Lab – Discover Your Own Risky Online Behavior
Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 2 of 3 www.netacad.com
2) You verify the URL to ensure it is the institution you were looking for before entering any information.
3) You don’t use online banking or any online financial services. (0 points)
f. You read about a program and decide to give it a try. You look around the Internet and find a trial version
on an unknown site, you:
1) Promptly download and install the program. (3 points)
2) Search for more information about the program creator before downloading it. (1 points)
3) Do not download or install the program. (0 points)
g. You find a USB drive while walking to work. you:
1) Pick it up and plug it into your computer to look at its contents. (3 points)
2) Pick it up and plug it into your computer to completely erase its contents before re-using it. (3 points)
3) Pick it up and plug it into your computer to run an anti-virus scan before re-using it for your own files
4) Don’t pick it up. (0 points)
h. You need to connect to the Internet and you find an open Wi-Fi hotspot. You:
1) Connect to it and use the Internet. (3 points)
2) Don’t connect to it and wait until you have a trusted connection. (0 points)
3) Connect to it and establishes a VPN to a trusted server before sending any information. (0 points)
Part 2: Analyze Your Online Behavior
The higher your score, the less safe your online behaviors are. The goal is to be 100% safe by paying
attention to all your online interactions. This is very important as it only takes one mistake to compromise your
computer and data.
Add up the points from Part 1. Record your score.
0: You are very safe online.
0 – 3: You are somewhat safe online but should still change your behavior to be completely safe.
3 – 17: You have unsafe behavior online and have a high risk of becoming compromised.
18 or more: You are very unsafe online and will be compromised.
Below are a few important online safety tips.
a. The more information you share on social media, the more you allow an attacker to know you. With more
knowledge, an attacker can craft a much more targeted attack. For example, by sharing with the world
you went to a car race, an attacker can craft a malicious email coming from the ticketing company
responsible for the race event. Because you have just been to the event, the email seems more credible.
b. Reusing passwords is a bad practice. If you reuse a password in a service under attackers’ control, they
may be successful when attempting to log in as you in other services.
c. Emails can be easily forged to look legitimate. Forged emails often contain links to malicious sites or
malware. As a general rule, do not click embedded links received via email.
d. Do not accept any unsolicited software, especially if it comes from a web page. It is extremely unlikely
that a web page will have a legitimate software update for you. It is strongly recommended to close the
browser and use the operating system tools to check for the updates.