REVIEWER.pdf

Full Transcript

Cybersecurity Overview

Definition: The practice of protecting systems, networks, and programs from digital attacks aimed at
accessing, changing, or destroying sensitive data, extorting money, or disrupting operations.

Key Aspects of Cybersecurity:

1. Confidentiality: Information is accessible only to authorized individuals.
2. Integrity: Ensuring the accuracy and reliability of information.
3. Availability: Authorized users have reliable access when needed.

Common Motivations Behind Cyberattacks:

1. Financial Gain: Ransomware, data theft, fraud.
2. Espionage: Corporate or government espionage.
3. Disruption: Hacktivism, infrastructure attacks.

Types of Hackers:

1. White Hat Hackers: Defend systems for organizations.
2. Black Hat Hackers: Attack systems for personal gain.
3. Script Kiddies: Inexperienced hackers using existing tools.

Examples of High-Profile Cyber Attacks:

1. Facebook Data Leak: Exposed personal data of over 530 million users.
2. Microsoft Exchange Breach (2021): Hackers exploited vulnerabilities to install malware.
3. Twitter Bitcoin Scam (2020): Hackers gained access to high-profile accounts.

Impact of Cyberattacks:

On Individuals: Identity theft, privacy invasion, financial loss.
On Organizations: Operational disruption, reputation damage, financial loss.
On Governments: National security threats, public trust erosion, economic consequences.

Vulnerabilities, Threats, and Exploits:

Vulnerability: A weakness in a system that attackers can exploit.
- Example: Outdated software without security patches.
Threat: Potential danger that exploits vulnerabilities.
- Example: Cybercriminals attempting phishing attacks.
 Exploit: Method used by attackers to breach security.
- Example: A zero-day exploit targeting unpatched software.

Mitigation Strategies:

1. Firewalls: Monitor and control network traffic.
2. Intrusion Detection Systems (IDS): Detect malicious activities.
3. Patch Management: Regularly update systems to fix vulnerabilities.

Cybersecurity Professionals:

Ethical Hackers: Identify vulnerabilities to strengthen security.
Security Analysts: Monitor networks and implement security measures.
Incident Responders: Mitigate and recover from cyberattacks.

International Cybersecurity Organizations:

1. INTERPOL Cybercrime Directorate: International cooperation against cybercrime.
2. Computer Emergency Response Teams (CERTs): National/regional organizations managing
cybersecurity incidents.

Role of Governments in Combating Cybercrime:

Legislation and Regulation: Define cybercrimes and penalties.
National Cybersecurity Agencies: Protect infrastructure and coordinate responses.
International Cooperation: Joint operations and information sharing.

Private Sector’s Role:

Innovation and Technology Development: Developing cybersecurity technologies.
Public-Private Partnerships: Collaboration for threat intelligence sharing.
Corporate Responsibility: Companies must protect customer data and secure networks.

Importance of Protecting Networks and Data:

1. Safeguard Sensitive Information: Ensure data privacy and confidentiality.
2. Ensure Business Continuity: Maintain operational stability and disaster recovery.
3. Prevent Financial Loss: Reduce the cost of breaches and protect reputation.
4. Legal Compliance: Meet regulatory standards and be audit-ready.
5. Mitigate Threats: Protect against cyberattacks and enhance threat intelligence.
 6. National Security: Protect critical infrastructure and prevent espionage.
7. Enhance Trust: Build customer confidence and maintain competitive advantage.

Access Control Lists (ACLs) Overview

Definition: ACLs are sets of rules that determine the permissions granted to users and
systems for accessing resources.
Purpose: Protect critical assets by defining who can access them and what actions they can
perform.

Types of ACLs

1. Discretionary ACLs (DACLs): Control access to an object based on user permissions (e.g.,
allowing specific users to read or modify a file).
2. System ACLs (SACLs): Used for auditing access to an object, recording access attempts and
actions performed.

Managing ACLs in Windows

Tools: Use tools like icacls, Windows Explorer, or PowerShell to create and manage ACLs on
files, folders, and registry keys.
Example: The icacls command can set read-only access for a user on a specific folder.

Windows Security Features

User Account Control (UAC): Limits applications to standard user privileges unless explicitly
elevated.
BitLocker: Encrypts drives to protect data from unauthorized access.
Windows Defender: Provides real-time protection against malware.
Windows Firewall: Controls network traffic using ACLs to filter based on IP addresses, ports,
and protocols.

Linux Security Features

Distributions: Examples include Ubuntu, CentOS, and Red Hat.
Security Tools:
o SELinux: Enforces mandatory access control policies.
o AppArmor: Provides security through application confinement.
o iptables: A command-line tool used to configure the netfilter firewall, handling network
traffic filtering.
Managing ACLs in Linux

Tools:
o setfacl: Command-line tool to configure granular ACLs.
o iptables: Used to manage IPv4 ACLs for allowing or denying traffic based on IP
addresses, ports, or protocols.

Comparing ACLs in Windows and Linux

Windows: Managed primarily through graphical interfaces and PowerShell.
Linux: Offers more granular control and is managed via command-line tools.

Cybersecurity and Protecting Your Data

1. Securing Your Devices

Firewall: Ensure it's turned on.
Antivirus/Antispyware: Install and regularly update.
Operating System & Browser: Keep them updated.
Password Protection: Set up strong passwords and lock screens.

2. Password Security

Bad Practices:
o Do not reuse personal passwords.
o Avoid storing passwords in emails, notes, or on sticky notes.
Good Practices:
o Use a password manager for secure storage.
o Consider using USB fingerprint readers for offline access.

3. Strong Password Guidelines

Avoid using dictionary words, names, or misspellings.
Use more than 10 characters.
Include special characters like !@#$%^&*().
Don’t use computer or account names.

4. Risks of Public Wi-Fi

Common Attacks:
o Evil Twin Attack: Hackers create fake hotspots to intercept data.
o Man-in-the-Middle (MitM): Eavesdropping on data between your device and the Wi-Fi
router.
o Password Cracking: Using software to guess router passwords.
o Packet Sniffing: Capturing and extracting data sent over insecure Wi-Fi.
Mitigation Steps:
o Validate Wi-Fi hotspots.
 o Use only sites with "https".
o Avoid auto-connecting to networks.
o Use VPN for safer browsing.

5. Encryption

Converts readable data into a scrambled form using an encryption key.
Only authorized users with the key can decrypt the data.
Encrypt data using tools like Windows' Encrypting File System (EFS).

6. Types of Encryption

Symmetric Encryption: Same key for encryption and decryption.
Asymmetric Encryption (Public Key): Different keys for encryption and decryption.