Types Of Threats
Understanding/Exploiting Vulnerabilities
Real-World Examples
CIA Triad
Case Studies
100

This type of software is designed to harm or exploit any programmable device, service, or network.

What is malware?

100

These are weaknesses in a system that can be exploited by threats.

 What are vulnerabilities?

100

This type of malware encrypts files and demands a ransom for their release. 

What is ransomware?

100

What is the primary goal of confidentiality in cybersecurity? 

What is to prevent unauthorized disclosure of sensitive information?

100

Using these can help prevent unauthorized access.

 What are strong passwords?

200

This type of attack involves fraudulent attempts to obtain sensitive information by disguising as a trustworthy entity. 

What is phishing?

200

This type of vulnerability occurs when software is not updated. 

What is outdated software?

200

This type of social engineering attack involves pretending to be someone else to gain information. 

What is pretexting?

200

What does integrity ensure in the context of the CIA Triad? 

what is making sure that data is accurate and trustworthy?

200

 Applying these can help protect systems from known exploits. 

What are security patches?

300

This involves manipulating individuals into divulging confidential information. 

What is social engineering?

300

Attackers exploit these to gain unauthorized access. 

What are vulnerabilities?

300

A company’s website is targeted by a Distributed Denial of Service (DDoS) attack, causing the website to become unavailable to customers for several hours. During this time, customers are unable to access the company’s services.

Which cybersecurity goal is compromised in this scenario?

What is Availability? 

300

What does availability ensure in a secure system? 

What is to make sure that information and resources are accessible to authorized users when needed. 

300

Regular security assessments and updates help in mitigating these.  

What are threats and vulnerabilities?

400

This type of attack aims to make a machine or network resource unavailable to its intended users. 

What is a Denial of Service (DoS) attack?

400

This type of vulnerability can be exploited if a system is not regularly updated. 

What is outdated software?

400

Name a famous data breach that we discussed that happened in 2017 where over 143+ members information was compromised 

What is the Equifax breach?

400

Which of the following can impact availability? 

A) DDoS Attack 

B) Data Encryption 

C) User Authentication 

What is
A) DDoS Attack?

400

 Regularly updating software helps in fixing these. 

What are vulnerabilities?

500

 Name two examples of malware. 

What are:

Viruses

Ransomware

Worm

Trojan

500

Attackers often exploit these to install malware. 

What are unpatched systems?

500

A hospital’s patient database is encrypted to ensure that only authorized medical staff can access patient records. However, a hacker manages to bypass the encryption and access sensitive patient information. 

Which cybersecurity goal is compromised in this scenario?

What is Confidentiality?

500

Name a common tool used to maintain confidentiality in communication.  

VPN (Virtual Private Network)

500

What is a common indicator of a phishing email? 

A) Professional language 

B) Suspicious links and urgent language

C) Secure email address 

D) No spelling errors 

What is
B) Suspicious links and urgent language?