Study Guide for Training
CSM (Customer Success Manager)
-A KnowBe4 department that helps customers set up and continue using the KMSAT (Kevin Mitnick Security Awareness Training) platform.
whitelist
-A list of trusted email address, domains and/or internet addresses that are permitted to pass through a system or filter. Use: During a sales call with a prospect, it's often necessary to have the prospect add the rep's email address to their whitelist, so the spam filter doesn't block the test email.
directory
1. Like physical folders, a directory organizes files or data on a hard drive or in a program. Directories can contain other directories, which are then called sub-directories. Most operating systems display directories as folders, as seen in the image below. 2. Software that stores all resources on a network. Example resources are: users, groups, permissions, devices, and management policies. A directory is also referred to as a directory service. Example: When a directory is given a username, it will return the profile of the user, which may include permissions for data access, as well as employee information.
Channel
A KnowBe4 department that creates relationships with partners who sell our products to their customers.
plugin
A component that adds a specific feature to software. Also referred to as an extension. For example, you can add a plugin to your web browser that allows you to change the theme colors.
server
A computer or program that manages access to centralized resources. For example, a file server would store and manage all the user files for a group of computers and users.
Enterprise
A department that deals with organizations which have 1,000 or more employees.
SMB (Small and Medium Businesses
A department that deals with organizations which have 999 or less employees.
bitcoin
A digital currency in which encryption (the process of converting information or data into a code) techniques are used to regulate the generation of units of currency and verify the transfer of funds, operating independently of a central bank. Some ransomware uses Bitcoin as the form of payment, because it's very hard to trace.
AD (Active Directory)
A directory service (definition 2 above), developed by Microsoft for use on Windows operating systems. If you were in charge of all the users and computers on a network that are using a Windows server, you would use Active Directory to set up the users, their passwords and what devices they could access.
feature
A distinctive characteristic of software or hardware. For example, facial recognition is a feature of the iPhone X.
PCI DSS (data security standards
A document published by Payment Card Industry. The publication lists all requirements for securely handling credit cards and credit card information. Organizations who accept credit cards must be PCI compliant. One of the requirements includes security awareness training.
HIPAA (Health Insurance Portability and Accountability Act)
A law enacted by the U.S. Congress and signed by President Bill Clinton in 1996 that requires healthcare organizations to protect personal health information (PHI).
virus
A malicious computer program that infects a file. A true virus can only spread from one computer to another when its host (infected file) is sent to the target computer. The word "virus" is incorrectly used as an umbrella term for many flavors of viruses, worms and trojans, etc. Example: A virus gets installed on a laptop. It then inserts itself into several operating system files, causing the computer to restart automatically every 10 minutes.
money mule
A person recruited by a criminal or criminal organization to quickly receive and turnaround funds involved in scams. The person is often unaware of their role in the criminal act.
vishing
A phishing attack conducted by telephone. Vishing is the phone equivalent of a phishing attack. There are two forms of this: human and automated. In the human example, a scam artist uses the anonymity of a phone call and pretends to be a representative of their target's bank or credit card company, etc. They manipulate the victim to enter their PIN, credit card number, or bank account (and routing number) with the phone keypad. This allows the scammer to get instant access to another person's bank credentials.
GDPR (General Data Protection Regulation)
A regulation in European Union (EU) law on data protection and privacy for all individuals in the EU.
white paper
A report that describes how a technology or product solves a problem. It's a marketing and technical document that doesn't go too far in either direction. Example: An organization creates a new solution for poor cell phone reception. That organization would release a white paper to advertise the technology's effectiveness, and to describe how it works.
worm
A self-replicating computer program. It sends copies of itself to other computers, and may do so without any user intervention. Unlike a virus, it doesn't need to attach itself to an existing file. Worms almost always cause at least some harm to the network. Example: An email that has a love letter attached, which when opened changes files on a computer and sends itself to all the email addresses in the user's contact list.
API (application program interface)
A set of clearly defined methods of communication between software.
PST Phishing Security Test
A simulated phishing attack performed by KnowBe4 on email addresses an organization provides us. The purpose of the test is to see how prone the organization's employees are to click on phishing links. How it works: The PST user selects a phishing template; then a landing page (where an employee is taken if they click a phishing link). Employees who click on phishing links are taken to that landing page and shown the red flags they overlooked. The PST user will then receive a report with their Phish-prone percentage.
spear phishing-
A small, focused, targeted phishing attack on a specific person or organization, with the goal to penetrate their defenses. The attack is done after research has been done on the target, and has a specific personalized component designed to make the target do something against his or her own interest.
ceo fraud
A spear phishing attack that targets high-risk users—people in Accounting, HR, or executive assistants—in which the hacker claims to be the CEO (or another executive) and urges an employee to do something that would not be authorized by the legitimate sender.
protocol
A specific set of communication rules between computers. Example: A web browser accessing a website will have a different protocol than an email server talking to an email application.
phish-prone percentage-
A term coined by KnowBe4 that indicates the percentage of employees that are prone to click on phishing links. The customer starts with a baseline (a starting point used for comparison) percentage, which is the percentage of users who click on phishing links before being trained. Once trained, the test is done again 12 months later, to see the improvement.
DST - Domain Spoof Test
A test that checks a domain name—for example, knowBe4.com—to see if it can be spoofed. For example, a "bad guy" could send an email from [email protected], but it would be spoofed to look like it came from [email protected].
Second chance
A tool that checks links originated in email messages, including embedded links within attached Office Documents and PDFs. It asks the user if they're sure they want to follow the link, giving them a second chance to evaluate the link
Breached Password Test - BPT
A tool that checks to see if an organization's users are currently using passwords that are in publicly available breaches associated with the org's domain. How it works: BPT checks to see if an organization has been part of a data breach that included passwords. Then it checks to see if those passwords still exist in the organization's active directory.
USB Security Test
A tool that finds out how users react to unknown USB drives. The purpose is to see how many users will pick up the USB drive, plug them into their computer, and open files. How it works: When an employee opens the file, it will "call home" and report a "fail" to their KnowBe4 console. If the user opens a doc and also enables macros, (short for microinstruction, which is a mini program) additional data is tracked.
ASAP- Automated Security Awareness Program
A tool that simplifies the process of creating customized Security Awareness Programs. How it works: The user completes a questionnaire about their organization and goals. ASAP then generates a custom plan based on the user's specific needs.
CSO(Chief Security Officer)
A top-level executive responsible for an organization's security, both physical and digital.
applications
A type of software that allows a user to perform specific tasks and activities. Example: Web browsers, picture viewers, and games are all applications.
console
A user interface that manages and controls software and/or hardware.KnowBe4 customers access our products through a console (shown below).
security vulnerability
A weakness on a network, computer, or software which allows a bad guy to gain access. A security vulnerability has three elements: a flaw, access to the flaw, and capability to exploit that flaw. Example: A computer with outdated security updates. This vulnerability would allow an attacker to easily bypass the login password.
AD
Active Directory
ADI
Active Directory Integration
protected health information (PHI)
All recorded information about an individual's health status, including their health care coverage.
zero-day exploit
Also known as "zero-day attack," is an exploit that takes advantage of a zero-day vulnerability on its first day of release, before the vendor knows about it. Example: (Using the zero-day iPhone example above) A bad guy who hacks into a celebrity's iPhone—using the zero-day vulnerability—and steals personal photos. Hackers are then able to do similar damage until Apple becomes aware and fixes the flaw.
advanced persistent threat
Also known as APT, is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. The bad guy's goal is to go undetected and steal data, rather than cause damage to the network or organization. Example: A bad guy hacks into your computer. Instead of slowing it down or demanding payment to unlock your files, the bad guy continues to observe your web browsing, to steal as many passwords as possible.
tailgating
Also known as piggybacking, tailgating is a method used by bad guys to gain access to a building or other protected areas. A tailgater waits for an authorized user to open and pass through a secure entry and then follows right behind. Note: Tailgating is a form of social engineering.
PAB - Phishing Alert Button
An email plugin that gives users a safe way to handle actual or potential phishing emails. How it works: PAB forwards the suspect email to the organization's security team for analysis. It also deletes the email from the user's inbox, to prevent future exposure.
CISO (Chief Information Security Officer
An executive responsible for protecting an organization's information and technologies.
personally identifiable information (PII)
Any information that can be used on its own or with other information to identify, contact, or locate a single person.
API
Application Program Interface
utilities
Applications designed to help analyze, configure, optimize, or maintain a computer. Unlike application software (which focuses on benefiting the user), utilities are used to support the computer. Example: An application that allows you to customize how the buttons work on your mouse.
dashboard
At-a-glance views of key info, relevant to a particular goal or business objective. They're often displayed as charts and/or other graphical images on a web page. Example: KnowBe4 uses dashboards to display sales data on monitors placed around the company.
ASAP
Automated Security Awareness Program
Weak Password Test - WPT
Checks an organization's Active Directory for several different types of weak password related threats. How it works: Once the test is complete, it generates a report of the users who have weak passwords. It does not report the actual passwords of the users; rather it highlights which ones should be addressed.
CIO
Chief Information Officer
CISO
Chief Information Security Officer
CSO
Chief Security Officer
CSM
Customer Success Manager
DST
Domain Spoof Test
EEC
Email Exposure Check
firewall
Hardware or software designed to block unauthorized network access while permitting authorized communications.
HIPAA
Health Insurance Portability and Accountability Act
KCM - KnowBe4 Compliance Manager
KCM is a software-as-a-service (SaaS) that simplifies the complexity of getting compliant and eases the burden of staying compliant. Most organizations track compliance using spreadsheets, word processors or self-maintained software such as Sharepoint (a platform designed by Microsoft, used for document management and storage). This is inefficient, error prone, costly, and risky.
KCM
KnowBe4 Compliance Manager
LMS
Learning Management System
MSA
Mail Security Assessment
rootkit
Malicious code that loads into the early loading stages of a computer. The code hides itself from the operating system and other applications that load in the later stages, like antivirus and system utilities. This gives the bad guy full access to alter the system. Note: Root is the basic source of something, and kit is a set of tools, hence the name "rootkit." Example: Code that changes a configuration file when the computer starts up. It then alters the file so the user's antivirus software won't detect additional malware that tracks the user's keyboard inputs (to steal passwords).
trojan
Malicious software that seems to perform a desirable function for the user but instead facilitates unauthorized access to the user's computer system. The term is derived from the Trojan Horse story in Greek mythology. Example: An email with a link to a news article about a disastrous storm or major political news that installs software to slow the computer down and any other computers it connects with.
keylogger
Malware or hardware that observes what someone types on their keyboard, which is then sent back to the bad guys.
HTTP - hypertext transfer protocol
One of the protocols used to transfer information (like a webpage) over the Internet. Note: web browsers show HTTP in lower case:
PCI
Payment Card Industry
PCI-DSS
Payment Card Industry Data Security Standard
PII
Personally Identifiable Information
PAB
Phishing Alert Button
PST
Phishing Security Test
smishing
Phishing conducted via Short Message Service (SMS), a telephone-based text messaging service. A smishing text, for example, attempts to entice a victim into revealing personal information.
PHI
Protected Health Information
RanSim
Ransomware Simulator
ROI
Return on Investment
SAT
Security Awareness Training
SMS
Short Message Service
domain
Short for "domain name," a unique name that identifies a website.
malware
Short for the term "malicious software." It's an umbrella term used to refer the various types of viruses, worms and trojans, etc. Most malware is installed without the infected person ever realizing it.
RanSim - Ransomware Simulator
Simulates 13 ransomware infection scenarios to determine if a user's workstation is vulnerable to infection. RanSim also allows users to see if their antivirus software is incorrectly blocking files.
SMB
Small and Medium Businesses
SEI
Social Engineering Indicators
SaaS
Software as a Service
software as a service (SaaS)
Software licensed on a subscription basis. The software is stored centrally on a server. It's sometimes referred to as "on-demand software." Google Apps are SaaS.
exploit
Software or code—usually malicious—that takes advantage of a flaw or vulnerability. The purpose is to cause unintended or unanticipated behavior to occur with the software or hardware. Such behavior would be unauthorized access or control of a computer, or denial-of-service (DoS). Example: Malware designed to take advantage of an outdated operating system that allows the attacker to control the user's webcam.
operating system (OS
Software that manages the computer hardware and software. It's a system that sits between the applications and hardware. Microsoft Windows is an example of an operating system. platform - The environment in which a piece of software is executed. It may be the hardware, operating system, a web browser, or other underlying software. For example, Microsoft Windows is a platform for Microsoft Word.
antivirus
Software that monitors a computer or network to identify all major types of malware and prevent or contain malware incidents. Sometimes referred to as AV, which is short for antivirus. Example: Software that scans email attachments for viruses when they're downloaded.
email spoofing-
Spoofing (tricking or deceiving) computer systems or other computer users. Email spoofing involves sending messages from a bogus email address or faking the email address of another user. It's a tactic used in phishing because people are more likely to open an email when they think it has been sent by a legitimate source. Spoofing is a common tactic in CEO Fraud attacks.
DoS attack
Stands for "denial-of-service attack." The attackers seek to make a computer or network unavailable to its intended user(s), by temporarily or indefinitely disrupting service. DoS attacks are done by flooding the targeted system with unnecessary service requests, which overload the system. When the attacks come from multiple sources, it's called DDoS, "distributed denial-of-service."
SKU
Stock Keeping Unit
social engineering
The act of manipulating people into performing actions or divulging confidential information. The term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access. Phishing and spear phishing are forms of social engineering. The user is tricked into opening an email and clicking on links that open a way into the computer. This allows the bad guys to enter into the user's computer and computer network. The bad guys end up taking out valuable and confidential content like names, addresses, phone numbers, social security numbers, usernames, and passwords.
data breach
The intentional or unintentional release of secure information to an un-trusted environment. Other terms for events like this are: unintentional information disclosure, data leak, and data spill. Example: In 2013 and 2014, Yahoo was hacked by bad guys who stole data from every Yahoo account, 3 billion in all. They took names, email addresses, phone numbers, dates of birth, passwords, etc.
zero-day
The name of a vulnerability unknown to those who would be interested in securing it, which includes the software vendor or user (good guys). The bad guys use these vulnerabilities to launch an attack. Example: A new iPhone is released on Jan 1st. The phone has a security flaw that allows someone to get around the passcode. Nobody knows about this flaw except for some bad guys, who have already broken into iPhones with the flaw. Why is it called zero-day? Because the flaw was discovered and taken advantage of (by the bad guys) before the good guys could fix it. Essentially, the good guys had no warning; they had "zero-days" to do something about it.
cloud computing-
The practice of using remote servers on the Internet to store, manage, and process data, rather than a local server or a personal computer. Cloud servers get all the latest software and security updates, making them less vulnerable to attack. Example: The use of Google Apps (gmail, docs, calendar, etc.)
phishing attack surface
The quantity of emails exposed on the internet. The more email addresses exposed, the bigger the attack footprint is and the higher the risk for phishing attacks.
HTTPS - hypertext transfer protocol secure -
The same as HTTP but secure. This protocol secures the data by changing it to special code that requires special translation.If you were inputting credit card data on a website, you would want that data to transmit securely, using HTTPS.
USB
Universal Serial Bus
ransomware
Vicious malware that locks users out of their devices or blocks access to files until a sum of money or ransom is paid. Attacks cause downtime, data loss, possible intellectual property theft, and data breaches. Ransomware is also referred to as "cryptoware." How it works: Once the malware is on the machine, it starts to encrypt all the data files it can find on the computer and on any computers it can access within the network. When a user attempts to access one of these files, they're locked out. Then two files are found in that same folder, indicating the files have been taken ransom. The two files inform the user of the ransom and instructs them on how to pay it.
WPT
Weak Password Test
AIDA
artificial Intelligence Driven Agent
EEC - Email Exposure Check Pro (EEC Pro)
entifies the at-risk users in an organization by searching business social media information and hundreds of data breach databases. The EEC Pro works in two stages: Stage 1: Does deep web searches to find any publicly available organizational data. This shows what an organizational structure looks like to an attacker. Stage 2: Finds any users that have had their account information exposed in any of several hundred data breaches. These users are particularly at risk because an attacker knows more about that user, up to and including their actual passwords!
Mailserver SEcurity Assessment (MSA)
ests a user's mailserver configuration to check the effectiveness of the mail filtering rules. MSA gives the user a quick insight at how their mailserver handles test messages that contain a variety of different message types, email with attachments, or emails with spoofed domains.