Cybersecurity Threats: Compromised Devices and Account Protection

Questions and Answers

What is a common threat to data in transit?

Malware attack

Untrained employee

Ransomware attack

Man-in-the-middle attack (correct)

What is the most common cause of the costliest data breaches?

Lack of diligence and untrained employees

Targeted attack

Phishing and social engineering

Malware (viruses and Trojans) (correct)

What is a countermeasure to protect data at rest on a device?

Two-factor authentication

File level or disk encryption (correct)

Network segmentation

SSL/TLS with valid certificates

What is a type of threat that can read or modify data at rest on-premise or in the cloud?

Unauthorized or malicious process

What is essential for protecting data, according to the given quote?

Knowledge

What is a potential risk if a user accesses corporate SaaS applications from a compromised device?

Account compromise through brute force or password guessing

Why is security awareness training essential for protecting against cyber threats?

To mitigate the risks of phishing attacks by making users more aware of potential threats

What is the primary goal of a cybercriminal when stealing credentials?

To escalate privileges to a domain administrator

What is the purpose of Multi-Factor Authentication (MFA)?

To use multiple factors for authentication to increase security

What is the new perimeter in terms of a user's identity?

The credential boundary

Who is the lecturer for the CSIT302 Cybersecurity subject?

Dr Partha Sarathi Roy

What is the total percentage of the quizzes in the CSIT302 Cybersecurity subject?

30%

What is the title of the textbook recommended for the CSIT302 Cybersecurity subject?

Cybersecurity – Attack and Defense Strategies

What is the percentage of the final examination in the CSIT302 Cybersecurity subject?

50%

What type of assignments can be expected in the CSIT302 Cybersecurity subject?

Either written reports or programs (or combined)

What is the primary goal of privacy in the context of cybersecurity?

To benefit the individual by maintaining secrecy

What is the result of achieving the goals of cybersecurity in an organization?

Enhancing the security posture

What is the difference between privacy and confidentiality in the context of cybersecurity?

Privacy is for individuals, while confidentiality is for organizations

What is essential for enhancing overall security posture in an organization?

Both detection and response systems

Why is it important to have a strong security posture in an organization?

To reduce the risk of cybersecurity attacks

What is continuous monitoring used for in authentication?

To continuously verify a person's identity throughout a session

What security consideration should be taken for apps developed in-house?

Using a secure framework throughout the software development lifecycle

What is a potential security risk of personal apps on BYOD?

They may not be secure

What is a characteristic of Shadow IT?

Systems developed by individual departments other than the central IT department

What is a potential benefit of Shadow IT, despite the security risks?

It may give us efficiency

What is the primary reason human error is a significant cybersecurity challenge?

Humans are the weakest link in cybersecurity, making them vulnerable to social engineering

What is a characteristic of a targeted attack?

It is a long-term attack with persistent access to the target's network

What is the primary goal of a ransomware attack like WannaCry?

To demand a ransom in exchange for restoring access to data

What is the initial stage of a targeted attack?

Public reconnaissance to gather information about the target

What is the role of social engineering in cybersecurity attacks?

It is used to lead employees to click on links that download malware or viruses

What is the primary focus of cybersecurity?

Safeguarding programs, network systems, software, and virtual data from invasion or damage

What is the main reason why cybersecurity is crucial for businesses?

It is a must-have feature to avoid irrevocable damage or bankruptcy

What is an example of a cyberattack that can result in a fine?

Data breach of a company's database

What is the purpose of cybersecurity in an interconnected digital environment?

To diminish the risk of cyberattacks and protect individuals and organizations

What is a common threat to individuals and organizations in the cyberspace?

Cyberattacks

What is the broad area of security that encompasses computer security, network security, and software/hardware security?

Cybersecurity

What is the consequence of failing to invest in cybersecurity?

Irrevocable damage or even bankruptcy

What is an example of a cyberattack that can result in the unauthorized exploitation of data?

Facebook-Cambridge Analytica data scandal

What is the role of cybersecurity in protecting individuals and organizations?

To protect individuals and organizations from unauthorized exploitation of data, network systems, and technologies

What is the main reason why cybersecurity is necessary in today's digital age?

To protect against cyberattacks and malicious activities