Podcast
Questions and Answers
Which of the following actions is the MOST indicative of practicing cybersecurity?
Which of the following actions is the MOST indicative of practicing cybersecurity?
- Enforcing policies that curb cyberattacks.
- Protecting computer systems, networks, and data from cyberattacks. (correct)
- Using readily available technology.
- Adopting various practices to improve technology.
Why is cybersecurity considered important for organizations?
Why is cybersecurity considered important for organizations?
- It reduces the need for innovation.
- It maintains trust and reputation. (correct)
- It simplifies operational processes.
- It ensures sensitive information is available to all employees.
What is the primary focus of network security?
What is the primary focus of network security?
- Managing software updates on individual computers.
- Protecting computer networks from unauthorized access or attacks. (correct)
- Ensuring all employees have access to the network.
- Securing physical access to server rooms.
Which of the following is primarily protected by information security?
Which of the following is primarily protected by information security?
What are the three core principles that form the CIA triad model?
What are the three core principles that form the CIA triad model?
What does 'confidentiality' ensure in the context of the CIA triad?
What does 'confidentiality' ensure in the context of the CIA triad?
What does 'integrity' refer to in the CIA triad?
What does 'integrity' refer to in the CIA triad?
What aspect of data security does 'availability' primarily address?
What aspect of data security does 'availability' primarily address?
Which of the following BEST describes the difference between cybersecurity and information security?
Which of the following BEST describes the difference between cybersecurity and information security?
What is the PRIMARY objective of cloud security?
What is the PRIMARY objective of cloud security?
In cloud security, what does 'data privacy' primarily ensure?
In cloud security, what does 'data privacy' primarily ensure?
When selecting a cloud service model, what does choosing SaaS typically imply?
When selecting a cloud service model, what does choosing SaaS typically imply?
What is the main function of IoT security?
What is the main function of IoT security?
Which of the following is an example of an IoT security device designed to monitor an environment in real time?
Which of the following is an example of an IoT security device designed to monitor an environment in real time?
What is the purpose of application security?
What is the purpose of application security?
What is the role of a Web Application Firewall (WAF) in application security?
What is the role of a Web Application Firewall (WAF) in application security?
What primary function does endpoint security serve?
What primary function does endpoint security serve?
In the context of endpoint security, what can endpoint security platforms do to manage risky devices?
In the context of endpoint security, what can endpoint security platforms do to manage risky devices?
According to the zero trust model, what is the fundamental principle regarding user or device access?
According to the zero trust model, what is the fundamental principle regarding user or device access?
Which of the following authentication methods aligns with the principles of zero trust security?
Which of the following authentication methods aligns with the principles of zero trust security?
Which of the following is a common characteristic of cybersecurity threats?
Which of the following is a common characteristic of cybersecurity threats?
Which activity is MOST representative of a phishing attack?
Which activity is MOST representative of a phishing attack?
What is the main purpose of 'spear phishing'?
What is the main purpose of 'spear phishing'?
Which of the following activities is MOST indicative of malware?
Which of the following activities is MOST indicative of malware?
How do computer viruses typically spread from one computer to another?
How do computer viruses typically spread from one computer to another?
What distinguishes a 'worm' from a 'virus'?
What distinguishes a 'worm' from a 'virus'?
What is a key characteristic of worms related to their spread?
What is a key characteristic of worms related to their spread?
What BEST describes the behavior of a Trojan horse?
What BEST describes the behavior of a Trojan horse?
How does a Trojan horse typically provide unauthorized access to a system?
How does a Trojan horse typically provide unauthorized access to a system?
Which of the following describes the primary function of ransomware?
Which of the following describes the primary function of ransomware?
Why do attackers often demand payment in cryptocurrency in ransomware attacks?
Why do attackers often demand payment in cryptocurrency in ransomware attacks?
What is the primary goal of spyware?
What is the primary goal of spyware?
What type of information can spyware typically track?
What type of information can spyware typically track?
What is the primary function of adware?
What is the primary function of adware?
How does adware typically affect a user’s system?
How does adware typically affect a user’s system?
What is the main purpose of keyloggers?
What is the main purpose of keyloggers?
What makes keyloggers a severe privacy concern?
What makes keyloggers a severe privacy concern?
What is the primary function of rootkits?
What is the primary function of rootkits?
Why are rootkits difficult to detect and remove?
Why are rootkits difficult to detect and remove?
What is the main goal of a Denial of Service (DoS) attack?
What is the main goal of a Denial of Service (DoS) attack?
What is a key difference between a DoS and a DDoS attack?
What is a key difference between a DoS and a DDoS attack?
What is the primary action of an attacker in a Man-in-the-Middle (MITM) attack?
What is the primary action of an attacker in a Man-in-the-Middle (MITM) attack?
Flashcards
Cybersecurity
Cybersecurity
Protecting computer systems, networks, and data from cyberattacks using technology, policies, and practices.
Critical infrastructure cybersecurity
Critical infrastructure cybersecurity
Ensuring systems vital to society's functioning are resilient and reliable against cyber threats.
Network security
Network security
Protecting computer networks from unauthorized access, use, disclosure, disruption, modification, or destruction.
Cloud security
Cloud security
Signup and view all the flashcards
IoT (Internet of Things) security
IoT (Internet of Things) security
Signup and view all the flashcards
Application security
Application security
Signup and view all the flashcards
Information security
Information security
Signup and view all the flashcards
Confidentiality
Confidentiality
Signup and view all the flashcards
Integrity
Integrity
Signup and view all the flashcards
Availability
Availability
Signup and view all the flashcards
Cloud security
Cloud security
Signup and view all the flashcards
Software as a Service (SaaS)
Software as a Service (SaaS)
Signup and view all the flashcards
Platform as a Service (PaaS)
Platform as a Service (PaaS)
Signup and view all the flashcards
Infrastructure as a Service (IaaS)
Infrastructure as a Service (IaaS)
Signup and view all the flashcards
Internet of Things (IoT) security
Internet of Things (IoT) security
Signup and view all the flashcards
Application Security
Application Security
Signup and view all the flashcards
Endpoint Security
Endpoint Security
Signup and view all the flashcards
Zero trust Security
Zero trust Security
Signup and view all the flashcards
Phishing
Phishing
Signup and view all the flashcards
Malware
Malware
Signup and view all the flashcards
Worm
Worm
Signup and view all the flashcards
Trojan Horse
Trojan Horse
Signup and view all the flashcards
Ransomware
Ransomware
Signup and view all the flashcards
Spyware
Spyware
Signup and view all the flashcards
Adware
Adware
Signup and view all the flashcards
Keyloggers
Keyloggers
Signup and view all the flashcards
Rootkits
Rootkits
Signup and view all the flashcards
Denial of Service (DoS) Attack
Denial of Service (DoS) Attack
Signup and view all the flashcards
Distributed Denial of Service (DDoS) Attack
Distributed Denial of Service (DDoS) Attack
Signup and view all the flashcards
Man-in-the-Middle (MITM) Attack
Man-in-the-Middle (MITM) Attack
Signup and view all the flashcards
Study Notes
- Cybersecurity involves safeguarding computer systems, networks, and data from cyberattacks
- This includes utilizing technology, policies, and practices to prevent cyber threats malware, phishing, and ransomware
Importance of Cybersecurity
- Cybersecurity is important for the protection of sensitive information
- Cybersecurity is important prevention of identity theft and fraud
- Cybersecurity is important for maintaining trust and reputation
- Legal compliance is a key benefit of cybersecurity
- Cybersecurity can provide operational continuity after an attack
Network Security
- Network security protects networks, programs, and online systems from digital attacks
- Network security prevents illegal access to user accounts and documents
- Network security secures network integrity
Information Security
- Information Security also known as InfoSec, this protects the confidentiality and availability of data
- Important sensitive information is only accessible to authorized users
- Cybersecurity is an element of information security protecting digital data and systems
- Information security protects data in all forms
CIA Triad Model
- The CIA triad outlines the core principles of information security, including confidentiality, integrity, and availability
- It acts as a framework for developing security policies and procedures
Confidentiality
- Confidentiality restricts access to information, including personal and proprietary data
- Aims to prevent unauthorized access to data
- Focuses on protecting against password theft and computer theft
Integrity
- Integrity ensures data accuracy and trustworthiness
- Integrity prevents unauthorized modification or destruction of data
- Maintains data authenticity
Availability
- Availability ensures authorized users can access data and systems when needed
- Ensures data availability in a timely and reliable manner
Cybersecurity vs. Information Security
Cybersecurity | Information Security | |
---|---|---|
Focus | Protects digital systems and data | Protects data in all forms, digital and physical |
Examples | Firewalls, intrusion detection systems, encryption | Protecting customer account details, financial data, and intellectual property |
Goals | Protects systems, networks, and programs from attacks | Protects data confidentiality, integrity, and availability |
Cloud Security
- Cloud security is a set of strategies and technologies protecting cloud-based data, applications, and infrastructures
Cloud Security Goals
- Data privacy is a key goal by keeping data private and safe across cloud platforms, applications, and infrastructure
- Compliance ensures that cloud services adhere to legal and regulatory requirements
- Access control manages cloud access to prevent unauthorized entry
Cloud Security Types
- Cloud security types include Software-as-a-Service (SaaS)
- Cloud security types include Platform-as-a-Service (PaaS)
- Cloud security types includs Infrastructure-as-a-Service (IaaS)
Software-as-a-Service (SaaS)
- A cloud-based model enabling users to access software applications via the internet
- The software provider manages the software and its provision in a SaaS model
- Payment subscription-based, with fixed monthly fees based on the plan and number of users
- Example for Enterprise Resource Planning(ERP), Content management system(CMS), Human Resource Management System(HRMS), Office365, Google Apps etc.
Platform-as-a-Service (PaaS)
- A cloud-based service providing an environment for developing, managing, and deploying applications
- PaaS is a pay-as-you-go service, eliminating the need for hardware and software maintenance
- Payment is pay-as-you-go, based on usage of compute resources, storage, and services
- Example for Google Cloud, Microsoft Azure, AWS, IBM Cloud, Red Hat OpenShift, Oracle Cloud Platform (OCP), Heroku, Mendix, Engine Yard, and OpenStack etc.
Infrastructure-as-a-Service (IaaS)
- A cloud computing service providing on-demand access to computing resources
- Payment is pay-as-you-go, based on the amount of virtual server time, storage space, and network utilized
Features of IaaS
- Offers on-demand access, allowing users to request and configure resources for running applications and IT systems
- Payment is pay-as-you-go
- Involves scalability and the IaaS can be scaled up or scaled down to meet changing needs
- Examples: Amazon Web Services (AWS), Elastic Compute Cloud (EC2), Microsoft Azure, Google Compute Engine (GCE), Joyent, Linode, Rackspace, DigitalOcean etc.
Choosing The Right Model
- For basic needs and minimal customization, choose SaaS
- For developing and deploying custom applications, choose PaaS
- For full control of infrastructure and complex deployments, choose IaaS
Internet of Things (IoT) Security
- IoT security focuses on protecting the devices, networks, and data that make up the IoT
- IoT include computers, phones, appliances, and smart devices that connect to the internet
IoT Security Goals
- The main goal is to protect user privacy and data confidentiality
- One goal is to ensure device security and infrastructure security
- A key task is to allow the IoT ecosystem to function smoothly
Iot Security Devices
- Surveillance cameras monitor the environment in real time and are viewed remotely
- Smart locks are controlled remotely and have biometric recognition capabilities
- Smart alarms detect threats like break-ins, fire, and carbon monoxide
- Door/window sensors alert when doors or windows are opened or tampered with
- Smart detectors detect environmental hazards like smoke, gas leaks, and water leaks
Application Security
- Application security uses measures to protect applications from cyber threats
- It secures software code and data during design, development, and deployment
Application Security Tools
- Web Application Firewalls (WAF) monitor/filter HTTP traffic between a web application and the internet
- Multi-factor authentication (MFA) requires users to provide identification before application access
- Anti-virus software removes malicious software from computer systems or applications
Endpoint Security
- Endpoint security applies measures protecting devices like laptops, desktops, and mobile devices
- Endpoint security is also called endpoint protection
Endpoint Security Work
- Endpoint security software, is an endpoint protection platform (EPP), that protects devices from cyber threats
- Endpoint security contains antivirus, anti-malware, and firewall protection
- Endpoint security platforms identify and block risky devices from accessing a corporate network
- Endpoint security platforms monitor the security posture of devices
Zero Trust Security
- Zero trust security operates under the assumption that no user or device is inherently trusted
- Zero Trust Network Access (ZTNA) only connects users to resources they are authorized to access
Zero Trust Examples
- Multifactor authentication requests two or more forms of authentication to sign in
- Zero Trust Network Access (ZTNA) only connects users to the resources they have permission to access
Cybersecurity Threats
- Common cybersecurity threats include phishing, malware, ransomware, DDoS attacks
- Supply chain attacks, social engineering, insider threats, password attacks, IoT attacks, cryptojacking, advanced persistent threats are also risks
- These malcious activity for digital systems through sensitive data access, disruption, or theft
Phishing
- A cybercrime where scammers trick people into revealing personal information or money
- Disguised as legitimate entities, the scammer steals money, gains access, or installs malware
Types of Phishing
- Email phishing sends fraudulent emails
- Spear phishing targets specific individuals or organizations
- Smishing sends text messages
- Vishing uses phone calls
- Clone phishing creates fake messages
Malware
- Intrusive software developed by cybercriminals to steal or damage systems
- Common malware includes viruses, worms, Trojan viruses, spyware, adware, and ransomware
Malware: Virus
- A virus is a type of malware that alters files and data
- It spreads from computer to computer and enters computers via attachments and downloads
- Severity ranges from mildly disturbing effects to severely damaging data or software
- The first computer virus was Creeper, crafted in 1971 by Bob Thomas
- The message "I'M THE CREEPER. CATCH ME IF YOU CAN!" was shown for Creeper
- The boot sector virus Brain created in 1987 for India
- Brain virus as created by brothers Basit and Amjad Farooq Alvi (Lahore, Pakistan).
Malware: Worms
- A worm is replicates itself from computer to computer without needing to attach to a host file
- Worms can spread automatically through networks, email systems or the Internet without human intervention
- The Morris Worm released in 1988, widely spread on the internet
Key Worm Characteristics
- Self-Replication: Worms replicate themselves across networks and systems
- Network Spread: They Exploit security vulnerabilities in operating systems or applications to spread, also spread through email, shared files, or instant messaging
- Payload Delivery: While the primary purpose of a worm is to spread, many worms carry a payload-a secondary malicious program to cause damage. Data theft, file corruption, or malware installation result
- Resource Consumption: Consume excessive system resources, like bandwidth and processing power
- Remote Control: Design creates backdoors into infected systems for remote control/launching further attacks
Famous Worms:
- ILOVEYOU (2000): a very famous email worm, used the subject line "ILOVEYOU," caused global damage
- Blaster (2003): Exploited vulnerability in Microsoft Windows, causing affected computers to repeatedly reboot
- Conficker (2008): Spread through Microsoft Windows by exploiting vulnerabilities and creating a botnet
- Stuxnet (2010): Targeted Iran's nuclear program by damaging industrial control systems
Trojan Horse
- A type of malicious software that appears legitimate
- Gives attackers access to a system, steal information, damage files, or provide a backdoor
Trojan Characteristics
- Deceptive Behavior: Trojan’s disguise themselves as legitimate software or files
- No Self-Replication: Trojans don't replicate themselves. The use the users them by open / execute them.
- Malicious Payload: Once installed, a Trojan can deliver a variety of malicious payloads. This gives attackers control of the system, stealing personal information, or installing other types of malware
- Backdoor Access: Trojans open a "backdoor" on an infected system Cybercriminals from remotely control or access the system without the user's knowledge.
Famous Trojan Horse
- Zeus/Zbot (2007): Banking Trojan, designed to steal banking credentials
- Emotet(2014): Banking Trojan, evolved into a sophisticated malware and spreads through malicious email attachments.
- SpyEye(2009): Banking Trojan and steals login credentials
- Dridex(2014): Banking Trojan and steals banking credentials.
- Trojan-Dropper: Delivers payloads for infection of other types of malware
Other Famous Trojan Horse
- Red October(2012): Cyber-espionage Trojan and steals sensitive data
- TrickBot(2016): Banking Trojan, steals financial data and login credentials
- Kelihos(2008): Used to a create botnet. that steals data
- Emotet(2014): Primarily used for Malware distribution and delivers other malware,
- Andromeda/Gamarue(2011): Downloader to install other malware for information theft
Malware: Ransomware
- Encrypts a victim's files or locks them out of their system so they make a payment for data restoration
- Ransomware are known to attacks to cryptocurrency (e.g., Bitcoin for anonymity.
- Ransomeware can financial loss, operational disruption, and data breaches
- The AIDS Trojan in 1989, first documented ransomware attack
- Created by Joseph Popp, a biologist and AIDS researcher
- Examples: CryptoLocker, WannaCry, Locky, Reveton, Police Virus, Sodinokibi, etc.
Malware: Spyware
- Designed to monitor/gather data for user's activities without the user knowing
- Can track track internet browsing habits, keystrokes, login credentials, and sensitive personal information
- Common types of spyware adware, keyloggers, rootkits, and Trojan viruses
Adware
- Software that automatically displays or downloads advertising material
- It is often bundled with other software and can negatively affect a user's system
- Known for Track User Behavior, Annoying Pop-ups, Bundled withFreeware, Privacy Concerns
Keyloggers
- Designed to record all keystrokes a user types on their device
- Can capture sensitive information like login credentials, credit card numbers, emails, and personal messages
Rootkits
- Designed to gain privileged access to a computer or network
- Can hide easily in the operating system and have difficult detection and removal
- Allows attackers long-term access to a system
Comparison of Adware, Keyloggers, and Rootkits
Feature | Adware | Keyloggers | Rootkits |
---|---|---|---|
Primary Purpose | Display targeted ads | Record keystrokes | Gain privileged access |
Visibility | Often visible | Usually runs invisibly | Hides itself |
Impact on System | Slows down the system | Captures sensitive information | Takes control of the system |
Privacy Risk | Compromises browsing behavior | Captures usernames and passwords | Provides remote access |
Removal Difficulty | Easy to remove | Tricky to remove | Extremely difficult to remove |
Example Software | Gator, Zango | Perfect Keylogger, REFOG Keylogger | TDSS, Sony BMG Rootkit |
Denial of Service (DoS) Attack
- A cyberattack that makes a website / network unavailable is an overload of traffic
- The goal to disrupt normal functioning
- To does this, A target slows down/ unresponsive, and traffic handles the target
Difference Between DoS and DDoS Attack
- A DoS attackers originates attacks device or a computer system
- A DDoS which more different computers / IoT servers
- DDoS comes compromised spread out on a network
Aspect | DoS Attack | DDoS Attack |
---|---|---|
Source of Attack | Single source | Multiple sources |
Scale of Attack | Limited in scale | Large scale |
Complexity | Simple to execute | Complex to execute |
Detection & Mitigation | Easier to detect | Harder to detect |
Impact on Target | Local impact | Widespread impact |
Cost of Execution | Low cost | High cost |
Man-in-the-Middle Attack
- A user's communication is cyberattcked is intercepted, and even communication between both parties
- The attacker puts self to sender and receiver to monitor/modify exchange data
Real-World Man-In-The-Middle Attacks
- Wi-Fi Eavesdropping / Evil Twin Attack : A hacker monitor to Wi-Fi network at airport
- Phishing with MITM: A hacker is fake and leads back to official
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.