Cybersecurity landscape

Questions and Answers

What has the growth of data created opportunities for?

• Data misuse
• Cyber criminals
• Unauthorized access
• Cybersecurity specialists (correct)

Which entities provide important services and opportunities for their customers?

• Individuals
• Small businesses
• Cyber criminals
• Organizations like Google and Amazon (correct)

What capability do cyber wizards now have with technology?

• Steal sensitive data
• Create computer viruses
• Track worldwide weather trends (correct)
• Cause harm to others

What is a responsibility of businesses that collect and harness data?

Protect the data from misuse (D)

What risk is posed by growth in data collection and analytics if precautions are not taken?

Great risks to individuals and modern life (A)

The technology available allows tracking of what?

All of the above (D)

The increase in what has created opportunities for cybersecurity specialists?

Data (B)

What have businesses large and small recognized the power of?

Big data and data analytics (B)

What is a primary function of Geospatial Information Systems (GIS)?

Collecting and analyzing data (C)

What is the main goal of white hat hackers?

To improve system security (A)

Which type of attacker violates computer security for personal gain?

Black hat attacker (A)

What is a common activity for script kiddies?

Launching simple attacks using existing tools (A)

What is the main goal of vulnerability brokers?

Report exploits to vendors (D)

Which U.S. organization created a framework for companies needing cybersecurity professionals?

National Institute of Standards and Technology (NIST) (D)

What is a common method used by hacktivists to protest?

Distributed denial of service (DDoS) attacks (A)

Which of the following is a category within the Cybersecurity Workforce Framework?

Securely Provision (B)

Which of the following is a potential benefit of collecting and analyzing large amounts of data?

Improved efficiencies (C)

Which category of the Cybersecurity Workforce Framework includes identifying and mitigating threats to internal systems?

Protect and Defend (D)

What distinguishes gray hat attackers from black hat attackers?

Gray hats may report vulnerabilities (C)

Which category involves the investigation of cyber events and cybercrimes?

Investigate (D)

Which category includes support, administration, and maintenance to ensure IT system performance and security?

Operate and Maintain (B)

What does the 'Analyze' category of the Cybersecurity Workforce Framework involve?

Reviewing cybersecurity information for intelligence (A)

Which category provides leadership and management to conduct cybersecurity work effectively?

Oversight and Development (D)

Which of the following is a key activity within the 'Securely Provision' category?

Designing secure IT systems (C)

Which of the following is a sector of the kingdom that needs protection?

Communication (A)

Which of the following is a security concern at the corporate level?

Protecting the organization’s reputation (B)

Which U.S. agency is responsible for intelligence collection and surveillance activities?

National Security Agency (NSA) (A)

From where can attacks originate?

From within or outside an organization (B)

What type of access do internal users have?

Direct Access to the building (A)

What might internal attackers have knowledge of?

Corporate network resources (A)

How do external attackers commonly gain access to internal resources?

Exploiting vulnerabilities in devices (A)

What method do external attackers use to gain access?

Trickery (D)

Which of the following is an example of cybersecurity legislation?

Federal Exchange Data Breach Notification Act (A)

What does the term 'cyber wizards' refer to?

Innovators and visionaries who build the cyber kingdom (B)

What is a cyber vulnerability?

A weakness that makes a target susceptible to an attack (D)

Which of the following is considered a prime target for cyber criminals?

Network services like DNS and HTTP (D)

What is the primary function of packet-sniffing tools used by criminals?

To monitor and record all information coming across a network (A)

What is the purpose of packet forgery (or packet injection)?

To interfere with an established network communication by constructing packets (D)

Which of the following is a source of data that can come from established organizations and be targeted by cyber threats?

Personal Information (C)

What is a cybersecurity threat?

The possibility that a harmful event, such as an attack, will occur (A)

What does the ISACA Certified Information Security Manager (CISM) certification primarily focus on?

Developing and overseeing information security systems at the enterprise level. (A)

What do company-sponsored cybersecurity certifications typically measure?

Knowledge in installing, configuring, and maintaining vendor products. (C)

What does the Cisco Certified Network Associate Security (CCNA Security) certification validate?

Knowledge and skills required to secure Cisco networks. (B)

Why might a cybersecurity professional have unconventional working hours?

Because they must respond to threats as soon as they occur. (B)

What is a crucial aspect of a cyber hero's work regarding cyber criminals?

Understanding how they think through analysis of policy, trends, and intelligence. (D)

What is recommended as a way to learn the basics for a career in cybersecurity?

Completing courses in IT. (C)

What should cybersecurity specialists do to keep up with the ever-changing field?

Become a life-long learner. (B)

What is a valuable opportunity for students seeking a cybersecurity career?

Seeking out a security internship. (C)

Flashcards

Data Analytics

Collecting and using data to gain valuable insights and improve decision-making.

Data Protection Responsibility

The responsibility companies have to keep data safe from misuse and unauthorized access.

Cybersecurity Specialists

Specialists who work to protect data and systems from cyber threats.

Data-Driven Businesses

Businesses that have been successful by collecting and using large amounts of data.

Data Security Risks

The potential harm to individuals and modern life if sensitive data is not protected.

Big Data

Large amount of digital information that can be analyzed to find patterns and insights.

Kingdoms

Organizations provide important services and opportunities for their customers like Google, LinkedIn and Amazon.

Cyber Wizards Technology

Technology to track weather, monitor oceans, and track movement of objects in real time.

Geospatial Information Systems (GIS)

Systems that collect and analyze large amounts of geographical data.

Internet of Everything (IoE)

A network of interconnected devices collecting/exchanging data, improving efficiency and reducing risks.

Hackers

Individuals who break into computer systems or networks.

White Hat Hackers

Hackers who find weaknesses to improve system security.

Gray Hat Hackers

Hackers between ethical and unethical, who may report vulnerabilities.

Black Hat Hackers

Unethical hackers who violate security for personal gain or malicious reasons.

Script Kiddies

Inexperienced individuals using existing tools for pranks and vandalism.

Vulnerability Brokers

Hackers who discover exploits and report them for rewards.

Cybersecurity Legislation

U.S. laws related to online data security.

Cyber Wizards

Innovators using data to build and protect cyber organizations.

Cybersecurity Threat

The possibility of a harmful cyber event or attack.

Cyber Vulnerability

A weakness that makes a system susceptible to an attack.

Sources of Data

Personal, medical, education, employment and financial details.

Network Service Targets

DNS, HTTP, and online databases.

Packet-Sniffing Tools

Tools used to monitor and record network data streams.

Packet Forgery

Interfering with network communication by creating fake data packets.

NIST Cybersecurity Framework

A framework created by NIST to help organizations identify cybersecurity roles and skills.

Operate and Maintain

Providing support, administration, and maintenance to ensure IT system performance and security.

Protect and Defend

Identifying, analyzing, and mitigating threats to internal systems and networks.

Investigate

Investigating cyber events and crimes involving IT resources.

Collect and Operate

Specialized denial and deception operations and the collection of cybersecurity information.

Analyze

Reviewing and evaluating cybersecurity information to determine its usefulness for intelligence.

Oversight and Development

Providing leadership, management, and direction for cybersecurity work.

Securely Provision

Conceptualizing, designing, and building secure IT systems.

Sectors of the Kingdom

Manufacturing, energy, communication and transportation environments that all need protection from threats.

NSA Responsibilities

Collection of intelligence and surveillance activities.

Internal Security Threat

Employees or partners who can accidentally or intentionally cause harm.

Internal Threat Damage

Threats that have direct access to the building, infrastructure, and knowledge of the corporation.

External Security Threats

Attackers who exploit vulnerabilities or use social engineering to gain access.

External Attack Method

Gaining access to internal resources by exploiting weaknesses.

Corporate Level Security

Protect reputation, data, and customers.

Origin of Attacks

Originate from within or outside an organization.

CISM

A certification for managing and overseeing enterprise information security systems.

Company-Sponsored Certifications

Certifications that validate skills in installing, configuring, and maintaining specific vendor products.

CCNA Security

Validates knowledge and skills required to secure Cisco networks.

Cyber Hero Role

Requires quick threat response, policy analysis, and understanding of cybercriminal tactics.

Importance of Studying

Continuous learning in IT and cybersecurity.

Value of Certifications

Demonstrates knowledge and competence to potential employers.

Benefits of Internships

Provides practical experience and networking opportunities.

Professional Organizations

Provides opportunities to learn from experts and stay updated on industry trends.

Study Notes

Characteristics of the Cybersecurity World

• Great businesses collect and harness data and data analytics for power.
• The businesses are responsible for protecting data from misuse and unauthorized access.
• Data growth has created opportunities for cybersecurity specialists.
• Businesses of all sizes recognize the power of big data and data analytics.
• Organizations like Google, LinkedIn, and Amazon provide important services and opportunities for customers.
• The growth in data collection and analytics poses risks to individuals and modern life if data protection precautions aren't taken.
• Cyber experts use technology to track weather, monitor oceans, and track people, animal, and object behavior in real time.
• New technologies like Geospatial Information Systems (GIS) and the Internet of Everything (IoE) depend on collecting and analyzing data.
• Data collections can save energy, improve efficiencies, and reduce safety risks.

Criminals and Cybersecurity Professionals

• Hackers, as cybersecurity criminals, break into computers or networks for various reasons.
• White hat hackers break into systems to discover weaknesses and improve system security.
• Gray hat hackers may report vulnerabilities if it aligns with their agenda.
• Black hat hackers are unethical criminals who violate computer, network security for personal gain, and for malicious reasons.
• Script kiddies, often teenagers or hobbyists with limited skills, use existing tools for pranks and vandalism.
• Vulnerability brokers are gray hat hackers who discover exploits and report them to vendors, sometimes for rewards.
• Hacktivists are gray hat hackers who protest against political and social ideas.
• Hacktivists protest against organizations or governments by posting articles, videos, leaking information, and performing DDoS attacks.
• Cyber Criminals are black hat hackers that work alone or for cybercrime organizations, stealing billions from consumers and businesses yearly.
• State-sponsored hackers, either white or black hat, steal secrets, gather intelligence, and sabotage networks.
• Targets of state-sponsored hackers are foreign governments, terrorist groups, and corporations and most countries are engage in this.
• Actions by organizations to limit or fend off cyber criminals include coordinated actions.
• The Nation Common Vulnerabilities and Exposures, CVE Databases, is an example of this action.
• The CVE National Database offers a public database of vulnerabilities.
• The Honeynet project is an example of creating Early Warning Systems.
• The HoneyMap displays real-time visualization of attacks.
• InfraGard is an example of sharing cyber intelligence and is a partnership dedicating sharing information and intelligence to prevent attacks.
• The ISO 27000 standards are an example of Information Security Management Standards that provide a framework for cybersecurity measures.
• ISCA tracks new laws related to cybersecurity that address privacy and protection of intellectual property. Examples of these include Cybersecurity Act, Notification Act and the Data Accountability and Trust Act.

Comparing Cybersecurity Threats

• Cyber experts are visionaries who build the cyber kingdom and recognize the influence of data to build great organizations.
• Cyber experts recognize the threat that data poses if used against people.
• A cybersecurity threat means a harmful attack will occur.
• A cyber vulnerability is a weakness making a target susceptible to attack.
• Cyber threats pose as dangerous to certain industries, and threaten the information collected and protected.
• Examples of data sources include personal information, medical records, education records and financial records
• Cyber criminals target Network services like DNS, HTTP, and online databases.
• Criminals capture data streams with packet-sniffing tools by monitoring and recording network information.
• Criminals use rogue devices, like Wi-Fi access points.
• Packet forgery interferes with network communication, like constructing packets to appear as part of a communication.
• Sectors of the kingdom include: manufacturing, energy production, communication, and transportation systems.
• Everyone needs to safeguard their identity, data, and computing devices and corporations must protect the organization's reputation, data, and customers.
• At the state level, national security and the citizens' safety and well-being are at stake.
• In the U.S., the National Security Agency (NSA) is responsible for intelligence collection and surveillance activities.
• Efforts to protect people often conflicts with their right to privacy.

Cybercrime Growth Factors

• Attacks can come from within or outside of an organization.
• An internal user, such as an employee or contract partner, can be accidental or intentional.
• Internal threats cause greater damage because users have direct access to the building, infrastructure devices, network, data, countermeasures, policies and privileges.
• External threats from amateurs or skilled attackers can exploit vulnerabilities, or use social engineering.
• External attacks exploit weaknesses or vulnerabilities to gain access to internal resources.
• Vulnerabilities of Mobile Devices
• In the past, employees used use company-issued computers connected to a corporate LAN but today, they are using mobile devices
• Bring Your Own Device (BYOD), is a growing trend.
• The inability to manage and update mobile devices poses a threat to organizations that allow employee mobile devices on their networks.
• Internet-of-Things (IoT) is the connection of devices to the Internet.
• IoT connects billions of devices to the Internet, including appliances, motors entertainment devices etc.
• Users need to protect the network and can remotely accesses devices.
• All connections along with expanded storage led data growth.
• Impact of Big Data is the result of data that can be is large and complex, making traditional data processing applications inadequate.
• Three dimensions of Big data include: Volume, velocity and variety
• As a result of corporate hacks, enterprise systems require security product redesigns and upgrades.
• Governments and industries are introducing regulations with better data protection and controls.

Creating More Heroes

• Advanced persistent threat (APT) is a continuous computer hack that occurs under the radar against a specific object and they are chosen for business or political motives.
• Algorithm attacks track system self-reporting data selecting targets or trigger false alerts used to improve energy savings, and efficiencies.
• Attacks select the low hanging fruit or most vulnerable victims, and will only launch if the attacker can match the signatures of the targeted victim.
• Federated Identity refers to multiple enterprises that let users use same identification credentials gaining network access. The goal is to share across castle boundaries.
• The protection method of federated identity is to tie login ability to an authorized device. The dark forces of cyber security, which is why it is so important that there is heightened recognition.
• There are are many safety implications, and emergency call centers in the U.S. are vulnerable that could shut down 911 networks, jeopardizing public safety.
• A telephone denial of service (TDoS) attack uses phone calls against a target telephone.
• The next generation 911 use Voice-over-IP (VoIP) rather then traditional landlines.
• The defenses against cyberattacks at the start of the cyber era were low but now the threat has now has brought greater awareness to more countries.
• In the U.S., National Institute of Standards and Technologies (NIST) created a framework for cybersecurity.
• The WorkForce Framework categorizes cybersecurity jobs into seven categories.
  • Operate and Maintain: includes providing the support, maintenance, to ensure IT system performance and security.
  • Protect and Defend includes identification, analysis and mitigation to internal systems and networks.
  • Investigate includes the investigation of cyber events and/or crimes involving IT resources.
  • Collect and Operate includes denial, deception operations, and the collection of cybersecurity information.
  • Analyze includes review and evaluation of cybersecurity information.
  • Oversight and Development manage and conduct cybersecurity work effectively. Securely Provision includes building IT systems. -There are several specialty areas and define common types of cybersecurity work.
• Cybersecurity specialists must collaborate with professional colleagues frequently and International technology organizations sponsor workshops and conferences.
• It is important to have the same skills as hackers, especially black hat hackers, to protect against attacks.
• There are many skills competitions and organizations for cybersecurity student.
• There is a need for cybersecurity specialist to obtain certifications that provide proof of skills and knowledge level. -CompTIA Security+ certifies the completion of IT administration in information assurance. -EC Council Certified Ethical Hacker provides the level of ability with skills and knowledges for various hacking practices. -SANS CIAC Security Essentials has certification for those that are entry level showing security skills and and concepts with expertise -Is a good test for entry level cybersecurity skills. -The additional certifications are also availbile -(ISC)^2 Certified Information Systems Security Professional (CISSP) has vendor neutral with specialists that have the expertise and managerial experience -ISCA certified, are the cyber heroes responsible for cybersecurity systems that are there for the security. -The company sponsored have a matrix of ciscos certifications with certifications shown in the figure -The cyber security validate the associate of the security skills and knowledge requires to secure Cisco network

Study Advice:

• Learn the basics by completing courses in IT.
• A cybersecurity study guide would advise to be a life-long learner.
• Pursue company sponsored certifications show that one possesses the knowledge needed for employment.
• Seek out security an internship.
• Connect with security organizations, attend meetings and conferences, and join forums and blogs.

Description

The growth of data has created opportunities for cybersecurity specialists. Businesses now recognize the power of cybersecurity. Several attackers exist with different aims and motivations.