Week 1: Key Terms Flashcards
What is Cybersecurity?
The assessment of threats and the mitigation of risk.
Example: You’re launching a new website and are concerned with attacks that interrupt service due to system request overload (denial of service). Your security and IT organizations consult and develop procedures to identify threats and protect applications and the network (e.g., packet monitoring and management, escalation management).
What is Threat Assessment?
A structured process of identifying the risks posed to a group or system.
Example: The National Institute of Standards and Technology (e.g., NIST Special Publication 800-30) outlines structured processes and frameworks for identifying, estimating, and prioritizing risks to individual, organizational and operational assets.
What is Risk Mitigation?
Systematic reduction in the impact and / or the likely occurrence of a negative event.
Example: Reducing the risks associated with signals from wireless access points that transmit outside of your organization’s controlled boundaries. A mitigation action could include reducing the power of wireless transmissions so that the communications are less likely to emit a signal captured outside of the physical perimeters of your organization.
Define Social Engineering
The act of deceiving an individual into revealing sensitive information, obtaining unauthorized access, or committing fraud by associating with the individual to gain confidence and trust.
Example: An attacker calls (vishing-voice phishing) claiming to be from your Internet provider and starts asking questions. The objective is to trick you into surrendering information that is used to access important account information or to get login credentials (credential reuse).
What is a Phishing Attack?
A technique for attempting to acquire sensitive data, such as credit card numbers, usernames or passwords, through a fraudulent solicitation (e.g., email). The perpetrator masquerades as a legitimate business or reputable person.
Example: During the World Cup in Russia, scammers sent out phishing email to fans with offers of free trips to obtain their personal information.
What is Malware?
Hardware, software or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of a system. A virus, worm, Trojan horse, or other code-based entity that infects a host. git
Example: In May of 2017, the WannaCry worm spread rapidly across a number of computer networks infecting Windows computers. It encrypts files on the machine’s hard drive and then demands a ransom payment in bitcoin in order to decrypt them
What is a Man-in-Middle Attack (MitM)?
An attack where the adversary positions themselves in between the user and the system so that they can intercept and alter data traveling between them.
Example: We download and update software daily. The lack of integrity verification (e.g., hash value) of downloads or update information allows a remote attacker to manipulate a software package using a MitM attack.
What is a Packet Sniffer?
Software that monitors network traffic on wired or wireless networks and captures packets.
Example: While packet sniffers are used by network managers to monitor and analyze traic, hackers also use them. For example, a user downloads a file from the Internet. The file is a packet sniffer that when installed on the network can record and transmit any data to a hacker’s command and control server.
What are Brute-Force Attacks?
An attack that involves trying all possible combinations to find a match.
Example: These attacks are often used for attacking authentication and discovering hidden content and pages within a web application. Alibaba’s brute-force attack compromised 21 million user accounts by using a database of 99 million usernames and passwords.
What is Code Injection?
Types of attack which consist of injecting code that is then interpreted and executed by the application.
Example: HTML injections are used to change a website or to steal personal identifiable information (PII). HTML injections can occur via a website link, data or input fields on web forms.
What is a Keylogger?
A program designed to record which keys are pressed on your computer keyboard. It can obtain passwords or encryption keys and thus bypass security measures.
Example: ZeuS/Zbot is a modular banking Trojan which uses keystroke logging to compromise credentials when a user visits a banking website.
Why is cybersecurity such a desired skillthese days?
xplosive Growth in Dependence of IT
• Nearly every personal, social, and commercial aspect of our lives makes contact with vulnerable IT infrastructure.
2) More Users (Targets) on Connected Devices
• More people than ever before are logged into connected devices— often for the majority of their
waking (and sleeping) hours.
3) Better Tools for Bigger Damage
• Today’s cyber attacks are becoming more sophisticated, aggressive and disruptive
than ever before.
4) Significant Investment by Bad Actors
• Where once the field was populated by individual
“lone hackers”, today it has become a focal point for organized crime, nation states, and private enterprises.
5) Dire Shortage of Skilled Professionals
• According to studies by (ISC)2, there will be over 1.5 million unfilled cybersecurity
positions by 2020.
Who/What is at risk of a cyberattack?
1) Users and Admins
• Users are subject to a variety
of social engineering tactics.
2) Websites
• Websites are vulnerable to a broad set of code related attacks.
3) Servers
• Servers are vulnerable to a host of operating system exploits and attacks.
4) Data Centers
• Data Centers are vulnerable to physical and cloud attacks
List seven (7) ways Users/Admins can be attacked.
- Social Engineering
- Phishing
- Credential Reuses
- Malware
- Man in the Middle Attack
- Packet Sniffing
- Stolen Hardware
List three (3) way a website can be attacked.
- Brute Force Attack
- Code-Injection
- Faulty Session Management
