Introduction to Cyber Security

Questions and Answers

Which of the following is NOT a type of social engineering attack?

• Tailgating
• Ransomware (correct)
• Phishing
• Pretexting

Cyber criminals need to successfully breach security only once to gain access to data.

True (A)

What is the primary purpose of using multi-factor authentication (MFA)?

To enhance security by requiring multiple forms of verification before granting access.

Data breaches can lead to financial losses, reputation damage, and ___ consequences.

legal

Match the following cybersecurity challenges with their respective areas:

Remote Work Security = Secure connections and data protection Cloud Security = Data encryption and compliance IoT Security = Interconnected devices protection AI and Machine Learning = Enhancing threat detection and response

Which of the following is an example of a strategy to handle social engineering attacks?

Employee training (A)

It is safe to give vendors remote access with full admin privileges for their convenience.

False (B)

What is the significance of protecting critical infrastructure?

To ensure the safety and functionality of essential services, such as power and healthcare.

What is the primary objective of cyber security?

Confidentiality, integrity, and availability of data (B)

A vulnerability is a potential danger that can exploit a weakness in a system.

False (B)

What should you avoid doing to protect your computer from threats?

Plugging in random USB sticks

The likelihood of a threat exploiting a vulnerability is referred to as __________.

risk

Match the following terms related to cyber security with their definitions:

Threat = Any potential danger that can exploit a vulnerability Attack = Deliberate actions taken by adversaries to compromise security Defense = Countermeasures and strategies to protect against threats Vulnerability = Weaknesses in a system that could be exploited

Which of the following is NOT a recommended action to improve cyber security?

Ignore password policies (B)

Cyber security is solely the responsibility of the IT department.

False (B)

What program is offered by the State of Iowa to enhance cyber security knowledge?

Securing the Human

Flashcards

What is Cybersecurity?

The practice of safeguarding systems, networks, and data from unauthorized access and digital attacks.

Threat (Cybersecurity)

A potential danger that can exploit vulnerabilities to compromise security.

Vulnerability (Cybersecurity)

Weaknesses in a system that can be exploited by a threat.

Risk (Cybersecurity)

The possibility of a threat successfully exploiting a vulnerability, leading to potential harm.

Attack (Cybersecurity)

Actions taken by adversaries to deliberately compromise the security of a system.

Defense (Cybersecurity)

Strategies and countermeasures to prevent threats from exploiting vulnerabilities.

What is connected to your network?

Any device or software connected to your network.

What are key security settings?

Policies that control user access and privileges on a system.

Phishing

A type of social engineering attack that tries to trick you into giving up sensitive information by making you believe the source is legitimate.

Pretexting

An attack where the attacker pretends to be someone they are not to gain access to your data.

Quid Pro Quo

A scam where the bad guy claims to help you with a problem, but actually gains access to your data.

Tailgating

A type of physical security breach where an attacker gains access to a secure area by following someone authorized to enter.

Baiting

A type of social engineering attack that tries to irritate or taunt someone into responding, revealing personal information or taking unwanted actions.

People and Process Gap

A situation in cybersecurity where there is a gap between the ideal security measures and the actual implementation, often due to lack of resources or training.

Cloud Security

The practice of securing data and applications hosted on remote servers, focusing on encryption, access control, and compliance.

Remote Work Security

Addressing the security challenges of remote work, focusing on secure connections, access control, and data protection.

Study Notes

Introduction to Cyber Security and Information Systems Security

• Cyber security is the practice of protecting systems, networks, and data from digital attacks.
• It involves a broad spectrum of measures to defend information and technology assets.
• Key goals include data confidentiality, integrity, and availability.

What is Cyber Security?

• Cyber security safeguards systems, networks, and data against digital attacks and unauthorized access.
• A wide array of measures are employed to protect information and technological resources.
• Main objectives are data confidentiality, integrity, and accessibility.

Cybersecurity: A Shared Responsibility

• Building robust cybersecurity measures is a collective responsibility.
• Even a single vulnerability can compromise the entire system.
• A collaborative and proactive approach is essential to combat cyber threats effectively.

You Are a Target

• Cybercriminals employ various tactics to gain access to valuable information.
• Usernames, passwords, emails, and virtual goods are attractive targets.
• Cybercriminals can hijack identities, infiltrate systems, or extort payment.

Shared Responsibility

• Cybersecurity protection requires a shared effort, not solely the responsibility of an individual IT person.
• Maintaining a highly secure system is difficult, even for organizations with dedicated resources.
• Cyber threats require collective vigilance and proactive measures.

Key Concepts in Cyber Security

• A threat is any potential danger that can exploit a vulnerability and compromise security.
• A vulnerability is a weakness in a system that hackers can exploit.
• Risk is the likelihood of a threat successfully exploiting a vulnerability.
• An attack is a malicious action taken by an adversary to compromise system security.
• Defense strategies and countermeasures protect against cyber threats.

Quick Training

• Avoid plugging unfamiliar USB drives into your computer, like randomly consuming unverified food.
• This practice, similar to eating unverified food, can have serious consequences (e.g., Stuxnet attack).

Preparing for Battle

• Cyber security teams should not be limited to IT personnel.
• A gap exists between confidence in cybersecurity and actual preparedness.
• Organizations should leverage external expertise and resources (e.g., NACO, MS-ISAC, SANS, DHS).
• Utilizing external resources can enhance the organization's security posture.

Preparing for Battle: SANS Training

• The State of Iowa offers free SANS "Securing the Human" training.
• This training program comprises multiple short videos.

Know When to Fight

• Resources such as time, money, and personnel are often limited.
• Organizations should prioritize resources and allocate them strategically.
• Organizations should focus efforts on the most vulnerable and critical assets.
• The Center for Internet Security's Cyber Hygiene Campaign assists in identifying cybersecurity issues.
• Implement password security, manage administrative access, ensure devices are updated promptly.

What to Fight

• Cybercriminals target valuable data and systems.
• Data theft is a frequent goal, but data encryption (e.g., ransomware) is also a threat.

Social Engineering Attacks

• Social engineering attacks exploit human vulnerabilities to gain access to sensitive information or systems.
• Baiting, phishing, pretexting, quid pro quo, and tailgating are some examples.

Handling Inferior Forces

• Cybersecurity defenses are not 100% effective.
• Cybercriminals only need one successful attack.
• Collaboration and improved security awareness are vital for protection.

Providing Capacity and Don't Interfere

• Budget and allocate resources to cybersecurity initiatives.
• Policies and procedures must reflect cybersecurity best practices.
• Avoid granting excessive privileges to vendors.
• Demand and expect higher security standards from vendors.

The People and Process Gap

• Effective cybersecurity requires well-trained personnel.
• Processes, management systems, governance frameworks, best practices, and audits play critical roles.
• Technology must be matched with competent people and sound processes.

Why Cyber Security Matters

• Increased reliance on digital technologies makes cybersecurity more crucial.
• Cyber threats such as malware, ransomware, and phishing are commonplace.
• Data breaches can result in financial losses, reputational harm, and legal consequences.
• Cybersecurity protects crucial infrastructure (e.g., power grids, water supply, healthcare).

Current Trending Issues in Cyber Security

• Remote work security requires addressing vulnerabilities of remote environments.
• Cloud security protects applications and data in the "cloud" environment.
• IoT security secures interconnected devices.
• AI and machine learning improve threat detection and response.
• Zero-day exploits are attacks leveraging software vulnerabilities unknown to vendors.

Remote Work Security

• Increased remote work due to global events creates new security challenges.
• Secure connections, access control, and data protection are essential.
• VPNs, multi-factor authentication (MFA), and employee training are solutions.

Cloud Security

• Data and applications hosted on remote servers require specific security considerations.
• Data encryption, access control, and compliance are fundamental to cloud security.
• Leading cloud service providers (e.g., AWS, Azure, Google Cloud) dedicate resources to security.

IoT Security

• Internet of Things (IoT) devices are increasingly pervasive in daily life.
• IoT systems face vulnerabilities due to limited resources and potential for attacks.
• Regular updates, network segmentation, and authentication contribute to IoT security solutions.

AI and Machine Learning in Cybersecurity

• AI and machine learning improve threat detection and response.
• Predictive analytics are employed to identify patterns and anomalies.
• Incident responses are automated to address threats swiftly.
• Adversarial AI poses evolving threats and countermeasures.

Zero-Day Exploits

• Zero-day vulnerabilities are unknown to software vendors.
• Zero-day exploits target these vulnerabilities.
• Vulnerability disclosure and patch management are crucial.
• Proactive security postures are important to combat emerging cyber threats.

Conclusion

• Cybersecurity is vital in the modern digital era.
• Stay informed about evolving cybersecurity threats and best practices.
• Protect organizations' data and systems by implementing comprehensive safeguards.