Information Security Training

unnamed

The SANS Security Awareness core curriculum is 35:49 in length and intended to provide training needed to be compliant with overall security awareness standards.

These modules portray realistic, memorable scenarios that are transferable to everyday tasks. Videos include a live action segment with a SANS Instructor and then move quickly to animated stories that help learners put their security awareness skills into action. By completing the training modules, learners “build their shield” – an interactive process that balances the risks in the threat landscape with empowering and engaging messages so learners can protect themselves, their families, and their organizations.

Accessibility

SANS Security Awareness is available in multiple languages. Core languages are available as video voiceover, transcripts, and subtitles, while the additional languages are available as subtitles and transcripts.

The following 12 languages make up the core language offerings for SANS Security Awareness Training: Arabic, English, German, Polish, Chinese (Mandarin), French, Italian, Portuguese, (Brazilian), Dutch, French (Canadian), Japanese, and Spanish-Latin American.

Your account and signing in

You can access your Learner Dashboard to review your training and retrieve your certificates via this URL: https://access.sans.org/go/lemoynecollege 

Core Security Awareness Modules

Collapse All Expand All

This updated introduction explains how cyber attackers are focusing on human risk to gain access to data and information by bypassing technology's defenses. However, each person has the ability to identify and report the signs of a potential attack. Learners are encouraged to build a strong cyber shield and use training to strengthen their cyber detection skills at work and at home. Video length: 1m 02s

Interactive description: This day in the life exercise presents ten scenarios addressing a different Security Core topic, introducing the learner to the themes of the curriculum.

Start: 5/1/2018 | End: 5/30/2018

Social engineering is a common tactic used for cyber security attacks. This updated module explains and illustrates different types of social engineering attacks, including spoofing from trusted sources, and how people can detect and defend against them. As social engineering can take on any form, this module lays the foundation for secure behaviors learners can use in the event of an attack. Video length: 3m 15s

Interactive description: Learners review several scenarios to decide the next action they should take to stay safe in social engineering cyber attacks.

Start: 5/1/2018 | End: 5/30/2018

Malware is software that is used to perform malicious actions. This updated module explains what malware is and provides examples of commonly used malware, such as ransomware, spyware, and keyloggers. This module also focuses on key methods attackers use to deploy malware and how each of us can defend against them, such as keeping devices updated with current versions of software and security patches for protection. Finally, the module reviews misconceptions about malware and stresses reporting any signs of infection as soon as possible. Video length: 3m 17s

Interactive description: Learners encounter situations that require them to keep anti-virus software enabled and applications up-to-date for security protection.

Start: 6/1/2018 | End: 6/30/2018

Phishing is an email-based cyber attack, often targeting many people at once. This updated module explains key methods cyber attackers use to get people to click on the bait in an email message, such as links, attachments, or redirects. It also identifies the primary clues that each person can use to detect phishing, and how to safely check links in emails. Finally, the module reviews additional safe email behaviors, such as careful use of auto-complete and reply-all features, which can accidentally be used to share information with those who are not authorized to see it. Video length: 3m 56s

Interactive description: Learners check their phishing detection skills across several scenarios.

Start: 6/1/2018 | End: 6/30/2018

This updated module follows NIST recommendations for strong passwords, such as keeping passwords long, strong, and unique for each online account. This module also covers the use of passphrases, the importance of layered security with two-step verification, and key password security behaviors that each person should employ to protect information. These behaviors include: password secrecy, not using public computers for online accounts, use of a password manager, managing security questions, and immediately reporting any signs of a compromised account. Video length: 3m 45s

Interactive description: Learners review several scenarios involving safe decisions regarding passwords and security question management.

Start: 10/1/2018 | End: 10/31/2018

Targeted attacks, such as spear phishing and CEO Fraud, involve research on the target before the attack is launched. While these funded cyber attackers may launch an attack for a variety of reasons, this updated module provides a real-world example of how a targeted attack works and how everyone in an organization can protect and defend against them. Key security behaviors include not oversharing information, following policies or procedures used to protect information, recognizing signs of spoofing and social engineering, and managing links and attachments in emails. Video length: 4m 30s

Interactive description: Learners role-play as members of an organization being targeted by a cybercrime ring.

Start: 10/1/2018 | End: 10/31/2018

Social networks are used to share photos, events, and other types of content with others. This updated module focuses on enabling two-step verification for online accounts when possible, avoiding oversharing information, only sharing safe content, recognizing that privacy controls protecting information can change, and knowing that once online, information is outside of your control. In addition, this module identifies steps that each person can take to remove inappropriate content, and how to recognize when social network profiles or posts may be the focus of an attack. Interactive description: Join a social network and decide which posts are Safe or Risky. Video length: 2m 08s

Interactive description: Join a social network and decide which posts are Safe or Risky.

Start: 11/1/2018  End: 11/30/2018

Mobile devices today have the same functionality, complexity, and risks as a computer, but with the additional risk of being highly mobile and easy to lose. In this updated module, key security behaviors include enabling a screen lock, enabling remote wiping, disabling Wifi and Bluetooth features when they are not in use, keeping the devices updated, and not jailbreaking security features designed to protect these devices. In addition, focus is placed on choosing apps, including reading ratings and reviews, avoiding excessive permissions, and keeping them updated to avoid security issues. Video length: 2m 56s

Interactive description: Learners engage in scenarios that test their mobile device security skills.

Start: 11/1/2018  End: 11/30/2018

Browsers are the primary tool used for accessing information and online accounts. As a result, browsers, as well as their add-ons, plugins, and extensions, are common targets for cyber attacks. In this updated module, staying safe online involves key security behaviors, including safe browsing, recognizing signs of a security compromise, managing updates, looking for signs of encryption, and logging off websites to remove sensitive information. Video length: 2m 13s

Interactive description: Learners review a series of activities and choices to stay safe online.

Start: 12/1/2018  End: 12/31/2018

Safe data handling practices are critical at each step of accessing, sharing, transmitting, retaining, and destroying data. This updated module is the foundation of most of the compliance videos. The module also describes ways to securely store or process sensitive information, restrictions on transferring or sharing information, ways to manage data retention, and why it is important to follow data policies and processes, as well as how to destroy data securely. Video length: 4m 46s

Interactive description: Learners review data sensitivity, authorization, handling and destruction.

Start: 12/1/2018  End: 12/31/2018

Safe data handling practices are critical at each step of accessing, sharing, transmitting, retaining, and destroying data. This updated module is the foundation of most of the compliance videos. The module also describes ways to securely store or process sensitive information, restrictions on transferring or sharing information, ways to manage data retention, and why it is important to follow data policies and processes, as well as how to destroy data securely. Video length: 2m 15s

Interactive description: Learners review ten coworker scenarios and must decide if the signs point to hacking or if the contact is safe.

Start: 1/2/2019 | End: 1/31/2019

This updated module recaps key security awareness behaviors discussed throughout Security Core. Video length: 2m 15s

Security Extras Curriculum

Collapse All Expand All

For many organizations, employees no longer work at the office. As a result, securely working remotely is more important than ever, whether you're traveling, working from a local cafe, or at home. In this module, we review how employees can protect themselves by using secure network connections, managing laptop and device security, and following workplace policies to keep themselves and your organization safe. Video length: 2m 40s

Start: 2/1/2019 | End: 2/28/2019

Effective cyber security practices are important both at work and at home. This module describes the steps that can be used at home to protect personal devices, Wi-Fi networks, and online accounts. It also covers the importance of information backups, such as Cloud services or external hard drives, in the event of an attack, theft, or loss of a device. Secure behaviors at work often start at home. Video length: 3m 29s

Start: 2/1/2019 | End: 2/28/2019

Insider threats are trusted employees, contractors, or third-party members who exploit their insider status and maliciously cause harm to an organization. This module explores new examples of insider threats, warning signs of an insider threat, and how to reduce the likelihood of an attack by using strong organizational security practices. Video length: 3m 32s

Start: 3/1/2019 | End: 3/31/2019

Physical security is an important component of information security. This module explains how attackers can attempt to trick and fool their way into restricted areas, such as by tailgating. We also discuss how employees can protect the physical security of your facilities by managing visitors, protecting entrances and exits, proper information disposal, and related physical security behaviors. Video length: 2m 37sModule 16: Physical Security

Start: 3/1/2019 | End: 3/31/2019

Login