.
What role does two-factor authentication (2FA) play in online security? a) Provide a basic level
of Internet security. b) Ensure that all emails are legitimate. c) Add an additional layer of
protection to online accounts. d) Slow down online browsing.
What should people do if they receive an email requesting confidential information, such as
passwords or credit card numbers? a) Provide the requested information. b) Share the email
with friends and family. c) Ignore the email completely. d) Do not provide information and
contact the entity in question through official sources.
answers
c) Spelling and grammatical errors.
d) Do not provide information and contact the entity in question through official sources.