On completing this course, you will be able to:
Welcome to this module, which aims to help you understand the growing need for cybersecurity.
Faced with an unprecedented surge in cyber attacks, never before has the demand for cybersecurity professionals been so high.
Find out more about what cybercriminals want and what you can do to ensure that a cyber threat never becomes a reality.
Cybersecurity is the ongoing effort to protect individuals, organizations and governments from digital attacks by protecting networked systems and data from unauthorized use or harm.
What level of cyber protection does each of the following factors require?
Which of the following pieces of information would be classified as personal data?
Your neighbor tells you that they don't have an online identity. They have no social media accounts and only use the Internet to browse. Is your neighbor right?
Which of the following methods can be used to ensure confidentiality of information?
What are the foundational principles for protecting information systems as outlined in the McCumber Cube?
Why might internal security threats cause greater damage to an organization than external security threats?
Which of the following is a key motivation of a white hat attacker?
Can you identify the cyber attacker type from the following descriptions?
Which of the following statements describes cyberwarfare?
An employee is laid off after fifteen years with the same company. The employee is then hired by another company within a week. In the new company, the employee shares documents and ideas for products that the employee proposed at the original company.
Even though the employee was laid off, the employee probably signed a Non-Disclosure Agreement (NDA) with the original company. Any work or idea developed at the original company, regardless of who proposed the idea, is still the property of the original company. Depending on the level of severity of the breach, this could result in legal action.
Answer: unethical
During a meeting with the Marketing department, a representative from IT discusses features of an upcoming product that will be released next year.
Both the employee and the manager are within the same department and company so this behavior would be ethical.
Answer: ethical
An employee is at a restaurant with friends and describes an exciting new video game that is under development at the company the employee works for. Is the behavior of the employee ethical or unethical?
It is not ethical to share a confidential product idea before it is released. Describing the game to a group of friends outside the company could leak the idea and jeopardize the new product offering.
Answer: unethical
Alicia, a company employee, has lost her corporate identification badge. She is in a hurry to get to a meeting and does not have time to visit Human Resources to obtain a temporary badge. You lend her your identification badge until she can obtain a replacement.
Employees should never give their credentials to another employee, regardless of the situation or the familiarity with the other employee. Once your credentials are out of your sight, you have no idea what they are being used for.
Answer: unethical
An employee points out a design flaw in a new product to the department manager.
Both the employee and the manager are within the same department and company so this behavior would be ethical.
Answer: ethical
Which method is used to check the integrity of data?
A checksum value of a block of data is calculated and transmitted with the data. After the data is received, the checksum hashing is performed again. The calculated value is compared with the transmitted value to verify the integrity of the data.
Answer: checksum
What is a reason that internal security threats might cause greater damage to an organization than external security threats?
Internal threats have the potential to cause greater damage than external threats because internal users have direct access to the building and its infrastructure devices. Internal users may not have better hacking skills than external attackers. Both internal users and external users can access the network devices through the Internet. A well designed security implementation should require authentication before corporate data is accessed, regardless of whether the access request is from within the corporate campus or from the outside network.
Answer: Internal users have direct access to the infrastructure devices.
What is another name for confidentiality of information?
Privacy is another name for confidentiality. Accuracy, consistency, and trustworthiness describe integrity of data.
Answer: privacy
What is an example of “hacktivism”?
Hacktivism is a term used to describe cyberattacks carried out by people who are considered political or ideological extremists. Hacktivists attack people or organizations that they believe are enemies to the hacktivist agenda.ee and the manager are within the same department and company so this behavior would be ethical.
Answer: A group of environmentalists launch a denial of service attack against an oil company that is responsible for a large oil spill.
What is the motivation of a white hat attacker?
White hat attackers break into networks or computer systems in order to discover weaknesses for the purpose of improving the security of these systems. These break-ins are done with permission from the owner or the organization. Any results are reported back to the owner or the organization.oyee and the manager are within the same department and company so this behavior would be ethical.
Answer: discovering weaknesses of networks and systems to improve the security level of these systems
What three items are components of the CIA triad? (Choose three.)
The CIA triad contains three components: confidentiality, integrity, and availability. It is a guideline for information security for an organization.
Answer: integrity, availability, confidentiality
Which statement describes cyberwarfare?
Cyberwarfare is an Internet-based conflict that involves the penetration of the networks and computer systems of other nations. Organized hackers are typically involved in such an attack.
Answer: It is Internet-based conflict that involves the penetration of information systems of other nations.
Match the type of cyber attackers to the description.
Make political statements in order to create an awareness of issues that are important to them.
hacktivists
Match the type of cyber attackers to the description.
Gather intelligence or commit sabotage on specific goals on behalf of their government.
state-sponsored attackers
Match the type of cyber attackers to the description.
Make political statements, or create fear, by causing physical or psychological damage to victims.
terrorists
What are three methods that can be used to ensure confidentiality of information? (Choose three.)
Methods including data encryption, username ID and password, and two factor authentication can be used to help ensure confidentiality of information. File permission control, version control, and backup are methods that can be used to help ensure integrity of information.
Answer: data encryption, two factor authentication, username ID and password