Cybersecuritate e Protection de Information

Questions and Answers

Qual es le principal scopo de cybersecuritate?

• A augmentar le velocitate de computatores e retes.
• A reducer le costo de hardware de computator.
• A proteger le information e systemas de information. (correct)
• A promover le collection de datos personal.

Qual del sequente es un definition de 'dato' in le contexto de securitate informatic?

• Protection de datos contra accessos non autorisate.
• Un apparato electronic usate pro processar information.
• Representation de information, factos, conceptos o instructiones. (correct)
• Software usate pro securitate informatic.

Qual es le significato de confidentialitate in le contexto de securitate del information?

• Salvaguardar le information de esser accedite per individuos sin autorisation. (correct)
• Assecurar que le information es accessibile quando necessari.
• Proteger le information de modification non autorisate.
• Garantir que le sender de datos ha le prova de reception.

Qual del sequente es un exemplo de information sensibile?

Information medical de un individuo. (B)

Qual es un vulnerabilitate in un systema de information?

Un puncto debile que pote esser exploitate. (D)

Qual del sequente elementos es includite in le infrastructura de cybersecuritate?

Devices de cryptation, switches de rete, e routers. (C)

Qual es le objectivo de un attacco de 'phishing'?

A robar nomines de usator e contrasignos. (C)

Qual es le characteristic principal de 'pharming'?

Illo redireige te a un sito web false, mesmo si tu scribe le URL correcte. (B)

Qu'es le 'email bombing'?

Enviar repetitemente le mesme message de correo electronic a un adresse particular. (A)

Qual es le rolo de 'cookies' in le cybersecuritate?

A identificar te quando tu retorna a un sito web. (D)

Qual es le function principal de 'adware'?

Mostrar fenestras emergente o annuntios de banda. (D)

Qual es le objectivo principal de 'spyware'?

A collectar informationes personal secretemente. (D)

Qual es le scopo del ingeniero social in cybersecuritate?

A insidiar personas a divulgar information private. (D)

Qu'es un action importante a prender quando on tracta con possibile intentos de ingenieria social?

Documentar le situation e verificar le identitate del appelante. (D)

Qu'es le importantia de mantener le controllo physic del dispositivos mobil?

A prevenir accessos non autorisate e perdita de datos. (A)

Qu'es un attacco de Denial-of-Service (DoS)?

Un attacco que impedi le communication in le rete. (A)

Qual del sequente actiones pote adjutar a detectar un intruso in tu systema?

Examinar files de registro. (A)

Qual es le characteristic clave de un virus computatorial?

Illo se replica e infecta computatores. (B)

Qual es le differentia principal inter un virus e un verme computatorial?

Le verme se propaga sin hospite, le virus besonia un hospite. (A)

Qu'es un programma que appare legitime ma es actualmente malitiose?

Trojan horse. (C)

Qu'es un 'botnet'?

Un rete de computatores zombie controlate per un maestro. (D)

Le scopo principal de un 'rootkit' es:

A obtener controlo super un systema e celar su presentia. (A)

Qu'es 'ransomware'?

Malware que impedi te de usar tu computator sin pagar un rescate. (B)

Qu'es un consilio importante pro securisar un computator?

Mantener le systema operate a die. (A)

Qu'es un Firewall?

Un barriera de securitate que controla le accesso al rete. (C)

Qu'es un programma antivirus?

Un software utilisate por proteger de virus, troianos, vermes, spyware. (A)

Qu'es le traduction de adresse de rete?

Es un function de securitate de un router wireless. (A)

Qu'es un SSID (Identificator de Conjuncto de Servicio)?

Le nomine de rete wireless. (D)

Que debe tu facer, si tu systema acte non usual?

Reporta immediatemente. (C)

Qual del sequente actiones es recommendate pro creation de un contrasigno secur?

Utilisar un combination de parve e major litteras, numeros e characteres special. (C)

Qu'es cybersecuritate?

Es le protection de systemas de information contra accesso non autorisate. (C)

Como multo frequentemente debe le contrasigno esser cambiate?

Omne 90 dies. (B)

Que es cryptation?

Es un technica por converter texto plano in texto codificate. (C)

Tu pote proteger se del problemas de discarga,

per discargar de fontes fidabile. (C)

Un politica de uso acceptabile (PUA) es:

es commun in affares e scholas. (B)

Tu debe esser cosciente de que tu publica online pro:

protege tu reputation e information personal. (D)

Que es recommendate non includer in contrasigno?

Date de nascentia. (C)

Qu'es recommendate quando on emplea le medias social?

Evitar de discusser qualcunque problemas relate al emprego. (B)

Per que es importante mantener physica control de mobile devices?

A prevenir le perdita de datos per furtiva transmission. (C)

Qual es un cybercrime reporto centro?

centro pro victimas reporto los cybercrimes. (A)

Qua es includeva cyber securitate infrasructure?

Omnes. (D)

Qua es requirite pro contrasignos esser forto?

Omnes. (A)

Flashcards

Computator

Un apparato electronic, magnetic, optic, o altere apparato de rapide processamento de datos que executa functiones logic, arithmetic e de memoria per manipulation electronic.

Cybersecuritate

Le protection de information, apparatos, dispositivos, ressources computatorial, apparatos de communication e informationes emmagazinate contra accesso non autorisate, uso, divulgation, disruption.

Datos

Representation de information, cognoscimento, factos, conceptos, o instructiones que es preparate o ha essite preparate de un maniera formalisate, e destinate a esser processate.

Forma electronic

Generate, recipite, inviate o emmagazinate in medios electronic, magnetic, optic, memoria de computator, microfilme, microfiches generate per computator o similar apparato.

Signatura digital

Authentification de ulle registro electronic per un subscriptor per medios de un methodo electronic (systema asymetric crypto e function de hash).

Cybersecuritate corporative

Availabilitate, integritate e secretessa de systemas e retes de information contra attaccos, accidentes e errores con le scopo de proteger le operationes e le activos de un corporation.

Cybersecuritate national

Availabilitate, integritate e secretessa de systemas e retes de information contra attaccos, accidentes e errores con le scopo de proteger le operationes e le activos de un nation.

Objectivo de Cybersecuritate

Le scopo de Cybersecuritate es proteger nostre information e systemas de information contra accesso non autorisate o modification de information.

Confidentiate

Salvaguarda le information contra accesso per individuos sin le autorisation, nivello de accesso, e necessitate de saper adequatemente.

Integritate

Resulta del protection de modification o destruction non autorisate de information.

Availabilitate

Servicios de information es accessibile quando illos es necessari.

Non-repudiation

Assurantia que le expeditor de datos es providite de proba de distribution e le receptator es providite de proba del identitate del expeditor.

Menacias

Cualcunque circumstantias o eventos que pote potentialmente damnificar un systema de information destruente lo, revelante le information emmagazinate super le systema.

Vulnerabilitates

Debilitate in un systema de information o su componentes que pote esser exploitate.

Infrastructura de cybersecuritate

Equipamento que es integral al recerca e le capacitates de education in cybersecuritate.

DOS/DDOS

Attacco coordinate per un o multiple fontes.

Sniffers

Il examina le traffico de rete vadente a e ab altere machinas; collige nomines de usator e contrasignos, e captura posta electronic.

Attaccos web

Attaccos designate a robator nomines de usator e contrasignos; redirige te a un sito web false, mesmo si tu scribe le URL.

Bombardamento de posta electronic

Invia repetitemente un message de posta electronic identic a un adresse particular.

Malware

Programma vulnerabile a ulle systema software.

Confidentiate de datos (Data privacy)

Illo es le relation inter le collection e dissemination de datos, le technologia, le expectation public de confidentialitate e le problemas legal e politic circumjectante los.

Ingenieria social

Es le collection de technicas intendite a ingannar personas in divulgante information private.

Exploitation de die zero.

Un attacco que occurre le die quando un exploitation es discoperite ante le editor pote reparar lo.

Politicas de uso acceptabile (PUA)

Es le regulas super le uso de computatores e retes.

Virus

Es un programmas que se replica si mesme e infecta computatores. Requere un archivo hospite.

Cavallo de Troia

Appare como un programma legitime pro ingannar le usator.

Ransomware

Es un typo de malware que restricta le accesso al systema de computator que illo infecta e demanda un pagamento de rescate al victima pro remover le restriction.

Rootkit

Es un collection de utensiles de software que permitte accesso al nivello administrative e usualmente disimula su presentia, le quales pote esser usate pro mascar altere malware o pro conceder al usator non autorisate acceso al apparato.

Pharming

Redirige te a un sito web false mesmo si tu scribe le URL correcte.

Phishing

Invia de messages de posta electronic e IMs false a fin de robar information personal.

Cookies

Es datos installate sin permission pro identifier te e trar le sitos web e paginas que tu visita.

Adware

Crea fenestras pop-ups o annuncios publicitari e pote reducer le prestation del computator.

Spyware

Malware que collige information personal secretemente.

Systema de operation (SO)

Es le plus importante cosa.

Patch

Un codice de software que es inserite in un typo de software designate por ameliorar o fixar lo.

Assistentia pro accesso non autorisate

Actiones le que facilita accesso non autorisate.

Steal, Conciel o Destrue Code de Fontes del Computator

Furtar, absconder o destrue codice de fontes del computator.

Furto de identitate

un practica fraudulente o deshonest que emplea del signature electronic, contrasigno o ulle elemento de identification unique altere personal.

Study Notes

• Learning objectives include defining privacy and security, cybersecurity infrastructure, types of attacks, types of malware, how to secure a computer, and safe computing practices.

Key Definitions

• Computer: Any electronic processing device with logical, arithmetic, and memory functions, connected to a computer network.

• Cybersecurity: Protecting information, equipment, and computer resources from unauthorized access, use, disclosure, disruption, modification, or destruction.

• Data: Representation of information, knowledge, facts, concepts, or instructions processed in a computer system or network, and stored in various forms.

• Electronic Form: Data generated, received, sent, or stored in media such as magnetic, optical, or computer memory.

• Electronic Record: Data, record, image, or sound stored, received, or sent in an electronic form.

• Digital Signature: Authentication of an electronic record using an asymmetric crypto system and a hash function.

• Electronic Signature: Authentication of an electronic record using an electronic technique as specified.

• Intermediary: Any person who receives, stores, or transmits records on behalf of another person, or provides services related to that record.

Data Privacy

• Information privacy, also known as data privacy, involves the relationship between the collection/dissemination of data, technology, public expectations of privacy, and legal/political issues.

• Information privacy is the right to control what personal information is released.

Cyber Security

• Cybersecurity, as defined by the "Cyber Security Information Act", concerns the vulnerability and resilience of computing systems, software, and critical infrastructure against intentional interference, compromise, or incapacitation through misuse or unauthorized means, which violates laws and harms interstate commerce or public safety.

Cyber Security in Different Contexts

• Corporate cybersecurity focuses on the availability, integrity, and secrecy of information systems and networks to protect a corporation's operations and assets from attacks, accidents, and failures.

• National cybersecurity focuses on the availability, integrity, and secrecy of a nation's information systems to protect its operations and assets.

• Cybersecurity broadly defined is maintaining the availability, integrity, and secrecy of information systems and networks against attacks, accidents, and failures to protect operations and assets.

• Cyber Security's goal is to protect our information and information systems

• Cyber Security protects information systems against unauthorized access or modification of information, whether in storage, processing or transit

Privacy and Security of Information

• Confidentiality: Safeguards information from unauthorized access through clearance, access levels, and need-to-know.
• Integrity: Protects information from unauthorized modification or destruction.
• Availability: Ensures information services are accessible when needed.
• Authentication: Verifies the validity of transmissions, messages, originators, as well as individual authorization.
• Non-repudiation: Provides proof of delivery and sender identity, preventing sender/recipient from denying data processing.

Sensitive Data

• Sensitive data is information that, if compromised, could seriously harm organizational operations, assets, or individuals.
• Examples of sensitive information include personnel, financial, payroll, medical, and Privacy Act information.

Threats and Vulnerabilities

• Threats are circumstances or events that can potentially harm an information system by destroying it, disclosing information, modifying data, or making the system unavailable.
• Vulnerabilities are weaknesses in an information system or its components that can be exploited (e.g. Windows XP systems).

Cyber Security Infrastructure

• According to the "Cybersecurity Research and Education Act of 2002", cybersecurity infrastructure includes equipment integral to research and education capabilities in cybersecurity

• Encryption Devices

• Network Switches

• Routers

• Firewalls

• Wireless Networking Gear

• Protocol Analyzers

• File Servers

• Workstations

• Biometric tools

• Computers

• Cybersecurity infrastructure also includes technology support staff integral to research and education.

Technical Aspects – Evidentiary Objects

• Storage (files) is a technical aspect that can contain evidentiary objects.
• Hard disk (raw data) can contain evidentiary objects
• Flash cards can contain evidentiary objects.
• Volatile memory (RAM) can contain evidentiary objects such as running processes, DLLs, Malware, User names and passwords
• Registry keys may contain evidentiary objects
• Deleted files may contain evidentiary objects
• Cookies may contain evidentiary objects
• Browser caches/history may contain evidentiary objects.
• Network connections history may contain evidentiary objects
• Network Logs are possible evidentiary objects

Network-Based Attacks

• Network-based attacks have better accessibility due to the network.
• Targets include websites, email servers, file servers, DNS servers, and routers.

Network Attacks

• DOS/DDoS are coordinated attacks from one or multiple sources.
• SYN flooding is a DOS attack, http://www.cert.org/advisories/CA-1996-21.html.
• Proliferation of DSL connections has aided SYN flooding attacks.
• DNS and BIND can be subject to redirection attacks to unintended sites.
• Vulnerabilities in BIND can allow remote users to gain privileged access.
• Routers can have routing info changed to disable networks.
• Cisco IOS usage makes routers a backbone of the internet.
• Sniffers examine and gather network traffic.
• They can gather usernames and passwords.
• Sniffers can capture electronic mail.
• Firewalls can detect network attacks
• IDS, HoneyPots, SATAN, vulnerability scanners can detect network attacks
• http://www.sans.org/newlook/resources/IDFAQ/ID_FAQ.htm
• Tripwire can detect changes in configurations

Web Attacks

• Phishing involves deceptive email messages and instant messages appearing legitimate.
• Phishing is designed to trick users into providing usernames and passwords.
• Pharming involves redirects to phony websites even when typing the correct URL.
• Pharming attacks hijack a company's domain name

Examples of Web Attacks

• Cracking Session ID numbers is an example of a web attack.
• An example is https://www.tonybank.com/account.asp?sid=12345678. URL session tracking, hidden form elements, and cookies can be vulnerable.
• Cracking SQL databases is a form of web attack.
• This can be done using an incorrect string to get an error message to reveal the query structure.
• http://www.wiretrip.net/rfp/p/doc.asp?id=42

E-Mail Attacks

• Email bombing is one type of attack, repeatedly sending an identical email message to a particular address.
• More info: http://www.cert.org/tech_tips/email_bombing_spamming.html
• Malware attachments can be spread through email
• Worms, viruses, trojan horses, etc.
• Spam is considered an email attack: unsolicited "junk" mail.
• It often happens at sites with mailers that permit relaying. RTF files are ASCII text files and include embedded formatting commands, they do not contain macros and can not be infected with a macro virus. MP3 files consist of compressed audio tracks and are not susceptible to traditional virus infections.

Cybercrime: Social Network Attacks

• Fraud: Schemes that convince you to give money or property to a person.
• Shill bidding is fake bidding to drive up the price of an item

Malware: Spam and Cookies

• Spamming is sending mass unsolicited emails.
• Spam messages are also distributed in fax, IM, and text formats.
• Spams are called "spam"
• Cookies are installed without permission.
• Cookies allows websites to identify you when you return
• Cookies track websites and pages you visit to target ads.
• Cookies may collect information you do not want to share.

Malware Adware and spyware

• Adware uses pop-ups and banner ads. Adware helps generate income Adware uses CPU cycles and internet bandwidth Adware reduces PC performance
• Spyware is malware that covertly harvests personal data. Spyware is usually installed by accident Spyware acts as a browser hijacker

Social Engineering

• Social engineering is a collection of techniques intended to trick people into divulging private information, including calls, emails, websites, text messages, and interviews.

• When faced with social engineering attempts, document the situation, verifying the caller and gathering information and writing down notes of the conversation.

• Contact your CISO.

• Don't participate in surveys.

• Don't Share personal information

• Don't give out computer systems or network information

Mobile Computing

• Always maintain physical control of mobile devices.
• Properly label mobile devices with classification and contact information.
• Disable wireless functionality on mobile devices when not in use.

Example: DOS

• Denial-of-Service attacks are most frequently executed against network connectivity.

• The goal is to prevent hosts or networks from communicating over the network.

• A description of how this can occur is at: http://www.cert.org/advisories/CA-1996-21.html

• An intruder begins the process of connecting to the victim machine in such a way as to PREVENT the completion of the connection.

• Since the victim machine has a limited number of data structures for connections, the result is that legitimate connections are denied while the victim machine is waiting to complete bogus "half-open" connections.

• This type of attack does not depend on the attacker being able to consume your network bandwidth.

• An intruder may also be able to consume all the available bandwidth on your network by generating a large number of packets directed to your network.

Denial of Service Attacks make networks or hosts unusable. Difficult or impossible to locate source. Bottom Line: COSTLY! http://www.cert.org/present/cert-overview-trends/sld001.htm Disrupt services Becoming very popular with attackers

• IRC sites
• Controversial sites or services
• Bottom line: COSTLY!

Intruder Detection Checklist

• Look for Signs That Your System May Have Been Compromised by using the following checks
• Examine log files
• Look for setuid and setgid Files
• Check system binaries
• Check for packet sniffers
• Examine files run by 'cron' and 'at'.
• Check for unauthorized services
• Examine /etc/passwd file
• Check system and network configuration
• Look everywhere for unusual or hidden files
• Examine all machines on the local network
• http://www.cert.org/techtips/intruder_detection_checklist.html

Malware: Viruses, Worms, Trojans, and Rootkits

• Virus - a program that replicates itself and infects computers.
• Needs a host file May use an email program to infect other computers
• Worm - A conficker worm was first released in 2008, reemerged in 2010 with new behaviors. Self-replicating Do not need a host to travel Travels over networks to infect other machines
• Logic Bomb Behaves like a virus Performs malicious act Does not replicate Attacks when certain conditions are met Time Bomb A logic bomb with a trigger that is a specific time or date
• First released in 2008
• Reemerged in 2010 with new behaviors
• Botnet Computer zombies/ bots controlled by a master
• Trojan horse Fake notifications security Denial-of-service attacks

Ransomware

• malware that prevents you from using your computer until you pay a fine or fee.
• Bitcoin is an anonymous, digital, encrypted currency
• Rootkit -Set of programs -Allows someone to gain control over system -Hides the fact that the computer has been compromised - masks behavior of other malware
• Nearly impossible to detect

How to Secure a Computer

• Shields up software
• A visited website installs a program in the background without your knowledge-drive by download -Hardware device that blocks access to your network
• Software that blocks access Antivirus program
• Protects against viruses, Trojans, worms, spyware
• Windows 10 includes Windows Defender Security Suites are combinations of features for security software
• Windows 10 includes Windows Defender

Shields Up - Hardware

• Connects two networks- Router Wireless encryption
• Adds security by encrypting transmitted data

Shields Up -Operating Systems

• Most important piece of security software and keep up to date

Practice Safe Computing

• Malware tricks users into clicking false Windows notifications
• User Account Control (UAC) notifies you prior to changes made to your computer
• Guest
• Three user account types

Do not turn UAC off. Read Messages before clicking yes.

Secure Password practices

• Do's

• Use a combination of lower and upper case letters, numbers, and, special characters.

• Change it every 90 days

• Create a complex, strong password, and protect its secrecy

• Don'ts

• Use personal information

• Use Dictionary words(including foreign languages)

• Do not write it down

• Do not share it with anyone

• Converts plain text into ciphertext and encrypts

An ounce of prevention - safe installation of software requires copies of files to the computer which alters settings

• Download problems

• Only download from reliable sources

• A zero-day exploit is an attack that occurs on the day an exploit is discovered

• Before the publisher can fix it there are bugs- flaws in software

• Acceptable Use policies are important in businesses and schools. Rules are important to protect

• Avoid discussing social media and monitor privacy

Laws Related to Computer Security and Privacy

• Internet Complaint Center (IC3) is a place for victims to report cybercrimes

• Reports processed and forwarded to appropriate agency

• computer Fraud and Abuse Act makes it a crime to access classified information

• computer Fraud and Abuse Act Passed act in 1986. Amendments between 1988 and 2002 added additional cybercrimes

• Cyber crime 43 covers un authorized access or introducing a conputer virus, causing disruptions. sec 66 punishment for identitiy theft

• Secure the departments by utilizing the mentioned best practices. PII should not be stored on unencrypted devices.