Cybersecurity Basics
What is cybersecurity?
The protection of computer systems and networks from attacks or unauthorized access.
What is a “threat actor”?
A person or group responsible for carrying out cyberattacks.
List three Incident Response Frameworks.
What is Diamond model, NIST, MITRE.
Why is cybersecurity important for governments?
To protect national security and infrastructure.
What is one basic step everyone can take to protect their online accounts?
Use strong, unique passwords.
What are the three core principles of cybersecurity known as the CIA Triad?
Confidentiality, Integrity, and Availability.
What do we call hackers who use pre-made tools and have little experience?
Script Kiddies.
The incident response step where affected systems are isolated to stop further damage.
What is Containment and Eradication?
Which type of attack can shut down business systems until a ransom is paid?
Ransomware attack.
What is encryption used for?
To protect data by converting it into unreadable code.
Which type of cyber threat involves tricking people into giving up personal information?
Phishing.
Which type of hacker is motivated by political or social causes?
Hacktivist.
This final phase involves lessons learned, documentation and improving defenses after an incident.
What is Post incident Review?
What kind of data would a cyberattack on a school target?
Student grades, records, and personal information.
What’s the purpose of multi-factor authentication (MFA)?
To add an extra layer of security beyond a password.
What is one reason cybersecurity is important for individuals?
To protect personal data like passwords, bank info, and identity.
What is the difference between a white hat and black hat hacker?
White hats are ethical hackers; black hats have malicious intent.
What is the cyber kill chain and how many step are in it?
The cyber kill chain is a security framework that describes the step by step stages of a cyber attack from the initial planning to achieving the attackers goal. There are 7 steps (Reconnaissance, weaponization, Delivery, Exploitation, Installation, Command and Control and Action on objective)
What kind of hackers might steal trade secrets from competitors?
Competitor Spies or Industrial Spies.
Name one best practice for organizations to reduce risk.
Regular system updates or employee cybersecurity training.
Name one example of a real-world cybersecurity breach that affected millions.
Equifax breach, MGM attack, or UnitedHealth ransomware.
Which type of threat actor is backed by governments and focuses on espionage?
Nation-State or Advanced Persistent Threat (APT).
Draw the diamond model according to the stuxnet case.
Adversary- US and Isreal
Infrastructure - USB
Capability - Zero day/ worm
Victim - Iran
If an insider leaks confidential information, what type of threat is this?
Insider Threat.
What is the goal of risk management in cybersecurity?
To identify, reduce, and control possible security threats.