Cybersecurity Basics Quiz

Questions and Answers

What is the primary focus of cybersecurity?

Protecting sensitive information and systems from unauthorized access, use, disclosure, disruption, modification, or destruction (correct)

Monitoring and responding to cyberattacks

Creating secure networks for businesses

Developing new security software for personal computers

Which of these is NOT a common type of cyber attack?

Malware

Social Engineering

Phishing

Quantum computing (correct)

What is the role of a firewall in cybersecurity?

A firewall detects and removes viruses from computers

A firewall blocks unauthorized access to a network (correct)

A firewall provides identity verification for users

A firewall encrypts data to secure communication

What is the importance of strong passwords in cybersecurity?

Strong passwords prevent attackers from guessing your login credentials (D)

What is a potential threat associated with social engineering in cybersecurity?

All of the above (D)

Study Notes

Cybersecurity Essentials - Module 2

• Learning Objectives: The module will cover password management practices, password cracking techniques, password policies, creating strong passwords, password confidentiality, password reuse, password expiration, and authentication methods.

Password Cracking

• Definition: Password cracking is the unauthorized process of obtaining a correct password.
• Methods:
  • Brute force attacks: Submitting many passwords as possible.
  • Dictionary attacks: Using words from dictionaries or newspapers.
  • Rainbow attacks: Employing words from the original password hash.
  • Hashing: Transforming an input string (like a password) into a fixed-length output string (a hash).

Managing Passwords

• Importance: Strong passwords and effective strategies are essential for online security.
• Statistics: 80% of company data breaches are caused by weak or stolen passwords.
• Best Practices:
  • Each online account should have a unique password.
  • Employee training should emphasize the importance of password management and data security.

Password Policies

• Definition: A set of rules guiding the use of strong passwords.
• Policy Components:
  • Minimum length of 12 characters.
  • Mix of upper/lowercase letters, numbers, and special characters.
  • Unique password for each account/device.
  • Mandatory password changes every 6-12 months.
  • Employee training on cyberattacks.
• Employee Guidelines:
  • Never reuse nor recycle passwords.
  • Never share passwords, even with the CEO.
  • Never write passwords down.
  • Never store passwords in digital files.

Creating Better Passwords

• Hacker Capabilities: Hackers can guess one trillion passwords per second.
• Strong Password Criteria:
  • Minimum 12 characters.
  • Avoid using names, places, dictionary words, or personally identifiable information (PII).
  • Use a mix of uppercase, lowercase letters, numbers, and special characters.
  • Avoid using "leet" (e.g., 1337).
  • Use random characters or phrases/passphrase (sequence of random words).

Password Confidentiality

• Organizational Policy: Organizations should never ask customers or employees for their passwords.
• Preventing Attacks:
  • Employees who know their company will never ask for passwords are not likely to fall prey to impersonation/phishing attacks.
  • Never share passwords with anyone, even with superiors or IT personnel.
  • IT staff should perform their tasks using their own logins.

Password Reuse

• Risks: Hackers easily link previously used passwords to people and can 'spray' common passwords for multiple accounts.
• Recommendations: Don't reuse passwords across accounts. Avoid common passwords like "12345" or "password".

Password Expiration

• Definition: A password that expires after a specific amount of time.
• Rationale: Frequent password changes provide better security by reducing the risk of compromised credentials. However, too many changes can negatively impact security.
• Past Practices: In the past, employees often had to change their passwords every 90 days.
• Alternative approach: Longer intervals can allow more security.

Single-Factor Authentication (SFA)

• Definition: Only one credential (e.g., username/password) is required.
• Vulnerabilities: Vulnerable to keystroke loggers, phishing, and data breaches.

Two-Factor Authentication (2FA)

• Definition: Two credentials are required to log in: a username/password and a second factor (e.g., a code sent via SMS text message or a security key).
• Hardware-based: Typically involves a security key that plugs into a USB port.
• Newer versions: Employ NFC technology, enabling devices to be used for authentication if only near the device.
• Security Advantages: 2FA devices provide enhanced protection against phishing and hijacking attempts.

Multifactor Authentication (MFA)

• Definition: Uses several credentials to log in—something you know, something you have, something you are, somewhere you are).
• Effectiveness: Security is significantly reduced through multiple factors, resistant to keystroke loggers, and reduces phishing risks.

Identification Factors

• Definition: These unique pieces of information are used by authentication services to verify your identity.
  • Something you know (password, PIN).
  • Something you have (phone, OTP token).
  • Something you are (biometric traits).
  • Somewhere you are (location-based).

Single Sign-On (SSO)

• Definition: Allows users to log in to multiple apps/services with one login.
  • Simplifies and speeds up access to various resources.
  • IT can automate login when users access the network and avoid remembering numerous credentials.

Network Access Control (NAC)

• Purpose: Pre-emptive network protection that prevents harmful devices from entering the network.
• Functions: Security access control measures that restrict access to network resources and assets.

Managing Email

• Email Management: Classifying and deciding whether emails should be saved or deleted.
  • Inbox management (keeping it clean, organized folders, filters).
  • Un-subscribing.
  • Turning off notifications.

Identifying and Managing Spam

• Definition: Unwanted or unsolicited email sent in bulk to multiple recipients.
• Common Methods: Emails, text messages, instant messages, robocalls, or social media-posts.
• Types of Spam:
  • Malicious files that infect systems with malware
  • Files that steal sensitive data
  • Files that join systems to a botnet
  • Steps to reduce spam include not providing email addresses, using throwaway accounts, setting up spam filters, and employing well-equipped email applications.
  • Identify links and attachments in spam messages that could infect systems with viruses or steal sensitive data

Identifying Phishing Scams

• Definition: Hackers use fraudulent emails and messages to steal personal or financial information.
• Common Scams:
  • Fake emails/messages alerting users to suspicious activities on their accounts (or payments).
  • Emails that ask users to provide sensitive information (like passwords, credit cards, social security numbers).
  • Emails or messages asking users to click on links to make payments, or to sign-up for suspicious accounts.
  • Suspicious links or attachments are often used to spread malware, steal sensitive data, or to join compromised systems to a botnet.
  • Look out for suspicious email text, logos or URLs that may include typos.
• How to Avoid:
  • Never click suspicious links.
  • Never open attachments from unknown senders.

Device Hardening

• Definition: Securing a device to minimalize vulnerabilities, or to harden devices, include ensuring that the device has the latest firmware, OS and software updated.
• Methods:
  • Disable unneeded features.
  • Update firmware, OS, and software.
  • Utilize firewalls, VPNs, and anti-malware.

Apps and OSes

• Automatic Updates: Turn on automatic updates for PCs, phones, tablets, and routers to protect applications and OSes. Outdated systems are frequent targets for hackers.
• Secure Apps: Use trusted sources for apps and drivers. Verify the authenticity/digital signatures for apps and drivers.
• Regular Updates: Update applications, OSes, and drivers regularly to patch known security vulnerabilities.
• Security Measures: Employ proper security measures such as VPNs and firewalls to safeguard systems against vulnerabilities

Patching updates

• Definition: Updates to apps and OSes to fix security weaknesses.
• Importance: Critical to security in unknown threat situations.
• Example Measures: Employ MFA, VPN, and strong passwords.

Firmware Updates

• Definition: Software that controls hardware behavior.
• BIOS passwords: The Basic Input Output System (BIOS), critical in the initial booting of Windows and Linux PCs. The BIOS runs critical hardware checks before starting the OS.
• Secure Boot: This is a feature of the Unified Extensible Firmware Interface (UEFI). It helps confirm OS manufacturer's digital signatures, preventing malware from taking over during boot-up processes.
• Trusted Platform Module (TPM): A chip that stores encryption keys, preventing data tampering or un-encryption if unauthorized tampering/un-authorized access is detected.
• Drive Encryption: Scrambles data on a drive, making it unreadable without the correct decryption keys.

Encryption

• Definition: Scrambling readable text into unreadable ciphertext in order to protect the data and prevent unauthorized access. An algorithm is used in the process.
• Types:
  • Symmetric Encryption: Uses the same key for encryption and decryption (faster but harder to protect the key if used widely).
  • Asymmetric Encryption: Uses a separate key for encryption and decryption (slower but easier to protect one of the keys/encryption keys).
  • Encryption Used Locally: Encryption can be used on hard drives, smartphones, and thumb/flash drives.

Disabling Features and Ports

• Hackers' Methods: Hackers employ device features and ports to steal data and inflict damage.
• Features to Disable: Autorun (automatically running programs). Bluetooth (vulnerable to data interceptions). NFC (has limited security).
• Ports to Disable: Port 443 (for secure web traffic, HTTPS), Port 22 (for secure server connections, SSH), and Port 80 (for standard web traffic, HTTP).

Zero-Day Attacks

• Definition: A new attack that does not have a recognized patch or update to fix the vulnerability.
• Prevention: Use tools like VPNs, IDS/IPS (intrusion detection and prevention systems). Only visit trusted sources. Adhere to general cybersecurity standards.

Apps That Harden

• Importance: Reliable anti-malware, anti-spyware, anti-virus software, firewalls, and VPNs are crucial for bolstering security.
• Types: Anti-virus, anti-malware, anti-spyware, and software firewalls along with VPNs.

Firewalls and VPNs

• Firewalls: Monitor and block connections, preventing unwanted traffic from entering a network.
• VPNs: Encrypt traffic and keep data secure even in public network environments, disguising your activity.

Open Wifi vs Secure Wifi

• Open Wifi Risks: Hackers can intercept, steal personal information, drain accounts, or scam contacts.
• Secure Wifi: Significantly safer by encrypting communications, thus preventing unauthorized access to data or compromising valuable information.
• Public Wifi Tips: Use a VPN, visit reputable HTTPS web-sites. Avoid accessing or transmitting sensitive information/data from poorly secured Wifi sources.

Default Passwords

• Vulnerabilities: Default passwords or usernames and passwords are easily discoverable by hackers and frequently used on many devices.
• Risks: Hackers exploit these default accounts or passwords to gain unauthorized access to sensitive information.
• Security Loophole Fixes: Disable built-in accounts, and apply strong passwords.

Software Sources Validation

• Validation Procedures: Ensure your software, cloud services, device drivers, and firmware upgrades are obtained from reputable and authentic sources.
• Legit Sources: Vendor app stores, authorized resellers, manufacturer's OEMs (original equipment manufacturers or OEMs), and software manufacturers. Download only from secure sources (e.g., using HTTPS).

OEM vs. Third-Party Websites

• OEM Websites: Original equipment manufacturers (OEM) websites provide drivers and firmware updates for their hardware.
• Beware of Third-party Websites: Third-party websites claiming to have latest software updates or drivers can represent a security risk (e.g., malicious viruses or spyware). Research any downloading sites and ensure they have credible, positive reviews.

Unwanted Software

• Uninstall Software: Uninstalling software that is no longer needed or used reduces potential vulnerabilities on computers.
• Vulnerabilities: Aging or unused software can have existing vulnerabilities that are susceptible to exploitation and represent a security risk.

Removal of Malicious Software

• Importance: New attacks and malware are released daily; anti-malware tools and VPN services are crucial.
• Tools: Many reputable software companies offer free anti-malware tools that can remove malicious programs automatically.

Keeping Computers Safe

• Security Best Practices: Methods to keep computers safe and secure from malware.
• Avoid Risky Scenarios:
  • Avoid questionable HTTP sites.
  • Avoid using filesharing software or sites.
  • Avoid opening attachments from unknown senders.
  • Avoid clicking on suspicious or unknown links in emails or messages.
• Secure Practices: Use trusted antivirus and anti-malware tools, firewalls, and VPNs.

List of Authentication Factors

• Something you know: Password, PIN.
• Something you have: Phone, tokens, OTP codes, authenticator app.
• Something you are: Biometric measurements, fingerprint.

Cryptographic Hashes

• Purpose: Cryptographic hash algorithms help create short strings of characters or numbers from lengthy strings like file codes or passwords, and are one-way processes.

Encryption Key Use Cases

• Symmetric encryption: Uses a single key to encrypt and decrypt data, memory-efficient, quick, and is well-suited for larger amounts of data.
• Asymmetric encryption: Uses pairs of keys to encrypt and decrypt data.

Data at Rest

• Definition: Data inactive, stored, on devices and not yet transmitted.
• Protection: Encrypt data at rest using hardware or software encryption.

Data in Motion

• Definition: Data being transferred between devices.
• Protection: Use HTTPS for web transactions to protect data. Employ end-to-end encryption for communications.

Summary

• Overall message: The presentations provided overview of cybersecurity concepts including strong password strategies, security vulnerabilities and methods to protect against unauthorized access. They detailed steps to increase cybersecurity and enhance online safety.

Description

Test your knowledge of fundamental cybersecurity concepts with this quiz. Explore topics like cyber attacks, firewalls, and the significance of strong passwords. Perfect for beginners looking to understand the essentials of cybersecurity.