ITSAC - Module 3 Flashcards
Refers to the practice of protecting digital devices, systems, and networks from unauthorized access, theft, damage, or other malicious activities.
It includes various methods and technologies that are used to safeguard information, such as firewalls, encryption, authentication, and intrusion detection systems.
Cyber Security
Malicious software designed to harm, exploit, or disrupt devices, networks, or data. Examples include viruses, ransomware, and spyware.
malware
A cyber attack where attackers impersonate legitimate entities (e.g., banks, companies) to trick users into providing sensitive information like passwords or credit card details.
phishing
A targeted form of phishing where attackers customize messages to a specific individual or organization to gain access to confidential data.
Spear phishing
An attack where a hacker intercepts and alters communication between two parties without their knowledge, often to steal sensitive information.
Man-in-the-middle attacks
An attack that overwhelms a system, network, or website with excessive traffic, causing it to slow down or crash, making services unavailable.
Denial of Service
A cyber attack that exploits vulnerabilitiesin a website�s database by injecting malicious SQL code to gain unauthorized access to sensitive data.
SQL injection
A type of cyber attack that manipulates the Domain Name System (DNS) to redirect users to fraudulent websites or disrupt network services.
DNS attack
is constantly evolving and changing as new threats and vulnerabilities emerge. In recent years, there has been a significant increase in cyber attacks, data breaches, and other cyber threats, which has led to a heightened focus on cyber security.
Cyber Security Landscape
the most prevalent emerging business risk
ransomware
THE ANATOMY OF RANSOMWARE
- Reconnaissance - gathering and analyzing infos to select vulnerabiities to enter the org
- Delivery - gaining access to org’s networks and data (phishing, SQL inject, web)
- Exploitation - installing backdoors, exploiting alternative vulnerabilities, and exfiltrating or destroying data
- Impact - demand for ransom and operational capabilities after recovery efforts
� refers to adhering to laws, Regulations, and industry standards that govern the use and protection of digital data
Compliance
- Developing and implementing strategies to prevent, detect, respond, and recover from cyber attacks
- requires testing and updating security measures regularly to adapt to new threats and vulnerabilities
Resilience
THE NIST CYBERSECURITY FRAMEWORK
- Identify - what procecesses and assets need protection?
- Protect - implement appropriate safeguards to ensure protection of the enterprise’s assets
- Detect - implement approriate mechanisms to identify the occurence of cybersecurity incidents
- Respond - develop techniques to contain the impacts of cybersecurity events
- Recover - implement the appropriate proccesses to restore capabilities and services impaired due to cybersecurity events
- what procecesses and assets need protection?
Identify
- implement appropriate safeguards to ensure protection of the enterprise’s assets
Protect
- implement approriate mechanisms to identify the occurence of cybersecurity incidents
Detect
- develop techniques to contain the impacts of cybersecurity events
Respond
- implement the appropriate proccesses to restore capabilities and services impaired due to cybersecurity events
Recover
