Cyber Security Vulnerabilities and Threats

Questions and Answers

What is the main purpose of human security controls?

• To automate data management processes
• To protect mission critical assets from human threats (correct)
• To promote the company’s data storage solutions
• To track employee performance

Which of the following best describes a cyber threat?

• An incident that could negatively impact a network or data management system (correct)
• A specific vulnerability in a network security system
• A failure in staff training about data protection
• A natural disaster affecting physical data storage

How do vulnerabilities influence cyber security?

• They decrease the effectiveness of security protocols
• They create opportunities for threat actors to exploit systems (correct)
• They are solely responsible for all cyber threats
• They ensure the success of data management practices

What calculation represents the concept of risk in cyber security?

Threat probability multiplied by potential loss (B)

Which of the following is NOT considered a type of vulnerability in network security?

Phishing emails (D)

What was the main purpose of establishing the National Informatics Centre (NIC) in 1975?

To provide IT solutions for the government. (C)

Which of the following networks was specifically created to connect the academic and research communities in India?

ERNET (C)

What significant change did the New Internet Policy of 1998 introduce in India?

It allowed multiple Internet service providers to operate. (A)

What is the target for broadband penetration in India under the National Broadband Plan by 2016?

160 million households (B)

The National Cyber Security Policy aims to protect which type of information?

Personal and financial information (D)

Which revelation highlighted the need for stronger safeguards for Indian web users?

Leaked documents from the US National Security Agency (B)

What was the growth of India's Internet user base from 1999 to 2012 attributed to?

Increasing access through mobile phones and tablets (A)

Which aspect of cybercrime emphasizes the need for international cooperation?

The absence of cyber-borders between countries (C)

What type of vulnerability is characterized by a loss of confidentiality?

Leaky (B)

Which of the following best describes a passive attack?

Makes use of information without altering system resources (C)

What represents a threat in the context of cybersecurity?

A potential security harm to an asset (A)

Which of the following is NOT a characteristic of insider attacks?

Always leads to data breaches (D)

The CIA Triad is a security model focused on which three core principles?

Confidentiality, Integrity, Availability (D)

Which term describes an attack launched from outside the organizational perimeter?

Outsider attack (A)

Why is it important to separate information collections by access levels?

To protect confidentiality effectively (D)

Which of the following statements about computer crime is true?

It encompasses any crime involving a computer. (D)

What does e-mail forensics primarily study?

The source and content of e-mails as evidence (A)

Which method is used to gather the IP address of the sender through bait tactics?

By using an image source monitored by investigators (D)

What is the primary goal of header analysis in e-mail forensics?

To identify the sender or the path the message has traversed (B)

What is a common issue when tracking senders using bait tactics?

The use of proxy servers may hide the true IP address (D)

Which of the following techniques is NOT included in the e-mail forensic approaches?

Data encryption techniques (D)

In the context of e-mail forensics, what is the role of server investigation?

To examine delivered e-mails and server logs (C)

What can the presence of spoofed headers in an e-mail indicate?

The sender is attempting to conceal their identity (D)

Which of the following statements about keyword searching in e-mail forensics is accurate?

It is used to locate specific content within emails (C)

What may be necessary if server logs are unavailable during an e-mail investigation?

Using logs from network devices such as routers and switches (A)

What type of information can SMTP servers reveal about the owner of an e-mail address?

Credit card numbers and financial details (B)

What do software-embedded identifiers in e-mails typically reveal?

Details about the sender’s e-mail preferences and settings (B)

Which headers are used to identify the e-mail handling software at the client level?

X-Mailer or equivalent headers (A)

Why might some servers not cooperate with e-mail investigations?

They may not maintain sufficient logs or records (C)

What information might server logs provide regarding e-mail transactions?

The address of the computer responsible for the transaction (B)

What may be included in an e-mail as part of Transport Neutral Encapsulation Format (TNEF)?

Information about the sender's e-mail software (A)

What limitation do many servers impose on the retrieval of stored e-mails?

Limited storage duration for e-mails (B)

Study Notes

Human Security Controls

• Human security controls include phishing simulations and access management controls which protect mission critical assets from a wide variety of threats such as cyber criminals, malicious insiders, and negligent users.
• Companies that manage, transmit, store, or handle data must monitor their cyber environments, identify vulnerabilities, and close security holes as quickly as possible.
• Cyber Threats are security incidents or circumstances with the potential to have a negative outcome for your network or other data management systems.
• Vulnerabilities are the gaps or weaknesses in a system that make threats possible and tempt threat actors to exploit them.

Security Vulnerabilities, Threats, and Attacks

• There are three main categories of vulnerabilities:
  • Corrupted (Loss of integrity)
  • Leaky (Loss of confidentiality)
  • Unavailable or very slow (Loss of availability)
• Threats represent potential security harm to an asset when vulnerabilities are exploited.
• Attacks are threats that have been carried out. There are four types of attacks:
  • Passive - Using information from a system without affecting a system’s resources.
  • Active - Altering system resources or affecting operation.
  • Insider - Initiated by an entity inside the organization.
  • Outsider - Initiated from outside the perimeter.

Computer Criminals

• Computer criminals have access to a massive amount of hardware, software, and data.
• Computer crime is any crime involving a computer or aided by the use of one.

CIA Triad

• It is a security model used to think about different parts of IT security.
• It has three main components:
  • Confidentiality: Protecting sensitive information from unauthorized access.
  • Integrity: Ensuring information is accurate and complete.
  • Availability: Making sure information and resources are available to authorized users when they need them.

International Law for Cybercrime

• Cybercrime is international; there are no “cyber-borders” between countries.
• The complexity of cybercrime makes it difficult to fight back.
• Fighting cybercrime requires international cooperation.
• Various organizations and governments are working together to establish global standards of legislation and law enforcement on a regional and international scale.

The Indian Cyberspace

• Indian cyberspace began in 1975 with the establishment of the National Informatics Centre (NIC) to provide the government with IT solutions.
• Three networks were set up between 1986 and 1988 to connect various agencies of government.
• The New Internet Policy of 1998 paved the way for services from multiple Internet service providers (ISPs) and boosted internet user base growth from 1.4 million in 1999 to over 150 million by December 2012.
• The government is aiming to increase broadband penetration from 6% to 160 million households by 2016 under the National Broadband Plan.

National Cyber Security Policy

• The National Cyber Security Policy is a policy framework set by the Department of Electronics and Information Technology.
• It aims to protect public and private infrastructure from cyberattacks.
• It also intends to safeguard information such as personal information, financial and banking information, and sovereign data.
• It was made in response to leaks suggesting US government agencies were spying on Indian users.

Forensics Analysis of Email

• Email forensics studies the source and content of emails to identify the sender, recipient, data/time of transmission, detailed record of the email transaction, and intent of the sender.
• The study involves investigation of metadata, keyword searching, port scanning, etc.
• Email forensics has several approaches:
  • Header Analysis: Analyzing metadata in the email message in the form of control information which can reveal information about the sender.
  • Bait Tactics : Sending an email with an image source that is monitored by investigators to track the sender.
  • Server Investigation : Investigating copies of delivered emails and server logs to identify the source of an email.
  • Network Device Investigation : Using logs maintained by network devices to investigate the source of an email.
  • Software Embedded Identifiers : Investigating software preferences and options embedded in the email to gather information about the sender's client computer.
  • Sender Mailer Fingerprints: Identifying the software handling email at the server and client to reveal information about the sender's computer.

Description

This quiz covers essential concepts related to human security controls and the key categories of vulnerabilities in cybersecurity. It explores the impact of cyber threats and the necessary measures companies should take to mitigate risks and protect their assets. Test your understanding of how vulnerabilities and threats can affect data management systems.