Digital Self Defense How well do YOU know Information Security? http://security.rit.edu Copyright and Reuse The Digital Self Defense logo is the property of the Rochester Institute of Technology and is licensed under the Creative Commons AttributionNonCommercial-NoDerivs License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-nd/2.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA. To request permission for other purposes, contact infosec@rit.edu. The course materials are the property of the Rochester Institute of Technology and are licensed under the Creative Commons Attribution-NonCommercialShareAlike License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/2.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA. To request permission for other purposes, contact infosec@rit.edu. http://security.rit.edu Vulnerabilities On average, how long will it take for an unpatched computer to be compromised once it is connected to the Internet? A. Weeks B. Days C. Hours D. Minutes http://security.rit.edu Vulnerabilities Answer: D - Minutes On average, it only takes minutes for an unpatched computer to be compromised after it is connected to the Internet! http://security.rit.edu Anti-Virus How often should your Anti-Virus definitions be updated? A. B. C. D. Monthly Once per Week Once per Day Once per Hour http://security.rit.edu Patches Answer: C – Every Day New viruses are being found so quickly that McAfee AntiVirus releases updated definitions every business day. Keep up with the definitions to stay protected! http://security.rit.edu Firewalls Why should you use a firewall? A. To prevent against worm infections B. To prevent attackers from accessing your computer C. To block spyware from sending your personal data over the Internet D. All of the above http://security.rit.edu Firewalls Answer: D – All of the above A firewall acts like a gateway between you and the Internet, allowing some types of traffic in and out while stopping others. This could stop worms, hackers and spyware from sending data to or from your computer. http://security.rit.edu Digital Self Defense 101 Take a Digital Self Defense Lesson! Sessions are scheduled throughout the year. Visit http://security.rit.edu for details. http://security.rit.edu Password Standard Which statement below is FALSE? Your RIT password must… A. B. C. D. Be at least 8 characters long Contain both UPPER and lower case letters and at least one number Not contain your username Be used for all your passwords, including online banking. http://security.rit.edu Password Standard Answer: D – Be used for all your passwords, including online banking. FALSE! Never use your RIT network password for online banking and other web sites! While it’s difficult to memorize multiple passwords, it makes it harder for attackers to gain access to your accounts. http://security.rit.edu Desktop Standard Which of the following is not required by the RIT desktop standard? A. Use of Internet Explorer as your web browser B. Up-to-date patches C. Antivirus software D. Anti-spyware http://security.rit.edu Desktop Standard Answer: A – Use of Internet Explorer as your web browser You are not required to use Internet Explorer by the Desktop Standard. You are required to keep patches up to date, use antivirus, and anti-spyware. http://security.rit.edu Macintosh Have Macintosh computers ever been attacked at RIT? A. Yes B. No http://security.rit.edu Macintosh Answer: A - Yes Macintosh computers have been attacked at RIT within the last year. We expect Macintosh computers to be targeted more frequently in the coming months as they become more popular. http://security.rit.edu Spyware According to the National Cyber Security Alliance, what percentage of home computers are infected with spyware? A. B. C. D. 30% 10% 80% 60% http://security.rit.edu Spyware Answer: C – 80% According to the National Cyber Security Alliance, 80% percent of home computers are infected with spyware. http://security.rit.edu Spyware Which of the following methods does spyware use to install itself on an end user's computer? A. B. C. D. Bundling with free peer-to-peer file sharing programs Exploiting web browser vulnerabilities Viruses and worms All of the above http://security.rit.edu Spyware Answer: D – All of the above It should come as no surprise that spyware installs itself on end user computers through all of the methods listed. http://security.rit.edu Digital Self Defense 101 Come see why over 300 of your colleagues have attended DSD 101. Visit http://security.rit.edu for details. http://security.rit.edu Phishing and Other Scams How many Katrina-related websites were there as of September 14, 2005? A. B. C. D. 20 500 1000 4000 http://security.rit.edu Phishing and Other Scams Answer: D – 4000 According to the FBI, there were more than 4000 Katrina-related websites as of September 14, 2005. http://security.rit.edu Phishing and Other Scams According to the FBI, how many of the Katrina-related websites are believed to be scams? A. B. C. D. 10% 30% 60% 90% http://security.rit.edu Phishing and Other Scams Answer: C – 60% The FBI expects as many as 60% of the Katrinarelated websites to be scams. http://security.rit.edu Phishing and Other Scams Which of these statements are correct about Phishing? A. B. C. D. It increased from 14 attempts in August 2003 to over 4.5 million in November 2004 It does not affect Macintosh users It is not a problem for users on the RIT network It is an outdoor recreational activity in Phinland http://security.rit.edu Phishing and Other Scams Answer: A – Rise in Phishing Phishing is increasing dramatically and may affect users of any type of computer on any network. Its object is to trick users into revealing personal information they wouldn’t normally reveal. http://security.rit.edu New this Fall! Digital Self Defense 102 training for Windows users. You’ll learn how to: – – – – – Download patches and enable Auto-Update Create limited user accounts Use antivirus (McAfee) Use a firewall (Windows and ZoneAlarm) Use anti-spyware (Spybot and Microsoft) http://security.rit.edu