Cybersecurity Basics
What is cybersecurity?
The protection of computer systems and networks from attacks or unauthorized access.
What is a “threat actor”?
A person or group responsible for carrying out cyberattacks.
What is a threat model?
A plan for identifying and preventing possible cyberattacks.
Why is cybersecurity important for governments?
To protect national security and infrastructure.
What is one basic step everyone can take to protect their online accounts?
Use strong, unique passwords.
What are the three core principles of cybersecurity known as the CIA Triad?
Confidentiality, Integrity, and Availability.
What do we call hackers who use pre-made tools and have little experience?
Script Kiddies.
Name one purpose of threat modeling.
To predict and prepare for potential security threats.
Which type of attack can shut down business systems until a ransom is paid?
Ransomware attack.
What is encryption used for?
To protect data by converting it into unreadable code.
Which type of cyber threat involves tricking people into giving up personal information?
Phishing.
Which type of hacker is motivated by political or social causes?
Hacktivist.
What are three key components of a threat model?
Adversaries, Assets, and Risk Assessment.
What kind of data would a cyberattack on a school target?
Student grades, records, and personal information.
What’s the purpose of multi-factor authentication (MFA)?
To add an extra layer of security beyond a password.
What is one reason cybersecurity is important for individuals?
To protect personal data like passwords, bank info, and identity.
What is the difference between a white hat and black hat hacker?
White hats are ethical hackers; black hats have malicious intent.
What does the acronym PASTA stand for?
Process for Attack Simulation and Threat Analysis.
What kind of hackers might steal trade secrets from competitors?
Competitor Spies or Industrial Spies.
Name one best practice for organizations to reduce risk.
Regular system updates or employee cybersecurity training.
Name one example of a real-world cybersecurity breach that affected millions.
Equifax breach, MGM attack, or UnitedHealth ransomware.
Which type of threat actor is backed by governments and focuses on espionage?
Nation-State or Advanced Persistent Threat (APT).
What does OCTAVE focus on?
Organizational risk and protection of critical assets.
If an insider leaks confidential information, what type of threat is this?
Insider Threat.
What is the goal of risk management in cybersecurity?
To identify, reduce, and control possible security threats.