Cyber Security Awareness

This course is free and editable. Yours to re-brand and tailor to your needs!

Cyber Security Awareness Free

By EdApp
9 Lessons
4.0
(38 reviews)

Learn the basics of the most common cyber attacks and how you can protect yourself.

From the author:Cyber security is one of the most important measures to take when training new or current employees. The importance of continuously training employees on cyber security comes from the rapid advancement of technology in our digital age, meaning that extra measures must be taken to ensure our information and knowledge are up-to-date. This cyber security course is designed to help you protect yourselves and the company against cyber attacks and threats. This 9-part course aims to empower learners with an up-to-date guide based on how to recognise and mitigate any potential cyber threats. The course begins by introducing injection attacks, explaining broken authentication and session mamangement, cross-site scripting, a review of the 3 most common attacks, broken access control, sensitive data exposure, cross-site request forgery, using components with known vulnerabilities, and underprotected APIs.

Cyber Security Awareness Lessons

Click through the microlessons below to preview this course. Each lesson is designed to deliver engaging and effective learning to your team in only minutes.

  1. Injection Attacks
  2. Broken Authentication and Session Management
  3. Cross-Site Scripting (XSS)
  4. Review: The 3 most common attacks
  5. Broken Access Control
  6. Sensitive Data Exposure
  7. Cross-Site Request Forgery (CSRF)
  8. Using Components with Known Vulnerabilities
  9. Underprotected APIs

Like what you see?

This course is free and completely editable. Update the text, add your own slides or re-brand the entire course — with our no-code authoring tool, the sky’s the limit!

Love it how it is? Train your team for free with this course.

Loading indicator

Preparing your lesson...

Follow the interactions on each screen or click the arrows to navigate between lesson slides.

What you will learn

  • Injection Attacks
  • Broken Access Control
  • Review: The 3 most common attacks
  • Cross-Site Scripting (XSS)
  • Broken Authentication and Session Management
  • Sensitive Data Exposure
  • Cross-Site Request Forgery (CSRF)
  • Using Components with Known Vulnerabilities
  • Underprotected APIs

Cyber Security Awareness course excerpts

Injection Attacks

Learn what an SQL Injection attack is, and why it is one of the most common. In this lesson, you'll also learn ways to protect systems from this very easily exploitable vulnerability.
Cyber Security Awareness Course - Lesson Excerpt

This is our main man Thomas. He's just made his first ever website!

Injection Attacks

Thomas has basic coding skills, and using simple PHP language, he's written out a simple form attached to a database for people to contact him.

Injection Attacks

This is Emily. She's very knowledgeable when it comes to security, and sometimes uses her power for mischief. Emily stumbles across Thomas' web page, and realises that he hasn't protected himself from SQL injection attacks...

Injection Attacks

Emily types a simple command into the form - and voilà!, she's able to see all of Thomas' messages!

Injection Attacks

What else could Emily get from Thomas' site through this vulnerability? Select all that apply

How can Thomas fix up his site so Emily can't attack it?

Broken Authentication and Session Management

Learn about Broken Authentication and Session Management, one of the most common ways sites open up themselves to attacks on users and their own data.
Cyber Security Awareness Course - Lesson Excerpt

Since we last spoke to Thomas, he's found his niche, and his website has become very popular! Thomas has started to make money from online ads, and wants to keep this separate from his other income.

Broken Authentication and Session Management

Thomas decides the best way to do this is sign up for a new bank account online.

Broken Authentication and Session Management

The day after he sets it up, he can't get back into it! What's happened to Thomas' money?!

Broken Authentication and Session Management

How could this have happened?

Predictable Passwords This is one of the most common ways to get caught out online. Websites should not allow you to use passwords like "12345" or "password", and sites that do open themselves up to vulnerabilities.

Broken Authentication and Session Management

Eavesdropping On unencrypted connections, bad actors can use readily available software to see the passwords, usernames and Session IDs transmitted from users to the website.

Broken Authentication and Session Management

Impersonation By using a Session ID that is not invalidated at the end of each session, bad actors can impersonate users and gain full access to their accounts.

Broken Authentication and Session Management

Cross-Site Scripting (XSS)

Learn about cross site scripting (XSS) vulnerabilities, and how they have worked on some huge sites. Learn what you can do to protect your site from this major vulnerability.
Cyber Security Awareness Course - Lesson Excerpt

Emily's a very knowledgeable internet user, and today, she's decided to look for some vulnerabilities in everyday websites.

Cross-Site Scripting (XSS)

Emily has her eyes set on this social media website - how can she cause some mischief?

Cross-Site Scripting (XSS)

Using the HTML

Cross-Site Scripting (XSS)

Which types of websites can be affected by a Cross-Site Scripting (XSS) attack? Select all that apply

Broken Access Control

Learn how Broken Access Control can lead to vulnerabilities in online security.
Cyber Security Awareness Course - Lesson Excerpt

It's been a while now, and Thomas is quite happy with his site as it is. He's got multiple features and plugins installed.

Broken Access Control

To administer all of these new features, he's created the ability to log in with a browser, and change settings from where ever he is.

Broken Access Control

Unfortunately, he hasn't set up and tested his access control correctly - leading his site to become vulnerable to attacks.

Broken Access Control

Some specific Access Control issues that exist include... Insecure Session IDs Path Traversal (going directly to a secure page without passing through access checks) Incorrectly set file permissions Client Side Caching on Public Computers All of these risks can be mitigated by improving the security of access control.

What is the most secure way of giving administrators access to a site?

Sensitive Data Exposure

Learn which sorts of data are vulnerable and important to protect on your website.
Cyber Security Awareness Course - Lesson Excerpt

Our successful friend Thomas has decided to start selling his products online. He decided to accept Credit Cards on his website.

Sensitive Data Exposure

His site stores credit card information in plain text, but the text is destroyed after each order is completed.

Sensitive Data Exposure

After a few weeks, one of Thomas' customers contacts him, and angrily tells Thomas that his Credit Card details had been stolen!

Sensitive Data Exposure

How could Thomas' customer's data have been stolen? Select all that apply

Here are some good questions to ask when reviewing your sensitive data storage... Is any of your data stored in clear text long term, including backups of this data? Is any of this data transmitted in clear text, internally or externally? Are any old / weak cryptographic algorithms used? Are weak crypto keys generated, or is proper key management or rotation missing?

Cross-Site Request Forgery (CSRF)

Learn how this lesser-known cross-site vulnerability can spell danger for some websites.
Cyber Security Awareness Course - Lesson Excerpt

Emily is taking a day off hacking, and is paying her friend for a concert ticket.

Cross-Site Request Forgery (CSRF)

She submits a transfer form on her bank's website - but she notices something while poking around. The website doesn't authenticate its requests properly.

Cross-Site Request Forgery (CSRF)

Emily sees a way that she can exploit this, so everybody who posts a comment to her website also sends her $100 - as long as they're also logged into her bank's website.

Cross-Site Request Forgery (CSRF)

What other types of sites are vulnerable to CSRF? Select all that apply

Using Components with Known Vulnerabilities

Learn how to keep your knowledge of known vulnerabilities up-to-date with some simple tools.
Cyber Security Awareness Course - Lesson Excerpt

Thomas' website has expanded! He's got heaps of features - some of which he didn't code himself.

Using Components with Known Vulnerabilities

Some features, like his online shop, are additional plugins that he has installed.

Using Components with Known Vulnerabilities

One day, one of Thomas' plugins stops working, and gives him some strange error messages when he tries to fix it.

Using Components with Known Vulnerabilities

Underprotected APIs

Learn how underprotected APIs can create unintended vulnerabilities.
Cyber Security Awareness Course - Lesson Excerpt

Thomas is working on his site, which by now, has plenty of plugins.

Underprotected APIs

However, Emily knows some vulnerabilities in Thomas' plugin APIs, and uses her knowledge to cause havoc!

Underprotected APIs

Cyber Security Awareness Course Author

EdAppEdApp is an award winning, mobile first microlearning platform with integrated authoring and delivery. EdApp contributes training courses that have been created by the in house instructional design specialists.

Users Also Learned

More about awareness and too simplistic. Some animations would enhance learning

It's good

This was a good lesson and have learnt quite good things on how to protect my data,

very insightful

Other courses by EdApp

EdApp is easy to use and free for you and your team. No credit card required.

or book a demo with us today!