Week 8 - Security 1

Podcast Beta

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Match the following Cyber Security practices to their terms:

Update software to close vulnerabilities and shut down bugs. = Install Patches Leverage Traditional and New Antivirus Software = Keep Cyber Security Resources at Hand Train employees to be vigilant. = Educate the Team Cultivate an environment that encourages honesty with regards to cyber security problems. = Promote a Culture of Forgiveness Schedule deep scans and when in doubt, use quick scans. = Install Patches Have resources available for responding to breaches. = Keep Cyber Security Resources at Hand

The statement "Individuals who work to exploit vulnerabilities in a computer system, sometimes for information gathering, protest or theft" defines which one of the following threats?

Activists

Corporate Spies

Hackers (correct)

Hacktivists

Employees

Match the following definitions to the correct cyber attack:

Malware = A type of application that can gain unauthorized access or cause damage to a computer or computer system. Eavesdropping = Conversation monitoring, whether by listening in on a room, tapping into a landline or cell phone, or intercepting an email. Hacking = Exploiting vulnerabilities in a computer system, sometimes for information gathering, protest or theft. Man in the Middle Attack = Intercepting the communication between two parties in an attempt to spy on the victims, steal credentials or personal information. Phishing = The act of pretending to be something or someone you are not in order to gain access to sensitive information. Password Attack = A cyber-attack where an attacker tries to guess, or crack a user’s password. Tampering = The act of modifying devices. Virus = Maliciously written codes that alter how a computer operates and can damage the computer and data stored on it. Ransomware = A method that locks data systems or individual devices. Distributed Denial-of-Service Attack = An attacker essentially floods a target server with traffic in an attempt to disrupt, and perhaps even bring down the target. Spoofing = An attempt to acquire sensitive or valuable information by pretending to represent a legitimate organization or person, often someone of authority. Spear Phishing = A more sophisticated form of a phishing attack in which cybercriminals target only privileged users such as system administrators and C-suite executives.

Which of the following terms can be defined as 'a requirement of more than one method to validate a user'?

Two-Factor Authentication Signup and view all the answers

The process by which data is scrambled and encoded to make it unintelligible is known as which of the following?

Encryption Signup and view all the answers

The following statement "A password that works for only one network session or transaction" defines which of the following terms?

One-Time Password Signup and view all the answers

A data security management plan includes which of the following? (Select all that are applicable)

Verifying and updating the plan's components Signup and view all the answers

Order the stages of the 'cyber kill chain':

Stage 1 = Reconnaissance & Probing Stage 2 = Delivery & Attack Stage 3 = Exploitation & Installation Stage 4 = System Compromise Signup and view all the answers

Which of the following best defines the security incident "Improper Usage"?

Any incident resulting from violation of an organization’s acceptable usage policies by an authorized user. Signup and view all the answers

Match the following security incidents to the correct recommended action:

Malware Infection = Remediate any infections as quickly as possible before they progress. Unauthorised Privilege Escalation = Configure your critical systems to record all privileged escalation events and set alarms for unauthorized privilege escalation attempts. Insider Breach = Identify the privileged user accounts for all domains, servers, apps, and critical devices and ensure that monitoring is enabled for all systems. Unauthorised Access = Detect, monitor and investigate unauthorized access attempts – with priority on those that are mission-critical and/or contain sensitive data. Signup and view all the answers

Which of the following incident types aligns to the 'Exploitation and Installation' Stage of the cyber kill chain? (Select all that are applicable)

Unauthorized Access Signup and view all the answers

Match the source of cyber security threats to the correct definition:

Criminal Groups = Groups that use phishing, spam, spyware, and malware to conduct identity theft, online fraud, and system extortion to infiltrate systems or networks for financial gain. Terrorist Groups = Groups that conduct cyber attacks to destroy, infiltrate, or exploit critical infrastructure to threaten national security, compromise military equipment, disrupt the economy, and cause mass casualties. Hacktivists = Groups or individuals that carry out cyberattacks in support of political causes rather than financial gain. Malicious Insiders = Employees, third-party vendors, contractors, or other business associates who have legitimate access to enterprise assets but misuse that access to steal or destroy information for financial or personal gain. Corporate Spies = Individuals who conduct industrial or business espionage to either make a profit or disrupt a competitor’s business by attacking critical infrastructure, stealing trade secrets, and gaining access. Signup and view all the answers

Which of the following are best practices to protect against cyber security threats? (Select all that apply)

Create an insider program Signup and view all the answers

Match the following common incidents to the correct response strategy:

Phishing = Quarantine the malicious email from all accounts on the system. Be sure no one can access the email from anywhere on your network until it is reviewed by an administrator. Business Email Account Takeover = Change passwords of all accounts and block email access from countries where employees won’t be logging in. Malware = Contain and eradicate. Disconnect the computer from the network, but don’t power the device off. Work through the system and eradicate any malicious files or applications. Signup and view all the answers

Study Notes

Cyber Security Threats

Hackers are individuals who exploit vulnerabilities in computer systems, often for information gathering, protest, or theft.

Cyber Attacks

Multi-Factor Authentication requires more than one method to validate a user.
Encryption scrambles and encodes data to make it unintelligible.
Single Sign-On (SSO) is a password that works for one network session or transaction.

Data Security Management Plan

A data security management plan includes asset identification, risk assessment, policy development, incident response plan, and training & awareness programs. These combined elements contribute to a comprehensive security posture.

Cyber Kill Chain Stages

The stages of the cyber kill chain proceed in the following order: reconnaissance, weaponization, delivery, exploitation, installation, command and control, actions on objectives.

Security Incidents

Improper Usage refers to the unauthorized or inappropriate use of systems or data, often due to user negligence or lack of awareness.

Security Incident Response

The recommended action for malware infection is to isolate the infected system to prevent further spread, remove the malware, and restore data from backups.
For data breaches the recommended action is to contain the breach, investigate the cause, notify affected individuals, and implement corrective actions.
For denial of service (DoS) attacks, the recommended action is to mitigate the attack, identify the source, and implement security measures.

Cyber Kill Chain Stages and Incidents

The Exploitation and Installation stage of the cyber kill chain includes the following incident types: malware infection, remote code execution, and privilege escalation.

Sources of Cyber Security Threats

Internal threats originate from within an organization, such as accidental or malicious actions by employees.
External threats come from outside an organization, such as hackers, nation-state actors, or organized criminal groups.

Best Practices to Protect Against Cyber Security Threats

Strong passwords, multi-factor authentication (MFA), regular security updates and patches, anti-malware software, firewall configuration are crucial to protect against cyber security threats.

Incident Response Strategies

Incident response strategies differ depending on the type of incident. For example, a denial of service attack requires a different response than data breach.

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Description

This quiz challenges you to match various cyber security practices with their corresponding terms. It's a great way to test your knowledge of essential security measures and protocols in the digital world. Perfect for students and professionals looking to reinforce their understanding of cyber security.