Cyber security

Garden State Cyber 

Review sheet – Quiz 1

0.1.1 - Ethics

 Review the ethics code of conduct that was signed by you and your parents

 A copy can be found in Google Classroom

 What, when and where does the agreement cover?

1.1.1 - CIA Triad

 What does each letter in CIA triad stand for and be able to give examples

• Confidentiality 

• Availability 

• Integrity 

What are the 3 stages of data? 

• Data in Transit, Data at Rest, and Data in Use.

What is the model of cybersecurity

• Protection =Prevention + (Detection + Response)

1.1.2 & 1.1.3 - Authentication

Authentication

• Something you know - name/ ss/ password 

• Something you have-  phone /number 

• Something you are/ 

Database

Password attacks

• Steal

• Guess

How to make a password secure? - long and easy to remember 

Brute Force Attack- trying multiple passwords for one account 

Dictionary Attack - using word is ing a dictionary to guess the password

Password Spraying- using the same password for multiple accounts 

Credential Surfing - using your credential 

Breach - unauthorized access to computer data, applications, networks or devices

1.1.4 – Password Hashing

What you know:

• Single Sign-On (SSO)

• Passphrase

Hashing

• One-way encryption

• MD5 and SHA1

•  Rainbow Table

• Salt

• Hash Collision

• Pass the Hash Attack

1.1.5 – Methods of Authentication

What you have:

• SmartCards

• Proximity Readers

• Certificates

• One-time password

• Token

What you are:

• Biometrics

Two Factor Authentication

• Stopping Password Attacks

•  Strong Password

• Lockout after multiple attempts

• Multi-Factor/Two-Factor Authentication

Biggest Security Flaw of any Organization is?

• Humans 

Garden State Cyber

Unit 2 - Human Factors

Review

2.1.1 Social Engineering

7 steps in Hacking  (don’t need to memorize)

Recon/Footprint

Scanning/Probing

Gaining Access

Escalating Privileges

Exploiting

Covering Tracks

Installing Back Door

Define: Social Engineering - To get an authorized user to give information

or access to an unauthorized person

Which of the 7 steps of hacking use social engineering?

Why is Social Engineering so successful?  Human are sloppy,Houman like to avoid confrontation, humans want to be helpful

Techniques of Social Engineering (no need to memorize) and how to protect against them:

Piggybacking 🡪 security guards/gates/turnstiles

Shoulder Surfing 🡪 shield the screen or keypad

Dumpster Diving🡪 shred discarded documents

Scareware 🡪 use malware scanner

Baiting

Info written in workspace

Pretexting - all types                                                          

Phishing - all types

 Last 4 = User Security Awareness

and Policies

2.2.1 Phishing

Define: 

Phishing -  is the use of bogus emails and websites to trick you into

• supplying confidential or personal information.

Spear Phishing - is an email scam targeted towards a specific

• individual, organization or business.​

Whaling - describes an email scam targeted to high-value individuals​

• Business Email Compromise 

Smishing -  is text messages used for phishing​

Vishing - is phone calls or voice messages for phishing

​

Familiar with Nigerian Prince Email

How to spot phishing emails?- different URL than what the link says  and different email than what the sender claims to be 

2.2.2 OSINT- Open Source Intelligence Tools

What is OSINT? A public and free website that is legal that can give information 

Give examples of OSINT and not OSINT

✅ = Google search, Spokeo, Zillow…

❌= Google classroom, locked case files 

2.2.4  Mitigating the Human Risk

Define: Mitigate - to make it less severe and painful. 

Policies vs Procedures

A policy is a guiding principle used to set direction in an

organization.

- A procedure is a series of steps to be followed to implement a

policy.

Policy  ->Procedure -> User training = Mitigation

Typical computer policies - Poor password selection

Installing unauthorized hardware. Example: adding a wireless access

point in the organization’s network to boost your wifi signal.

Installing unauthorized software may result in a backdoor

Key Terms:

Applications -third party programs installed by user to provide additional functions. 

Backup - a process that copies all your files, data and information to effectively create two versions – one on your original devices and one backup.

CVE - Common Vulnerabilities and Exposures

Exploit - specific code or attack technique that uses a vulnerability to carry out an attack or gain unauthorized access.

Mitigate - minimize the risk; lessening the force or intensity of something unpleasant.

Patch - an update to close a vulnerability 

System Hardening- is the process of limiting potential weaknesses that make systems vulnerable to cyber attacks.

Redundancy -  is known as having several copies 

System image - a backup that includes the operating system and configuration settings. 

Vulnerability - A security flaw, glitch, or weakness found in software code that could be exploited by an attacker (threat source).

Vulnerability scanner - Automated tool to connect to a system and identify known vulnerabilities 

Things to know:

What are 5 actions of system hardening?

• Updates

• Windows Defender Security Center

• UAC settings

• Local security policies

• Disable unnecessary services

What is the most important thing you can do to secure your system?

• updated security/IOS

4 types of updates - patch, hotfix, critical, security

• Update / Patch = a tweak to the OS code that will fix an issue in how it runs or compatibility with devices and applications. 

• Hotfix = patch for a very specific issue - not released through automatic updates

• Critical = fix for a bug that is affecting OS functionality

• Security = fixes a vulnerability in the OS code to stop exploits.

Windows Security Center tools 

• Firewall & Network Protection

• Virus and Threat Protection

• User Account Control

• App and Browser Control

Top 2 sources of vulnerability?

• Operating system and user.

Tool which prompts you to confirm a system update?

• UCA User Access Control 

Password Policy - what does each of these mean?

• Length = how many characters

• Complexity = what characters are used

• Age = when it needs to be reset

• History = no reuse

Account Lockout Policy 

• Threshold

  • how many invalid passwords a user can attempt before locking out the account. 

• Duration

  • the number of minutes that a locked-out account remains locked out before automatically becoming unlocked.

• Reset counter time

  •  of minutes that must elapse from the time a user fails to log on before the failed login attempt counter is reset to 0.

What is the 3-2-1 rule of backups?

• 3 copies of the data.

• 2 copies stored on different devices. One device is the original system, and the other device can be an external hard-drive, a network drive or even a USB drive.

• 1 copy offsite or in the cloud.

What is the Least Privilege Principle of cybersecurity?

• best practice is to provide each user with the minimum system access needed to perform their necessary tasks.

Two actions to lessen risk from administrative access?

• strictly limit how many users are in the Administrators Group.  AND they should log on as a regular user, then elevate privileges when needed to perform an administrative function.

What is the difference between a backup and synching with Google Drive or Microsoft OneDrive?

• Syncing services such as Google Drive or Microsoft One Drive are not backups because if you delete a file from the local system then that file is also deleted in the cloud.  A backup is a static snapshot of data.

Cryptography – scrambling data so that it looks like babble to anyone except those who know the trick to decoding it

Algorithm (aka Cipher) – a precise set of instructions that tells programs how to scramble and unscramble data

Plaintext – decrypted or unencrypted data

Ciphertext – data that has been encrypted 

Cryptanalysis – attempting to break a cryptographic system and return the encrypted message to plaintext

Substitution - replacement of a character with a different character

• Example: Monoalphabetic ciphers - the same letter is used as a substitute every time.  Ex: Z is used for A for the entire ciphe

Transposition - changing the order of items

• Example: Scytale cipher - Spartans wrapped a ribbon around a cylinder and writing the message across. When unwrapped, the letters would look like garbled text. It was deciphered by using a cylinder of the exact same diameter of the original.

Caesar Cipher (c. 100 BC)

• aka shift cipher

• Caesar’s cipher uses an algorithm and a key:

• algorithm = you offset the alphabet either to the right (forward) or to the left (backward)

• key = how many letters the offset should be

Vigenere Cipher / Polyalphabetic Cipher - substitution based on multiple alphabets, using a system to switch between them. 

Frequency Analysis - This is where we use knowledge about the frequency of letters and groups of letters used in a language and then look for this pattern in the ciphertext.

One-Time Pad - Enigma - Definition: an encryption method in which the pre-shared key is used only once. Capturing or stealing the key is useless since it will not be used again to encrypt.