Podcast
Questions and Answers
What is one of the primary objectives of cybersecurity?
What is one of the primary objectives of cybersecurity?
Which of the following is NOT considered a critical infrastructure sector?
Which of the following is NOT considered a critical infrastructure sector?
What is the potential impact of cybercrime on a global scale?
What is the potential impact of cybercrime on a global scale?
Which type of threat involves impersonating another user to gain unauthorized access?
Which type of threat involves impersonating another user to gain unauthorized access?
Signup and view all the answers
Which of the following describes a vulnerability in cybersecurity?
Which of the following describes a vulnerability in cybersecurity?
Signup and view all the answers
What is the purpose of threat intelligence in cybersecurity?
What is the purpose of threat intelligence in cybersecurity?
Signup and view all the answers
Which method is often used for evaluating software security?
Which method is often used for evaluating software security?
Signup and view all the answers
Which one of the following is an emerging trend in cybersecurity?
Which one of the following is an emerging trend in cybersecurity?
Signup and view all the answers
What should organizations consider as key areas to invest in for cybersecurity?
What should organizations consider as key areas to invest in for cybersecurity?
Signup and view all the answers
Which of the following best explains the cost of cybersecurity?
Which of the following best explains the cost of cybersecurity?
Signup and view all the answers
What does tampering primarily aim to compromise?
What does tampering primarily aim to compromise?
Signup and view all the answers
What type of attack is characterized by attempting to deny access to valid users?
What type of attack is characterized by attempting to deny access to valid users?
Signup and view all the answers
Which of the following is a primary objective of social engineering attacks?
Which of the following is a primary objective of social engineering attacks?
Signup and view all the answers
What is a common goal of information disclosure attacks?
What is a common goal of information disclosure attacks?
Signup and view all the answers
Which type of attack is specifically designed to exploit vulnerabilities in application software?
Which type of attack is specifically designed to exploit vulnerabilities in application software?
Signup and view all the answers
Which threat action involves performing operations without a traceable record?
Which threat action involves performing operations without a traceable record?
Signup and view all the answers
What is the primary focus of denial of service (DoS) attacks?
What is the primary focus of denial of service (DoS) attacks?
Signup and view all the answers
What does elevation of privilege intend to achieve?
What does elevation of privilege intend to achieve?
Signup and view all the answers
Which is NOT a form of malware as mentioned in the types of attacks?
Which is NOT a form of malware as mentioned in the types of attacks?
Signup and view all the answers
What type of action involves reading data during its transit between two computers?
What type of action involves reading data during its transit between two computers?
Signup and view all the answers
Study Notes
Course Information
- Course name: Cybersecurity Fundamentals
- Course code: CSC 1029
Objectives
- Understand what cybersecurity is and its importance
- Understand what is being protected from attackers
- Understand lessons learned from historical and current events, and emerging trends
Agenda: Week 02
- What is Cybersecurity and Types of Attacks
- Cybersecurity Objectives
- What are we protecting?
- Cost of Cybersecurity
- Your Next Move: Software Developer Vulnerabilities
- Threat Model: STRIDE
- Types of Attacks
- Importance of Software Security
- TODO and Resources for Help
What is Cybersecurity?
- Read CompTIA article: https://www.comptia.org/content/articles/what-is-cybersecurity
- Watch YouTube video: https://www.youtube.com/embed/inWWhr5tnEA
Objectives of Cybersecurity
- Read CompTIA resource: State of Cybersecurity for 2024 Market Overview through to Policy https://www.comptia.org/content/research/cybersecurity-trends-research
- Consider top objectives for Cybersecurity
What are we Protecting?
- Review 16 Critical Infrastructure Sectors https://www.cisa.gov/topics/critical-infrastructure-security-and-resilience/critical-infrastructure-sectors
Cost of Cybersecurity
- Estimated global cost of cybercrime in 2021: $6.1 trillion (Source: Cybersecurity Ventures)
- Estimated global spending on cybersecurity in 2022: $172.5 billion (Source: Gartner)
- U.S. job openings requesting cybersecurity-related skills: 714,548 (Source: CyberSeek)
Vulnerabilities
- Review the National Vulnerability Database https://nvd.nist.gov/
- Review visualizations https://nvd.nist.gov/general/visualizations/vulnerabilities/cwe-over-time
Threat Model: STRIDE
- Spoofing
- Tampering
- Repudiation
- Information disclosure
- Denial of service
- Elevation of privilege
- Associated Security Controls
Threat Intelligence
- Read CompTIA blog post: Threat Modeling and Cyber Threat Intelligence: Anticipating the Next Hit https://www.comptia.org/blog/threat-modeling-and-cyber-threat-intelligence
Types of Attacks
- Social engineering attacks (e.g., organization penetration, IT infrastructure exploration, phishing, spam, spoofing, man in the middle)
- Attacks against application software (e.g., Cross-site scripting (XSS), Buffer overflows, SQL code injection, Time/logic bombs, Back door)
- Attacks against supporting infrastructure (e.g., Denial of Service (DoS), Virus, Worm, Trojans, Spyware, Adware)
- Physical attacks (e.g., External drives & Flash Sticks, Bringing down the system, Stealing hardware)
Cybersecurity Principles
- Complete the interactive lesson
Recent Cyber Attacks
- MGM Casino Cyber Attack September 2023 https://westoahu.hawaii.edu/cyber/global-weekly-exec-summary/alphv-hackers-reveal-details-of-mgm-cyber-attack/
Pre-work Grade
- Post weekly discussion question and research solution to D2L
- Complete Week 02 Content Module in D2L to 100%
### Help and Support
- Student Office Hours (by Appointment/Drop-in)
- Email: [email protected]
- RRCC On Campus Tutoring: https://www.rrcc.edu/learning-commons/tutoring
- 24/7 Online Tutoring: D2L > Content > Resources for Help
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Related Documents
Description
Dive into the essentials of cybersecurity in this Week 02 quiz. Explore the significance of cybersecurity, the types of attacks, and what we aim to protect. Understand software developer vulnerabilities and the importance of security measures in safeguarding information.