Cybersecurity Ethics and Responsibilities Quiz

Questions and Answers

Which topic specifically addresses the legal and ethical responsibilities of computer professionals?

Overview of Ethics

Ethics of IT Organization

Impact of Information Technology on Society

Ethics for IT Workers and IT Users (correct)

What is a primary objective of implementing a strong security program?

To enhance user experience

To prevent cyberattacks (correct)

To improve software performance

To limit user access to programs

Which factor is most likely to contribute to the prevalence of computer incidents?

Rapid technological advancements (correct)

Robust cybersecurity measures

Increased user education

Stricter regulations

What should be done in the event of a successful security intrusion?

Take predefined actions according to the security plan

Which topic focuses on the implications of technology on personal privacy?

Privacy

What aspect of social media might raise ethical concerns?

Content moderation practices

Which ethical consideration is particularly relevant for IT workers?

Data ownership and protection

What is a significant effect of information technology on society?

Increased access to information

What is a fundamental aspect of cybersecurity?

Preventing unauthorized access to information

Which of the following best describes a cyberattack?

A deliberate attempt to disrupt or damage systems

What is an essential preventive measure against cyberattacks?

Regularly changing passwords

Why is data privacy an important consideration in cybersecurity?

It helps maintain the integrity and confidentiality of personal information

What role does user education play in cybersecurity?

It helps users recognize security threats and best practices.

Which of the following actions can weaken cybersecurity measures?

Using outdated software and systems

What is a common misconception about cybersecurity?

Only large organizations are targeted by cybercriminals.

What is the purpose of a firewall in cybersecurity?

To monitor and control incoming and outgoing network traffic based on security rules

Study Notes

Course Manual: Social and Professional Issues in Information Technology

• This course examines the social impact, implications, and effects of computers and information systems.
• It covers the responsibilities of computer professionals in emerging technologies.
• Topics include a historical overview of computing, computer applications, their impact, the computing profession, legal and ethical responsibilities, and potential computing careers.

Table of Contents (Social and Professional Issues)

• Topic 1: Orientation
• Topic 2: Overview of Ethics
• Topic 3: Ethics for IT Workers and Users
• Topic 4: Cyber Attacks and Cybersecurity
• Topic 5: Privacy
• Topic 6: Freedom of Expression
• Topic 7: Intellectual Property
• Topic 8: Ethical Decision in Systems Development
• Topic 9: Impact of Information Technology on Society
• Topic 10: Social Media
• Topic 11: Ethics of IT Organizations

Lesson 3: Cyber Attacks and Cybersecurity

• Learning Outcomes:
  • Understand factors influencing the prevalence of computer incidents and their effects.
  • Implement a strong security program to prevent cyberattacks.
  • Outline actions to take in the event of a successful security intrusion.

Learning Objectives (Cyber Attacks and Cybersecurity)

• Reasons for the prevalence of computer incidents and their effects.
• Methods for implementing a strong security program to prevent cyberattacks.
• Procedures to follow in a successful security intrusion.

The Threat Landscape (Cyber Attacks and Cybersecurity)

• IT security decision-making involves complex trade-offs.
• Considerations include effort and cost relative to safeguarding against cybercrime.
• The difficulty of implementing security measures that don't impede business operations.
• Determining the best course of action in the event of a cybercrime.

Why Computer Incidents Are So Prevalent (Cyber Attacks and Cybersecurity)

• Increasing complexity and network entry points increase vulnerabilities.
• Expanding systems introduce new risks to IT organizations.
• Businesses must adapt to technological change by performing ongoing security assessments and dealing with new risks.
• The increasing prevalence of BYOD policies presents new security concerns.

Growing Reliance on Commercial Software (Cyber Attacks and Cybersecurity)

• Reliance on commercial software with known vulnerabilities, leading to exploits.
• Zero-day attacks exploit vulnerabilities before they are known or fixed.
• Sophistication of perpetrators is growing.

Classifying Perpetrators of Computer Crime (Cyber Attacks and Cybersecurity)

• Black hat hacker: Violates security maliciously or for personal gain.
• Cracker: Causes problems, steals data, and corrupts systems.
• Malicious insider: An employee or contractor who harms the system financially or operationally.
• Industrial spy: Steals trade secrets for competitive advantage.
• Cybercriminal: Attacks computers for financial gain.
• Hacktivist: Promotes political ideology by attacking systems.
• Cyberterrorist: Attacks infrastructure and systems for political reasons.

Types of Exploits (Cyber Attacks and Cybersecurity)

• Ransomware, Viruses, Worms, Trojan Horses, Logic Bombs: Malicious software designed to disrupt, damage, or control computer systems.
• Blended threats: Combine features of different types of malicious software for larger-scale disruption.
• Spam: Unsolicited emails used in mass attacks for phishing, marketing, or malware delivery.
• Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act: Sets restrictions for unsolicited emails.
• CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart): Prevents automated programs from engaging in unauthorized tasks.

Types of Exploits (Cyber Attacks), Part 3 & 4

• Distributed Denial-of-Service (DDoS) attacks: Flood a target with traffic to overwhelm and disable it.
• Rootkits: Programs that grant unauthorized administrative access to a computer system.
• Advanced Persistent Threats (APTs): Attacks that involve long-term infiltration and data theft.
• Phishing, Spear Phishing: Fraudulent emails used for acquiring sensitive data (username, password).
• Smishing, Vishing: Similar to phishing, except occurring via SMS or voice calls.

Types of Exploits (Cyber Attacks), Part 5 & Cybercrimes

• Cyberespionage: Stealing data from government agencies or corporations.
• Cyberterrorism: Disruption of critical infrastructures.
• Department of Homeland Security (DHS): Agency supporting national infrastructure security.
• U.S. Computer Emergency Readiness Team (US-CERT): Aids in protecting the nation's infrastructure from attacks.

Federal Laws for Prosecuting Computer Attacks (Cyber Attacks and Cybersecurity)

• Computer Fraud and Abuse Act: Addresses illegal computer activities including unauthorized access, transmission of harmful code, and password trafficking.
• Fraud and Related Activity in Connection with Access Devices Statute: Addresses fraud regarding credit card use.
• Stored Wire and Electronic Communications and Transaction Records Access Statutes: Protects stored electronic communications

Federal Laws for Prosecuting Computer Attacks, Part 2, 3 & 6-9

• **E-Commerce Act of 2000 (Republic Act 8792):**Addresses specific cyberattacks related to disrupting e-commerce.
• Revised Penal Code (as Amended by RA 10175): Amended to incorporate cybercrimes like cyber-libel and fraud.
• Cybercrime Prevention Act of 2012 (Republic Act 10175): Main law for addressing computer-related crimes in the Philippines.
• Data Privacy Act of 2012 (Republic Act 10173): Protects personal data from computer-related breaches.
• Anti-Photo & Video Voyeurism Act of 2009 (Republic Act 9995): Addresses unauthorized sharing of explicit images and videos.
• Anti-Trafficking in Persons Act of 2003 (RA 9208 as Amended by RA 10364): Addresses online sexual exploitation, particularly of children

Special Protections (Cyber Attacks and Cybersecurity)

• Special protections for critical infrastructure (e.g., power grids, healthcare systems) in the Cybercrime Prevention Act.
• Higher penalties due to the significant effect of these attacks on national security.
• Roles of Enforcement Agencies:
  • Cybercrime Investigation and Coordinating Center (CICC): Leads investigations and prosecution.
  • National Bureau of Investigation (NBI) Cybercrime Division: Handles cybercrimes (e.g., hacking, identity theft).
  • Philippine National Police Anti-Cybercrime Group (PNP-ACG): Focuses on enforcement and mitigating attacks.

CIA Security Triad (Implementting CIA Security)

• Confidentiality, integrity, and availability of data and systems.
• IT security practices focus on this triad.
• Confidentiality: Ensures only authorized individuals can access sensitive data.
• Integrity: Ensures data can only be changed by authorized users and reflects the intended value.
• Availability: Data can be accessed by authorized individuals when and where needed.
• Implementation must occur on organizational, network, application, and end-user levels.

Implementing CIA at the Organisation Level (Implementting CIA Security)

• Creating a risk-based security strategy with an active governance process and a well-defined disaster recovery plan.
• Risk assessment process for identifying the most significant security risks..
• Identification of the most critical threats and weaknesses to an organisation.
• Implementing mitigation plans for each threat.
• Performing cost-benefit analyses to evaluate the effectiveness of each mitigation plan.
• Determining whether or not to implement control measures.

Disaster Recovery (Implementting CIA Security)

• A process to recover from an organisation-wide security incident, disaster, or event.
• Procedures for restoring systems, networks, hardware, and data after a security event or disaster, or a targeted attack.
• Identifying mission-critical processes.

Security Policies and Audits (Implementting CIA Security)

• Defining and implementing security policies and procedures to meet requirements.
• Assessing policies to ensure accountability.
• Conducting security audits to evaluate the security policy implementation and overall security status.

Regulatory Standards (Implementting CIA Security)

• Compliance with external standards (e.g., Bank Secrecy Law, Federal Information Security Management Act, Health Insurance Portability and Accountability Act).
• Demonstrating compliance with regulatory requirements to prevent costly regulatory penalties.

Security Dashboards (Implementting CIA Security)

• Dashboards provide a comprehensive view of various key performance indicators (KPIs).
• Dashboards include indicators of security posture and potential threats.
• Tracking threat indicators and security weaknesses.
• Dashboards aid in identifying critical threats that must be addressed immediately.

Implementing CIA at the Network Level (Implementting CIA Security)

• Authentication methods: Methods used by networks to verify the identity of users trying to access the network.
• Firewall: Systems (software or hardware) that control network traffic and prevent unauthorized access to the internal network.
• Next-Generation Firewalls (NGFW): Advanced firewalls that filter network traffic based on packet contents.
• Routers: Networking devices that connect multiple networks and transmit data packets between them.

Encryption (Implementting CIA Security)

• Scrambling messages or data to ensure only authorized parties can read them.
• Two types of encryption algorithms: symmetric and asymmetric.
• Use encryption to protect data transmitted over public networks.

Proxy Servers and Virtual Private Networks (Implementting CIA Security)

• Proxy servers act as intermediaries between web browsers and servers.
• Proxy servers relay requests and responses, protecting the user's identity.
• VPNs encrypt data transmitted over public networks.
• VPN use enhances privacy and authentication for remote users.

Intrusion Detection Systems (Implementting CIA Security)

• Software and/or hardware that monitors system resources and traffic.
• Notifies administrators when potential security breaches, or malware attempts to compromise the system.
• Two approaches to detecting intrusions: Knowledge-based and behavior-based methods.

Implementing CIA at the Application Level

• Authentication methods: Methods for verifying user identities.
• Single-factor authentication: A single method of authentication, such as a password.
• Two-factor authentication: Requires two types of credentials, such as a password and security code.
• User roles and accounts: Authorize users only to perform specific tasks.
• Data encryption: Protecting sensitive data at the application level.

Implementing CIA at the End-User-Level (Implementting CIA Security)

• Security education: Educating end users about the importance of security.
• Authentication methods: Use of passwords, security codes, or other verification methods to protect end-user accounts.
• Antivirus software: Protects end-user devices from viruses and other malware.
• Full-disk encryption: Protecting storage devices and drives from unauthorized use.

Response to Cyberattacks

• Plan for responding to security incidents well in advance.
• Procedures addressing notification, evidence protection, containment, eradication, and follow-up.
• Importance of having an organised response strategy.

Incident Notification (Response to Cyberattacks)

• Determining who to notify in case of security incidents.
• Identifying appropriate contact persons and parties, such as customers, suppliers, or authorities.
• Strategies for containing the disruption caused by incidents.
• (When contacting the FBI is appropriate.)

Protection of Evidence (Response to Cyberattacks)

• Documentation of details related to security incidents.
• Maintaining logs of events and conversations, including critical decisions and actions.
• Protecting all evidence related to incidents and attacks.

Eradication & Incident Follow-Up (Response to Cyberattacks)

• Collecting evidence, verifying backups, and removing malware.
• Determining how the incident compromised security and preventing future incidents.
• Preparing reports on the details of the incident, its impact, and mitigation strategies.

Using an MSSP (Response to Cyberattacks)

• Outsourcing security tasks to a managed security service provider (MSSP) for monitoring, management, and maintenance.
• Benefits for small and midsize organizations that can't afford extensive in-house security expertise.

Computer Forensics (Response to Cyberattacks)

• Combining legal and computer science principles to collect, examine, and preserve data from computer devices for court use.

Summary (Cyber Attacks & Cybersecurity) - Part 1-5

• Discusses prevalent computer incidents and their effects, covering perpetrators, exploits, and laws enacted to combat them.
• Includes information, trends, challenges, and resolutions.
• Addresses why organizations suffer from computer incidents.

Summary (Cyber Attacks & Cybersecurity) - Part 6-10

• Details how to implement a strong security program to prevent cyberattacks and response actions to take if incidents occur.
• Covers different aspects of security management, from end-user education to the use of managed security service providers.

Description

Test your knowledge on the legal and ethical responsibilities of computer professionals along with key cybersecurity principles. This quiz covers topics like security programs, privacy implications, and ethical considerations in technology. Ensure you understand the vital roles that ethics and cybersecurity play in the modern digital landscape.