Cybersecurity Basics Quiz

Study Notes

Cybersecurity

In today's fast-changing digital landscape, cybersecurity plays a crucial role in protecting individuals and organizations from potential threats. Understanding the basics of cybersecurity terminology, common threats, vulnerabilities, information security principles, and securing systems and data is essential to safeguarding your valuable information.

Basic Terminology

To begin with, let's familiarize ourselves with some fundamental cybersecurity terms:

Rootkit: A piece of software designed to give unauthorized access to a computer system while preventing detection.
Sandbox(ing): An isolated environment on a network that mimics end-user operating environments, used to safely execute suspicious code without risking harm to the host device or network.
Scareware: Malware that uses scare tactics to trick users into visiting malware-containing websites.
Security as a Service (SECaaS): A cloud computing service where the provider offers customers the ability to use applications with minor configuration tweaks, while maintaining the application themselves.
Secure Socket Layer (SSL): The standard security technology for establishing an encrypted link between a web server and client. It was originally developed by Netscape to enable private transmission of documents via the internet.

Common Threats

Some common cybersecurity threats include:

Data Breach: The result of a hacker gaining control of a system's network and exposing its data, often containing personal information like credit card numbers, bank account numbers, Social Security numbers, etc.
Denial of Service (DoS)/Distributed Denial of Service (DDoS) Attacks: An attempt to overwhelm a server with excessive requests from different systems, aiming to prevent legitimate users from accessing the service.
Phishing: A type of social engineering attack where cybercriminals create fake emails, websites, or messages to trick individuals into revealing sensitive information or downloading malware.

Vulnerabilities

Vulnerabilities are weaknesses in systems that can be exploited by attackers:

SQL Injection: An attack on web applications where an attacker injects malicious SQL statements into a website's database query to gain unauthorized access.
Cross-Site Scripting (XSS): A type of attack where an attacker embeds malicious scripts into a webpage, allowing them to steal user's data or take control of their browsers.
Buffer Overflow: An issue that occurs when a program tries to store more data in a memory buffer than it can handle, potentially leading to a crash or unintended code execution.

Information Security Principles

Information security principles help protect valuable information from unauthorized access:

Confidentiality: Ensuring sensitive information is accessible only to authorized individuals and systems.
Integrity: Maintaining the accuracy, completeness, and trustworthiness of all data stored on a system.
Availability: Ensuring users have secure access to the information they need whenever they need it.

Securing Systems and Data

To protect systems and data, consider these best practices:

Use strong passwords and multifactor authentication (MFA).
Regularly update software and operating systems to patch known vulnerabilities.
Conduct regular penetration tests to find and fix weaknesses before they can be exploited.
Educate employees on cybersecurity awareness to prevent phishing attacks and other social engineering tactics.