Week 2 (Security In User Domain) Flashcards
What is an User/End-User?
An End-User is a person who ultimately uses or is intended to ultimately use a product. Typically do not possess the technical understanding of the product they are using or intended to use.
Weakest security link.
Explain Human Errors.
In a security context, human error means unintentional actions - or lack of action - by employees and users that cause, spread, or allow a security breach to take place.
It can include not creating strong, unique passwords, writing down passwords on post-it notes on their monitors or sharing them with colleagues
Give examples and reasons for human errors in data handling.
Most common and dangerous mistakes:
Accidentally deleting essential files with sensitive data or security information,
Sending emails with sensitive data to the wrong recipients,
Accidentally making changes in documents due to carelessness,
Sharing sensitive data with colleagues using unsecured messengers,
Using unsecured email attachments when sending sensitive data,
or not backing up critical data.
Major reasons are: negligence, tiredness, lack of knowledge about cybersecurity threats, and not understanding the value of the data.
How to Mitigate Human Error?
Update corporate security policy: Clearly outline how to handle critical data and passwords, who can access them, which security and monitoring software to use, etc.
Educate Employees: Make them aware of potential threats and explain how dangerous and expensive the consequences of their mistakes can be.
Monitor Employees: User activity monitoring tools are needed to detect malicious activity and secure your system from data leaks and malicious attacks.
Explain Social Engineering.
In cyber-security, social engineering refers to the manipulation of individuals in order to induce them to carry out specific actions or to divulge information that can be of use to the attacker.
It in itself does not require a large amount of technical knowledge in order to be successful.
What are some types of human-based social engineering?
Shoulder surfing: Stealing a password or PIN or other secure info, by watching the user type it. Not necessarily done in close proximity. Could use high-powered binoculars or CCTV to directly observe the target remotely.
Tailgating: Means of entering a secure area without authorization by following close behind the person that has been allowed to open the door or checkpoint. It could be done without the targets knowledge or by means of an insider to allow access to someone without recording it in the building’s entry log.
Dumpster diving: Combing through an organization’s or individuals refuse to try to find useful documents or even files stored on discarded removable media.
What are some types of computer-based social engineering?
Phishing: A fraudulent attempt to steal personal or sensitive information by masquerading as a well-known or trusted contact. The most common of which is email-phishing, and there would also be phone calls, text messages and fax, social media. Example: attacker sets up a spoof website, then emails users of the genuine website, supplying a link that leads to spoofed website - when user authenticates with spoofed site, log in details are captured.
Spear Phishing: Phishing scam where the attacker has some information that makes the target more likely to be fooled by the attack. phishing email might show that the attacker knows the recipients full name, job title, telephone number or other details that help to convince the target. May target just one specific individual if they are seen to be of sufficient value to the attacker.
What are some Counter-Measures against Social Engineering?
There is no way to fully protect against Social Engineering attacks, but there are ways to reduce the likelihood of success:
Update the security policy - ensure a clear direction on what is expected of staff within an organization.
Educate the employees - to build an information security culture within an organization, you must make people aware of security issues.
Limit data leakage - Reducing the amount of specific data available.
