Cyber Security

Lesson

This lesson will discuss cybersecurity best practices related to ethical practices and fiduciary obligations in the financial industry. These best practices are essential for investment advisers and financial professionals to protect their client's sensitive information and maintain trust in the industry.

Practice Question #1

Which of the following is NOT a cyber security best practice?

A) Using strong, unique passwords

B) Regularly updating software

C) Sharing passwords with coworkers

D) Implementing multi-factor authentication

Select an option above to see an explanation here.

A) Using strong, unique passwords is a best practice for protecting sensitive information. B) Regularly updating software helps to patch security vulnerabilities. C) Sharing passwords with coworkers increases the risk of unauthorized access and is not a best practice. D) Implementing multi-factor authentication adds an additional layer of security to protect sensitive information.

Terms

Cybersecurity:: Protecting computer systems, networks, and data from theft, damage, or unauthorized access.
Encryption:: Converting data into a code to prevent unauthorized access.
Firewall:: A security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules.
Multi-Factor Authentication (MFA):: A security process that requires users to provide two or more forms of identification before accessing sensitive information.
Phishing:: A cyber attack that uses fraudulent emails or websites to trick users into revealing sensitive information or installing malware.
Malware:: Malicious software designed to infiltrate or damage computer systems.
Data Breach:: An incident where unauthorized individuals access sensitive information.
Incident Response Plan:: A plan outlining the steps to be taken in the event of a cyber security breach.
Risk Assessment:: Identifying, analyzing, and evaluating potential cyber security risks.
Security Awareness Training:: Educating employees about cyber security threats and best practices to prevent breaches.
Network security:: A subset of cybersecurity focusing on protecting an organization's computer networks from unauthorized access or attacks.
Data backup:: The process of creating copies of data to ensure its availability in case of data loss, which is a part of data protection but not the same concept.

Practice Question #2

What is the primary purpose of encryption in cyber security?

A) To monitor network traffic

B) To convert data into a code to prevent unauthorized access

C) To educate employees about cyber threats

D) To physically protect computer systems

Select an option above to see an explanation here.

A) Monitoring network traffic is the primary purpose of a firewall, not encryption. B) Encryption converts data into a code to prevent unauthorized access. C) Educating employees about cyber threats is the purpose of security awareness training, not encryption. D) Physical protection of computer systems is not related to encryption.

Do Not Confuse With

Physical Security:: Measures taken to protect physical assets, such as buildings and equipment, rather than digital assets.

Practice Question #3

Which of the following is an example of a phishing attack?

A) An email claiming to be from a client's bank, asking for their account login information

B) A software update that contains hidden malware

C) A stolen laptop containing sensitive client information

D) A firewall blocking unauthorized network traffic

Select an option above to see an explanation here.

A) A phishing attack uses fraudulent emails or websites to trick users into revealing sensitive information, such as an email claiming to be from a bank. B) A software update containing hidden malware is an example of a malware attack, not phishing. C) A stolen laptop containing sensitive client information is a physical security breach, not phishing. D) A firewall blocking unauthorized network traffic is a cyber security measure, not a phishing attack.

Historical Example

In a major data breach, a large retail company's payment systems were compromised, resulting in millions of customer's credit card information theft. This breach led to significant financial losses for the company and damaged its reputation, highlighting the importance of strong cybersecurity measures.