Cybersecurity Essentials - Module 3

Questions and Answers

What are some common ways mobile applications can be compromised?

Weak passwords

Malware

Poorly designed apps

All of the above (correct)

Rooting or jailbreaking a device can make it more vulnerable to security threats.

True (A)

What are some reasons why desktop software should be kept physically secure?

To prevent unauthorized access or theft of data.

What type of software is used by businesses to automate transactions?

Business software

How do modern workplaces secure data?

Through employee education and strong tools that can prevent, detect, and respond to threats

What is one way businesses can limit access to protect their files, systems, and resources?

Limiting who can access data on a need-to-know basis.

What is a major concern regarding consumer-level cloud sharing?

Both A and B (D)

What are ways to configure network sharing?

All of the above (D)

What is an easy target for cybercriminals? Why?

HTTP protocol (C)

What are some ways to identify secure websites?

All of the above (D)

What is adware?

Malware that displays unwanted ads.

Redirection is a security threat that occurs when a user is unintentionally sent to a different website than the one they intended to visit.

True (A)

Search engines use algorithms to detect harmful sites, but browsers do not.

False (B)

What are some benefits of browser caching?

Caching can help improve website loading times and reduce bandwidth usage.

What does private browsing do?

Deletes cookies, history, and cache (A)

What does the Whois Lookup tool do?

Provides information about a website's owner (C)

What are the two types of VPN connections?

Hardware-based and software-based.

A VPN operates by creating an encrypted tunnel between two or more sites.

True (A)

Which type of VPN is commonly used to connect two networks?

Site-to-site VPN (A)

Which type of VPN is utilized when a remote user needs to connect securely to a site?

Host-to-site VPN

What is a common application for Host-to-host VPNs?

Connecting two remote users securely.

Which type of hardware is commonly used for creating VPNs?

VPN concentrators (B)

Where is VPN software often included?

Virtual LANS (A), Operating systems (B), Browsers (C)

What is IPsec?

A suite of network standards and protocols that use cryptography to protect data traveling over the Internet.

What are the two modes of the IPsec suite?

Tunnel mode and transport mode.

What is the primary function of the IPsec Authentication Header (AH) protocol?

To authenticate senders and IP addresses (B)

What is the primary function of the IPsec Encapsulating Security Payload (ESP) protocol?

To encrypt data and authenticate data and senders.

The IPsec suite uses Security Associations (SA) to define which types of hashing and encryptions are utilized in each connection.

True (A)

The Internet Key Exchange (IKE) protocol is used to securely exchange cryptographic keys between parties during IPsec setup.

True (A)

Anti-replay protection prevents hackers from re-using previously captured data packets to gain unauthorized access to a network.

True (A)

Flashcards

Cybersecurity

The practice of protecting systems, networks, and programs from digital attacks.

Malware

Malicious software intended to harm or exploit any programmable device.

Phishing

A method of trying to gather personal information using deceptive emails and websites.

Firewall

A network security system that monitors and controls incoming and outgoing network traffic.

Encryption

The process of converting information into a code to prevent unauthorized access.

Two-Factor Authentication (2FA)

An extra layer of security requiring not just a password but also something you have.

Virus

A type of malware that attaches itself to legitimate software and replicates itself.

Spyware

Software that secretly monitors user actions and collects personal information.

Ransomware

A type of malware that locks your files and demands payment for access.

Cyber Attack

An attempt to steal, damage, or disrupt data or systems.

Study Notes

Cybersecurity Essentials - Module 3

• Mobile Applications: Mobile apps are designed for ease of use, but not always security. Common vulnerabilities include weak passwords, malware, and poor design.

• Mobile Application Security: For enhanced security, use strong passwords (long, mixed characters, letters, numbers, symbols, capitalization), app store applications, and multi-factor authentication (MFA).

• Rooting and Jailbreaking: Some users modify device restrictions to install non-approved apps (rooting/jailbreaking). This practice enhances functionality but also introduces vulnerabilities. Device manufacturers restrict certain activities and remove apps from stores if security standards aren't met.

• Desktop Software: Desktop software, whether locally stored or cloud-based, requires security measures. Weak passwords, lack of physical security, and non-HTTPS browsing pose risks. Ensure antivirus software, VPN usage, strong passwords, MFA, physical security, and HTTPS browsing are employed.

• Business Software: Business software automates transactions, manages data, etc. Cyberattacks, like ransomware, endanger sensitive company data. Protecting data requires employee education and robust security tools for prevention, detection, and response.

• Corporate Network: To secure files, systems, and resources, limit network access. Internal network sharing should adhere to company-owned hardware guidelines. Enforce company policy on data sharing (need-to-know basis). File sharing should be manageable, not unnecessarily difficult.

• Corporate Network (continued): Consumer-level cloud and sharing services have security weaknesses. Insecure settings can expose businesses to data breaches.

• Corporate Network (continued): Security depends on the weakest link. Methods for network sharing include on-premises, cloud-based sharing, and proper use of freeware accounts.

• Recap (Module 3): Strong passwords, antivirus/malware software, VPNs, and updates are vital for securing apps and devices. Hackers target sensitive data, intellectual property, trade secrets, and financial data. Multifactor authentication is essential for data, information, and consumer trust.

Cybersecurity Essentials - Module 3: Public Browsing

• Public Browsing Concerns: Public browsing poses significant security risks. Public wifi is often unencrypted, making data easily intercepted. This compromises data and credentials. Public wifi access makes devices vulnerable to attacks.

• Public Browsing Risks: Session hijacking occurs when an attacker intercepts and hijacks the user’s online session. Shoulder surfing involves attackers in public areas to see essential information.

• Social Networking: Social networking sites use HTTPS, but users should verify website security before sharing data. Follow site's privacy and security settings to manage risks.

• Instant Messaging: Instant messaging systems often lack robust security protections, such as encryption or sender authentication.

• Internet Browsers: Websites using HTTP are less secure, especially on public WiFi, as data travels in plain text. Use HTTPS to encrypt data. Be vigilant to misleading URLs which could be malicious.

• Recap (Public Browsing): Data can be tracked and sold as public WiFi is unencrypted. Public browsing data can be intercepted by hackers.

Cybersecurity Essentials - Module 3: Browser Management

• Browser Configuration: Browsers need configuration for a secure browsing experience. Manage plug-ins, extensions, toolbars, and configure security zones.

• Browsers (Types): Common Browsers such as Chrome, Edge, Firefox, etc. are frequently updated.

• Security Zones: Security zones in browsers can restrict access to websites and can help protect devices. Modern browsers don't use zones as much.

• Add-ons: Use appropriate and supported add-ons (plug-ins, extensions, toolbars), as outdated or malicious add-ons can introduce security vulnerabilities.

• Cookies: Cookies are text files with small pieces of data that aid internet use. Cookies have types, including session cookies, persistent cookies, authentication cookies, tracking cookies, and others.

• Security Certificates: SSL certificates verify website identity, enabling encrypted connection. Root certificate stores, such as Apple, Microsoft, Mozilla, and Google, maintain trust in websites by using certificates of authority.

• Browser Updates: Staying updated with browser versions is paramount to protecting devices. Automatic updates are ideal, and prompted updates should be used when available.

• Recap (Browser Management): Keeping browsers updated, managing add-ons, understanding security certificates and cookie types, and employing safe browsing best practices are crucial for securing devices and data.

Cybersecurity Essentials - Module 3: Additional Topics

• Browser Cache and History: Browser caches store downloaded webpages for efficient loading. The cache can impact performance. Browser history can be helpful or harmful. Use clear history & cache options, or manage cache space.

• Private Browsing: "Incognito" mode does not save browsing history, cookies, site data, or form data - but it doesn't hide activity from employers, schools, and ISPs.

• Malicious Websites: Be aware of misleading URLs, poorly designed sites impersonating genuine ones. Malicious code and phishing scams are common on harmful sites.

• Safe Websites: Identify safe sites using Whois Lookup, reviews, HTTPS, and trust seals.

• Adware & Popups: Adware displays unwanted ads, is bundled with apps, collects data, tracks online activity, can alter websites and degrade performance. Security measures are required to mitigate issues.

• Redirection: Redirection aims to direct users to advertising or dangerous code. Avoid hijacking by using updated browsers and software. The use of malware, unwanted add-ons/extensions, and malicious website servers cause redirection.

Cybersecurity Essentials - Module 3: VPNs

• VPNs: VPNs, or virtual private networks, encrypt data transmitted between two or more sites, making traffic unreadable to unauthorized parties. VPNs can be hardware-based or software-based.

• VPN Types: Site-to-site VPNs connect two sites. Host-to-site VPNs connect a remote device to a site, and host-to-host VPNs connect two remote devices.

• VPN Hardware Components: VPN hardware includes VPN concentrators, routers, and firewalls.

• VPN Software Components: VPN software is integrated into software such as Windows OS or browsers (like Edge, Opera, or Firefox).

• IPsec: IPsec is a set of network protocols that use cryptography to protect data travelling over the Internet, providing authentication and encryption. Its core components such as IPsec Authentication Header (AH) and Encapsulating Security Payload (ESP) are used for security.

• Recap (VPNs): This module covers VPNs, their types (Site-to-Site, Host-to-Site, Host-to-Host), and the equipment components. Critical features also include protecting data through encryption and authenticating data.

Description

This quiz covers key concepts from Module 3 of Cybersecurity Essentials. Topics include vulnerabilities in mobile applications, security measures for desktop software, and the implications of rooting and jailbreaking devices. Test your understanding of mobile app security strategies and common threats.