Security Awareness & Training — TechExams Community https://community.infosecinstitute.com/ Thu, 21 Mar 2019 07:48:56 +0000 en Security Awareness & Training — TechExams Community Marine Lowlifes Awareness Poster Series https://community.infosecinstitute.com/discussion/135095/marine-lowlifes-awareness-poster-series Sat, 16 Mar 2019 17:15:23 +0000 Security Awareness & Training Meggo 135095@/discussions
I thought a few of you here might enjoy these awareness posters from my team. They are part of our "Marine Lowlifes" awareness series (the Common Phish is my personal favorite). 

Here's the download link if you're interested in checking them out (no form): https://www2.infosecinstitute.com/posters-marine-lowlifes

We also have a free module available in this series as well: 
 

]]>
Password Manager? Is it really secure? https://community.infosecinstitute.com/discussion/134658/password-manager-is-it-really-secure Tue, 15 Jan 2019 21:44:59 +0000 Security Awareness & Training TimeI$Money 134658@/discussions ]]> Phishing Simulation Training Sources https://community.infosecinstitute.com/discussion/134551/phishing-simulation-training-sources Thu, 03 Jan 2019 20:12:04 +0000 Security Awareness & Training tedjames 134551@/discussions https://www.sans.org/security-awareness-training/products/phishing

If you have current pricing, that would be great.

I've been looking at SANS, Proofpoint, and KnowBe4 so far.]]>
Tips for how do make security awareness training engaging? https://community.infosecinstitute.com/discussion/134360/tips-for-how-do-make-security-awareness-training-engaging Fri, 07 Dec 2018 13:30:19 +0000 Security Awareness & Training chickenlicken09 134360@/discussions Security awareness training for CEOs https://community.infosecinstitute.com/discussion/128162/security-awareness-training-for-ceos Thu, 20 Jul 2017 13:25:38 +0000 Security Awareness & Training gespenstern 128162@/discussions
Regular security awareness training is a hard sell for CEOs of large and rich companies. They tend not to think of themselves as regular people, and, to their point, their time is pretty expensive, so it's better not wasted on half-baked products.

Anyone knows of a very good, short, to the point, of extremely high quality, CEO-fashioned, expensive security training?

Just basic things -- check if the web-site has a cert, if it's trusted, don't accept suggestion to download and install "flash updates", how to avoid sketchy web-sites, how to recognize phishing, spear-phishing, whaling, CEO-phishing type of stuff.]]>
Which one to pick?? Pentest+ OR CEH https://community.infosecinstitute.com/discussion/134353/which-one-to-pick-pentest-or-ceh Thu, 06 Dec 2018 20:05:19 +0000 Security Awareness & Training shochan 134353@/discussions
Here is a new video just uploaded by CompTIA about both...

image
]]>
SANS Pen Test HackFest Summit https://community.infosecinstitute.com/discussion/134429/sans-pen-test-hackfest-summit Fri, 14 Dec 2018 11:53:50 +0000 Security Awareness & Training E Double U 134429@/discussions Password Policy - Phishing Prevention https://community.infosecinstitute.com/discussion/134242/password-policy-phishing-prevention Sun, 25 Nov 2018 21:54:26 +0000 Security Awareness & Training MitM 134242@/discussions
The thinking is a legitimate site will not accept a bad password but a phishing site would

Any thoughts on this? Is a good/realistic idea]]>
Asking for passwords policy https://community.infosecinstitute.com/discussion/133250/asking-for-passwords-policy Tue, 07 Aug 2018 16:53:45 +0000 Security Awareness & Training mnashe 133250@/discussions
I hear the helpdesk staff asking users for their passwords so they can troubleshoot issues or setup new computers

Irks the heck out of me. How do we prevent attackers from social engineering passwords, if the users are use to giving them to IT staff]]>