Name: Mila Searles

Part 1. Problem Identification

How does it
Threat What is it? happen? Impacts
Could cause the
loss of personal
and financial
info,
Cyber-attack where
reputational
unauthorized individuals Occurs due to damage, and
disclose information or hacking, malware, or legal
Phishing data insider threats consequences
Occurs through
infected email This can lead to
attachments, data theft,
downloads, or system damage,
Software designed to compromised financial loss,
Malware (Keyloggers, spyware, ransomware) harm a computer system websites etc.
This can result in
Attacks that manipulate
Attackers use unauthorized
individuals into divulging
manipulation actions to
confidential information or through phone calls, systems, data
performing actions that emails, or in person breaches and
Social Engineering Attacks compromise security contact financial loss
can lead to
financial loss,
Unauthorized individuals This can occur due to loss of personal
steal sensitive protected or hacking, malware, or and financial
Data Breaches confidential data threats information, etc.
Theft of credit card info Can be placed on Unauthorized
using a device on a card ATMs, gas pumps or transactions and
Card Skimming reader check out terminals financial loss
Identity theft,
Attackers look for fraud, and
Searching through trash to personal, financial, unauthorized
find sensitive info that has or confidential access to
Dumpster Diving been discarded documents accounts
 How does it
Threat What is it? happen? Impacts
A cyber-attack where
stolen usernames or
Automated tools are
passwords are used to used to test stolen Loss of accounts,
gain unauthorized info to credentials on financial loss,
Credential Stuffing accounts various websites data breaches
Attackers use stolen
Creating fake identities ssn numbers and Financial fraud,
using real and fabricated other data to create credit damage,
Synthetic Identity Theft info new identities and legal issues

Part 2. Solution

2a. Passwords
Your username and password are essential for protecting your accounts and personal information. Select hard-to-hack
passwords. Hackers use brute-force password guessing and dictionary attacks. Another tactic is to use your social media
and online presence to select words to use. People commonly use personal information such as birthdays, anniversaries,
names (children, spouse, pets), etc. Rules for creating a good password often include having it over a certain length and
including both upper- and lower-case letters as well as numbers and characters. Try not to use dates or names that have a
personal connection. Stanford University has a great infographic on secure password creation. Read it: Stanford Password
Creation Guide (https://uit.stanford.edu/service/accounts/passwords/quickguide)

Following their rules, create the following:

Secure password Why is it secure?

P@$sw0r)123! includes a mix of upper- and lower-case letters, numbers, and
special characters, making it difficult for hackers
Insecure password Why is it insecure?
password123 It is a common word followed by a simple number sequence,
making it easy for hackers to guess.
Some organizations use the following rule for passwords: At least 9 characters, 1 upper case letter, 1 lower case letter, 1
special character and 1 number. Using these rules, create the following:

Secure password Why is it secure?

S3cur3P@$sw0r) includes a mix of upper- and lower-case letters, numbers, and
special characters, making it difficult for hackers
Insecure password Why is it insecure?
password1 It is a common word followed by a simple number sequence,
making it easy for hackers to guess.

Two-factor authentication adds an extra layer of protection, so use it whenever possible! In addition, hackers steal
usernames and passwords from companies and sell them, so it’s important to change your passwords regularly and not
reuse passwords across sites.

2b. Security Software

Read the following article: Antivirus vs. Antimalware (https://www.pandasecurity.com/en/mediacenter/difference-between-
antivirus-antimalware/)
Should you get antivirus software or antimalware software or both? Why? What is the difference between them? It is
recommended to get both antivirus and antimalware software because antivirus protects against traditional
viruses while antimalware software provides protection against spyware, ransomware, and other types of
malicious software. Antivirus software focuses on detecting and removing viruses, while antimalware software
targets a wider variety of malicious programs, including those that antivirus software might miss.

2c. Monitoring and Protection Services

Research identity theft protection services. Compare at least two services and list their features, costs, and benefits. Which
one would you choose and why?

Service Comparison:
Service Features Cost Benefits Why choose it?
Real-time alerts, dark web Identity Guard offers extensive monitoring,
Service 1: monitoring, credit 19.99 Comprehensive protection and protection features at a reasonable cost,
Identity monitoring, and identity a with real-time alerts and making it a good choice for comprehensive
Guard theft insurance. month insurance coverage. identity theft protection.
Service Features Cost Benefits Why choose it?
Credit monitoring, dark web
LifeLock provides strong protection and
monitoring, identity 29.99 Offers robust protection support services, making it a reliable option
Service 2: restoration support, and a with additional support for for those who want extra assistance in case
LifeLock insurance. month identity restoration. of identity theft.

2d. Data Backup

We can’t prevent all disasters, so it’s important you prepare for the worst and back up all of your data. Read the following
article: Beginner’s Guide to PC Backup (https://www.pcmag.com/news/the-beginners-guide-to-pc-backup)

Look at your devices. What data/files do you have that you wouldn’t want to lose? List here: Some data/files I would not
want to lose include personal photos, financial documents, work-related files, and important emails.

Of the options listed in the article, which backup method would work best for you? Why? I think cloud backup would
work best for me because it provides automatic backups, easy access from anywhere, and protection against
physical damage to local storage devices.