The PracticalCyberSecGuide
Operational checklists

All practical checks from the path

An organized collection of the checklists included in the modules. Each card shows where it comes from, lets you answer yes or no and returns an operational evaluation.

Module 2Security, Privacy and DataOpen module
Operational context

Security and privacy meet every time data is collected, stored, sent or shared. This module helps you read content, metadata, context, recipients and permissions, so you can understand not only whether information is protected, but also whether it is correct to use it in that way.

  • Before sharing data2.6 Data minimization: share only what is needed
Module 3Access Management and Digital IdentityOpen module
Operational context

Every account is an entry point to email, documents, business systems, banking services or company tools. This module organizes digital identity, open sessions, account recovery, roles, permissions and shared accounts, helping you use a guided map to assess which access points are truly the priority and how to protect them better.

  • Sessions and connected devices3.3 Open sessions and connected devices
  • Account recovery3.3.1 Account recovery: an often underestimated point
Module 4Passwords: Creation, Management and StorageOpen module
Operational context

A weak, reused or personal-life-based password can put many services at risk at once. This module explains how to reason about length, uniqueness, passphrases, password managers and secure storage, avoiding useless rules and habits that are easy to guess.

  • When creating or reviewing passwords4.5 What to do if a password has been compromised
Module 5Password Attacks and MFAOpen module
Operational context

Password attacks do not only try random combinations: they reuse stolen credentials, exploit dictionaries, phishing, keyloggers and MFA prompts approved by mistake. This module shows why multi-factor authentication reduces risk and how to manage it without dangerous reflexes.

  • When enabling or using MFA5.5 Limits of MFA
Module 6The Attacker Perspective and OSINTOpen module
Operational context

Many attacks start before the first message is sent. Public information, social profiles, documents, roles and habits help attackers build credible stories. This module teaches how to look at public traces with the attacker perspective and reduce unnecessary exposure.

  • When reviewing public exposure6.4.3 Checklist: before publishing business content
Module 7Social EngineeringOpen module
Operational context

Social engineering exploits emotions, trust, urgency and routine. This module explains the psychological levers that push people to act too quickly and gives practical checks to slow down, verify and use safer channels.

  • When a request creates pressure7.5.3 Role-specific cases
Module 8Phishing, Smishing, Vishing and ScamsOpen module
Operational context

Fake emails, text messages, calls and chats are designed to look familiar and push quick action. This module helps read sender, tone, links, attachments, OTP requests and context as connected signals rather than isolated details.

  • When checking a suspicious message8.6 What to do and what not to do
Module 9Suspicious Links: Before You ClickOpen module
Operational context

The moment before clicking is a practical control point. This module turns link checks into a repeatable procedure: real domain, subdomains, shortened URLs, QR codes, HTTPS, context and safer alternatives.

  • Before clicking a link9.7 Good habits for reducing risk
Module 10Malware and RansomwareOpen module
Operational context

Malware can arrive through attachments, fake apps, compromised sites, extensions or unsafe downloads. This module explains what malware and ransomware do, how they enter and which habits reduce exposure on computers and smartphones.

  • Before opening or installing something risky10.7 Good prevention practices
Module 11Safe Behaviors for PC, Smartphone, Email and Social MediaOpen module
Operational context

Security improves through repeated habits on the tools used every day. This module covers screen lock, updates, app permissions, email handling, social sharing, device loss, safe browsing and practical routines for work and personal life.

  • For a daily safety routine11.6 Personal checklist: what to improve immediately
Module 12Cloud, Backup and Wi-FiOpen module
Operational context

Cloud sharing, backups and Wi-Fi are convenient, but they require control. This module covers permissions, public links, recovery tests, shared folders, personal hotspots, public networks and practical choices that keep access intentional.

  • When sharing, backing up or connecting12.5.6 Separate personal, business and IoT devices
Module 13What to Do During an IncidentOpen module
Operational context

When something goes wrong, the first minutes matter. This module gives a practical response method: stop, preserve evidence, change channel, report, avoid improvising and reduce confusion while protecting accounts, devices and data.

  • During the first minutes of an incident13.5.2 First 10 minutes mini-procedure
Module 14Personal and Business SecurityOpen module
Operational context

Personal and business security often overlap: payments, identity documents, remote work, digital identity, suppliers and bank details require traceable checks. This module connects private habits and workplace procedures with practical verification rules.

  • Before approving a sensitive action14.3.4 Minimum rules for a small office
Module 15Summary, Vademecum and Final CheckOpen module
Operational context

The final module turns the whole course into an operational vademecum. It collects what to check before clicking, sharing, entering data, approving requests or reacting to an incident, with a concise method that can be reused in daily work.

  • For the final operational check15.3.4 Final verification questions