Tips for Peer-to-Peer (P2P) and Unauthorized Software
P2P software can:
- Compromise network configurations
- Spread viruses and spyware
- Allow unauthorized access to data
To protect information systems:
- Don’t use unauthorized peer-to peer (P2P software
- Don’t illegally download copyrighted programs or materials
Social Engineering Tips
Social engineers use telephone surveys, e-mail messages, websites, text messages, automated phone calls, and in-person interviews.
To protect against social engineering:
- Do not participate in social engineering
- Do not give out personal information
- Do not give out computer or network information
- Do not follow instructions from unverified personnel
- Document interaction:
- Verify the identity of all individuals
- Write down phone numbers
- Take detailed notes
- Contact your security POC or Helpdesk
- Report cultivation contacts by foreign nationals
CAC / PIV / Security Token Tips
Common Access Card (CAC)/Personal Identity Verification (PIV) is a controlled item and implements (DOD Public Key Infrastructure (PKI) and contains certificates for.
- Digital Signatures
Note: Some systems use different types of security tokens. Be sure to use the appropriate token for each system.
To protect your CAC/PIV:
Physical security protects the facility and the information systems/infrastructure, both inside abd outside the buildings.
To practice good physical security:
- Know and follow your organizations policy on:
- Gaining entry
- Securing work area
- Responding to emergencies
- Use your own security badge/key code. Note that your CAC/PIV is sometimes used as an access badge.
- Don’t allow others access or to piggyback into secure areas
- Challenge people without proper badges
- Report suspicious activity
Malvertising:. Malvertising is the process of placing malicious code within an online ad. Inside this category of malware, we are concerned with "Clickjacking" which is the concealment of hyperlinks under real ads to manipulate user activities on a website