Cybersecurity Introduction and Goals

Questions and Answers

Which type of attack involves injecting malicious data into a web application to manipulate the application and fetch information?

Phishing

Injection attacks (correct)

DNS Spoofing

Session Hijacking

DNS Spoofing involves sending a large number of requests to a server to cause it to crash.

False (B)

What type of attack involves stealing cookies to gain access to user data?

Session Hijacking

A _______ attack attempts to steal sensitive information by masquerading as a trustworthy entity in electronic communication.

phishing

Which attack uses a trial and error method by generating a large number of guesses to obtain actual data?

Brute force (C)

A denial of service attack uses multiple compromised systems to overwhelm a target server.

False (B)

Match the following attack types with their descriptions:

DNS Spoofing = Redirects traffic to a false IP address Phishing = Steals information by posing as trustworthy Dictionary Attack = Uses a list of common passwords Denial of Service = Renders system unavailable

Which of these is NOT a category of Denial of Service (DoS) attacks?

Session-based attacks (B)

Which of the following best describes the primary motivation of cybercriminals?

Generating profits through illegal activities (A)

Hacktivists are primarily motivated by financial gain.

False (B)

What are the three broad ways that cybercriminals use computers to do cybercrimes?

Cybercriminals use computers as a target, a weapon, or an accessory.

A state-sponsored attacker's objectives are aligned with the political, commercial, or ________ interests of their country.

military

Match the attacker type with their primary objective:

Cyber Criminals = Financial gain Hacktivists = Promote a cause State-sponsored attackers = National interests

What does Dan Lohrmann describe as 'digital disobedience'?

Hacktivism (D)

State-sponsored attackers often operate with limited resources.

False (B)

Attackers attempt to destroy, expose, alter, disable, steal, or gain ________ access to an asset.

unauthorized

What type of insider threat is typically associated with revenge against an organization?

Malicious Threats (A)

Accidental threats are intentional actions taken by employees to harm an organization's data.

False (B)

What is an example of a negligent threat?

Sharing work on public cloud applications despite strict organizational policies.

Malicious insider threats can sometimes be disguised by __________ through financial incentives or extortion.

outsiders

Match the insider threat type with its description:

Malicious = Insider seeks revenge against the organization Accidental = Threat caused by unintentional actions Negligent = Failure to follow policies leading to potential risks

Which of the following best describes a negligent threat?

Accidental data sharing (C)

Accidental threats can be considered malicious if they result in data breaches.

False (B)

What might motivate an employee to engage in a malicious insider threat?

Dissatisfaction with the organization.

Which type of attack allows an attacker to intercept the connection between a client and a server?

Man in the middle attack (D)

A Trojan horse disguises itself as a reliable application to execute malicious code.

True (A)

What is a virus in terms of computer security?

A self-replicating malicious software program that spreads without the knowledge of the user.

A _______ is a malware that primarily spreads by replicating itself to uninfected computers.

worm

Match the following types of attacks with their descriptions:

Virus = Spreads through computer files without user awareness Worm = Replicates itself to spread to other computers Trojan horse = Misleading application that runs malicious code Backdoor = Bypasses normal authentication processes

What is the purpose of a bot in network services?

To perform automatic tasks or interact with users (B)

File Inclusion attacks enable attackers to execute files that should remain secured or access unauthorized files.

True (A)

Define a backdoor in the context of computer security.

A method to bypass normal authentication processes for access.

Who sent the first electronic message, and what was it intended to say?

Charley Kline, 'login' (C)

The program 'Creeper' was the first antivirus software created.

False (B)

What message did the program 'Creeper' print?

I'M THE CREEPER: CATCH ME IF YOU CAN.

In 1970's, the first computer worm was named _____ and the first antivirus software was named _____.

Creeper, Reaper

Match the following individuals to their contributions:

Leonard Kleinrock = First electronic message Robert Thomas = First computer worm (Creeper) Ray Tomlinson = Inventor of email and Reaper Charley Kline = Sent the message 'login'

What concern has the increase in cyber-attacks highlighted in organizations?

The endangerment of the global economy (B)

The origin of cybersecurity is directly associated with the development of the first email.

False (B)

What key action do organizations need to take regarding their sensitive data?

Protect it

What was the primary purpose of the Morris worm?

To test the size of the internet (B)

The CIA triad stands for Confidentiality, Integrity, and Accountability.

False (B)

Who caught Marcus Hess before he could sell military secrets?

Clifford Stoll

The objectives of Cybersecurity include protecting information from being stolen, compromised, or __________.

attacked

Match the following terms with their descriptions:

Confidentiality = Protecting information from unauthorized access Integrity = Ensuring data is accurate and unaltered Availability = Ensuring data is accessible to authorized users Cyber incident = Any event that impacts the security of information systems

Which hacker is known for hacking into 400 military computers in 1986?

Marcus Hess (D)

The Computer Emergency Response Team was established following the first known internet worm incident.

True (A)

With every new development in technology, there comes an aspect of __________.

vulnerability

Study Notes

Cybersecurity Introduction

• Cybersecurity encompasses people, processes, and technologies to reduce threats, vulnerabilities, and international engagement.
• It involves incident response, resiliency, and recovery policies.
• Cybersecurity protects internet-connected systems (hardware, software, data) from cyberattacks.
• It includes systems security, network security, and application/information security.
• Cybersecurity protects networks, devices, programs, and data from unauthorized access, theft, damage, and modification.
• Cybersecurity is a fundamental function to protect critical business operations.

Cybersecurity Goals

• The objective of cybersecurity is to protect information from theft, compromise, or attack.
• Three key goals measure cybersecurity: confidentiality, integrity, and availability.
• Confidentiality ensures that information is protected from unauthorized access.
• Integrity ensures the accuracy and reliability of information.
• Availability ensures authorized users can access information when needed.

Tools for Confidentiality

• Encryption transforms information into an unreadable format (cipher text) for unauthorized users.
• Access control defines rules and policies to limit access to resources (system, physical, or virtual).
• Authentication verifies a user's identity through credentials.

Tools for Integrity

• Backups create copies of data for restoration in case of loss or destruction.
• Checksums verify data integrity by generating a unique numerical value.

Tools for Availability

• Physical protections safeguard information technology assets in secure locations.
• Computational redundancies provide failover systems for continuous operations.

Types of Cyber Attacks and Attackers

• Cyberattacks exploit computer systems and networks to gain malicious access to data and systems.
• Web-based attacks target websites and applications.
• System-based attacks target computer hardware and software.
• Attackers include individuals and groups with various motivations (profit, political, etc) including cybercriminals, hacktivists, state-sponsored attackers, and insider threats.

Insider Threats

• Insider threats are security risks originating from within an organization.
• Categories include malicious (deliberate harm), accidental (unintentional errors), and negligent (failure to follow procedure).

Cybersecurity as a necessity

• Cybersecurity is critical to protect sensitive data and operations of all businesses, from online transactions to critical national infrastructure.
• Cybersecurity efforts are crucial to maintain stable information flow, maintain confidentiality, and provide data to authorized users.

Description

This quiz covers the fundamentals of cybersecurity, focusing on its importance in protecting information systems and networks. It discusses key concepts such as confidentiality, integrity, and availability that are central to cybersecurity objectives. Prepare to explore the necessary policies and processes that help secure critical business operations.