Читать книгу Linux Security Fundamentals - David Higby Clinton - Страница 25

Understand common online attack behaviors, including cyberstalking, cybermobbing, and doxxing. Cyberstalking involves persistently pursuing an individual’s online and private identity in a threatening way. Cybermobbing is the cooperation of the owners of large numbers of online social media accounts to harass an individual with whom they don’t agree. Doxxers research and then publicize private information about an individual they want to harm.

Understand the kinds of personal data that are the most sensitive and vulnerable to abuse. Your browser history, social media account activities, online ecommerce transaction information, and health records are all categories of personal data that require special attention and protection.

Understand the regulatory requirements for which you and your infrastructure are responsible. Businesses operating in the European Union must conform to the policies of the General Data Protection Regulation (GDPR). The Payment Card Industry Data Security Standards (PCI-DSS), and the US government’s Health Insurance Portability and Accountability Act (HIPAA) are also important standards.

Be familiar with common kinds of digital “social engineering” attacks. Spam describes unsolicited email messages sent with the goal of getting you to respond, usually by purchasing a product of doubtful value. Spoofing misrepresents the origin and sender of the email. Phishing attacks try to get you to interact with a web resource that’s made to look like an actual legitimate site.