Cyber Security Fundamentals

12 Questions

What type of cyber threat involves fraudulent emails, texts, or messages that trick users into revealing sensitive information?

Phishing

What is the primary purpose of a firewall in cyber security?

To monitor and control incoming and outgoing traffic

What type of cyber attack involves overwhelming systems with traffic to make them unavailable?

Denial of Service (DoS) and Distributed Denial of Service (DDoS)

What is the purpose of encrypting data in cyber security?

To protect data by converting it into a code

What is the primary purpose of incident response plans in cyber security?

To respond to and manage cyber security incidents

What is the purpose of network segmentation in cyber security?

To limit the spread of attacks by dividing networks into smaller, isolated segments

What is the main purpose of using two-factor authentication?

To add an extra layer of security to accounts

What is the role of a Penetration Tester?

To simulate cyber attacks to test an organization's defenses

Why is it important to keep software up-to-date?

To reduce the risk of cyber attacks

What is the role of a Chief Information Security Officer (CISO)?

To oversee and implement an organization's cyber security strategy

Why is it important to back up data?

To prevent loss of important data in the event of a cyber attack

What is the role of a Security Analyst?

To monitor and analyze network traffic to identify and respond to security threats

Study Notes

Types of Cyber Threats

Malware: Software designed to harm or exploit computer systems, including viruses, worms, and Trojan horses.
Phishing: Fraudulent emails, texts, or messages that trick users into revealing sensitive information.
Ransomware: Malware that encrypts files and demands payment in exchange for decryption.
Denial of Service (DoS) and Distributed Denial of Service (DDoS): Attacks that overwhelm systems with traffic, making them unavailable.
SQL Injection: Injecting malicious code into databases to access or manipulate sensitive data.
Cross-Site Scripting (XSS): Injecting malicious code into websites to steal user data or take control of user sessions.

Cyber Security Measures

Firewalls: Network security systems that monitor and control incoming and outgoing traffic.
Encryption: Protecting data by converting it into a code that can only be deciphered with a decryption key or password.
Strong Authentication: Verifying user identities through passwords, biometrics, or two-factor authentication.
Regular Software Updates: Keeping software and systems up-to-date to patch vulnerabilities and fix security flaws.
Network Segmentation: Dividing networks into smaller, isolated segments to limit the spread of attacks.
Incident Response: Plans and procedures for responding to and managing cyber security incidents.

Cyber Security Best Practices

Use Strong Passwords: Use unique, complex passwords and avoid using the same password across multiple sites.
Keep Software Up-to-Date: Regularly update operating systems, browsers, and software to ensure you have the latest security patches.
Be Cautious with Email Attachments: Avoid opening suspicious email attachments or clicking on links from unknown senders.
Use Two-Factor Authentication: Add an extra layer of security to your accounts by requiring a second form of verification, such as a code sent to your phone.
Back Up Data: Regularly back up important data to prevent loss in the event of a cyber attack.

Cyber Security Careers

Security Analyst: Monitor and analyze network traffic to identify and respond to security threats.
Penetration Tester: Simulate cyber attacks to test an organization's defenses and identify vulnerabilities.
Chief Information Security Officer (CISO): Oversee and implement an organization's cyber security strategy.
Incident Responder: Respond to and manage cyber security incidents, including containment, eradication, and recovery.
Cyber Security Consultant: Provide expert advice and guidance on cyber security best practices and risk management.