Podcast
Questions and Answers
What are the primary focuses of defense in cybersecurity?
What are the primary focuses of defense in cybersecurity?
What distinguishes a threat from a vulnerability in cybersecurity?
What distinguishes a threat from a vulnerability in cybersecurity?
Which of the following is NOT a basic component of cybersecurity?
Which of the following is NOT a basic component of cybersecurity?
In the context of cybersecurity, what does a countermeasure aim to do?
In the context of cybersecurity, what does a countermeasure aim to do?
Signup and view all the answers
How was cyber warfare recognized as a significant threat in 2011?
How was cyber warfare recognized as a significant threat in 2011?
Signup and view all the answers
What does the principle of confidentiality in information security ensure?
What does the principle of confidentiality in information security ensure?
Signup and view all the answers
Why is integrity important in information security?
Why is integrity important in information security?
Signup and view all the answers
Which of the following is closely related to the availability principle in information security?
Which of the following is closely related to the availability principle in information security?
Signup and view all the answers
What does non-repudiation guarantee in the context of information security?
What does non-repudiation guarantee in the context of information security?
Signup and view all the answers
In the context of info assurance, what additional elements are combined with the CIA triad?
In the context of info assurance, what additional elements are combined with the CIA triad?
Signup and view all the answers
Which method is primarily used to ensure data integrity?
Which method is primarily used to ensure data integrity?
Signup and view all the answers
To verify the identity of a user, which type of authentication is NOT commonly used?
To verify the identity of a user, which type of authentication is NOT commonly used?
Signup and view all the answers
How is authenticity typically ensured in communications?
How is authenticity typically ensured in communications?
Signup and view all the answers
What is the primary aim of information security?
What is the primary aim of information security?
Signup and view all the answers
Which of the following is NOT a component of the hacking methodology discussed?
Which of the following is NOT a component of the hacking methodology discussed?
Signup and view all the answers
What does the term 'APT' refer to in the context of malware threats?
What does the term 'APT' refer to in the context of malware threats?
Signup and view all the answers
Which type of encryption involves a single key for both encryption and decryption?
Which type of encryption involves a single key for both encryption and decryption?
Signup and view all the answers
Which session hijacking technique involves intercepting communication between the user and the server?
Which session hijacking technique involves intercepting communication between the user and the server?
Signup and view all the answers
What is one of the main purposes of digital forensics in security operations?
What is one of the main purposes of digital forensics in security operations?
Signup and view all the answers
What is a primary focus of risk management in security governance?
What is a primary focus of risk management in security governance?
Signup and view all the answers
Which of these topics is covered under mobile and cloud security?
Which of these topics is covered under mobile and cloud security?
Signup and view all the answers
What is the primary focus of ethical hacking?
What is the primary focus of ethical hacking?
Signup and view all the answers
Which concept is closely associated with the analysis and prevention of social engineering threats?
Which concept is closely associated with the analysis and prevention of social engineering threats?
Signup and view all the answers
What is considered a passive attack?
What is considered a passive attack?
Signup and view all the answers
Which motive is related to disrupting the operational capabilities of a business?
Which motive is related to disrupting the operational capabilities of a business?
Signup and view all the answers
Which of the following is an active attack?
Which of the following is an active attack?
Signup and view all the answers
What characterizes insider attacks?
What characterizes insider attacks?
Signup and view all the answers
Which type of attack involves an attacker being in physical proximity to the target?
Which type of attack involves an attacker being in physical proximity to the target?
Signup and view all the answers
What is the main goal of distribution attacks?
What is the main goal of distribution attacks?
Signup and view all the answers
Which method is typically associated with footprinting?
Which method is typically associated with footprinting?
Signup and view all the answers
Which technique is commonly used in active attacks?
Which technique is commonly used in active attacks?
Signup and view all the answers
Which motive involves seeking revenge on an individual or organization?
Which motive involves seeking revenge on an individual or organization?
Signup and view all the answers
What type of attack includes methods like dumpster diving and shoulder surfing?
What type of attack includes methods like dumpster diving and shoulder surfing?
Signup and view all the answers
What is the primary role of the blue team in cybersecurity?
What is the primary role of the blue team in cybersecurity?
Signup and view all the answers
What is a disadvantage of conducting black box penetration testing?
What is a disadvantage of conducting black box penetration testing?
Signup and view all the answers
What is the purpose of penetration testing tools?
What is the purpose of penetration testing tools?
Signup and view all the answers
What is a significant pro of white box penetration testing?
What is a significant pro of white box penetration testing?
Signup and view all the answers
What must be established before beginning a penetration test?
What must be established before beginning a penetration test?
Signup and view all the answers
Which of the following best describes 'defense in depth'?
Which of the following best describes 'defense in depth'?
Signup and view all the answers
What is the definition of cyber resilience?
What is the definition of cyber resilience?
Signup and view all the answers
What is a key limitation of black box testing compared to white box testing?
What is a key limitation of black box testing compared to white box testing?
Signup and view all the answers
What is the primary purpose of vulnerability analysis?
What is the primary purpose of vulnerability analysis?
Signup and view all the answers
Which phase is NOT part of system hacking methodology?
Which phase is NOT part of system hacking methodology?
Signup and view all the answers
What do Tactics, Techniques, and Procedures (TTPs) help identify?
What do Tactics, Techniques, and Procedures (TTPs) help identify?
Signup and view all the answers
Which of the following is NOT a category of Indicators of Compromise (IoCs)?
Which of the following is NOT a category of Indicators of Compromise (IoCs)?
Signup and view all the answers
What best describes the role of the Cyber Kill Chain methodology?
What best describes the role of the Cyber Kill Chain methodology?
Signup and view all the answers
Which of the following is a technique used in the social engineering stage of an attack?
Which of the following is a technique used in the social engineering stage of an attack?
Signup and view all the answers
Which type of actions does the procedures within TTPs describe?
Which type of actions does the procedures within TTPs describe?
Signup and view all the answers
What type of data is NOT considered as an indicator of compromise?
What type of data is NOT considered as an indicator of compromise?
Signup and view all the answers
What is a key aspect of the MITRE ATT&CK Framework?
What is a key aspect of the MITRE ATT&CK Framework?
Signup and view all the answers
What is NOT one of the four categories of IoCs?
What is NOT one of the four categories of IoCs?
Signup and view all the answers
Which of the following describes 'Tactics' in the context of TTPs?
Which of the following describes 'Tactics' in the context of TTPs?
Signup and view all the answers
Which of the following is a common sign of a potential intruder within a network?
Which of the following is a common sign of a potential intruder within a network?
Signup and view all the answers
Which of these is NOT part of the phases that attackers follow according to the Cyber Kill Chain?
Which of these is NOT part of the phases that attackers follow according to the Cyber Kill Chain?
Signup and view all the answers
Study Notes
Course Information
- Course name: SENG 411 Cyber Security
- Instructor: Dr. Emin Emrah Özsavaş
- Email: [email protected]
Course Aims & Scope
- Describe the elements of cyber security
- Explain cyber threats and attacks
- Describe hacking methodologies
- Understand security controls and countermeasures
- Understand security governance
Textbooks & Material
- Ethical Hacking and Countermeasures Ver. 12, EC-Council 2022
- Praise for CISSP All-in-One Exam Guide, Fernando Maymi, Shon Harris, McGraw Hill 2022
- Practical Information Security Management: A Complete Guide to Planning and Implementation, Tony Campbell, Apress 2016
Syllabus
- Week 1: Introduction and Basics - Language of security, overview, Identity and Access Management, System Architectures - Identification, authentication, authorization, access control, system architecture concepts
- Week 2: Identity and Access Management, Systems Architectures - Access control, architecture concepts, identity and access management
- Week 3: Cryptography - Symmetric and asymmetric encryption, hash functions, digital signatures
- Week 4: Network Security - Network attacks, security architectures, countermeasures
- Week 5: Hacking Methodology - Footprinting and reconnaissance, scanning networks, enumeration, vulnerability analysis
- Week 6: Hacking Methodology and Sniffing - System hacking (gaining access, escalating privileges, maintaining access, clearing logs) sniffing concepts and techniques
- Week 7: Malware Threats - Malware concepts, APT, trojan, virus, worm, analysis, countermeasures
- Week 8: Social Engineering and Session Hijacking - Concepts, threats, countermeasures
- Week 9: Web Server and Web Application Security - Concepts, threats, countermeasures
- Week 10: Mobile and Cloud Security - Concepts, threats, countermeasures
- Week 11: Wireless, IoT, and OT Security - Concepts, threats, countermeasures
- Week 12: Security Operations, Role of AI/ML - Threat intelligence, digital evidence and incident response, digital forensics, AI/ML in security posture
- Week 13: Security Governance - Risk management, organizational security, security implementation, secure system development
- Week 14: General Review
Grading
- Assignments & quizzes
- Midterm exam
- Final exam
InfoSec Concepts
- Information Security: Protection of information from unauthorized access, use, disclosure, disruption, modification, or destruction. Confidentiality, integrity, and availability are key aspects.
- Information Technology Security (IT Security): Protection of information technologies.
- Cybersecurity: Protecting cyberspace from cyberattacks. Includes information and non-information assets.
CIA Triad
- Confidentiality: Access is limited to authorized users.
- Integrity: Data and resources are trustworthy and free of unauthorized changes.
- Availability: Resources are accessible when needed by authorized users.
InfoSec Details
- Vulnerability: Weakness in a system that can be exploited.
- Threat: An action that exploits a vulnerability.
- Attack: Intentional exploitation of a vulnerability.
- Countermeasure: Measures to resolve vulnerabilities and mitigate threats.
- Risk: Potential for loss, damage, or destruction of an asset, resulting from a threat exploiting a vulnerability.
Cyber Security
- Motive: Goal behind cyberattacks,
- Attacks: Motive + Method + Vulnerability
- Cyberwarfare: Cyberattacks related to conflict (fifth domain of battle).
- Cyber Resilience: Delivering the intended outcome despite adverse cyber events.
Hacking Methodology (CEH)
- Footprinting: Gathering information about the target.
- Scanning: Identifying active hosts and open ports.
- Enumeration: Actively probing the target system.
- Vulnerability Analysis: Identifying weaknesses.
- System Hacking: Gaining access, escalating privileges, maintaining access, and clearing logs.
- Cyber Kill Chain: Methodology for understanding and preventing attacks (reconnaissance, weaponization, delivery, exploitation, installation, and actions on objectives).
- Tactics, Techniques, and Procedures (TTPs): Activities, methods, and procedures employed by attackers (tactics are high-level, techniques are specific actions, and procedures are the sequence).
- Indicators of Compromise (IOCs): Clues or artifacts indicating a possible intrusion.
- MITRE ATT&CK: Framework for understanding and responding to cyberattacks.
Penetration Testing (PenTesting)
- Methods: Black-box (no prior knowledge), White-box (complete knowledge), Gray-box (limited knowledge)
- Goals: Assessing security before an attack.
- Tools: Software that simulates real-world attacks.
- Rules of Engagement (RoE): Clear permission before starting with appropriate constraints.
Teams
- Blue Team: Defensive security team
- Red Team: Attack team, simulates malicious activity
Types of Attackers
- Amateur: Uses readily available tools
- Hacker (Cracker): Knows hacking techniques (intentional)
- State-Funded Spy: Government-supported
- Terrorist: Actively harmful agendas
Ethical Hackers' Attributes
- Professional and ethical values.
- No hidden agenda.
- Obtain permission.
- Proper reporting.
- No damage to systems tested.
- Technical expertise (OS, networking, attacks)
- Organizational security policies and standards.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Related Documents
Description
Test your knowledge on the fundamentals of cyber security covered in SENG 411. This quiz will assess your understanding of threats, attacks, and security controls based on the course syllabus and textbooks. Review concepts from identity management to system architectures.