Security Awareness & Training — TechExams Community https://community.infosecinstitute.com/ Wed, 16 Jan 2019 18:31:12 +0000 en Security Awareness & Training — TechExams Community Password Manager? Is it really secure? https://community.infosecinstitute.com/discussion/134658/password-manager-is-it-really-secure Tue, 15 Jan 2019 21:44:59 +0000 Security Awareness & Training TimeI$Money 134658@/discussions ]]> Phishing Simulation Training Sources https://community.infosecinstitute.com/discussion/134551/phishing-simulation-training-sources Thu, 03 Jan 2019 20:12:04 +0000 Security Awareness & Training tedjames 134551@/discussions https://www.sans.org/security-awareness-training/products/phishing

If you have current pricing, that would be great.

I've been looking at SANS, Proofpoint, and KnowBe4 so far.]]>
Tips for how do make security awareness training engaging? https://community.infosecinstitute.com/discussion/134360/tips-for-how-do-make-security-awareness-training-engaging Fri, 07 Dec 2018 13:30:19 +0000 Security Awareness & Training chickenlicken09 134360@/discussions Security awareness training for CEOs https://community.infosecinstitute.com/discussion/128162/security-awareness-training-for-ceos Thu, 20 Jul 2017 13:25:38 +0000 Security Awareness & Training gespenstern 128162@/discussions
Regular security awareness training is a hard sell for CEOs of large and rich companies. They tend not to think of themselves as regular people, and, to their point, their time is pretty expensive, so it's better not wasted on half-baked products.

Anyone knows of a very good, short, to the point, of extremely high quality, CEO-fashioned, expensive security training?

Just basic things -- check if the web-site has a cert, if it's trusted, don't accept suggestion to download and install "flash updates", how to avoid sketchy web-sites, how to recognize phishing, spear-phishing, whaling, CEO-phishing type of stuff.]]>
Which one to pick?? Pentest+ OR CEH https://community.infosecinstitute.com/discussion/134353/which-one-to-pick-pentest-or-ceh Thu, 06 Dec 2018 20:05:19 +0000 Security Awareness & Training shochan 134353@/discussions
Here is a new video just uploaded by CompTIA about both...

image
]]>
SANS Pen Test HackFest Summit https://community.infosecinstitute.com/discussion/134429/sans-pen-test-hackfest-summit Fri, 14 Dec 2018 11:53:50 +0000 Security Awareness & Training E Double U 134429@/discussions Password Policy - Phishing Prevention https://community.infosecinstitute.com/discussion/134242/password-policy-phishing-prevention Sun, 25 Nov 2018 21:54:26 +0000 Security Awareness & Training MitM 134242@/discussions
The thinking is a legitimate site will not accept a bad password but a phishing site would

Any thoughts on this? Is a good/realistic idea]]>
Asking for passwords policy https://community.infosecinstitute.com/discussion/133250/asking-for-passwords-policy Tue, 07 Aug 2018 16:53:45 +0000 Security Awareness & Training mnashe 133250@/discussions
I hear the helpdesk staff asking users for their passwords so they can troubleshoot issues or setup new computers

Irks the heck out of me. How do we prevent attackers from social engineering passwords, if the users are use to giving them to IT staff]]>