Introduction to Cyber Security

Questions and Answers

What is the primary focus of cybersecurity?

Protecting systems, networks, and data from digital attacks.

What does InfoSec stand for?

Information Security

Which of the following is NOT a goal of information security?

• Confidentiality
• Availability
• Profitability (correct)
• Integrity

Cybersecurity is a subset of information security.

True (A)

What are the three key principles of information security?

Confidentiality, Integrity, Availability

What can threats to cybersecurity come from?

All of the above (D)

The main goal of cyber security is to defend against threats to __________.

systems, networks, and information

What type of security does InfoSec encompass?

Both physical security and technical security

What is the significance of non-repudiation in digital communications?

It ensures that actions performed cannot be denied by the responsible party. (A)

Which element is crucial for establishing auditability in a system?

Detailed audit logs that record user activities. (D)

How can third-party protection enhance security within an organization?

By implementing measures to safeguard interactions with vendors. (C)

What is one example of non-repudiation regarding digital contracts?

A contract signed with a private key that confirms the signer’s identity. (C)

What role do audit trails serve in a security framework?

They provide a chronological record of actions taken within a system. (B)

What is the purpose of Multi-Factor Authentication (MFA)?

To provide a higher level of security through multiple verification methods. (D)

What principle does Role-Based Access Control (RBAC) primarily rely on?

Assigning permissions based on the user’s role. (D)

What does the principle of Least Privilege advocate for in access control?

Users should have access only to the resources necessary for their tasks. (C)

Which of the following is a component of the authentication process?

Verifying the identity of a user or system. (C)

How does Two-Factor Authentication (2FA) differ from Single-Factor Authentication (SFA)?

2FA involves two methods of verification instead of just one. (A)

Flashcards

Cybersecurity

Protecting systems, networks, and data from digital attacks, unauthorized access, damage, or theft.

Information Security

Protecting all types of information (digital, physical, intellectual) from unauthorized access, misuse, destruction, or alteration.

CIA Triad

Confidentiality, Integrity, and Availability; core principles of information security.

Cyberattack

An attempt to damage or disrupt digital systems or data.

Data Breach

Unauthorized access and disclosure of sensitive information.

Cost of Data Breach

Financial losses resulting from a data breach.

Threat Actor

Individual or group attempting to compromise systems.

Availability

Ensuring systems and data are accessible for use.

Information Security Domains

Different areas where information security is applied.

Cybersecurity Job

Professionals protecting digital assets from attacks.

Authentication

Verifying a user's identity to grant access.

Authorization

Determining if a user has permission to access something.

2FA

Two-step verification for stronger security.

Least Privilege

Users have only access needed for tasks.

Access Control Lists (ACLs)

Lists defining who can access resources.

Authorization

Determining user permissions for accessing resources.

Non-Repudiation

Ensuring a party cannot deny an action.

Auditability

Tracking system actions for reviewing and analysis.

Audit Logs

Detailed records of system events.

Third-Party Protection

Security safeguards for interactions with external partners.

Study Notes

Introduction to Cyber Security

• This lecture introduces cyber security
• The agenda includes topics like the internet, information security, cyber security, comparison of information security vs. cyber security, the information security triad, course outlines, coursework, and course resources

Internet

• Internet usage has increased dramatically from 2005 to 2023, rising from around 1023 in 2005 to over 5300 in 2023.
• This data is presented graphically in a chart

Why Information Security

• Loss estimates for information security breaches in 2023 are 8trillion;projectedfor2025,theyareestimatedtoreach8 trillion; projected for 2025, they are estimated to reach 8trillion;projectedfor2025,theyareestimatedtoreach10.5 trillion.
• There are 5.45 billion internet users in July 2024

Cyber Security Statistics (2023)

• The typical cost of a data breach is estimated to be $4.45 million USD
• In 2021 and 2022 alone, 2.6 billion personal records were stolen

Cost of a Data Breach (by country/region)

• United States had the highest cost of a data breach in 2023 at 9.481million;in2022,thecostwas9.481 million; in 2022, the cost was 9.481million;in2022,thecostwas9.44 million
• Other top 10 countries include: Middle East, Canada, Germany, Japan, United Kingdom, France, Italy, Latin America, and South Korea

Cost of a Data Breach (by industry)

• Healthcare is the most expensive industry to breach, at $10.93 million
• Other top industries include: Financial, Pharmaceuticals, Energy, Industrial, Technology, Professional Services, Transportation, Communications, Consumer, Education, Research, Entertainment, Media, Hospitality, Retail, and the Public Sector. Costs vary by industry and year.

Cyber Security Definition

• Cyber security is the practice of protecting systems, networks, and data from digital attacks. This includes unauthorized access, damage, or theft
• This lecture will cover cyber security basics, importance, types of threats, and key principles.

Information Security (InfoSec) Definition

• InfoSec protects all types of information, digital, physical and intellectual.
• It prevents unauthorized access, misuse, destruction, or alteration.
• The goal is to maintain confidentiality, integrity, and availability (CIA).

Cyber Security vs. Information Security

• Cyber security focuses specifically on digital systems
• Information Security focuses on all types of information

What is Cyber Security?

• Cyber security is developing measures to defend systems, networks and information from cyber criminals, hackers or accidental errors.

Information Security Triad

• Confidentiality: sensitive information is accessible only to authorized individuals
• Integrity: data remains accurate, complete and unaltered
• Availability: systems and data are accessible when needed

Information Security Stages

• Identification
• Assessment
• Protection
• Monitoring

Information Security Domains

• Governance & Compliance (GRC)
• People (SOC)
• Processes
• Technology
• Security Technologies (list of examples provided)

Cyber Security Careers

• Includes a list of top 10 cyber career options

Course Outlines

• Topics in the course outline include definitions of Information Security and related terms, security technologies, threat actors, hacking methodologies, security assessments, malware types, types of attacks, cryptography, firewalls, database security, Wi-Fi security, secure protocols, and web application security.

Classwork

• Quiz 1: Week 5 (5 marks)
• Assignments and researches (5 marks)
• Quiz 2: Week 12 (5 marks)
• Midterm: Week 8 (20 marks)
• Lab: Week 14 (3 tasks) (15 marks)
• Final exam: Week 16 (50 marks)

Resources

• Textbooks including: Introduction to Cyber Security: Fundamentals, Hacking: A Beginner's Guide to Computer Hacking, and Hacking: The Art of Exploitation.
• Lecture materials, presentations, and videos are also provided.

Conclusion

• Cybersecurity is vital in the modern digital world.
• To protect systems and data, proactive measures are needed.
• Understanding cybersecurity fundamentals is essential for defense.

Description

Explore the fundamentals of cyber security in this introductory quiz. Topics include the rise of internet usage, the significance of information security, and alarming statistics about data breaches. Gain insights into the course outlines and essential concepts of cyber security.