IAAS311.pdf

Full Transcript

IAAS311 Organized Hackers: Cybercriminal groups,
hacktivists, terrorists, and state-sponsored
Introduction to Cybersecurity
attackers.
1. The World of Cybersecurity
5. Cyberwarfare
Cybersecurity is the ongoing effort to
Purpose: To disrupt, gather intelligence, or
protect individuals, organizations, and
damage another nation's infrastructure. An
governments from digital attacks by
example is the Stuxnet malware, which
safeguarding networked systems and data
targeted Iran’s nuclear facilities.
from unauthorized access or harm.
6. Data Security
Importance:
Common Breaches:
o Personal: Protect your identity, data,
and devices. o Persirai Botnet: Targeted IP cameras
in a DDoS attack.
o Organizational: Safeguard
reputation, data, and customers. o Equifax Breach: Hackers exploited a
web vulnerability, leading to identity
o Government: Protect national
theft risks.
security and citizen wellbeing.
Consequences:
2. Protecting Your Personal Data
o Reputational damage, financial loss,
Offline Identity: Information you share daily
vandalism, theft, and intellectual
(name, age, address). Protect it from identity
property loss.
theft.
7. The McCumber Cube (Security Model)
Online Identity: Information you reveal
online (username, social identity). Limit Three Dimensions:
what you share to avoid privacy risks.
1. Confidentiality: Data encryption and
3. Types of Data and Risks identity proofing.

Sensitive Information: Personal data such 2. Integrity: Protect against unauthorized
as medical, educational, employment, and data modifications.
financial records are valuable to hackers.
3. Availability: Ensure authorized access
Data Leakage: Even casual sharing of to systems and data when needed.
photos or information can lead to worldwide
Key Terms
dissemination.
Cybercriminals: Individuals who seek to
4. Cyber Attacks
exploit vulnerabilities for personal or
Types of Attackers: political gain.

o White Hat: Ethical hackers who Internet of Things (IoT): Devices connected
identify system weaknesses. to the internet collecting and sharing data,
increasing the risk of data breaches.
o Gray Hat: Exploit vulnerabilities for
personal reasons but may inform the Identity Theft: Criminals using personal
system owners. information to steal money or commit fraud.

o Black Hat: Hackers seeking illegal
financial or political gain.
MODULE 2 3. Security Vulnerabilities and Exploits:

1. Types of Malware: o Hardware Vulnerabilities: Example:
Meltdown and Spectre, exploiting CPU
o Spyware: Monitors online activity and
vulnerabilities.
captures sensitive information (e.g.,
keystrokes). o Software Vulnerabilities: Example:
Buffer overflows and non-validated input.
o Adware: Delivers advertisements, often
bundled with legitimate software. o Race Conditions: Exploiting the timing of
events in processes.
o Backdoor: Bypasses normal
authentication to access systems. o Access Control Problems: Weak
controls over access to resources.
o Ransomware: Holds systems/data
hostage until a payment is made. o Software Updates: Essential to patch
vulnerabilities.
o Scareware: Tricks users into believing
their system is at risk. 4. The Cybersecurity Landscape:

o Rootkit: Alters OS to create a backdoor, o Cryptocurrency: Digital currency secured
hard to detect. through encryption.

o Virus: Replicates and attaches to o Cryptojacking: Using someone’s device
executable files, potentially destructive. to mine cryptocurrency without their
consent.
o Trojan Horse: Masks its malicious intent,
often hidden in legitimate files. Symptoms of Malware Infection:

o Worms: Spreads on its own across Slow CPU performance.
systems, causing widespread damage.
Frequent system crashes.
2. Methods of Infiltration:
Unexplained network issues.
o Social Engineering: Manipulating
Unknown files or programs.
individuals to gain unauthorized access.
Emails being sent without your knowledge.
▪ Techniques: Pretexting,
Tailgating, Quid pro quo. New Terms and Commands:
o Denial-of-Service (DoS): Overwhelms Spyware, Adware, Ransomware, Trojan Horse,
systems with traffic. Worm, Botnet, DDoS, DoS, Buffer Overflow,
Social Engineering, Cryptojacking, etc.
o Distributed DoS (DDoS): DoS attacks
originating from multiple sources. MODULE 3
o Botnet: Group of infected computers 1. Protecting Your Devices and Network
used for malicious purposes.
Turn on the firewall: Use either a software or
o On-Path Attacks: Intercepting hardware firewall to protect your device
communications (e.g., Man-in-the-Middle from unauthorized access.
attacks).
Install antivirus and antispyware: Protect
o Password Attacks: Methods include against malware that can destroy data or spy
password spraying, brute-force, and on your activities.
rainbow attacks.
 Manage OS and browser security: Keep your 6. Who Owns Your Data?
system updated with the latest security
Terms of Service: Review terms before
patches.
signing up, especially regarding how your data
Set up password protection: Use strong is used, shared, and stored.
passwords and encrypt sensitive data.
MODULE 4
2. Wireless Network Security
1. Cybersecurity Devices and Technologies
Home network: Change default SSIDs and
Security Appliances:
passwords, enable WPA2 encryption, and
update devices regularly. o Routers: Basic traffic filtering
capabilities.
Public Wi-Fi risks: Avoid sharing personal
information on public Wi-Fi. Use a VPN to o Firewalls: Control/filter
secure your connection. communications between devices
and networks.
3. Password and Passphrase Guidelines
o Intrusion Prevention Systems (IPS):
Strong passwords: At least 8-64 characters,
Block malicious traffic using
no common phrases, and no password hints.
signature-based detection.
Passphrase: Longer than a password and
o Virtual Private Networks (VPNs):
harder to crack (e.g., “Acat th@tlov3sd0gs.”).
Secure encrypted communication
4. Data Maintenance between remote devices and
organizational networks.
Encryption: Convert data into unreadable
forms to prevent unauthorized access. o Antimalware/Antivirus: Detect and
Tools like EFS on Windows help encrypt files. block malware using signature or
behavior-based analysis.
Backup: Use secondary locations (e.g.,
external drives, cloud services) to back up Types of Firewalls:
important data.
o Network Layer: Filters based on IP
Permanent deletion: Overwrite data multiple addresses.
times with tools like SDelete or physically
o Transport Layer: Filters based on
destroy the storage device.
data ports.
5. Safeguarding Your Online Privacy
o Application Layer: Filters based on
Two-factor authentication: Adds extra applications.
security using a second token (e.g., SMS
o Context-Aware Layer: Filters based
code, biometric scan).
on user, device, and threat profile.
Open Authorization (OAuth): Log in to third-
Port Scanning: Scans open ports on a
party apps using credentials from other
network to assess vulnerabilities.
accounts (e.g., Google, Facebook).
Intrusion Detection and Prevention
Private browsing: Use modes like Incognito
Systems (IDS/IPS):
(Chrome) or InPrivate (Edge) to minimize
data tracking. o IDS: Detects malicious activities
and alerts administrators.

o IPS: Blocks traffic based on positive
detection of malicious behavior.
2. Behavior-Based Cybersecurity Employee Training: Educate employees on
security practices and incident response.
Behavior-Based Security: Monitors
communication patterns to detect Legal and Ethical Issues
anomalies.
Personal Legal Issues
NetFlow: Collects data about network
Cybersecurity professionals must operate
traffic to identify abnormal behavior.
within legal boundaries, despite having the
Penetration Testing: skills to engage in hacking.

o Steps: Planning, Scanning, Gaining Ethical considerations emphasize that just
Access, Maintaining Access, and because one can perform an action does
Reporting. not mean they should, as hacking can lead
to traceable consequences.
o Used to identify vulnerabilities in
systems by simulating attacks. Corporate Legal Issues

3. Cisco’s Approach to Cybersecurity Organizations must comply with
cybersecurity laws, with potential
CSIRT (Computer Security Incident
repercussions for breaches including job
Response Team): Manages security
loss and legal penalties.
incidents, proactive threat assessment,
and incident response. Employees are advised to consult legal or
HR departments when uncertain about the
Security Playbook: A guide for incident
legality of actions.
detection and response, automating threat
responses. International Law

Tools: Cybersecurity law is evolving due to the
borderless nature of cyberspace.
o SIEM (Security Information and
Event Management): Collects and There is ongoing debate regarding the best
analyzes security data for real-time practices for international cybersecurity
attack detection. governance.

o DLP (Data Loss Prevention): Ethical Considerations
Protects data in use, in motion, and
Professionals face dilemmas when
at rest to prevent unauthorized
reporting incidents that could implicate
access.
colleagues. Questions to consider include
4. Risk Management legality, compliance with company policy,
and potential reputational impact.
Risk Management: Continuous process of
identifying and mitigating risks to reduce Education and Career Pathways
their impact on the organization.
Becoming a Cybersecurity Professional
Steps: Frame, Assess, Respond, and
Entry-level positions such as Security
Monitor risks.
Analyst provide a foundation for growth in
5. Security Best Practices various cybersecurity roles.

Security Policies: Define rules and Job search platforms like Indeed and
responsibilities for organizational security. LinkedIn can help identify available
positions globally.
Regular Backups: Ensure data recovery
from backups in case of failure.
Professional Certifications

Certifications enhance credibility and career
prospects. Key certifications include:

Microsoft Technology Associate (MTA): For
high school students and career changers.

Palo Alto Networks Certified Cybersecurity
Associate: Entry-level certification for
newcomers.

CompTIA Security+: Essential for IT security
roles in government.

EC Council Certified Ethical Hacker (CEH):
Focuses on identifying vulnerabilities
legally.

ISC2 Certified Information Systems
Security Professional (CISSP): Requires five
years of experience.

Tools for Career Development

CyberSeek: Provides data on supply and
demand in the cybersecurity job market,
aiding individuals in navigating their career
paths.