Understanding Cyber Security - Unit 1

Questions and Answers

What is the primary focus of cyber security?

• Protecting privacy, ensuring data integrity, and safeguarding identity. (correct)
• Enhancing the speed of internet connections.
• Reducing the cost of technology hardware.
• Developing new software applications.

Why has cyber security become more critical in recent years?

• Due to a decrease in the number of internet users.
• Because of the reduced reliance on connected technologies.
• As the world has become more dependent on digital technologies. (correct)
• Due to the lower frequency of cyber criminal activities.

What are potential consequences of cyber security breaches for businesses?

• Enhanced brand image and increased market share.
• Increased customer satisfaction and loyalty.
• Improved employee productivity and morale.
• Reputation damage, system downtime, and financial losses. (correct)

What aspect of data is a key concern of cyber security, along with privacy and confidentiality?

Data integrity. (A)

What was the approximate percentage of businesses experiencing cyber-attacks in 2017?

50% of businesses. (A)

What does the term 'cyber security' primarily involve?

Implementing safeguards to reduce digital security breaches. (B)

Which of the following best describes a 'covert' outsider attack?

An attack involving the transmission of malicious software from outside. (C)

What is the main driver behind the increased opportunity for cybercriminals?

The increased reliance on the internet. (B)

What type of security issue involves unauthorized physical access to a computer system?

Physical security (D)

What is cited as a key trend in modern communications and business activities?

An exponential growth in daily web traffic. (A)

A computer virus falls under which classification of security threat?

Rogue software (B)

What is the critical element that defines a network security issue?

Unauthorized access or compromise of a network. (D)

What does the term 'outsiders unintended' refer to concerning security threats?

An outsider accidentally causing harm to computer systems or data. (A)

Three decades ago, how was the field of computer security viewed?

It was largely non-existent. (D)

What is the analogy used to describe the continuous battle between cyber security experts and cybercriminals?

A cat-and-mouse game (C)

What does the text suggest regarding the possibility of 100% protection from cyber attacks?

It is impossible due to the ever-evolving techniques of cybercriminals. (D)

What is a primary consequence for businesses that neglect cyber security?

Catastrophic impacts, such as data loss and reputational damage (B)

Why can data breaches affecting customers be more damaging than those only impacting the company?

The reputational and legal impact of customer data breaches can be more severe than direct attacks on the company (B)

What legal obligation do businesses have regarding customer data in the online space?

They have a legal obligation to protect their customers online (C)

In the context of data security, who are classified as 'insiders'?

Employees within an organization who have access to company systems (C)

Why can employees pose a more serious threat than outsiders?

Employees have greater access privileges and organizational knowledge (D)

What is an example of 'insiders overt' security breaches?

A disgruntled employee maliciously damaging equipment and destroying company data (A)

Which of the following is most likely to result from an 'insiders covert' action?

A deliberate action by an employee that could incur large reputational or financial impact (A)

What is the most common threat class regarding internal breaches?

Unintended breaches caused by insiders making genuine errors (B)

What is smishing primarily associated with?

Phishing via SMS text messages (D)

What characterizes black hat hackers?

They act with criminal intent and disregard for victims. (C)

Which type of hacker is hired by businesses to uncover security vulnerabilities?

White Hat (C)

What is the main objective of computer vandalism?

To damage or destroy IT systems (A)

Which type of hacker might be hired before a system launch to check for potential issues?

Blue Hat (C)

What is typically the motivation behind computer hacking?

To obtain sensitive data or disrupt information (B)

What distinguishes grey hat hackers from other types?

They charge a fee for their vulnerability identification services. (D)

What can be a consequence of computer hacking?

Ransom demands to unlock encrypted systems (D)

What is the primary intent behind the vast majority of computer viruses?

To cause problems for those affected (A)

Which of the following is NOT a necessary condition for an email to be considered spam?

Sent with the recipient's express permission (A)

What is a common characteristic of items involved in online auction fraud?

They often do not exist or won't reach the buyer (B)

What typically motivates a cybercriminal to engage in cyber squatting?

To resell trademarked domain names at a higher price (A)

What happens when the conditions of a logic bomb are met?

The code triggers an automatic activation causing disruption (C)

What is the main purpose behind web jacking?

To demand a ransom or achieve political/social goals (B)

Which statement about spam emails is true?

They can be inconvenient but are not usually considered dangerous (D)

Why might some hackers develop advanced viruses?

To cause widespread damage to computer systems (C)

What is the primary goal of physical security measures for computers and network systems?

Protecting the facility from unauthorized access (B)

Why is user tracking important in a cyber security framework?

To create a detailed log of user activities for accountability (A)

Which of the following can be a consequence of insufficient physical security for a facility?

Higher insurance premiums (A)

What component is NOT mentioned as a potential physical security measure?

Automated user tracking systems (B)

How can the effectiveness of a company's physical security be evaluated?

By conducting a regular cyber security risk assessment (B)

What is one risk of not tracking user activity within a system?

Difficulties in attributing actions to specific users (A)

What potential threat should physical security measures also consider beyond unauthorized access?

Natural disasters such as fire or flood (A)

What is a critical element of user tracking in a cyber security context?

Details of activities performed by each user on the system (B)

Flashcards

What is Cyber Security?

All measures taken to protect digital systems and data from unauthorized access, use, disclosure, disruption, modification, or destruction.

Who are Cybercriminals?

Cybercriminals aim to steal sensitive information, disrupt operations, or damage reputations.

What are the impacts of Cyber Security breaches?

Cyber security threats can cause data breaches, financial losses, reputational damage, and system downtime.

What does Cyber Security involve?

Cyber security is not just about technology, it involves people, processes, and technology working together to protect information.

Why is Cyber Security important?

Cybersecurity is essential because it safeguards valuable information like financial data, intellectual property, and personal details.

What does Cyber Security protect?

Cybersecurity protects against unauthorized access to computers, networks, mobile devices, and online data.

What are the objectives of Cyber Security?

Cyber security involves protecting against unauthorized access, use, disclosure, disruption, modification, or destruction of data.

Why is the internet vulnerable to cyber threats?

The internet is a vast network that connects billions of devices, making it a target for cybercriminals.

Physical Security Issues

Physical security issues include scenarios when computer equipment is stolen, unauthorized access is gained to computer systems physically, or hardware suffers physical damage.

Rogue Software

This category encompasses computer viruses and malware. It also includes any software introduced to a system that causes a security threat, whether intentionally or accidentally.

Network Security Issues

Network security issues occur when unauthorized access or compromise of a network happens. This can be done by insiders or outsiders.

Direct Attacks by Outsiders

Attacks aimed at disrupting network systems and computer facilities, often involving DoS attacks.

Outsiders Covert Attacks

A type of attack involving the transmission of rogue software to computers or systems from outside the organization.

Outsiders Unintended Access

Unintentional access or damage to computer systems by outsiders is rare.

Accidents

Data integrity and security can be compromised by unforeseen events like natural disasters or workplace fires.

Cybersecurity as a Cat-and-Mouse Game

Continuously evolving field where cybercriminals and security experts engage in an ongoing battle.

Cybersecurity Neglect

Companies that don't prioritize cybersecurity risk facing severe consequences, like major financial losses, damage to reputation, and loss of customer trust.

High-Profile Attacks

Even large, seemingly secure companies are vulnerable to cyberattacks, highlighting the importance of robust security measures.

Reputational Damage

An organization's reputation can be severely damaged even after a cyberattack is resolved, making it crucial to maintain a strong public image.

Customer Data Breach

Security breaches harming customers can have a greater impact than those targeting the company itself, underscoring the duty to safeguard customer data.

Legal Obligation for Customer Data

Organizations have a legal obligation to protect customer data online, emphasizing the importance of compliance with cybersecurity regulations.

Insider Threats

People within a company can be a threat, such as disgruntled employees intentionally damaging systems or causing unintentional harm through errors.

Outsider Threats

People outside a company can cause security breaches, like hackers attempting to gain unauthorized access to sensitive information.

Unintentional Errors

Human mistakes, like accidental data deletion or configuration errors, are common causes of cybersecurity incidents.

Phishing

A type of cybercrime that involves deceiving people into revealing sensitive information like login credentials or credit card details through fake emails, websites, or messages.

Smishing

A form of phishing that uses SMS text messages to deceive victims.

Computer Vandalism

Intentional damage or destruction of computer systems through malicious software or physical methods.

Computer Hacking

Unauthorized access to computer systems, devices, or networks, often motivated by stealing data, destroying information or political motives.

White Hat Hackers

Ethical hackers hired by businesses to identify vulnerabilities in their security systems to prevent cyberattacks.

Black Hat Hackers

Hackers with malicious intent who exploit vulnerabilities for personal gain, often to steal data, disrupt systems, or cause damage.

Grey Hat Hackers

Hackers who identify vulnerabilities and provide solutions, often for a fee, but may sometimes engage in gray areas of ethical hacking.

Blue Hat Hackers

Hackers hired by organizations to test the security of new systems or upgrades before they go live.

Facility Security

Physical security measures taken to protect the facility housing computer systems and network infrastructure.

User Tracking

The ability to track and trace user activities on computer systems, including access times, locations, and actions performed.

Accountability in Cybersecurity

Maintaining detailed records of user actions on computer systems to establish accountability for security breaches.

Login Credentials

Unique credentials assigned to each user to restrict access to computer systems and identify individuals.

Activity Logs

Detailed records of user actions kept on computer systems, including websites visited, data accessed, and changes made.

Log Security

Protecting the integrity of user activity logs by preventing unauthorized modification or deletion.

Cyber Security Risk Assessment

The process of identifying, analyzing, and mitigating potential risks to an organization's computer systems and network infrastructure.

Traceability in Cybersecurity

The ability to track and identify the source of errors or security breaches within a system.

Computer Virus

A type of malicious code designed to cause harm to computer systems, often spreading through email attachments or infected websites.

Spamming

The practice of sending unsolicited bulk emails, often with commercial content, to large numbers of recipients.

Online Auction Fraud

A form of online fraud where individuals create fake online auctions to deceive buyers into paying for non-existent goods.

Cyber Squatting

The practice of registering domain names that resemble trademarks or brand names with the intent to sell them at a higher price to the rightful owner.

Logic Bomb

A piece of code designed to be activated under specific conditions, often causing significant damage to computer systems.

Web Jacking

A form of digital hijacking where attackers gain unauthorized access to a website, preventing the rightful owner from using it.

Prevention over Cure

The act of preventing security issues by taking proactive measures rather than addressing them after they occur.

Study Notes

Unit 1: Understanding Cyber Security

• Cyber security refers to all safeguards to reduce digital security breaches, protecting privacy, confidentiality, along with data integrity and identity protection.
• Cyber security breaches are increasing in a world relying on connected technology.
• Cyber security issues are costly, impacting reputation, causing system downtime, and resulting in financial loss.
• Half of businesses in 2017 suffered attacks or attempted breaches.
• Businesses worldwide are prioritizing cyber security through robust measures and hiring experts.

Learning Outcomes

• Learners will define cyber security and its objectives.
• Learners will understand various cybercrime causes and those responsible.
• Learners will discuss cybercrime classifications and Microsoft's 10 laws of computer security.

What is Cyber Security?

• Cyber security encompasses all measures to reduce digital security breaches.
• It affects all computers and mobile devices, potentially targeted by cyber criminals.
• Key elements include privacy, confidentiality, data integrity, and identity protection.
• Cybercrime incidents are becoming more common.

The Importance of Security

• The internet has fundamentally transformed daily life for billions globally.
• Increasing internet traffic volume presents a significant opportunity for cyber criminals.
• Cyber security is no longer optional for businesses, with attacks having devastating consequences.
• Reputational damage can be challenging to overcome after an attack, even after business operations resume as normal.
• Protecting customers is crucial: a breach impacting customers can be more damaging than an attack on the company.

Insiders and Outsiders

• Cyber security classifications involve insiders (employees) and outsiders (non-employees).
• Insider threats are often classified as overt, covert, and unintended.
• Outsiders can carry out overt, covert, unintended attacks, or accidents.
• Accidents, such as natural disasters or equipment failures, represent a special class of threats that are not directly caused by humans.

The Seven Individual Classes

• Insiders overt: actions by disgruntled employees, leading to data compromise or equipment damage.
• Insiders covert: employees with privileged access causing more damage than outsiders.
• Insiders unintended: security issues caused by human error.
• Outsiders overt: direct attacks on network systems by outsiders— including denial-of-service (DoS) attacks).
• Outsiders covert: attacks involving software transmission from outside the business.
• Outsiders unintended: outsiders unintentionally harming a computer or accessing sensitive data.
• Accidents: issues regarding data integrity or security from unpredictable events—like natural disasters.

Classifications of Computer Security Issues

• Physical security: includes theft, damage, or physical access of computer equipment, systems, or data.
• Rogue software: includes viruses, malware, and other malicious software.
• Network security: comprises breaches and compromises of networks without authorization.

Microsoft’s 10 Laws of Cyber Security

• If someone persuades you to run a program, it’s no longer your computer.
• If someone alters the operating system, it’s no longer your computer.
• If someone has physical access, it’s no longer your computer.
• If someone uploads to your website, it's no longer your website.
• Weak passwords defeat strong security. (and other 5 points)

Recovery Planning

• A well-prepared disaster recovery plan outlines steps in case of facility destruction or inoperability
• Keeping hard copies of important documents alongside backups can aid recovery.
• Cybercrime refers to unlawful acts involving computers or connected devices.
• Motivations for cybercrime can include greed, revenge, or simple enjoyment.

Cyber Crimes

• Insider attacks occur from within an organisation.
• External attacks are launched from outside.

Structured & Unstructured Attacks

• Unstructured attacks are performed by individuals with limited experience or motivation, often randomly.
• Structured attacks are planned by skilled perpetrators, aiming to exploit vulnerabilities or gain access strategically.

Motivations for Cyber Crime

• Monetary gain
• Revenge
• Terrorism
• Recognition
• Anonymity
• Espionage

The Different Kinds of Cyber Crime

• Cyber stalking occurs through harassment or threats on social media.
• Child pornography involves possession and distribution of inappropriate content.
• Forgery/Counterfeiting involves creating fake documents.
• Software piracy violations copyright on software.
• Cyber terrorism aims to coerce or intimidate in pursuing a cause or political goal

Phishing

• Phishing involves tricking parties to reveal personal info by imitating trustworthy sources (often via email)
• Computer vandalism is damaging or destroying computer systems or data.
• Computer hacking encompasses unauthorized access of computer systems by malicious intent.
• White hat hacking is ethical and used for finding vulnerabilities.
• Black hat hacking aims at criminal activities.
• Grey hat hacking involves finding vulnerabilities, then offering services for remediation.

Other Cybercrimes

• Internet time theft: hacking to use an individual's internet account.
• Denial of Service (DoS) attacks: flooding a website to stop it functioning.
• Email Spoofing: fraudulently making email header look like they came from a different source.

Description

This quiz focuses on the fundamentals of cyber security, emphasizing its importance in today's digital landscape. Learners will explore definitions, objectives, and classifications of cyber crimes, as well as the implications of security breaches on businesses. Gain insights into the measures that organizations can take to protect their information.