Cybersecurity Fundamentals

Questions and Answers

What is the primary method of cybersecurity?

• Avoiding computers and networks completely
• Relying on physical security measures only
• Safeguarding networks and computer systems from unauthorized digital access (correct)
• Ignoring potential threats and vulnerabilities

Which of the following is an example of an information risk that cybersecurity aims to mitigate?

• Unauthorized access, use, or destruction of data (correct)
• Physical damage to computer hardware
• Employee satisfaction levels
• Power outages affecting computer systems

Why is cybersecurity increasingly important in the digital world?

• Because the volume and complexity of cyberattacks are increasing (correct)
• Because data is becoming less valuable
• Because there are fewer computers in use
• Because the cost of technology is decreasing

What is the potential impact of cyberattacks on businesses and organizations?

Millions of dollars in damages and loss of customer trust (C)

What is the term for when a third party gains unauthorized access to a system or network?

Cyber attack (C)

What is the term for someone who carries out a cyberattack?

Hacker/attacker (A)

Which of the following is a potential consequence of a sucessful cyberattack?

Data breaches leading to data loss or manipulation (A)

Which measure is used to curb the actions of cyber attackers?

Implementation of cybersecurity (D)

What does the term 'malware' refer to?

Malicious software viruses (A)

Which of the following is NOT a type of malware?

Firewall (D)

What type of virus disguises itself as legitimate software?

Trojan (A)

Which type of software steals your confidential data without your knowledge?

Spyware (B)

How can antivirus software protect your computer?

By protecting against malware (A)

What is the primary function of a firewall?

To filter network traffic (C)

What should users avoid to prevent malware infections?

Clicking on suspicious links (D)

What is a common characteristic of phishing emails?

Significant errors like spelling mistakes or format changes (D)

What should you use to protect yourself from phishing?

Anti-phishing toolbar (A)

Which of the following is an example of password cracking tool?

Aircrack (D)

Which of the following is NOT a way to prevent password attacks?

Using the same password for multiple websites or accounts (B)

What is another name for a Man-in-the-Middle Attack (MITM)?

Eavesdropping attack (A)

What is the main goal of MITM?

Stealing and Manipulating Data (D)

How to prevent MITM attacks?

Refrain from using Public Wi-Fi networks (A)

What is the name of a database-driven website attack carried out by manipulating standard queries?

SQL Injection Attack (A)

What should be done to user-supplied data in order to prevent SQL Injection attacks?

Validation (C)

What is the main effect of a Denial-of-Service (DoS) attack?

Making a website unresponsive (C)

Running a traffic analysis can identify what?

Malicious traffic (D)

Which type of threat involves someone from within the organization who has detailed knowledge?

Insider Threat (A)

What should organizations train their employees?

Spotting insider threats (A)

What does cryptojacking involve?

Accessing someone else’s computer to mine cryptocurrency (A)

How to prevent Cryptojacking?

Updating software and security apps. (D)

Zero-Day Exploit happens after

Announcement of Vulnerability (C)

Organizations should have well-communicated processes.

Patch management (B)

Watering Hole Attack is a type of attack where attacker does what to the victim?

Targets websites frequents by the victim (B)

What software should be updated to reduce the risk of an watering hole attack?

Update software and reduce the risk (C)

What does spoofing involve?

Impersonating someone else to access sensitive information (D)

Which security practice helps prevent unauthorized access to systems by requiring two different authentication factors?

Multi-Factor Authentication (D)

To protect your systems and networks, which is NOT a tip to implement for cyber attack prevention?

Always use public Wi-Fi without a VPN (B)

In the early days of computing, what was the common method of protecting networks and data from cyber-attacks?

Firewalls (A)

In the context of cyber security, what does the term 'hacker' refer to?

A person who carries out cyber attacks (B)

Which of the following is NOT a way to safeguard our mobile from malware?

Download apps from ads on other apps (B)

Flashcards

Cybersecurity

Safeguarding networks, computer systems, and components from unauthorized digital access.

Cyber Attack

Unauthorized system/network access by a third party.

Malware

Malicious software including viruses, spyware, ransomware, and adware.

Trojan Virus

Disguises itself as legitimate software.

Ransomware

Blocks access to a network's key components and then demands money.

Spyware

Steals confidential data without your knowledge.

Adware

Software that displays advertising content such as banners.

Phishing Attack

An attacker impersonates a trusted contact and sends the victim fake emails.

Password Attack

Cracking a password with various programs and password cracking tools.

Man-in-the-Middle Attack (MITM)

An attacker intercepts the session between a client and host to steal and manipulate data.

SQL Injection Attack

Manipulating a SQL query to inject malicious code to reveal crucial information.

Denial-of-Service Attack (DoS)

Attackers flood systems/networks with traffic to exhaust resources and bandwidth.

Distributed Denial-of-Service (DDoS) attack

Attackers use multiple compromised systems to launch a Denial-of-Service attack.

Insider Threat

An insider with knowledge of the organization causes damage.

Cryptojacking

Attackers access someone else's computer for mining cryptocurrency.

Zero-Day Exploit

Exploiting a network vulnerability for which there is no solution.

Watering Hole Attack

Targeting websites frequently used by a specific group to infect their systems with malware.

Spoofing

An attacker impersonates someone or something else to access sensitive data.

Identity-Based Attacks

Stealing or manipulating personal information.

Code Injection Attacks

Inserting malicious code into a software application to manipulate data.

Supply Chain Attacks

Exploiting vulnerabilities in the software or hardware supply chain.

DNS Tunneling

Bypassing security measures and communicating with a remote server via DNS.

DNS Spoofing

Manipulating DNS records to control website traffic.

IoT-Based Attacks

Exploiting vulnerabilities in IoT devices to steal data.

Ransomware

Encrypts victim's data and demands payment in exchange.

Distributed Denial of Service (DDoS)

Flood a website with traffic to make it unavailable.

Spamming

Sending unauthentic emails to spread phishing scams.

Corporate Account Takeover (CATO)

Hackers use stolen login credentials to access bank accounts.

Automated Teller Machine (ATM) Cash Out

Hackers use a bank's ATM system to dispense cash.

Whale-Phishing Attacks

Target executives or celebrities with social engineering to get sensitive info.

Spear-Phishing Attacks

Targets specific individuals/groups with social engineering.

URL Interpretation

A web browser vulnerability that is exploited.

Session Hijacking

The hacker gets access to a user's session ID to authenticate the session.

Brute Force Attack

An attacker gains unauthorized access to a system by trying various passwords.

Web Attacks

Targets websites and can insert SQL injection, cross-site scripting (XSS) and file inclusion.

Trojan Horses

Malware that appears legitimate but contains malicious code.

Drive-by Attacks

attacks by visiting a comprised website.

Cross-Site Scripting (XSS) Attacks

An attacker inserts unauthorized code into a legitimate website to steal user info.

Eavesdropping Attacks

An attacker intercepts communication between two parties to access sensitive information.

Study Notes

• Cybersecurity is the method of protecting networks, computer systems, and their components from unauthorized digital access, mitigating information risks like unauthorized access, use, disclosure, interception, or data destruction.
• Cybersecurity is important due to the increasing volume and complexity of cyberattacks alongside our growing dependence on technology.
• A case in the United States involved hackers targeting college students, gaining access to their Social Security numbers and credit card information, and fraudulently charging thousands of dollars on their credit cards.
• Target had to pay millions of dollars in damages and lost customer trust due to a data breach involving customer data, including credit and debit card information.
• The 2014 JPMorgan Chase data breach compromised the names, addresses, phone numbers, and email addresses of 76 million households and 7 million small businesses, as well as account information of 83 million customers.
• The cost of cybercrime worldwide was $6 trillion in 2021 and is projected to increase to $10.5 trillion by 2025.
• Individuals, governments, for-profit companies, not-for-profit organizations, and educational institutions are all vulnerable to cyberattacks and data breaches.
• Cyberattacks are expected to increase as digital technologies evolve, the number of devices and users grows, global supply chains become more complex, and data becomes more critical in the digital economy.
• Unauthorized system/network access by a third party is considered a cyber attack and the perpetrator is termed a hacker/attacker.
• Cyber-attacks can lead to data breaches, data loss or manipulation, financial losses for organizations, damage to customer trust, and reputational harm.
• There was a notable increase in cyber attacks during the COVID-19 pandemic, reported by Interpol and WHO.

Malware Attack

• "Malware" refers to malicious software viruses including worms, spyware, ransomware, adware, and trojans.
• A trojan disguises itself as legitimate software, ransomware blocks access to network components, spyware steals confidential data, and adware displays advertising content.
• Use antivirus software like Avast, Norton, and McAfee to protect computers and firewalls like Windows Firewall and Mac Firewall to filter traffic entering a device.
• Avoid clicking suspicious links.

Phishing Attack

• Impersonating a trusted contact, an attacker sends fake emails to impersonated trusted contact of victim.
• Victims who unknowingly open the mail and clicks the link or opens the mail's attachment malicious link, attackers gain access to confidential information and account credentials.
• Phishing attacks can be prevented by scrutinizing emails for spelling mistakes or format changes, using an anti-phishing toolbar, and updating passwords regularly.

Password Attack

• A hacker cracks a password with password cracking tools Aircrack, Cain, Abel, John the Ripper, Hashcat, etc
• Brute force attacks, dictionary attacks, and keylogger attacks are different types of password attacks.
• Password attacks can avoid using strong alphanumeric passwords with special characters, avoiding using the same passwords for multiple websites or accounts, updating passwords, and not having password hints in the open.

Man-in-the-Middle Attack

• Man-in-the-Middle Attack (MITM) known as eavesdropping attack: An attacker hijacks the session between a client and host.
• In MITM hackers steal and manipulate data.
• MITM attacks can be prevented by being mindful of website security, using encryption on devices, and refraining from using public Wi-Fi networks.

SQL Injection Attack

• Manipulating a standard SQL query on a database-driven website is called Structure Query Language (SQL) injection attack.
• injecting a malicious code into a vulnerable website search box reveals server information.
• The SQL injection attack results in the attacker being able to view, edit, and delete tables in the databases and gain administrative rights.
• To prevent a SQL injection attack, use an intrusion detection system and validate user-supplied data to keep user input in check.

Denial-of-Service Attack

• Attackers target systems, servers, or networks which is significant threat to companies.
• DDoS (Distributed Denial-of-Service) attack is when attackers use multiple compromised systems to launch the attack.
• Run a traffic analysis to identify malicious traffic, understand warning signs like network slowdown and intermittent website shutdowns.
• Formulate an incident response plan and outsource DDoS prevention to cloud-based service providers to prevent DDoS.

Insider Threat

• An insider threat, poses risk by individual from w/in Orginization.
• Insider threats are rampant in small businesses, potentially stem form greed, malice, or carelessness.
• Organizations should have a good culture of security awareness, limit IT resources staff access, and train employees to spot insider threats to prevent insider threat attack.

Cryptojacking

• Cryptojacking takes place when attackers access computer to mine cryptocurrency.
• Online Advertisements with JavaScript code or Infecting a website or manipulating the victim to click on a malicious link results in victim's computer being accessed.
• Cryptojacking can be prevented by updating software and security apps, having cryptojacking awareness training for employees, and installing an ad blocker.

Zero-Day Exploit

• Zero-Day Exploit happens after announcing a network vulnerability - no solution to fix in most cases.
• Organizations should have patch management processes and an incident response plan focusing on zero-day attacks to prevent zero-day exploits.

Watering Hole Attack

• Attacker target website frequently used by the victim and infects these websites with malware to gain access to user's personal information.
• Update software and reduce attacker exploiting vulnerabilities.
• Prevention can utilize network security tools (IPS) and use a VPN with browser's private browsing feature.

Additional Attacks

• Spoofing: An attacker impersonates someone to access sensitive information for malicious activities.
• Identity-Based Attacks: Perform actions to steal or manipulate personal information to gain unauthorized access to systems.
• Code Injection Attacks: Inserting malicious code into a software application manipulates data like an attacker adding malicious code to SQL database.
• Supply Chain Attacks: Exploiting software or hardware supply chain vulnerabilities to collect sensitive information.
• DNS Tunneling: Bypassing security measures & communication w/ remote server is done with attacker uses Domain Name System (DNS)
• DNS Spoofing: Control website traffic is achieved by an attacker manipulating the DNS records .
• IoT-Based Attacks: Vulnerabilities in the Internet of Things (IoT), like smart thermostats and security cameras, are exploited.
• Ransomware: Data is encrypted & demand payment for exchange.
• Distributed Denial of Service (DDos) Attacks: Website is flood with traffic to make it unavailable for legitimate users.
• Spamming: Phishing scams are spread by sending unauthentic emails.
• Corporate Account Takeover (CATO): Bank accounts accessed with stolen login credentials.
• Automated Teller Machine (ATM) Cash Out: A bank's computer systems withdrawing amounts of cash.
• Whale-Phishing Attacks: High-profile individuals (executives/celebrities) targeted using social engineering techniques to sensitive information.
• Spear-Phishing Attacks: Specific individuals/groups under organization targeted (Social engineering techniques).
• URL Interpretation: The corresponding web page explores vulnerabilities in the URL interpretation a web browser interprets a URL (Uniform Resource Locator) and requests.
• Session Hijacking: Hackers access ID of user's & take control of session (authenticates session w/ applicaiton).
• Brute Force Attack: Attacker trys passwords to gain unauthorized access. Effective if passwords weak.
• Web Attacks: Exploits targets like SQL injection, cross-site scripting (XSS) and file inclusion.
• Trojan Horses: Malware appears to be a legitimate program but has malicious code that runs when installed.
• Drive-by Attacks: System flooded with malware by visiting compromised website (exploits vulnerabilities in software, without user knowing).
• Cross-Site Scripting (XSS) Attacks: Unauthorized coded put into website access information user, steal data passwords and credit cad info.
• Eavesdropping Attacks: Sensitive information intercepted between two parties
• Birthday Attack: Collision accessed by cryptographic attack by birthday paradox and success creates output by bypasses.
• Volume-Based Attacks: Inaccessible, the system flooded by data. For instance DDoS attacks, compromised computers websites specific.
• Protocol Attacks: Regular disruption accesses or exploits unauthorize protocol.
• Application Layer Attacks: Web serve exploited, applications target.
• Dictionary Attacks: Common words guessed by password when weak by user.
• Virus: Significant damages is caused & can corrupt files. Replicate spreads other file (Damages system, files, theft).
• Worm: Spreads other computers. unlike files interaction don't human.
• Backdoors: Authorized users bypass of gain network.
• Bots: Automata network internet (malicious DDos).
• Business Email Compromise (BEC): Emulated by attack who tricking victim transfer trusted.
• Cross-Site Scripting (XSS) Attacks: Information website, action to authorized and malicious.
• AI-Powered Attacks: Tradional measures machine.
• Rootkits: Control. Access privileged.

Preventing Cyber Attacks

• Change passwords often to strong alphanumeric, update and apps legit.
• Firewall security, scrutiny sends.
• Server the VN encrypt traffic.
• Backup 3 off location store.
• Cybersecurity Employees aware.
• Authentication by Use Two Factor/multi.
• Wifi's secure the Wi-Fi.
• From only the Safegaurd mobilt, also used trusted.

Evolution In Cybersecurity

• 90's minimal, internet small networks attacks.

Prevent Cyber attacks

• Change by updating with avoiding and backing with multi-authenication.

Attacks Prevent during Cyber

• Disable to disrupt,block data.
• More losses of info.
• Ways done to firewall to multi and tools security.

Types on CYber Security

• Phishinign Attakcs, malware attacks, denial-of-service
• Hack user entry login into, fake website.

Layers of Cybersecurity

• Human Layer focuses to ensure employees, contractors, and other users do not fall victim with awareness training, strong password policies, and multi-factor authentication.
• Perimeter Security Layer serves to protect the network by controlling incoming and outgoing with intrusion detection system (IDS), creating a barrier between internal network.
• Network Layer employs security measures by protocol like HTTPS,employing segmentation.
• Application Security Layer is software and secure coding.

Endpoint Security Layer

• Endpoint Security: Consorts end point device (computer) & security response endpoint to devices with treat with attack.

Data Security Layer

• Secure Layer data protection, prevent loss with encrypt.

Asset mission to criticals

• To software and business, strategy and updating critical with.

Revolution of Generative AI

• AI, science, content.

AI Researcher

• The top generate models delve job AI.

Scientists data

• Valuable use AI to retrieve.

Content AI

• Using Story telling.

Ai ethics ethical

• Generative role.

Computing

• Science and data and technology
• Expert building better
• Gear is there 5G.
• Even is qualified.

Data

• Scientists computing
• IT and robotis, and the team.
• Automation Robitics essential.
• Top with data.

Smart Devices

• Device and smoother role
• Device more software is here
• Every high companies

Technology to digital space

• Manager testing for automation, science product.

Transforming

• Transforming automation device our that.
• More storage the the to our demands our economy.

Higher Data

• Professional knowledge engineer than jobs.

IOT

• Things is 50 and connect devce wifi.

Cybersecurity

• Is there is to get over hacks.

Solutions

• Alternative
• 2001 and tech.

RPA

• Is AI like
• Automation software

Engineering

• Better the computer some.

Computing

• High frequency
• Detection

Cyber Security

• AI and device, control for more

Network and Security

• Code in cloud to
• Device to key service