[SCU101] Edit course and questions

courses/scu101/en.md

@@ -341,8 +341,12 @@ The different options for strong authentication offer varying levels of security
 
 For optimal security with strong authentication, it is recommended to use a secure email address, a secure password manager, and adopt 2FA using YubiKeys. It is also advisable to purchase two YubiKeys to anticipate loss or theft, for example, keeping a backup copy both at home and on your person.
 
+As for potential threats to SIM 2FA, here is a common example: a SIM swap attack occurs when an attacker steals a user's phone number by linking it to a SIM card controlled by the attacker. There are several ways an attacker can successfully complete the attack; however, this threat is usually only a major concern for high-profiles and people of interest.
+
 Biometrics can be used as a substitute, but it is less secure than the combination of knowledge and possession. Biometric data should remain on the authentication device and not be disclosed online. It is important to consider the threat model associated with different authentication methods and adjust practices accordingly.
 
+Finally, it may be useful to give a short context about HOTP and TOTP OTPs: HOTP is a one-time password based on the HMAC (Hash-based Message Authentication Code) algorithm, while a TOTP is a time-based OTP. Key features of such algorithms are that passwords can only be used once, each generated value is unique and exists a shared key between the user's device (client) and authentication service (server). The difference between the two systems is how factor moves: the TOTP is time-based, while the HOTP system is counter-based.
+
 ### Conclusion of the training:
 
 As you have understood, implementing good digital hygiene is not necessarily simple, but it remains accessible!

courses/scu101/quizz/000/en.yml

@@ -5,9 +5,11 @@ wrong_answers:
   - Private browsing masks the user's IP address, while TOR does not.
   - TOR leaves local traces on your computer, while private browsing does not.
 explanation: |
-  Private browsing is a feature that prevents internet browsers from storing
-  browsing history, temporary internet files, form data, cookies, and user names and
-  passwords. However, it does not hide browsing from your internet service provider.
-  On the other hand, TOR network offers anonymity by masking the user's IP address
-  and allowing access to the Darknet.
-reviewed: false
+  Private browsing is a feature that prevents internet
+  browsers from storing browsing history, temporary internet
+  files, form data, cookies, and user names and passwords.
+  However, it does not hide browsing from your internet
+  service provider. On the other hand, TOR network offers
+  anonymity by masking the user's IP address and allowing
+  access to the Darknet.
+reviewed: true

courses/scu101/quizz/001/en.yml

@@ -6,7 +6,9 @@ wrong_answers:
   - To prevent the browser from crashing.
   - To avoid being tracked by third-party sites.
 explanation: |
-  While browser extensions can provide useful functionalities, they can
-  also pose security risks as they can access your data and browsing activity. Additionally,
-  having too many extensions can slow down your browser and affect its performance.
-reviewed: false
+  While browser extensions can provide useful
+  functionalities, they can also pose security risks as they
+  can access your data and browsing activity. Additionally,
+  having too many extensions can slow down your browser and
+  affect its performance.
+reviewed: true

courses/scu101/quizz/001/question.yml

@@ -6,7 +6,7 @@ author: DecouvreBitcoin
 tags:
   - Online browsing
   - Browser extensions
-  - Security
+  - network-security
 
 # Proofreading metadata
 original_language: en

courses/scu101/quizz/002/en.yml

@@ -5,7 +5,8 @@ wrong_answers:
   - Because the software is usually cheaper on the official website.
   - Because the software on generic sites is usually outdated.
 explanation: |
-  Downloading software from the official website of the publisher ensures
-  that you are getting the legitimate version of the software, which is free from
-  any malicious software that could harm your device or steal your data.
-reviewed: false
+  Downloading software from the official website of the
+  publisher ensures that you are getting the legitimate
+  version of the software, which is free from any malicious
+  software that could harm your device or steal your data.
+reviewed: true

courses/scu101/quizz/002/question.yml

@@ -6,7 +6,7 @@ author: DecouvreBitcoin
 tags:
   - Online browsing
   - Software downloads
-  - Security
+  - network-security
 
 # Proofreading metadata
 original_language: en

courses/scu101/quizz/003/en.yml

@@ -5,8 +5,9 @@ wrong_answers:
   - It is always safer than closed-source software.
   - It is always more user-friendly than closed-source software.
 explanation: |
-  Open-source software is a software whose code is known and accessible
-  to everyone. This allows for verification, among other things, that there is no
-  hidden access to steal your personal data. However, it is not always free, safer,
-  or more user-friendly than closed-source software.
-reviewed: false
+  Open-source software is a software whose code is known and
+  accessible to everyone. This allows for verification, among
+  other things, that there is no hidden access to steal your
+  personal data. However, it is not always free, safer, or
+  more user-friendly than closed-source software.
+reviewed: true

courses/scu101/quizz/003/question.yml

@@ -6,7 +6,7 @@ author: DecouvreBitcoin
 tags:
   - Online browsing
   - Open-source software
-  - Security
+  - network-security
 
 # Proofreading metadata
 original_language: en

courses/scu101/quizz/004/en.yml

@@ -5,8 +5,10 @@ wrong_answers:
   - To prevent the site from remembering your login information.
   - To prevent the site from showing you targeted ads.
 explanation: |
-  Cookies are files created by websites to store information on your device.
-  While some sites require these cookies to function properly, they can also be exploited
-  by third-party sites, especially for advertising tracking purposes. Deleting cookies
-  after each visit to a site can help prevent this.
-reviewed: false
+  Cookies are files created by websites to store information
+  on your device. While some sites require these cookies to
+  function properly, they can also be exploited by
+  third-party sites, especially for advertising tracking
+  purposes. Deleting cookies after each visit to a site can
+  help prevent this.
+reviewed: true

courses/scu101/quizz/005/en.yml

@@ -5,6 +5,7 @@ wrong_answers:
   - Because it is not user-friendly.
   - Because it does not support extensions.
 explanation: |
-  Google Chrome browser is known for its trackers, which can collect data
-  about your online activity. This can be a privacy concern for some users.
-reviewed: false
+  Google Chrome browser is known for its trackers, which can
+  collect data about your online activity. This can be a
+  privacy concern for some users.
+reviewed: true

courses/scu101/quizz/006/en.yml

@@ -5,7 +5,9 @@ wrong_answers:
   - Programs that track your online activity.
   - Viruses that can harm your device.
 explanation: |
-  In the context of online browsing, cookies are files created by websites
-  to store information on your device. They are used to remember your preferences,
-  login information, and other data to improve your browsing experience.
-reviewed: false
+  In the context of online browsing, cookies are files
+  created by websites to store information on your device.
+  They are used to remember your preferences, login
+  information, and other data to improve your browsing
+  experience.
+reviewed: true

courses/scu101/quizz/007/en.yml

@@ -5,8 +5,10 @@ wrong_answers:
   - A feature that allows you to browse the internet anonymously.
   - A feature that protects your device from viruses and other malicious software.
 explanation: |
-  Private browsing is a feature that prevents internet browsers from storing
-  browsing history, temporary internet files, form data, cookies, and user names and
-  passwords. However, it does not hide your online activity from your internet service
-  provider or allow you to browse the internet anonymously.
-reviewed: false
+  Private browsing is a feature that prevents internet
+  browsers from storing browsing history, temporary internet
+  files, form data, cookies, and user names and passwords.
+  However, it does not hide your online activity from your
+  internet service provider or allow you to browse the
+  internet anonymously.
+reviewed: true

courses/scu101/quizz/008/en.yml

@@ -5,8 +5,9 @@ wrong_answers:
   - A network that hides your online activity from your internet service provider.
   - A network that allows you to browse the internet faster.
 explanation: |
-  The TOR (The Onion Router) network is a network that offers anonymity
-  by masking the user's IP address and allowing access to the Darknet. It is used
-  by journalists, freedom activists, and others wishing to escape censorship in authoritarian
-  countries.
-reviewed: false
+  The TOR (The Onion Router) network is a network that offers
+  anonymity by masking the user's IP address and allowing
+  access to the Darknet. It is used by journalists, freedom
+  activists, and others wishing to escape censorship in
+  authoritarian countries.
+reviewed: true

courses/scu101/quizz/009/en.yml

@@ -1,12 +1,13 @@
 question: What is the primary function of a VPN in a professional context?
 answer: It allows employees to securely access the company's internal network remotely.
 wrong_answers:
-  - It allows employees to bypass geographical restrictions.
-  - It allows employees to block online advertisements.
-  - It allows employees to use public Wi-Fi securely.
+  - It allows employees to safely bypass geographical restrictions.
+  - It allows employees to completely block online advertising.
+  - It allows employees to use public Wi-Fi networks securely.
 explanation: |
-  In a professional context, VPNs are primarily used to provide secure
-  remote access to the company's internal network. This is achieved by encrypting
-  the data exchanged between the employee and the company's network, making it difficult
-  for third parties to intercept.
-reviewed: false
+  In a professional context, VPNs are primarily used to
+  provide secure remote access to the company's internal
+  network. This is achieved by encrypting the data exchanged
+  between the employee and the company's network, making it
+  difficult for third parties to intercept.
+reviewed: true

courses/scu101/quizz/010/en.yml

@@ -1,11 +1,13 @@
 question: What is the difference between enterprise VPNs and consumer VPNs?
 answer: Enterprise VPNs are more expensive and complex, while consumer VPNs are more accessible and user-friendly.
 wrong_answers:
-  - Enterprise VPNs are less secure than consumer VPNs.
-  - Consumer VPNs are more expensive than enterprise VPNs.
-  - Enterprise VPNs do not encrypt data, while consumer VPNs do.
+  - Enterprise VPNs are usually more secure than consumer VPNs, as they are always more expensive.
+  - Consumer VPNs are always more expensive than enterprise VPNs due to the economic scale that the latter have access to.
+  - Due to their more exigent target audience enterprise VPNs always encrypt data, while consumer VPNs don't.
 explanation: |
-  Enterprise VPNs are designed for businesses and are typically more expensive
-  and complex to set up and manage. On the other hand, consumer VPNs are designed
-  for individual users and are generally more accessible and user-friendly.
-reviewed: false
+  Enterprise VPNs are designed for businesses and are
+  typically more expensive and complex to set up and manage.
+  On the other hand, consumer VPNs are designed for
+  individual users and are generally more accessible and
+  user-friendly.
+reviewed: true

courses/scu101/quizz/011/en.yml

@@ -1,11 +1,12 @@
 question: What is the purpose of the HTTPS protocol?
 answer: It encrypts data on websites to ensure secure exchange between the user and the website.
 wrong_answers:
-  - It allows users to bypass geographical restrictions.
-  - It allows users to block online advertisements.
-  - It allows users to access the internet without using data.
+  - It allows users to bypass geographical restrictions when it comes to pay via debit or credit card.
+  - It allows users to partially block online advertising.
+  - It allows users to access the internet without using private credentials.
 explanation: |
-  The HTTPS protocol is used to encrypt data on websites, ensuring that
-  the data exchanged between the user and the website is secure. This helps protect
-  against third parties intercepting the data.
-reviewed: false
+  The HTTPS protocol is used to encrypt data on websites,
+  ensuring that the data exchanged between the user and the
+  website is secure. This helps protect against third parties
+  intercepting the data.
+reviewed: true

courses/scu101/quizz/012/en.yml

@@ -2,11 +2,12 @@ question: Why is it important to verify the site's public key using a certificat
   system?
 answer: To confirm the authenticity of the site.
 wrong_answers:
-  - To bypass geographical restrictions.
-  - To block online advertisements.
-  - To access the site without using data.
+  - To ensure no scam can happen, but only when connected via a public Wi-Fi network.
+  - To partially block online advertisements.
+  - To ensure that no malicious entity is impersonating the website.
 explanation: |
-  Verifying the site's public key using a certificate system is important
-  to confirm the authenticity of the site. This helps protect against malicious individuals
-  impersonating the site and transferring data in plain text.
-reviewed: false
+  Verifying the site's public key using a certificate system
+  is important to confirm the authenticity of the site. This
+  helps protect against malicious individuals impersonating
+  the site and transferring data in plain text.
+reviewed: true

courses/scu101/quizz/013/en.yml

@@ -1,11 +1,13 @@
 question: Why is it safer to use European Wi-Fi access point providers, such as SNCF?
-answer: They do not resell user connection data due to GDPR regulations.
+answer: They are not supposed to resell user connection data, due to GDPR regulations.
 wrong_answers:
-  - They provide faster internet speeds.
-  - They allow users to bypass geographical restrictions.
-  - They block online advertisements.
+  - They provide faster internet speeds compared to American providers.
+  - They often allow users to bypass geographical restrictions.
+  - They block online advertisements if you have been identified as an European citizen.
 explanation: |
-  In the European Union, data protection is regulated by the General Data
-  Protection Regulation (GDPR). Therefore, European Wi-Fi access point providers,
-  such as SNCF, do not resell user connection data, making them safer to use.
-reviewed: false
+  In the European Union, data protection is regulated by the
+  General Data Protection Regulation (GDPR). Therefore,
+  European Wi-Fi access point providers, such as SNCF, do not
+  resell user connection data, making them safer to use from
+  a personal privacy perspective.
+reviewed: true

courses/scu101/quizz/014/en.yml

@@ -5,7 +5,7 @@ wrong_answers:
   - Use sites that do not use the HTTPS protocol.
   - Use sites that do not have a padlock displayed.
 explanation: |
-  To avoid online scams, it is crucial to verify the identity of the site
-  you are browsing. This can be done by checking the extension and domain name of
-  the site.
-reviewed: false
+  To avoid online scams, it is crucial to verify the identity
+  of the site you are browsing. This can be done by checking
+  the extension and domain name of the site.
+reviewed: true

courses/scu101/quizz/015/en.yml

@@ -5,8 +5,9 @@ wrong_answers:
   - Popular VPN providers are more likely to have slower internet speeds.
   - Popular VPN providers are more likely to have geographical restrictions.
 explanation: |
-  When choosing a VPN, it is important to prioritize reliability and
-  technicality
-  over popularity. This is because VPN providers that collect the least personal information
-  are generally the safest, providing better protection for your online security.
-reviewed: false
+  When choosing a VPN, it is important to prioritize
+  reliability and technicality over popularity. This is
+  because VPN providers that collect the least personal
+  information are generally the safest, providing better
+  protection for your online security.
+reviewed: true

courses/scu101/quizz/016/en.yml

@@ -1,11 +1,11 @@
 question: What is one benefit of using a VPN for browsing the internet at home?
-answer: It enhances security for exchanged data online.
+answer: It enhances security for online traffic by reducing the threat posed by third parties.
 wrong_answers:
-  - It increases internet speed.
-  - It allows access to more websites.
-  - It saves mobile data.
+  - It can increase your internet connection base speed.
+  - It always allows access to more websites.
+  - It saves mobile data consumption compared to not having an established VPN connection.
 explanation: |
-  Using a VPN at home can enhance the security of the data you exchange
-  online. This is because VPNs encrypt data, making it more difficult for third parties
-  to intercept.
-reviewed: false
+  Using a VPN at home can enhance the security of the data
+  you exchange online. This is because VPNs encrypt data,
+  making it more difficult for third parties to intercept.
+reviewed: true

courses/scu101/quizz/017/en.yml

@@ -5,7 +5,8 @@ wrong_answers:
   - Check the speed of the site.
   - Check the color scheme of the site.
 explanation: |
-  Checking the URLs and the small padlock in the address bar is one way
-  to confirm that you are on the site you intend to visit. The padlock indicates that
-  the site is using the HTTPS protocol, which encrypts data for secure exchange.
-reviewed: false
+  Checking the URLs and the small padlock in the address bar
+  is one way to confirm that you are on the site you intend
+  to visit. The padlock indicates that the site is using the
+  HTTPS protocol, which encrypts data for secure exchange.
+reviewed: true

courses/scu101/quizz/018/en.yml

@@ -1,11 +1,12 @@
 question: What is the recommended practice for using an administrator account on Windows?
 answer: Create two separate accounts; an administrator account and an account for daily use.
 wrong_answers:
-  - Use the administrator account for daily use.
-  - Create multiple administrator accounts.
+  - Use the administrator account for daily use, if the PC is not connected to internet.
+  - Create two separate administrator accounts; one for daily use and one for operating system administration.
   - Do not create an administrator account.
 explanation: |
-  Using an administrator account for daily use on Windows can expose the
-  system to more security risks. It is recommended to create two separate accounts;
-  one for administrative tasks and another for daily use.
-reviewed: false
+  Using an administrator account for daily use on Windows can
+  expose the system to more security risks. It is recommended
+  to create two separate accounts; one for administrative
+  tasks and another for daily use.
+reviewed: true

courses/scu101/quizz/019/en.yml

@@ -5,6 +5,7 @@ wrong_answers:
   - To slow down the machine.
   - To change the user interface.
 explanation: |
-  Regular updates are essential to protect the system from new threats
-  and vulnerabilities. They are not intended to make the machine obsolete or slow.
-reviewed: false
+  Regular updates are essential to protect the system from
+  new threats and vulnerabilities. They are not intended to
+  make the machine obsolete or slow.
+reviewed: true

courses/scu101/quizz/020/en.yml

@@ -5,6 +5,7 @@ wrong_answers:
   - Norton
   - McAfee
 explanation: |
-  Windows Defender is the built-in antivirus in Windows. It is a safe and
-  effective solution for protecting the system from threats.
-reviewed: false
+  Windows Defender is the built-in antivirus in Windows. It
+  is a safe and effective solution for protecting the system
+  from threats.
+reviewed: true

courses/scu101/quizz/021/en.yml

@@ -5,7 +5,8 @@ wrong_answers:
   - The software will not have any new features.
   - The software will consume more system resources.
 explanation: |
-  Cracked software that cannot be updated represents a double potential
-  threat. It can bring a virus during its illegal download from a suspicious website
-  and it can be insecure against new forms of attack.
-reviewed: false
+  Cracked software that cannot be updated represents a double
+  potential threat. It can bring a virus during its illegal
+  download from a suspicious website and it can be insecure
+  against new forms of attack.
+reviewed: true