Transcription
2019 Cybersecurity AwarenessTraining Course TranscriptCUNY Cybersecurity Awareness Course Transcript1
1.1 A00 - Introduction1.2 A05 - IntroductionVoiceover Transcript:Click Next to Begin this Section.CUNY Cybersecurity Awareness Course Transcript2
1.3 A010 - IntroductionVoiceover Transcript:Welcome to Cybersecurity Awareness.This course is for City University of New York academic and non-academic faculty and staff at alllevels and on all campuses. It may also be used by CUNY students.Complete the program at your own pace. If you exit before finishing, the course will bebookmarked, and you can resume where you left off when you return.The first time you visit a screen, the Next button that advances the course is not enabled untilthe voiceover and all interactions are complete.If you would like to review the course navigation, select the Navigation link in the upper rightcorner.Let’s get started! Select Next to advance.CUNY Cybersecurity Awareness Course Transcript3
1.4 A020 - IntroductionVoiceover Transcript:We live in a digital world. As technology becomes smarter, faster, and more interconnected,the number and types of cybersecurity attacks also grows. It is critical that we protect CUNYresources and make sure the information we use is available, reliable, and secure.Although many cybersecurity risks can be solved with new hardware or software technology,most security breaches are the result of human action or inaction. Topping the list are endusers tricked into running or downloading malicious software or wrongly disclosing information.Other frequent causes include failure to properly configure or update applications, weak orunprotected passwords, and neglecting to properly protect sensitive data.CUNY Cybersecurity Awareness Course Transcript4
1.5 A030 - IntroductionVoiceover Transcript:Everyone who uses technology and CUNY technology resources must play a role in keepingresources and information safe.When you have completed this course, you’ll understand the cybersecurity risks we face andwhat you need to do to protect against these risks.Topics we’ll discuss include:recognizing and avoiding cyberattacks and scams;classifying CUNY data and protecting confidential and sensitive information; andpassword security and other everyday protection measures.We’ll also cover safe use of CUNY resources, the internet, and social media.At the end of this program, you’ll be able to print out a personalized course Certificate ofCompletion.CUNY Cybersecurity Awareness Course Transcript5
1.6 B00 - Our Cybersecurity ChallengeVoiceover Transcript:Click Next to Begin this Section.1.7 B010 - Our Cybersecurity ChallengeVoiceover Transcript:Supporting the free flow of information is vital for learning. Our cybersecurity challenge isbalancing the need for the free flow of information against the need to protect certain types ofinformation against unauthorized access.Understanding how information is categorized is essential to proper handling. In broad terms,information falls into one of three categories: confidential, sensitive, and public. Theclassification standards seek to ensure that we only restrict access to information when there isCUNY Cybersecurity Awareness Course Transcript6
a compelling reason to do so.The university has established strict policies governing the creation, processing, and storage ofconfidential and sensitive information.1.8 B020 - Question(Multiple Response, 10 points, 2 attempts permitted)CorrectChoiceXStudent personal informationXStudent grades and test scoresXStudent financial informationXClass rosterList of CUNY campus presidentsUniversity calendarCUNY campus addressesXBank account number used for payroll depositInstructions on applying for financial aidCUNY Cybersecurity Awareness Course Transcript7
XEmployee recordsFeedback when correct:That's right! You selected the correct response.Select Continue for a discussion.Feedback when incorrect:You did not select the correct response.Select Continue for a discussion.Voiceover Transcript:Take moment to complete this exercise.Correct (Slide Layer)CUNY Cybersecurity Awareness Course Transcript8
Incorrect (Slide Layer)Try Again (Slide Layer)1.9 B030 - Protecting Univ dataCUNY Cybersecurity Awareness Course Transcript9
Voiceover Transcript:Here, the items from the previous screen are grouped by category.In general, information associated with an individual’s identity, intellectual property, or certainadministrative functions is confidential or sensitive information, and must be protected.Information that does not need to be protected tends to be public information, available toanyone through public sources.Other frequent causes include failure to properly configure or update applications, weak orunprotected passwords, and neglecting to properly protect sensitive data.1.10 B040 - Tab ScreenVoiceover Transcript:To learn more about the characteristics of confidential, sensitive, and public data, select eachtab.CUNY Cybersecurity Awareness Course Transcript10
Confidential (Slide Layer)Sensitive (Slide Layer)CUNY Cybersecurity Awareness Course Transcript11
Public (Slide Layer)1.11 B050 - Tab ScreenVoiceover Transcript:Information categorized as confidential or sensitive falls into five broad categories.Select each tab for examples.CUNY Cybersecurity Awareness Course Transcript12
PII (Slide Layer)Info Tech (Slide Layer)Academic Info (Slide Layer)CUNY Cybersecurity Awareness Course Transcript13
Admin Info (Slide Layer)Research (Slide Layer)1.12 B052 - Our Cybersecurity ChallengeCUNY Cybersecurity Awareness Course Transcript14
Voiceover Transcript:Universities are among the top targets for cyberattack. In one of the most brazen attacks,Iranian hackers targeted more than 300 U.S. and foreign universities.According to the Justice Department, many of the attacks began with email to professors thatappeared to come from fellow academics at other schools. Links in the emails directed theprofessors to pages that made it appear that they had accidentally logged out of their universityaccount and needed to reenter their user credentials. Overall, the campaign targeted morethan 100,000 professors, and the Iranian hackers managed to successfully penetrate abouteight thousand accounts. Information totaling 3 billion in intellectual property was stolen.1.13 B054 - Protecting Univ dataVoiceover Transcript:Protecting confidential and sensitive information against unauthorized access is vital.Requiring a password to log into a device prevents someone else from logging in, but it doesn'tnecessarily protect the information on the device.Fortunately, you can add a strong layer of protection by encrypting information. Whenencrypted, text and other data is converted into an unrecognizable, inaccessible form. Anencrypted file appears scrambled to anyone who tries to view it. A password is required todecrypt and view the information.There is one catch to encryption: Your password is much, much more important to remember.Data may be protected from intruders, but it’s also impossible for you to access should youforget the password.CUNY Cybersecurity Awareness Course Transcript15
1.14 B056 - Protecting Univ dataVoiceover Transcript:Encrypting information isn’t some super-technical process that only security experts canperform.Most applications provide a straightforward way to encrypt individual files. You'll learn how toencrypt Microsoft Office files later in this course.There are also ways to encrypt all the data on a device. For example, most computers, laptops,and mobile phones have a built-in encryption feature. There are also utilities that allow you toencrypt USB sticks and other portable devices, or to encrypt documents and messages forsecure transmission and reception.1.15 B060 - Protecting Univ dataCUNY Cybersecurity Awareness Course Transcript16
Voiceover Transcript:All of us need to employ a variety of measures to protect confidential and sensitive informationagainst unauthorized access.When creating, processing, or storing confidential or sensitive information, only use computersor storage devices that provide strong access controls.For example, never store confidential or sensitive information on your laptop, unless the laptopis encrypted; never store confidential or sensitive information on your phone, unless the phoneis encrypted; and never email confidential or sensitive information.If the storage device is not encrypted, restrict access to confidential and sensitive informationby encrypting the individual files.1.16 B070 - Protecting Univ dataVoiceover Transcript:CUNY’s Computing Security Policies and Procedures page provides links to the most currentinformation security policies, including the CUNY Breach Reporting Procedures, Secure RemoteAccess instructions, and other topics.Take a moment to visit and bookmark the page for future reference.As we discuss general procedures for protecting information and ensuring the security of CUNYcomputing resources, keep in mind that you’re responsible for following the specificdocumented policies that correspond to your work and technology activity.CUNY Cybersecurity Awareness Course Transcript17
1.17 B080 - Protecting Univ dataVoiceover Transcript:If you have questions or need help using CUNY information technology resources, you can findresources and contact information for the central and campus-specific help desks on the CUNYTech Resources and Help Desks web page.Take a moment to visit and bookmark the page for future reference.1.18 B090 - Protecting Univ dataVoiceover Transcript:When you distribute or share confidential or sensitive information, it is vital to transmit theinformation in a way that protects against unauthorized access.CUNY Cybersecurity Awareness Course Transcript18
Contact the central or campus-specific help desk for information about the required proceduresand encryption solutions for secure transmission and reception of files.1.19 B0100 - Protecting Univ dataVoiceover Transcript:Let’s talk about safely deleting electronic files.Because deleted electronic files can be recovered using software tools, confidential or sensitiveinformation stored in electronic form must be erased and destroyed properly.Information that has been completely removed can’t be stolen. Completely removingconfidential or sensitive information as soon as you no longer need it minimizes risk.If you are responsible for managing original files, follow the retention and destruction policiesthat apply to the information you manage.Contact the help desk to learn more.CUNY Cybersecurity Awareness Course Transcript19
1.20 B110 - Protecting Univ dataVoiceover Transcript:The term “cloud” refers to software and services delivered over the internet.Cloud services include, but aren’t limited to, cloud platforms and infrastructure for documentstorage, cloud-based “software as service” applications, email and other messaging applications,and social media.Cloud services can offer empowering benefits over traditional computing methods, such asease of collaboration, convenient storage, and access to information at lower cost.There is one catch to encryption: Your password is much, much more important to remember.Data may be protected from intruders, but it’s also impossible for you to access should youforget the password.1.21 B120 - Protecting Univ dataCUNY Cybersecurity Awareness Course Transcript20
Voiceover Transcript:Confidential and sensitive information may only be created, processed, stored, or backed up oncloud-based services that CUNY has adopted.Never use personal cloud-service accounts to create, process, store, or backup confidential orsensitive data.1.22 B130 - Protecting Univ dataVoiceover Transcript:CUNY and work data that is public may be freely accessed, published, or backed up in the cloudwithout restriction. In fact, public data should be made as widely accessible as appropriate topromote data sharing and transparency across the University.CUNY Cybersecurity Awareness Course Transcript21
1.23 B140 - Protecting Univ dataVoiceover Transcript:One of the cloud-base services CUNY has adopted is Microsoft Office 365 for Education.The service includes programs like OneDrive for Business, SharePoint, Teams, and Skype, as wellas widely used Microsoft applications such as Word, Excel, PowerPoint and the downloadableOffice ProPlus suite.Information about accessing Microsoft 365 for Education, video tutorials, and FAQs areavailable on the CUNY Technology Services web site.1.24 C000 - Recognizing ThreatsVoiceover Transcript:CUNY Cybersecurity Awareness Course Transcript22
Click Next to Begin this Section.1.25 C010 - Recognizing ThreatsVoiceover Transcript:Since the dawn of modern computing, there have been individuals who have used theirknowledge to create destructive and malicious programs.The term “malware” describes any malicious program designed to interfere with thefunctioning of a computer system or network.Malware can:crash your computer;modify, corrupt, or delete files on your computer or network; or evengather information, including usernames and passwords to access resources, such as the CUNYnetwork.Some malware gives hackers remote access or control of a computer or network.CUNY Cybersecurity Awareness Course Transcript23
1.26 C020 - Tab ScreenVoiceover Transcript:There are a variety of terms used to refer to common types of malware. Select each tab for adescription.Ransomware is designed to lock access to the data on a computer system or network serveruntil a ransom is paid. Successful ransomware attacks have targeted individuals andorganizations in both the public and private sector, including hospitals, school systems, andgovernment agencies.A trojan is a malicious computer program that misleads users about its true intent. The trojanmay appear to be a legitimate, useful program. When it is executed, it may reveal its truenature immediately, or it may appear to operate harmlessly, while its true nature remainshidden.Viruses are bits of code that attach themselves to another computer program. When the hostprogram is started, the virus replicates itself, “infecting” the system. Viruses typically causeharm by damaging data or files, providing remote access, or otherwise altering the computer’soperation.Worms are malware programs designed to infect a system, create copies of themselves, andtransfer the copies to infect other systems over a network. The malicious code is designed toperform various destructive or criminal functions.Spyware is software that infiltrates your computer or device to steal your internet usage dataand sensitive information. The most dangerous spyware employs keyloggers, which record yourkeystrokes to obtain login information which is used or sold for criminal purposes.CUNY Cybersecurity Awareness Course Transcript24
Trojan (Slide Layer)Ransomeware (Slide Layer)CUNY Cybersecurity Awareness Course Transcript25
Virus (Slide Layer)Worm (Slide Layer)Spyware (Slide Layer)CUNY Cybersecurity Awareness Course Transcript26
Bot (Slide Layer)1.27 C030 - Recognizing ThreatsVoiceover Transcript:Every internet user knows the word "spam" and sees it in their inbox quite often. Spam, alsoknown as junk email, is anonymous, unsolicited bulk email. It’s hard to believe that almost 50%of all email worldwide is spam.Most spam messages are commercial in nature, but some are sent with malicious intent. Themalicious messages are designed to trick you into downloading malware or disclosingusernames, passwords, credit card details, or other sensitive information.By some estimates, almost 10% of spam contains malicious content.In today’s environment, learning to recognize spam, and learning to resist the natural curiosityto open it, are critical.CUNY Cybersecurity Awareness Course Transcript27
1.28 C040 - Recognizing ThreatsVoiceover Transcript:Email spoofing is the disguising of an email header so that when a message is delivered itappears to be from someone other than the actual sender. Email spoofing is used in spamcampaigns because people are more likely to open email if it looks like it’s from a familiarsource.While most spoofed email is simply a nuisance, malicious varieties can pose serious securityrisks.In today’s environment, learning to recognize spam, and learning to resist the natural curiosityto open it, are critical.1.29 C050 - Recognizing ThreatsCUNY Cybersecurity Awareness Course Transcript28
Voiceover Transcript:Isabel, an employee at CUNY, received the email shown on your screen. Review the email andthen select Next.1.30 C060 - Is the Email Legitimate?(Multiple Response, 10 points, 2 attempts permitted)CorrectChoiceFollow the link to Manage My Healthcare Insurance. She needs to take careof this quickly.Be suspicious but follow the link to see where it goes.XDo not click on any link in the email. Look up the number for humanresources in the CUNY directory and call them to confirm they sent this.XDelete the email. It is clearly a scam.Feedback when correct:That’s right!CUNY Cybersecurity Awareness Course Transcript29
Isabel should absolutely not click on the link, even if it’s just to “see where it goes.” If she is sureit is a scam, she could just delete it. If she isn’t sure, she should call human resources. There areseveral signs that identify this email as a scam. Click Continue for an analysis.Feedback when incorrect:That is incorrectIsabel should absolutely not click on the link, even if it’s just to “see where it goes.” If she is sureit is a scam, she could just delete it. If she isn’t sure, she should call human resources. There areseveral signs that identify this email as a scam. Click Continue for an analysis.Voiceover Transcript:Take moment to complete this exercise.Correct (Slide Layer)CUNY Cybersecurity Awareness Course Transcript30
Incorrect (Slide Layer)Try Again (Slide Layer)1.31 C070 - Recognizing ThreatsCUNY Cybersecurity Awareness Course Transcript31
Voiceover Transcript:Select each number for details.[1]The sender address is fake - Note that it’s CUNY dot org, not CUNY dot edu.[2]The message is designed to convey urgency. Scary warning messages are typical of scams. Ifyou’re alarmed, you’re more likely to rush into making a mistake.[3]Hovering over the link displays the target URL. If the link doesn’t make sense, it’s a scam. In thiscase, the link includes the word “secure” to sound more trustworthy. Nevertheless, it is clearlyphony. If Isabel followed the link it would open a fake landing page that might appear to be alegitimate CUNY form. If she entered the requested information, she’d be giving it to acybercriminal or hacker.[4]The official sounding NOTICE is another attempt to instill trust. It is also a second attempt toprompt Isabel into following a risky link that could download malware or trick her intodisclosing confidential information.Layer 1 (Slide Layer)CUNY Cybersecurity Awareness Course Transcript32
Layer 2 (Slide Layer)Layer 3 (Slide Layer)Layer 4 (Slide Layer)CUNY Cybersecurity Awareness Course Transcript33
Untitled Layer 5 (Slide Layer)1.32 C080 - Recognizing ThreatsVoiceover Transcript:You’re probably familiar with the term phishing, but if not, it’s the practice of using deceptiveemail to lure people intodisclosing sensitive information,following links that deliver malware,or downloading attachments that deliver malware.Like the email Isabel received, phishing scams use many types of "bait" to catch their victims.Phishers attempt to make their email look like it comes from a friend, trusted company,government agency, or a department within your organization. They use familiar logos andspoof email addresses. Attackers may send phishing emails to millions of people or they mayCUNY Cybersecurity Awareness Course Transcript34
target a specific group within an organization.1.33 C090 - Tab ScreenVoiceover Transcript:What do phishers want? They want to harvest information, deliver malware, or perpetratescams.Select each tab to learn more.Harvest (Slide Layer)CUNY Cybersecurity Awareness Course Transcript35
Deliver (Slide Layer)Perpetrate (Slide Layer)1.34 C100 - Recognizing ThreatsCUNY Cybersecurity Awareness Course Transcript36
Voiceover Transcript:Spam filters and other technology help to limit the number of phishing emails in your inbox, butinevitably some get through. Your ability to recognize and avoid phishing scams is a crucial lineof defense against cyberattack.Resisting our natural curiosity to open stray emails is critical. You’ll be surprised at how quicklyyou grow into safe computing habits.1.35 C110 - Recognizing ThreatsVoiceover Transcript:Let’s look at some examples that illustrate common phishing techniques.Social media sites like Facebook or LinkedIn are favorites of scammers, as well as popular retailsites such as Amazon or Walmart. Often, the phishing email is much more alarming than theone shown here. For example, you may receive email with subjects like "Account Suspended"or "LinkedIn Profile Security Alert."Select each number for details.[1]Following the Click here link opens a fake landing page. The attacker captures any credentialsentered to gain access to the victims’ LinkedIn accounts.[2]You should never act on an unsolicited request to verify any sort of account information.If you aren’t positive an email like this is a scam, go to the legitimate web site and login to see ifthere is a problem.CUNY Cybersecurity Awareness Course Transcript37
Layer 1 (Slide Layer)Layer 2 (Slide Layer)CUNY Cybersecurity Awareness Course Transcript38
1.36 C120 - Recognizing ThreatsVoiceover Transcript:Services used by large numbers of people, such as Dropbox or Microsoft Office 365, are alsofavorites of scammers. The example shown here illustrates some of the typical characteristicsthat identify email as a scam.Select each number for details.[1]The domain, my office 365 dot com, is not a legitimate domain.[2]As with most phishing email, the message creates a sense of urgency, demanding “immediateaction” before something bad happens. The attacker wants to rush the victim into making amistake without thinking.[3]Hovering over the link displays the target URL. In this case, the link is to manage my office 365dot com, which is not a legitimate Microsoft Office URL.CUNY Cybersecurity Awareness Course Transcript39
Layer 1 (Slide Layer)Layer 2 (Slide Layer)Layer 3 (Slide Layer)CUNY Cybersecurity Awareness Course Transcript40
1.37 C130 - Recognizing ThreatsVoiceover Transcript:With this type of email, phishers hope you will click the “Shipping Details” link to find out moreabout this unexpected package. If you don’t click there, they hope you’ll click on the “FedExTracking Update” link . In either case, if you’re tricked into going to one of the phonydestinations, you may be infected with malware or prompted to disclose information, such as aCUNY FedEx billing account.Layer 1 (Slide Layer)CUNY Cybersecurity Awareness Course Transcript41
Layer 2 (Slide Layer)Layer 3 (Slide Layer)1.38 C140 - Recognizing ThreatsCUNY Cybersecurity Awareness Course Transcript42
Voiceover Transcript:Like some of the previous examples, this email is designed to appear as if it came from alegitimate department. This one has an added motivator. Who doesn’t like having moneydeposited into their account?Similar types of phishing email may tempt you to download an attachment that contains thingslike details of upcoming changes to your department.If you receive an unexpected email from another department, look up the department’s emailaddress or telephone number, and make contact to verify the legitimacy of the email beforetaking any action. If the mail is an obvious scam, contact the department to report it.When verifying a suspicious email, never use the contact information provided in the email.Layer 1 (Slide Layer)CUNY Cybersecurity Awareness Course Transcript43
Layer 2 (Slide Layer)Layer 3 (Slide Layer)1.39 C145 - Recognizing ThreatsCUNY Cybersecurity Awareness Course Transcript44
Voiceover Transcript:As this item from Cyberheist News illustrates, falling victim to a targeted cyberattack can bevery costly. In the case of the attack on Wichita State University employees, cybercriminalsspoofed the university's payroll system by sending email designed to trick employees intoproviding their university ID and password. That was all the attackers needed to gain control ofemployee profiles and alter personal banking details to redirect their paychecks to thecriminals' bank. The scam was discovered when several employees didn’t receive theirpaycheck.Similar attacks have been directed at college and university students, especially during periodswhen financial aid funds are disbursed in large volumes. In these campaigns, criminals usevarious means to obtain the student logins. After gaining access, they change the destination offunds disbursed by direct deposit.Layer 1 (Slide Layer)CUNY Cybersecurity Awareness Course Transcript45
Layer 2 (Slide Layer)Layer 3 (Slide Layer)1.40 C147 - Tab ScreenCUNY Cybersecurity Awareness Course Transcript46
Voiceover Transcript:There are many, many, other types of phishing scams to beware of. Click each tab for additionalexamples of common phishing scams.W2 (Slide Layer)Gift (Slide Layer)CUNY Cybersecurity Awareness Course Transcript47
Secret (Slide Layer)1.41 C150 - Tab ScreenVoiceover Transcript:Select each number to view the top eight clues that identify an email as a phishing attempt.CUNY Cybersecurity Awareness Course Transcript48
1 (Slide Layer)3 (Slide Layer)4 (Slide Layer)CUNY Cybersecurity Awareness Course Transcript49
5 (Slide Layer)2 (Slide Layer)7 (Slide Layer)CUNY Cybersecurity Awareness Course Transcript50
8 (Slide Layer)6 (Slide Layer)1.42 C160 - Tab ScreenCUNY Cybersecurity Awareness Course Transcript51
Voiceover Transcript:When you think of cybercriminals, you may envision an evil mastermind mountingsophisticated attacks over the Internet. Although most attacks do come in the form ofdeceptive web sites, email, or social media posts, attackers also use the phone to trick theirvictims.How do phone scams work?Select each picture to learn more.Computer (Slide Layer)Money (Slide Layer)CUNY Cybersecurity Awareness Course Transcript52
Bank Building (Slide Layer)1.43 C170-old - Tab ScreenVoiceover Transcript:Select each to view more ways to protect yourself.CUNY Cybersecurity Awareness Course Transcript53
Hang Up (Slide Layer)Don't Trust (Slide Layer)Don't Open (Slide Layer)CUNY Cybersecurity Awareness Course Transcript54
Don't Answer (Slide Layer)1.44 C170 - Tab ScreenVoiceover Transcript:Select each picture to learn more.CUNY Cybersecurity Awareness Course Transcript55
Hang Up (Slide Layer)Don't Trust (Slide Layer)Don't Open (Slide Layer)CUNY Cybersecurity Awareness Course Transcript56
Don't Answer (Slide Layer)1.45 D000 - Recognizing ThreatsVoiceover Transcript:Click Next to Begin this Section.1.46 D010 - Password Security(Multiple Response, 10 points, 2 attempts permitted)CUNY Cybersecurity Awareness Course Transcript57
CorrectChoiceWait and see if it happens again.Find out what his role is. If he has accesshimself, there is no need to do anything.XImmediately change her password.XReport the incident to her manager.Feedback when correct:That’s right!The first thing Janet must do is change her password. Whenever you suspect a password hasbeen compromised, you should immediately change it. She should then report her concerns toher manager.Feedback when incorrect:That is incorrect.CUNY Cybersecurity Awareness Course Transcript58
The first thing Janet must do is change her password. Whenever you suspect a password hasbeen compromised, you should immediately change it. She should then report her concerns toher manager.Voiceover Transcript:Review Janet’s situation and then answer the question.Correct (Slide Layer)Incorrect (Slide Layer)CUNY Cybersecurity Awareness Course Transcript59
Try Again (Slide Layer)1.47 D020 - Recognizing ThreatsVoiceover Transcript:Individuals seeking to gain unauthorized access use a variety of techniques to obtain your userID and password. Shoulder surfing - looking over a user’s shoulder when they are logging in - isone of those techniques.Always take a moment before you log in to make sure no one can see what you type.Always feel free to ask a trusted colleague to turn away. No one should object to such a request.If they do, they may not be as trustworthy as you think.Never divulge your user ID and password to anyone.If you suspect your password has been compromised, change it!CUNY Cybersecurity Awareness Course Transcript60
1.48 D030 - Recognizing ThreatsVoiceover Transcript:Your devices and accounts are only as secure as the strength of the passwords that protectthem.Let’s go over guidelines for best password practices.At a minimum, all passwords must be at least eight characters long. Your CUNY campus ordepartment may have adopted more stringent password controls. For example, you may berequired to include at least one upper case and one lower case character, have at least onenumber, or have at least one special character.1.49 D035 - Recognizing ThreatsVoiceover Transcript:CUNY Cybersecurity Awareness Course Transcript61
When you create a password, do not include information related to you. For example,passwords should not include your birthday or your son or daughter’s name.Don’t use the same password for home and work accounts.Keep your passwords secure.Passwords must be treated with the same care as other confidential information. Don’t writepasswords down unless you keep the paper record under lock and key.Lastly, change passwords regularly. All passwords must be changed at least every 180 days.Privileged access accounts must be changed at least every 60 days. Privi
CUNY Cybersecurity Awareness Course Transcript 6 1.6 B00 - Our Cybersecurity Challenge Voiceover Transcript: Click Next to Begin this Section. 1.7 B010 - Our Cybersecurity Challenge Voiceover Transcript: Supporting the free flow of information is vital for learning. Our cybersecurity challenge is
