Scribd
Upload
7 views3 pages

Intro To Cyber Security

Cybersecurity involves protecting network systems and data from unauthorized access, ensuring confidentiality, integrity, and availability. Legal and ethical issues arise in cybersecurity, particularly regarding responsibility for employee actions and cyberwarfare. Various types of security vulnerabilities exist, including malware and social engineering attacks, and tools like IDS and honeypots are used to enhance security and analyze threats.

Uploaded by

rennieimai
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
7 views3 pages

Intro To Cyber Security

Cybersecurity involves protecting network systems and data from unauthorized access, ensuring confidentiality, integrity, and availability. Legal and ethical issues arise in cybersecurity, particularly regarding responsibility for employee actions and cyberwarfare. Various types of security vulnerabilities exist, including malware and social engineering attacks, and tools like IDS and honeypots are used to enhance security and analyze threats.

Uploaded by

rennieimai
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Revision

Cybersecurity is the ongoing effort to protect Internet-connected network systems and all of the
data associated with the systems from unauthorized use or harm.

Confidentiality ensures that data is accessed only by authorized individuals. Authentication will
help verify the identity of the individuals.

The objectives for data integrity include data not being altered during transit and not being
changed by unauthorized entities. Authentication and encryption are methods to ensure
confidentiality. Data being available all the time is the goal of availability.

Availability ensures that network services are accessible and performing well under all
conditions. By load balancing the traffic destined to the main web servers, in times of a huge
volume of visits the systems will be well managed and serviced.

Legal and Ethical Issues in Cybersecurity

This is a bit of a grey area and would also depend on local laws. In many cases, if the employee
did something with the knowledge or approval of the company, then the legal responsibility
would probably be with the company not the employee. In some areas or situations, both the
company and employee could be held legally responsible.

Cyberwarfare is Internet-based conflict that involves the penetration of the networks and
computer systems of other nations. The main purpose of cyberwarfare is to gain advantage over
adversaries, whether they are nations or competitors.

Types of Security Vulnerabilities

Malware can be classified as follows:

- Virus (self replicates by attaching to another program or file)


- Worm (replicates independently of another program)
- Trojan Horse (masquerades as a legitimate file or program)
- Rootkit (gains privileged access to a machine while concealing itself)
- Spyware (collects information from a target system)
- Adware (delivers advertisements with or without consent)
- Bot (waits for commands from the hacker)
- Ransomware (holds a computer system or data captive until payment is received)

The hacker infects multiple machines (zombies), creating a botnet. Zombies launch the
distributed denial of service (DDoS) attack.
Phishing, spyware, and social engineering are security attacks that collect network and user
information. Adware consists, typically, of annoying popup windows. Unlike a DDoS attack,
none of these attacks generate large amounts of data traffic that can restrict access to network
services.

The best approach to protect a data network from a possibly compromised IoT device is to place
all IoT devices on an isolated network that only has access to the Internet.

The best method to avoid getting spyware on a user machine is to download software only from
trusted websites.

Biometric authentication can be used through the use of a fingerprint, palm print, and facial or
voice recognition.

Open Authorization is an open standard protocol that allows end users to access third party
applications without exposing their user passwords.

An email message is transmitted in plain text and can be read by anyone who has access to the
data while it is en route to a destination. Patient records include confidential or sensitive
information that should be transmitted in a secure manner.

An IDS, or intrusion detection system, is a device that can scan packets and compare them to a
set of rules or attack signatures. If the packets match attack signatures, then the IDS can create an
alert and log the detection.

Only an IDS and NetFlow logging can be used to detect anomalous behavior, command and
control traffic, and infected hosts.

Nmap allows an administrator to perform port scanning to probe computers and the network for
open ports. This helps the administrator verify that network security policies are in place.

A honeypot is a tool set up by an administrator to lure an attacker so that the behavior of the
attacker can be analyzed. This information can help the administrator identify weaknesses and
build a stronger defense.

The Cyber Kill Chain describes the phases of a progressive cyberattack operation. The phases
include the following:

 Reconnaissance
 Weaponization
 Delivery
 Exploitation
 Installation
 Command and control
 Actions on objectives

In general, these phases are carried out in sequence. However, during an attack, several phases
can be carried out simultaneously, especially if multiple attackers or groups are involved

It is the first stage, reconnaissance, of the the kill chain that focuses on the identification and
selection of targets.

The time between a cyberattack and the time it takes to discover the attack is the time when
hackers can get into a network and steal data. An important goal of the CSIRT is to ensure
company, system, and data preservation through timely investigations into security incidents.

Computer Security Incident Response Team(CSIRT).

You might also like