Cybersecurity Basics

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson
Download our mobile app to listen on the go
Get App

Questions and Answers

Which of the following actions is the MOST indicative of practicing cybersecurity?

  • Enforcing policies that curb cyberattacks.
  • Protecting computer systems, networks, and data from cyberattacks. (correct)
  • Using readily available technology.
  • Adopting various practices to improve technology.

Why is cybersecurity considered important for organizations?

  • It reduces the need for innovation.
  • It maintains trust and reputation. (correct)
  • It simplifies operational processes.
  • It ensures sensitive information is available to all employees.

What is the primary focus of network security?

  • Managing software updates on individual computers.
  • Protecting computer networks from unauthorized access or attacks. (correct)
  • Ensuring all employees have access to the network.
  • Securing physical access to server rooms.

Which of the following is primarily protected by information security?

<p>The confidentiality, integrity, and availability of data. (A)</p> Signup and view all the answers

What are the three core principles that form the CIA triad model?

<p>Confidentiality, Integrity, Availability. (B)</p> Signup and view all the answers

What does 'confidentiality' ensure in the context of the CIA triad?

<p>Data is protected from unauthorized access. (D)</p> Signup and view all the answers

What does 'integrity' refer to in the CIA triad?

<p>Protecting data from unauthorized modification or destruction. (C)</p> Signup and view all the answers

What aspect of data security does 'availability' primarily address?

<p>Guaranteeing authorized users can access data when needed. (B)</p> Signup and view all the answers

Which of the following BEST describes the difference between cybersecurity and information security?

<p>Cybersecurity is about protecting digital systems and data, while information security protects data in all forms. (C)</p> Signup and view all the answers

What is the PRIMARY objective of cloud security?

<p>To protect cloud-based data, applications, and infrastructure. (C)</p> Signup and view all the answers

In cloud security, what does 'data privacy' primarily ensure?

<p>Keeping data private and safe across cloud platforms. (D)</p> Signup and view all the answers

When selecting a cloud service model, what does choosing SaaS typically imply?

<p>Minimal customization for basic needs. (A)</p> Signup and view all the answers

What is the main function of IoT security?

<p>To protect devices, networks, and data that are part of the IoT. (C)</p> Signup and view all the answers

Which of the following is an example of an IoT security device designed to monitor an environment in real time?

<p>Surveillance camera. (C)</p> Signup and view all the answers

What is the purpose of application security?

<p>To protect applications from cyber threats. (C)</p> Signup and view all the answers

What is the role of a Web Application Firewall (WAF) in application security?

<p>To monitor and filter HTTP traffic between a web application and the internet. (B)</p> Signup and view all the answers

What primary function does endpoint security serve?

<p>Securing devices like laptops and mobile devices from cyber threats. (C)</p> Signup and view all the answers

In the context of endpoint security, what can endpoint security platforms do to manage risky devices?

<p>Identify and block them from accessing a corporate network. (D)</p> Signup and view all the answers

According to the zero trust model, what is the fundamental principle regarding user or device access?

<p>No user or device should be trusted unless explicitly permitted. (C)</p> Signup and view all the answers

Which of the following authentication methods aligns with the principles of zero trust security?

<p>Multifactor authentication. (D)</p> Signup and view all the answers

Which of the following is a common characteristic of cybersecurity threats?

<p>Aiming to access, disrupt, or steal sensitive data. (D)</p> Signup and view all the answers

Which activity is MOST representative of a phishing attack?

<p>Tricking individuals into revealing personal information or money. (A)</p> Signup and view all the answers

What is the main purpose of 'spear phishing'?

<p>To send fraudulent emails to specific individuals or organizations. (B)</p> Signup and view all the answers

Which of the following activities is MOST indicative of malware?

<p>Secretly monitoring user activity and stealing data. (A)</p> Signup and view all the answers

How do computer viruses typically spread from one computer to another?

<p>As attachments to images, audio, or video files. (B)</p> Signup and view all the answers

What distinguishes a 'worm' from a 'virus'?

<p>Worms can spread without attaching to a host file, unlike viruses. (A)</p> Signup and view all the answers

What is a key characteristic of worms related to their spread?

<p>They can spread automatically through networks or email systems. (D)</p> Signup and view all the answers

What BEST describes the behavior of a Trojan horse?

<p>It pretends to be legitimate software to trick users into installing it. (C)</p> Signup and view all the answers

How does a Trojan horse typically provide unauthorized access to a system?

<p>By tricking users into installing or executing a malicious file. (A)</p> Signup and view all the answers

Which of the following describes the primary function of ransomware?

<p>To encrypt user files and demand a ransom for restoring access. (C)</p> Signup and view all the answers

Why do attackers often demand payment in cryptocurrency in ransomware attacks?

<p>Because it offers a degree of anonymity. (B)</p> Signup and view all the answers

What is the primary goal of spyware?

<p>To secretly monitor user activities and collect information. (C)</p> Signup and view all the answers

What type of information can spyware typically track?

<p>Internet browsing habits, keystrokes, and login credentials. (D)</p> Signup and view all the answers

What is the primary function of adware?

<p>To automatically display or download advertising material. (D)</p> Signup and view all the answers

How does adware typically affect a user’s system?

<p>By slowing it down, displaying unwanted ads, and compromising privacy. (B)</p> Signup and view all the answers

What is the main purpose of keyloggers?

<p>To record every keystroke a user types on their device. (A)</p> Signup and view all the answers

What makes keyloggers a severe privacy concern?

<p>They can capture sensitive information like login credentials and credit card numbers. (B)</p> Signup and view all the answers

What is the primary function of rootkits?

<p>To gain privileged access to a computer or network. (D)</p> Signup and view all the answers

Why are rootkits difficult to detect and remove?

<p>They hide their presence and the presence of other malicious software. (D)</p> Signup and view all the answers

What is the main goal of a Denial of Service (DoS) attack?

<p>To disrupt the normal functioning of a target by flooding it with traffic. (A)</p> Signup and view all the answers

What is a key difference between a DoS and a DDoS attack?

<p>A DoS attack is easier to mitigate, while a DDoS attack is harder. (C)</p> Signup and view all the answers

What is the primary action of an attacker in a Man-in-the-Middle (MITM) attack?

<p>To intercept and potentially alter the communication between two parties. (D)</p> Signup and view all the answers

Flashcards

Cybersecurity

Protecting computer systems, networks, and data from cyberattacks using technology, policies, and practices.

Critical infrastructure cybersecurity

Ensuring systems vital to society's functioning are resilient and reliable against cyber threats.

Network security

Protecting computer networks from unauthorized access, use, disclosure, disruption, modification, or destruction.

Cloud security

Protecting data and applications in cloud environments from unauthorized access, data breaches, and cyber threats.

Signup and view all the flashcards

IoT (Internet of Things) security

Protecting internet-connected devices and their data from cyber threats.

Signup and view all the flashcards

Application security

Protecting software applications from unauthorized access, modification, or destruction.

Signup and view all the flashcards

Information security

Protecting the confidentiality, integrity, and availability of data.

Signup and view all the flashcards

Confidentiality

Restricting access to information, including personal and proprietary data.

Signup and view all the flashcards

Integrity

Ensuring the accuracy and trustworthiness of data, preventing unauthorized modification or destruction.

Signup and view all the flashcards

Availability

Ensuring authorized users can access data and systems when needed.

Signup and view all the flashcards

Cloud security

Strategies and technologies that protect cloud-based data, applications, and infrastructure.

Signup and view all the flashcards

Software as a Service (SaaS)

Cloud-based model allowing users to access software applications over the internet, provider manages the software.

Signup and view all the flashcards

Platform as a Service (PaaS)

Cloud service providing a complete environment for developing, managing, and deploying applications.

Signup and view all the flashcards

Infrastructure as a Service (IaaS)

Cloud computing service offering access to computing resources on demand.

Signup and view all the flashcards

Internet of Things (IoT) security

Protection of devices, networks, and data that are part of the Internet of Things (IoT).

Signup and view all the flashcards

Application Security

Set of measures that protect applications from cyber threats, securing code and data during design, development, and deployment.

Signup and view all the flashcards

Endpoint Security

Measures protecting devices like laptops, desktops, and mobile devices from cyber threats.

Signup and view all the flashcards

Zero trust Security

Network security strategy assuming no user or device should be trusted unless explicitly permitted.

Signup and view all the flashcards

Phishing

Attacks that trick people into giving away personal information or money.

Signup and view all the flashcards

Malware

Malicious software designed to infiltrate and damage computer systems.

Signup and view all the flashcards

Worm

A type of malware that replicates and spreads from one computer to another.

Signup and view all the flashcards

Trojan Horse

Malware that pretends to be legitimate to trick users into installing or executing it.

Signup and view all the flashcards

Ransomware

Malware that encrypts a victim's files and demands a ransom for decryption.

Signup and view all the flashcards

Spyware

Malicious software designed to secretly monitor a user's activities without their consent.

Signup and view all the flashcards

Adware

Software that displays advertising material automatically.

Signup and view all the flashcards

Keyloggers

Spyware designed to record every keystroke a user types.

Signup and view all the flashcards

Rootkits

Malware designed to gain privileged access to a computer or network.

Signup and view all the flashcards

Denial of Service (DoS) Attack

Cyberattack making a website or network unavailable by flooding it with traffic.

Signup and view all the flashcards

Distributed Denial of Service (DDoS) Attack

Attack from multiple sources aimed at overwhelming a system.

Signup and view all the flashcards

Man-in-the-Middle (MITM) Attack

Cyberattack where an attacker intercepts and alters communication between two parties.

Signup and view all the flashcards

Study Notes

  • Cybersecurity involves safeguarding computer systems, networks, and data from cyberattacks
  • This includes utilizing technology, policies, and practices to prevent cyber threats malware, phishing, and ransomware

Importance of Cybersecurity

  • Cybersecurity is important for the protection of sensitive information
  • Cybersecurity is important prevention of identity theft and fraud
  • Cybersecurity is important for maintaining trust and reputation
  • Legal compliance is a key benefit of cybersecurity
  • Cybersecurity can provide operational continuity after an attack

Network Security

  • Network security protects networks, programs, and online systems from digital attacks
  • Network security prevents illegal access to user accounts and documents
  • Network security secures network integrity

Information Security

  • Information Security also known as InfoSec, this protects the confidentiality and availability of data
  • Important sensitive information is only accessible to authorized users
  • Cybersecurity is an element of information security protecting digital data and systems
  • Information security protects data in all forms

CIA Triad Model

  • The CIA triad outlines the core principles of information security, including confidentiality, integrity, and availability
  • It acts as a framework for developing security policies and procedures

Confidentiality

  • Confidentiality restricts access to information, including personal and proprietary data
  • Aims to prevent unauthorized access to data
  • Focuses on protecting against password theft and computer theft

Integrity

  • Integrity ensures data accuracy and trustworthiness
  • Integrity prevents unauthorized modification or destruction of data
  • Maintains data authenticity

Availability

  • Availability ensures authorized users can access data and systems when needed
  • Ensures data availability in a timely and reliable manner

Cybersecurity vs. Information Security

Cybersecurity Information Security
Focus Protects digital systems and data Protects data in all forms, digital and physical
Examples Firewalls, intrusion detection systems, encryption Protecting customer account details, financial data, and intellectual property
Goals Protects systems, networks, and programs from attacks Protects data confidentiality, integrity, and availability

Cloud Security

  • Cloud security is a set of strategies and technologies protecting cloud-based data, applications, and infrastructures

Cloud Security Goals

  • Data privacy is a key goal by keeping data private and safe across cloud platforms, applications, and infrastructure
  • Compliance ensures that cloud services adhere to legal and regulatory requirements
  • Access control manages cloud access to prevent unauthorized entry

Cloud Security Types

  • Cloud security types include Software-as-a-Service (SaaS)
  • Cloud security types include Platform-as-a-Service (PaaS)
  • Cloud security types includs Infrastructure-as-a-Service (IaaS)

Software-as-a-Service (SaaS)

  • A cloud-based model enabling users to access software applications via the internet
  • The software provider manages the software and its provision in a SaaS model
  • Payment subscription-based, with fixed monthly fees based on the plan and number of users
  • Example for Enterprise Resource Planning(ERP), Content management system(CMS), Human Resource Management System(HRMS), Office365, Google Apps etc.

Platform-as-a-Service (PaaS)

  • A cloud-based service providing an environment for developing, managing, and deploying applications
  • PaaS is a pay-as-you-go service, eliminating the need for hardware and software maintenance
  • Payment is pay-as-you-go, based on usage of compute resources, storage, and services
  • Example for Google Cloud, Microsoft Azure, AWS, IBM Cloud, Red Hat OpenShift, Oracle Cloud Platform (OCP), Heroku, Mendix, Engine Yard, and OpenStack etc.

Infrastructure-as-a-Service (IaaS)

  • A cloud computing service providing on-demand access to computing resources
  • Payment is pay-as-you-go, based on the amount of virtual server time, storage space, and network utilized

Features of IaaS

  • Offers on-demand access, allowing users to request and configure resources for running applications and IT systems
  • Payment is pay-as-you-go
  • Involves scalability and the IaaS can be scaled up or scaled down to meet changing needs
  • Examples: Amazon Web Services (AWS), Elastic Compute Cloud (EC2), Microsoft Azure, Google Compute Engine (GCE), Joyent, Linode, Rackspace, DigitalOcean etc.

Choosing The Right Model

  • For basic needs and minimal customization, choose SaaS
  • For developing and deploying custom applications, choose PaaS
  • For full control of infrastructure and complex deployments, choose IaaS

Internet of Things (IoT) Security

  • IoT security focuses on protecting the devices, networks, and data that make up the IoT
  • IoT include computers, phones, appliances, and smart devices that connect to the internet

IoT Security Goals

  • The main goal is to protect user privacy and data confidentiality
  • One goal is to ensure device security and infrastructure security
  • A key task is to allow the IoT ecosystem to function smoothly

Iot Security Devices

  • Surveillance cameras monitor the environment in real time and are viewed remotely
  • Smart locks are controlled remotely and have biometric recognition capabilities
  • Smart alarms detect threats like break-ins, fire, and carbon monoxide
  • Door/window sensors alert when doors or windows are opened or tampered with
  • Smart detectors detect environmental hazards like smoke, gas leaks, and water leaks

Application Security

  • Application security uses measures to protect applications from cyber threats
  • It secures software code and data during design, development, and deployment

Application Security Tools

  • Web Application Firewalls (WAF) monitor/filter HTTP traffic between a web application and the internet
  • Multi-factor authentication (MFA) requires users to provide identification before application access
  • Anti-virus software removes malicious software from computer systems or applications

Endpoint Security

  • Endpoint security applies measures protecting devices like laptops, desktops, and mobile devices
  • Endpoint security is also called endpoint protection

Endpoint Security Work

  • Endpoint security software, is an endpoint protection platform (EPP), that protects devices from cyber threats
  • Endpoint security contains antivirus, anti-malware, and firewall protection
  • Endpoint security platforms identify and block risky devices from accessing a corporate network
  • Endpoint security platforms monitor the security posture of devices

Zero Trust Security

  • Zero trust security operates under the assumption that no user or device is inherently trusted
  • Zero Trust Network Access (ZTNA) only connects users to resources they are authorized to access

Zero Trust Examples

  • Multifactor authentication requests two or more forms of authentication to sign in
  • Zero Trust Network Access (ZTNA) only connects users to the resources they have permission to access

Cybersecurity Threats

  • Common cybersecurity threats include phishing, malware, ransomware, DDoS attacks
  • Supply chain attacks, social engineering, insider threats, password attacks, IoT attacks, cryptojacking, advanced persistent threats are also risks
  • These malcious activity for digital systems through sensitive data access, disruption, or theft

Phishing

  • A cybercrime where scammers trick people into revealing personal information or money
  • Disguised as legitimate entities, the scammer steals money, gains access, or installs malware

Types of Phishing

  • Email phishing sends fraudulent emails
  • Spear phishing targets specific individuals or organizations
  • Smishing sends text messages
  • Vishing uses phone calls
  • Clone phishing creates fake messages

Malware

  • Intrusive software developed by cybercriminals to steal or damage systems
  • Common malware includes viruses, worms, Trojan viruses, spyware, adware, and ransomware

Malware: Virus

  • A virus is a type of malware that alters files and data
  • It spreads from computer to computer and enters computers via attachments and downloads
  • Severity ranges from mildly disturbing effects to severely damaging data or software
  • The first computer virus was Creeper, crafted in 1971 by Bob Thomas
  • The message "I'M THE CREEPER. CATCH ME IF YOU CAN!" was shown for Creeper
  • The boot sector virus Brain created in 1987 for India
  • Brain virus as created by brothers Basit and Amjad Farooq Alvi (Lahore, Pakistan).

Malware: Worms

  • A worm is replicates itself from computer to computer without needing to attach to a host file
  • Worms can spread automatically through networks, email systems or the Internet without human intervention
  • The Morris Worm released in 1988, widely spread on the internet

Key Worm Characteristics

  1. Self-Replication: Worms replicate themselves across networks and systems
  2. Network Spread: They Exploit security vulnerabilities in operating systems or applications to spread, also spread through email, shared files, or instant messaging
  3. Payload Delivery: While the primary purpose of a worm is to spread, many worms carry a payload-a secondary malicious program to cause damage. Data theft, file corruption, or malware installation result
  4. Resource Consumption: Consume excessive system resources, like bandwidth and processing power
  5. Remote Control: Design creates backdoors into infected systems for remote control/launching further attacks

Famous Worms:

  • ILOVEYOU (2000): a very famous email worm, used the subject line "ILOVEYOU," caused global damage
  • Blaster (2003): Exploited vulnerability in Microsoft Windows, causing affected computers to repeatedly reboot
  • Conficker (2008): Spread through Microsoft Windows by exploiting vulnerabilities and creating a botnet
  • Stuxnet (2010): Targeted Iran's nuclear program by damaging industrial control systems

Trojan Horse

  • A type of malicious software that appears legitimate
  • Gives attackers access to a system, steal information, damage files, or provide a backdoor

Trojan Characteristics

  1. Deceptive Behavior: Trojan’s disguise themselves as legitimate software or files
  2. No Self-Replication: Trojans don't replicate themselves. The use the users them by open / execute them.
  3. Malicious Payload: Once installed, a Trojan can deliver a variety of malicious payloads. This gives attackers control of the system, stealing personal information, or installing other types of malware
  4. Backdoor Access: Trojans open a "backdoor" on an infected system Cybercriminals from remotely control or access the system without the user's knowledge.

Famous Trojan Horse

  1. Zeus/Zbot (2007): Banking Trojan, designed to steal banking credentials
  2. Emotet(2014): Banking Trojan, evolved into a sophisticated malware and spreads through malicious email attachments.
  3. SpyEye(2009): Banking Trojan and steals login credentials
  4. Dridex(2014): Banking Trojan and steals banking credentials.
  5. Trojan-Dropper: Delivers payloads for infection of other types of malware

Other Famous Trojan Horse

  1. Red October(2012): Cyber-espionage Trojan and steals sensitive data
  2. TrickBot(2016): Banking Trojan, steals financial data and login credentials
  3. Kelihos(2008): Used to a create botnet. that steals data
  4. Emotet(2014): Primarily used for Malware distribution and delivers other malware,
  5. Andromeda/Gamarue(2011): Downloader to install other malware for information theft

Malware: Ransomware

  • Encrypts a victim's files or locks them out of their system so they make a payment for data restoration
  • Ransomware are known to attacks to cryptocurrency (e.g., Bitcoin for anonymity.
  • Ransomeware can financial loss, operational disruption, and data breaches
  • The AIDS Trojan in 1989, first documented ransomware attack
  • Created by Joseph Popp, a biologist and AIDS researcher
  • Examples: CryptoLocker, WannaCry, Locky, Reveton, Police Virus, Sodinokibi, etc.

Malware: Spyware

  • Designed to monitor/gather data for user's activities without the user knowing
  • Can track track internet browsing habits, keystrokes, login credentials, and sensitive personal information
  • Common types of spyware adware, keyloggers, rootkits, and Trojan viruses

Adware

  • Software that automatically displays or downloads advertising material
  • It is often bundled with other software and can negatively affect a user's system
  • Known for Track User Behavior, Annoying Pop-ups, Bundled withFreeware, Privacy Concerns

Keyloggers

  • Designed to record all keystrokes a user types on their device
  • Can capture sensitive information like login credentials, credit card numbers, emails, and personal messages

Rootkits

  • Designed to gain privileged access to a computer or network
  • Can hide easily in the operating system and have difficult detection and removal
  • Allows attackers long-term access to a system

Comparison of Adware, Keyloggers, and Rootkits

Feature Adware Keyloggers Rootkits
Primary Purpose Display targeted ads Record keystrokes Gain privileged access
Visibility Often visible Usually runs invisibly Hides itself
Impact on System Slows down the system Captures sensitive information Takes control of the system
Privacy Risk Compromises browsing behavior Captures usernames and passwords Provides remote access
Removal Difficulty Easy to remove Tricky to remove Extremely difficult to remove
Example Software Gator, Zango Perfect Keylogger, REFOG Keylogger TDSS, Sony BMG Rootkit

Denial of Service (DoS) Attack

  • A cyberattack that makes a website / network unavailable is an overload of traffic
  • The goal to disrupt normal functioning
  • To does this, A target slows down/ unresponsive, and traffic handles the target

Difference Between DoS and DDoS Attack

  • A DoS attackers originates attacks device or a computer system
  • A DDoS which more different computers / IoT servers
  • DDoS comes compromised spread out on a network
Aspect DoS Attack DDoS Attack
Source of Attack Single source Multiple sources
Scale of Attack Limited in scale Large scale
Complexity Simple to execute Complex to execute
Detection & Mitigation Easier to detect Harder to detect
Impact on Target Local impact Widespread impact
Cost of Execution Low cost High cost

Man-in-the-Middle Attack

  • A user's communication is cyberattcked is intercepted, and even communication between both parties
  • The attacker puts self to sender and receiver to monitor/modify exchange data

Real-World Man-In-The-Middle Attacks

  1. Wi-Fi Eavesdropping / Evil Twin Attack : A hacker monitor to Wi-Fi network at airport
  2. Phishing with MITM: A hacker is fake and leads back to official

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Quiz Team

Related Documents

More Like This

Computer Network Security
5 questions

Computer Network Security

SpiritualRainbowObsidian3411 avatar
SpiritualRainbowObsidian3411
Network Security Lecture 10
14 questions

Network Security Lecture 10

TantalizingPlutonium avatar
TantalizingPlutonium
¿Qué sabes de seguridad informática?
45 questions
Use Quizgecko on...
Browser
Browser