Skripte gesamt

Question 1

What are the Elements of cybersecurity?

Answer 1

Application Security, Information Security, Network Security, Disaster Recovery / Business Continuity Planning, Operationsal Security, End-user Education

Question 2

What are cybercrime accessories?

Answer 2

Spam, Cookies, Adware, Spyware, Virus, Logical Bomb, Time Bomb, Worms, Botnet, Trojan horse, Ransomeware, Rootkit,

Question 3

What are cybercrime tools?

Answer 3

Proxy Server, Steganography, dycrypter, metasploit, Nmap, wireshark, aircrack-ng, john the ripper, nessus, burp suite,

Question 4

What are the 10 steps / what is the playbook of 10 steps of cybercrime technique?

Answer 4

1. Staging your Attack, 2.Specialize and Outsource
2. Scale your attacks
3. Play the player, not the game
4. Get social for better recon
5. Probe for every weakness
6. Reivent Old web and email attackts
7. Think sideways
8. Hide in Plain sight
9. Take data quietly

Question 5

Cybercrm techniques can broken down into the following

Answer 5

• Intrusion for Monetary or Other Benefit
• Interception for Espionage
• Manipulation of Information or Networks
• Data Destruction
• Misuse of Processing Power
• Counterfeit Items
• Evasion Tools and Techniques

Question 6

Cybercrime techniques

Answer 6

Hacking, hacktivism, data breach, cyber-terrorism, Frauf, Identity theft, Clickjacking, Malicious script cams, suspicious emails and notifications, phishing, pharming, harassment, Fraud as as Service (FaaS), Malware as a Service (MaaS), Ransomware as as Serice (RaaS), Attacks as as Service (AaaS)

Question 7

Best practises and safety 6 focuses

Answer 7

-Governance framework
—Insider threat
Physical environment
Cybersecurity awareness/training
-Assessment of threats/vulnerabilities
-Network security

Question 8

Governance framework - Companies should create an accurate inventory of:

Answer 8

• Physical devices and systems
• Software platforms and applications
• Maps of network resources, connections, and data flows
• Connections to the company’s networks
• Prioritized list of resources, based on sensitivity and business value
• Logging capabilities and practices, assessed for adequacy, appropriate retention, and secure maintenance

Question 9

Governance Fundamental Security Goals: protecting your organization’s assets and:

Answer 9

-Confidentiality: Any important information you have that should be kept confidential. This information
should only be accessed by people (or systems) that you have given permission to do so.
-Integrity: Maintain the integrity of information assets to keep everything complete, intact, and
uncorrupted.
-Availability: Maintain the availability of systems, services, and information when required by the
business or its clients

Question 10

Insider Threat: some of the risks posed from insider threats in the financial sector are outlined below.

Answer 10

• Undesired disclosure of confidential customer and account data
• Fraud & Loss of intellectual property
• Disruption to critical infrastructure
• Monetary loss
• Regulatory repercussions
• Destabilization, disruption, and destruction of financial institutions’ cyber assets
• Embarrassment, and public relations/reputational risk issues

Question 11

Physical Environment: physical security encompasses defensive mechanisms to the following threats:

Answer 11

-Human threats: Intentional or unintentional damage caused by people, for example, an intruder
accessing a restricted area or an employee error.
- Environmental threats: Damage caused by the weather such as rain, fires, floods, etc.
-Supply system threats: Damage caused by an interruption in energy supply that negatively impacts an
information system

Question 12

Cybersecurity Awareness & Training

Answer 12

Employees take risks online and this greatly increases cyber-related risks to their organization. Risky
activities by employees include opening suspicious emails and not protecting sensitive information
stored on, or transmitted from, their computers.

Question 13

Assessing Threats & Vulnerabilities

Answer 13

Cyber criminals continue to take advantage of basic
security vulnerabilities in computer systems. These
include unpatched Windows Operating Systems, weak
passwords, and a lack of end-user education.
Organizations that do not scan for vulnerabilities and
proactively address information system weaknesses face
an increased likelihood of having their systems
compromised

Question 14

Network Security It refers to any activities designed to protect the confidentiality, integrity, and availability of the network,
as well as the information assets that rely upon it. In general, network security has three fundamental
objective

Answer 14

To protect the network itself;
To reduce the susceptibility of computer systems and applications to threats originating from the
network; and,
To protect data during transmission across the network

Question 15

What do we Need to Protect?

Answer 15

 Data
-Information we keep on computers (product design, financial records, personnel data)
-Lost time, lost sales, lost confidence
Resources
-Unauthorized use of computer time & space
Reputation
-Misrepresentation, forgery, negative publicity

Question 16

Fundamental objectives of Info Security:

Answer 16

Goal: Data confidentiality, Data integrity, System availibility
Threat: exposure of data, Tampering with data, denial of services

Question 17

What are Basic Security Attacks?

Answer 17

Introsion, Information theft, denial of services.

Question 18

Technical Safeguards

what security services should you have?

Answer 18

Security Services
 Authentication (entity, data origin)
 Access control (prevent unauthorized access)
 Confidentiality (disclosure, encryption)
 Data integrity (value of data item)
 Non-repudiation (falsely denying a transaction)

Question 19

Security approaches?

Answer 19

 No Security - not an option
 Security thru Obscurity - don’t tell anyone where your site is
 Host Security - enforced security on each host; progressively difficult to manage as number of hosts
increase.
 Network Security - control network access to hosts and services; firewalls, strong authentication, and
encryption

Question 20

Which Cryptographic Techniques exists?

Answer 20

Secret Key Cryptography (SKC): Here only one key is used for both encryption and decryption. This type
of encryption is also referred to as symmetric encryption.
 Public Key Cryptography (PKC): Here two keys are used. This type of encryption is also called
asymmetric encryption. One key is the public key that anyone can access. The other key is the private
key, and only the owner can access it. The sender encrypts the information using the receiver’s public
key. The receiver decrypts the message using his/her private key. For nonrepudiation, the sender
encrypts plain text using a private key, while the receiver uses the sender’s public key to decrypt it. Thus,
the receiver knows who sent it.
 Hash Functions (HF): These functions are different from SKC and PKC. HF can be used to map data of
arbitrary size to fixed-size values. HF returns values called hash values, has codes, digests, or hashes.

Question 21

What are symptoms that a Security compromises was detected

Answer 21

Symptoms:
 Antivirus software detects a problem.
 Disk space disappears unexpectedly.
 Pop-ups suddenly appear, sometimes selling security software.
 Files or transactions appear that should not be there.
 The computer slows down to a crawl.
 Unusual messages, sounds, or displays on your monitor.
 The mouse pointer moves by itself.
 The computer spontaneously shuts down or reboots.

Question 22

Other Security Methods:

Answer 22

 Authentication Protocols built into communications protocol
 Transformed password (one-way function)
 Challenge-response (random value recorded/sent)
 Time-stamp (synchronized clocks)
 One-time password (different variant each login)
 Zero-knowledge technique (interactive proof)
 Address-based Authentication (network address)
 Personal Tokens (hardware & pw/ smart cards)
 Biometrics (fingerprint, voiceprint, handwriting)

Question 23

Kerberos: a computer-network authentication protocol that works on the basis of tickets to allow nodes
communicating over a non-secure network to prove their identity to one another in a secure manner. Examples:

Answer 23

Complete authentication system - MIT
 DES symmetric cryptography
 Online authentication servers
 Host server & clients share symmetric keys
 Client requests a ‘ticket’ / sends to server
 Ticket interpreted only by correct server
 Session key is generated by authentication server after successful exchange
 Authentication service (AS) / Ticket-granting Service (TGS) / Client/Server (CS) authentication exchange

Question 24

Common Web security vulnerabilities:

Answer 24

Injection flaws,Broken Authentication
, Cross Site Scripting (XSS), Insecure Direct Object References, Security misconfiguration, : Sensitive data exposure, Missing function level access control, , Cross Site Request Forgery

Question 25

Key Trends 2019

Answer 25

The Zero Trust Model; Biometric Security Growth; IoT Security Evolution; GDPR Compliance as a Service; Better, smarter IoT botnets; Attacks on critical national infrastructure; Crypto-jacking usw.