Cybersecurity Lab Notes - 2025-11-30

Summary

Shifted into a defender’s mindset by writing and refining security best practices for employees. Turned the content into a lightweight training asset and an exam, practicing how to communicate security in clear language.

Activity & Artifacts

• Drafted “Top 10 Security Best Practices for Employees (2025)”:
  • Strong, unique passwords.
  • Use of password managers.
  • Multi-factor authentication everywhere.
  • Screen locking habits.
  • Safe handling of email and attachments.
  • Physical security basics.
  • Data handling and classification awareness.
• Refined the document to be:
  • Slightly more technical while staying non-jargon.
  • Cleanly formatted for PDF export.
• Built a 10-question multiple-choice exam based on the handout:
  • Questions on MFA, password hygiene, phishing indicators, physical security, and incident reporting.
  • Randomized answer choices.

Skills Practiced

• Security awareness design:
  • Turning technical security principles into clear employee guidance.
• Exam and training material creation:
  • Converting a written guide into assessment questions.
• Communication skills:
  • Explaining security controls as habits, not rules.

Reflections

• Teaching security helps the concepts stick deeper.
• Clear wording is a security control in itself.
• This content is useful for future portfolio pieces.