Fundamentals of Cybersecurity and Internet

Questions and Answers

What is the main purpose of the Internet?

The Internet is a global network that allows devices connected to it to exchange information.

What are the two main tools of the Internet?

World Wide Web and Email (correct)

File Sharing and Video Conferencing

Online Shopping and Digital Banking

Social Media and Search Engines

What does HTTP stand for?

Hyperlink Transmission Protocol

High-speed Transfer Protocol

Hypertext Transfer Protocol (correct)

Host Transfer Protocol

What is the primary function of a web server?

A web server stores HTML documents and sends them to the user's web browser upon request.

What is the purpose of JavaScript in web development?

JavaScript is a scripting language that adds dynamic content and interactivity to web pages.

Which of the following is NOT a defense mechanism against malicious JavaScript programs?

File access

Extensions, Plug-ins, and Add-ons are always safe and secure to use.

False

What is Malvertising and how does it work?

Malvertising is a type of cyberattack where attackers use third-party advertising networks to distribute malware through ads displayed on legitimate websites.

Drive-by downloads require the user to actively click on a link or button.

False

Which type of cookie is often associated with targeted advertising?

Third-party cookie

What are some common security risks associated with cookies?

Cookies can be stolen and used to impersonate users, or they can be used to track user browsing and buying habits.

Which of the following is NOT a common type of email risk?

Password breaches

Most spam emails are sent from botnets.

True

What are two ways to secure email defenses?

Two ways to secure email defenses are by implementing spam filters and securing attachments.

Which of the following is NOT a recommended internet security best practice?

Enabling all cookies to improve website personalization

What are the three crucial components of a strong internet security posture?

The three crucial components of a strong internet security posture are securing the web browser, maintaining email defenses, and following internet security best practices.

Study Notes

Fundamentals of Cybersecurity

• Cybersecurity encompasses various domains including internet security, personal security, computer security, mobile security, and workspace security.
• Internet security focuses on protecting data transmitted and stored across networks.
• Personal security protects individual devices and online identities.
• Computer security safeguards individual computers from cyber threats.
• Mobile security addresses threats targeting mobile devices.
• Workplace security protects corporate networks and data.

The Internet

• The Internet is a global network enabling connected devices to exchange information.
• It is composed of interconnected networks to which devices are attached.
• No single organization or government controls the Internet.
• Computers cooperate to make the system a global information resource.

How the Internet Works

• Data is split into packets to travel through multiple network paths for management by routers.
• Packets are reassembled upon receipt.
• IP packets include a header and a payload.
• The header contains the sender and destination IP addresses, while the payload contains data.

Internet Routing Paths

• Complex network of interconnected paths enabling global communication.

Two Main Tools of the Internet

• World Wide Web (WWW) and Electronic Mail (email).

The World Wide Web (WWW)

• Better known as the web.
• The WWW uses Internet server computers to provide online information.
• Components include HTML, web servers, web browsers, and HTTP.

Hypertext Markup Language (HTML)

• Web authors use it to combine text, graphics, images, audio, video, and hyperlinks.

Web Server

• Stores HTML documents.

Web Browser

• Displays words, pictures, and other elements to the user. Common browsers include Chrome, Safari, Firefox, and Edge.

Hypertext Transport Protocol (HTTP)

• Standards or protocols used by web servers to send HTML documents.
• A subset of TCP/IP standards.

Web Transmission Process

• Web browsers send requests to remote web servers, which respond by sending HTML documents to the user's local computer.
• The user's web browser displays the document.

Transfer-and-Store Process

• Entire documents are transferred and stored locally before display.
• This process creates vulnerabilities for malicious code to be sent.

Internet Security Risks

• Risks of using the internet include browser vulnerabilities, malvertising, drive-by downloads, cookies, and email risks.

Malvertising

• Attackers use third-party advertising networks to distribute malware through ads displayed on websites.
• Attackers target popular websites.
• A common practice is using the ad network’s rapid rotation to hide malvertising as an attack.
• Attackers can tailor their attacks to target specific victims.

Drive-By Downloads

• Website users are infected simply by browsing a website.
• Attacks inject malicious content through server vulnerabilities, making them invisible.
• Malicious code is deployed to user machines.

Cookies (Cookies)

• User-specific information files created by servers and stored on local computers (e.g., user preferences).

Types of Cookies

• First-party cookies: those from the website the user is currently visiting.
• Third-party cookies: those from web advertisers.
• LSOs (locally shared objects): more complex cookies.

Email Risks

• Unsolicited emails (Spam)
• Spam filters that block words and images from emails.
• Malware attachments.

E-Mail Defenses

• Spam filters block emails containing suspicious words or images.
• Email clients enable attachments previews.
• Security settings protect user emails.

Internet Defenses

• Manage computer patches, configure firewalls and install anti-malware software, and monitor User Account Control to protect against internet-based attacks.
• Backup data as a defense.
• Maintain web browser security.
• Follow internet security best practices for additional security.

Internet Security Best Practices

• Download files only from reputable sources.
• Control cookies through settings on web browsers.
• Delete cookies and browsing history after sessions.
• Enable pop-up blockers and clear cache regularly to reduce security risks.

Summary of Cybersecurity

• The Internet is a worldwide network of interconnected computer networks.
• Dynamic web content (JavaScript, extensions, add-ons) can cause vulnerabilities.
• Malvertising, malicious attachments, embedded hyperlinks, and drive-by downloads are common malware attack methods.
• Defenses can include verifying email sources, securing web browsers, configuring email settings, and following Internet security best practices.

Description

This quiz covers the essential concepts of cybersecurity, including internet security, personal security, and mobile security. Additionally, it explores how the Internet functions as a vast interconnected network. Test your knowledge on protecting devices and understanding the data transmission process.