Cybersecurity Concepts (CYB 201)

Questions and Answers

What does 'cyber' refer to in the context of cybersecurity?

Anything connected to or involving the digital or networked environment, including systems, devices, networks, and data.

What are the three core components of the CIA Triad, essential for comprehensive cybersecurity?

Authentication, Authorization, and Accounting

Vulnerability, Threat, and Risk

Security, Privacy, and Control

Confidentiality, Integrity, and Availability (correct)

Which of the following techniques is NOT used to achieve confidentiality?

Hashing (correct)

Biometric Authentication

Encryption

Access Control

Integrity ensures data is complete and accurate, even after unauthorized modifications.

False (B)

What is the purpose of redundant systems in ensuring availability?

Redundant systems act as backups, ensuring data remains accessible even if a primary system suffers a failure.

Which of the following is NOT a common authentication mechanism?

Network resilience (D)

What is the key difference between Role-Based Access Control (RBAC) and Mandatory Access Control (MAC)?

RBAC assigns access rights based on user roles within an organization, while MAC uses centralized policies to restrict access based on security classifications.

Digital signatures are used for accountability and non-repudiation. They can prove that a specific individual or entity sent the message, preventing them from denying it.

True (A)

What is the primary goal of implementing fault-tolerant methodologies in cybersecurity?

To design systems capable of continuing operations even in the event of component failures, minimizing disruptions and ensuring resilience.

Which of the following is NOT a key methodology used to achieve redundancy?

Biometric authentication (A)

What is the primary objective of intrusion detection and prevention systems (IDPS)?

IDPS monitor network and system activity for signs of unauthorized access or malicious behavior, preventing attacks and ensuring systems remain operational and secure.

The Bell-LaPadula Model is a formal model of security that primarily focuses on protecting data integrity by enforcing rules that prevent unauthorized modifications.

False (B)

What is steganography, and how does it differ from cryptography?

Steganography involves concealing data within other media (like images, audio, or text), focusing on hiding the existence of the message rather than securing it. Cryptography, on the other hand, aims to secure the message content by transforming it into an unreadable format.

How do firewalls enhance network security?

Firewalls act as barriers, filtering incoming and outgoing traffic based on predefined rules, to prevent unauthorized access from untrusted networks and protect internal systems.

Which of the following is NOT an example of a common cyber attack strategy?

Access control mechanisms (D)

What is a 'zero-day exploit'?

A zero-day exploit targets a vulnerability that has not yet been patched by vendors, allowing attackers to leverage it before any security measures can be implemented.

What is the primary motivation behind most cybercriminal activities?

Financial gain (B)

What is the purpose of access control lists (ACLs) in operating system security?

ACLs manage permissions for files and directories, defining which users can access specific resources, effectively controlling data access and preventing unauthorized actions.

The evolution of cybersecurity has led to a move towards more complex and sophisticated attacks, particularly with the emergence of AI-powered attacks.

True (A)

What is the primary focus of the NIST Cybersecurity Framework (CSF)?

The NIST CSF provides a flexible framework that organizations can adapt to their specific needs. It focuses on five core functions: Identify, Protect, Detect, Respond, and Recover, enabling organizations to assess their cybersecurity posture and improve resilience.

Which of the following is NOT a key component of the ISO/IEC 27001 standard?

Developing AI-powered security solutions (B)

What is the primary focus of the CIS Controls?

The CIS Controls prioritize essential actions and recommendations for securing systems and data, focusing on key areas like inventory management, secure configurations, and continuous monitoring.

COBIT is a framework specifically designed for managing payment card data security and compliance.

False (B)

What are the primary objectives of the PCI DSS standard?

The PCI DSS provides requirements for enhancing payment card data security, particularly for organizations handling payment card transactions. It aims to mitigate risks associated with payment card fraud and data breaches.

The evolution of cyberattacks has transitioned from simple pranks and curiosity-driven actions to highly sophisticated, politically and economically motivated operations.

True (A)

What was the significance of the 'Morris Worm' in cybersecurity history?

The 'Morris Worm' was one of the first significant cybersecurity incidents, highlighting the potential impact of malware and demonstrating the vulnerability of interconnected systems.

Which of the following is NOT a characteristic of cyberattacks in the 1990s?

The use of botnets for DDoS attacks (B)

What were some key characteristics of cyberattacks in the 2000s?

Cyberattacks in the 2000s saw a significant rise in financial motives, with the emergence of phishing, identity theft, botnets, and DDoS attacks. Advanced malware (spyware and adware) gained popularity, and nation-state sponsored attacks also became more prominent.

Stuxnet was a ransomware attack targeting critical infrastructure, specifically nuclear enrichment facilities.

False (B)

What is the primary motivation behind Advanced Persistent Threats (APTs)?

APTs are often state-sponsored operations with long-term strategic goals, aiming to gather intelligence, infiltrate organizations, or sabotage critical systems for espionage or political objectives.

What are some key trends and challenges in the future of cybersecurity?

The future of cybersecurity will be shaped by the increasing use of AI and machine learning in attacks, the emergence of cybercrime-as-a-service platforms, rising geopolitical tensions, and the growing vulnerability of 5G and IoT devices. This will require organizations and governments to adapt their strategies and defenses to address these evolving threats.

Which of the following is NOT a key area of government regulation in the digital age?

Financial market regulation (A)

What is the significance of the General Data Protection Regulation (GDPR)?

The GDPR is one of the most stringent data protection regulations globally, imposing strict guidelines on how businesses collect, store, and process personal data for individuals within the EU. It emphasizes the right to privacy and imposes significant fines for non-compliance.

Which of the following is NOT a key objective of the China's Cybersecurity Law?

Promoting international data sharing and cooperation (B)

What are some critical challenges associated with regulating artificial intelligence (AI)?

Regulating AI raises ethical, social, and legal challenges. Key concerns include algorithmic bias, transparency, accountability, and the impact on jobs and society. Finding the right balance between promoting innovation in AI and addressing these concerns is essential for ensuring responsible development and application of AI.

The Digital Markets Act (DMA) focuses primarily on protecting consumers from illegal content and promoting transparency on large online platforms.

False (B)

What is the purpose of the Online Safety Bill in the United Kingdom?

The Online Safety Bill aims to regulate social media platforms and other online services to protect users from harmful content, including hate speech, cyberbullying, and child exploitation, ensuring a safer online experience for users.

What is the primary goal of intellectual property regulation in the digital age?

To balance the protection of creators' rights with the free flow of information and access to technology (C)

Flashcards

Cybersecurity

The practice of protecting systems, networks, and programs from digital attacks.

CIA Triad

A model that guides security policies for information security, focusing on Confidentiality, Integrity, and Availability.

Confidentiality

Ensures that information is only accessible to authorized individuals.

Integrity

Ensures data is accurate and hasn't been altered by unauthorized entities.

Availability

Ensures that data and systems are accessible to authorized users when needed.

Authentication

The process of verifying the identity of a user or system before granting access.

Access Control

Mechanisms that restrict access to systems and data based on permissions.

Non-Repudiation

Ensures that individuals or entities cannot deny their actions or communications.

Malware

Malicious software designed to disrupt, damage, or gain unauthorized access to computer systems.

Phishing

A technique used to deceive individuals into revealing sensitive information by appearing trustworthy.

Ransomware

A type of malware that encrypts data and demands payment for decryption.

DDoS Attack

Distributed Denial of Service attack, where multiple systems overwhelm a target with traffic to make it unavailable.

SQL Injection

An attack that exploits vulnerabilities in a web application by injecting malicious SQL code.

Cryptography

The practice of securing information by transforming it into an unreadable format for unauthorized users.

Zero-Day Exploit

An attack that occurs on the same day a vulnerability is discovered, before a patch is available.

Intrusion Detection System

A system that monitors network or system activities for malicious actions or policy violations.

Incident Response Plan

A structured approach outlining how to detect, respond to, and recover from cybersecurity incidents.

Business Continuity Planning

Creating systems of prevention and recovery to deal with potential threats to a company.

Social Engineering

Manipulating people into breaking security protocols to gain sensitive information.

Firewall

A network security device that monitors and controls incoming and outgoing network traffic based on security rules.

Vulnerability Scanning

The process of identifying and analyzing vulnerabilities in systems and applications.

Penetration Testing

Simulated cyber attacks on a system, conducted to identify and fix security vulnerabilities.

Encryption

The process of converting information into code to prevent unauthorized access.

Malicious Insider

An individual within an organization who exploit their access for malicious purposes.

Advanced Persistent Threat (APT)

A prolonged and targeted cyber attack where an intruder gains access to a network and remains undetected.

Incident Response Team

A group responsible for preparing for and responding to cybersecurity incidents.

Data Backup

The process of creating copies of data to restore in case of loss or corruption.

Network Segmentation

The division of a computer network into smaller, isolated segments to improve security.

Threat Intelligence

Knowledge about existing or emerging threats to inform security decisions.

Supply Chain Security

Measures taken to protect the processes and partners involved in the production and distribution of goods.

Study Notes

Cybersecurity Concepts (CYB 201)

• Cybersecurity is about protecting digital assets (systems, data, and networks) from unauthorized access, breaches, and failures.
• Key concepts include Cyber, Security, Confidentiality, Integrity, and Availability (CIA Triad).
• Cyber: Refers to anything connected to the digital or networked environment.
• Security: Protecting data, systems, and networks from unauthorized access, damage, or disruption.
• Confidentiality: Ensures that information is accessible only to authorized individuals. Achieved through encryption and access control.
• Integrity: Ensures that data is accurate, complete, and hasn't been altered by unauthorized entities. Achieved through hashing and checksums.
• Availability: Ensures that systems, data, and services are available to authorized users whenever they are needed. Achieved through redundant systems and backup systems.

Authentication

• Verifying the identity of a user, device, or system before granting access.
• Methods include passwords, PINs, Multi-Factor Authentication (MFA), and biometric authentication.

Access Control

• Controls user access to resources based on roles, permissions, and policies.
• Types of access control include Role-Based Access Control (RBAC), Mandatory Access Control (MAC), Discretionary Access Control (DAC), and Attribute-Based Access Control (ABAC).

Non-Repudiation

• Ensures that actions taken cannot be denied later by confirming the authenticity and authorship of data.
• Methods include Digital signatures and logging audit trails.

Fault-Tolerant Methodologies

• Methods for systems to continue operating even in the face of component failures.
• Methods include Redundancy, Data Replication, Failover Systems, Load Balancing, and backups.

Security Policies and Best Practices

• Formal documents outlining an organization's approach to data and system protection.
• Examples include Acceptable Use Policies (AUPs), Data Protection Policies, Incident Response Policies, Access Control Policies, and Best Current Practices (BCPs).
• BCPs include Regular Software Updates, Multi-Factor Authentication (MFA), Strong Password Policies, Encryption of Sensitive Data, and Least Privilege Principle.

Testing Security and Incident Response

• Security testing methods: Vulnerability Scanning, Penetration Testing (Pen Testing), Red Team Exercises, and Security Audits.
• Incident Response (IR): Preparation, Identification, Containment, Eradication, Recovery, and Post-Incident Review.

Risk Management and Disaster Recovery

• Identifying, assessing, and mitigating risks.
• Risk Assessment, Risk Mitigation, Risk Acceptance, and Risk Transfer.

Basic Cryptography

• Symmetric Encryption (single key), Asymmetric Encryption (public and private keys), Hashing (unique digital fingerprint), and Digital Signatures.

Software Vulnerabilities & Mitigations

• Common software vulnerabilities: SQL Injection, Cross-Site Scripting (XSS), Buffer Overflow, Insecure Authentication, and Improper Error Handling.
• Mitigations include Input Validation, Secure Coding Practices, Regular Patching, and Static/Dynamic Analysis.

Evolution of Cyber-Attacks

• Types: Early Attacks (1980s-1990s), Organized Crime and Financial Motives (2000s), Advanced Persistent Threats (APTs) and Nation-State Attacks (2010s), Targeted Ransomware and Supply Chain Attacks (2020s), Ransomware-as-a-Service, and Al powered attacks.

Cybersecurity Policies Across Various Sectors

• Policies for Civil and Military institutions, Privacy, Business, Government, and Digital Platforms.

Examination of Networks, Protocols, Operating Systems & Applications

• Networks - Topology, Bandwidth, Latency, Reliability, Scalability, Security.
• Protocols - Communication Rules, Error Detection/Correction, Flow Control, and Congestion Control.
• Operating Systems - Resource Management, Concurrency, Security, Access Control, File System Management, Networking capabilities, Virtualization.
• Applications - Functionality, User Experience, Interoperability, Security, and Performance.

Methods and Motives of Cyberattacks

• Methods used by Cybercriminals, Hacktivists, Insiders, State-Sponsored Actors and other threats.
• Motives of Cyberattacks include Financial Gain, Political Agendas, Corporate Espionage, Revenge, or Sabotage, and Cyber Warfare.

Cybersecurity Incident Prevention and Detection

• Preventive measures, detective measures, and corrective measures to mitigate a cyber security incident.
• Examples include Security Awareness Training, Strong Authentication Mechanisms, Patch Management, Firewalls/Endpoint Protection, and Encryption.

Description

Explore the fundamental concepts of cybersecurity in this quiz. Understand the CIA Triad, which includes Confidentiality, Integrity, and Availability, and learn about the significance of authentication. Test your knowledge on protecting digital assets from unauthorized access and breaches.