BIT 4624 Review
man command
A command used in Linux to display the manual or documentation for any command or tool available in the terminal
What happend with FISA after 9/11
Bush II authorized a secret terrorist surveillance program (TSP) outside of FISA for collecting telephone and internet data to be used in the war on terror.
Emphasizes the security of the data itself, meaning that even if a database is breached, the data might not be of much value to an attacker
Data-Centric Security
Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event
Detect
Failing to identify an actual attack
False negative
Incorrectly identifying normal behavior as an attack
False positive
A security device that monitors and controls incoming and out going network traffic
Firewalls
A technique used to break ciphers by analyzing the frequency of characters or symbols in a cipher tex
Frequency Analysis
Algorithm that takes a block of data and returns a fixed size value.
Hashing
Decoy systems set up to attract and analyze attackers, gathering intelligence on their tactics and techniques
Honeypots
develop an organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities
Identify
when attackers are operating within the trusted bounds of your infrastructure
In-Network Attackers
When nation-state actors conduct an infrastructure attack, they're attempting to damage one of their country's adversaries by disrupting critical services like power, water, transportation, internet access, medical care and other essential requirements for daily life. Infrastructure attacks are a major component of modern spy craft and warfare.
Infrastructure Attack
New AI Executive Order
International AI unity: 28 countries uniting for responsible AI development. Ethical innovation drive: ensure AI innovation is matched with strong ethical practices
A security system that detects and alerts administrators about potential security breaches in the network
Intrusion Detection System (IDS)
Intrusion Detection vs. Intrusion Prevention
Intrusion Detection detects and alerts about intrusions. Intrusion Prevention Systems detects and actively blocks intrusions in real-time
A security system that actively blocks or prevents malicious traffic in real time.
Intrusion PreventionSystem (IPS)
a command interpreter that allows you to type commands from the keyboard to interact with the operating system kernel
Linux shell
Allows us to quantitatively compare different models. Measures how well a model's predictions match the actual results
Loss function
Why is ML not AI?
ML helps to create the basis of core blocks of AI but it there is much more parts to the make up of AI. AI can achieve near-human-level intelligence
AI vs ML
Machine learning is a subset of Artificial Intelligence
Adware
Malware
Ransomware
Malware
Spyware
Malware
Trojan
Malware
Worm
Malware
IoT Vulnerabilities
Many IoT devices lack adequate security measures ,making them attractive targets for hackers
Nation State Actors
Might look to steal military intelligence, intellectual property, and other types of sensitive information held by government organizations, contractors, and other businesses
describes the universe of models from which we can choose. Types of algorithms (e.g., decision trees, k-NN)
Model family
the broad practice of protecting computer networks and network-accessible endpoints from malice, misuse, and denial
Network security
Allows us to choose the best model in the family. The method of adjusting model parameters tominimize the loss function
Optimization procedure
Outlier vs. Novelty Detections
Outliers are unusual within a known dataset; novelty detection is for detecting entirely new patterns.
do not initiate communication with nodes in the network and do not interact with or modify network data
Passive Attacks
Data used to train a model
Training Data
There is a No "one size fits all" and security in US? (True/False)
True
AI as a Tool
Using the same tools that equip attackers with advanced capabilities can also serve useful in cyber defenses.
A tool for network traffic analysis, capturing and displaying data packets that are transmitted across a network.
Wireshark
What is IoT (Internet of Things)
a network of physical objects that can connect to the internet and exchange data
Why are Virtual Machines (VMs) important?
a powerful tool for all cybersecurity professionals. The terminal allows a user to manipulate files, create users, and run terminal programs to perform certain tasks.
Foreign Intelligence Surveillance Act of 1978 (FISA)
regulates certain types of foreign intelligence collectionincluding certain collection that occurs with compelledassistance from U.S. telecommunications companies.
Removes directories.
rmdir
What kind of security is Steganography
security by obscurity
earliest shell, being developed for UNIX back in the late 1970's
sh (Bourne Shell)
is an improved version of the C Shell. It is the default shell used on FreeBSD systems
tsch
an improved version of the bash shell
zsh (Z Shell)
Pros about Hashing
• Easy to compute • Infeasible to generate • Infeasible to modify • Infeasible to find two different messages
Motivations of a Cyber Criminal
• Financial Gain • Recognition and Achievement • Insider Threats • Political Motivation (Hacktivists) • State Actors • Corporate Espionage
More IoT
• They're cheap • No time for security • Many players and lack of standards • Users forget or lack knowledge to perform firmware updates
NIST Core Framework
•Recover •Identify •Protect •Detect •Respond
What must be met for FISA:
•non-U.S. persons •reasonably believed to be located outside the United States •to acquire foreign intelligence information.
Goals of Cryptography
○ Confidentiality: Ensuring data is accessible only to authorized users. ○ Integrity: Ensuring data has not been altered. ○ Authentication: Verifying the identity of users or systems. ○ Non-repudiation: Preventing the denial of an action or communication.
Caesar Cipher Weakness
The main problem with the Caesar Cipher is that it has an extremely simple key
Importance of Time Series
Time-dependent data used for detecting patterns over time (e.g., detecting abnormal traffic spikes).
Ransomware attacks have risen due to...
- Corporations have consistently been hit hard. - Start seeing more critical infrastructure and municipal services
Ransomware and AI
- Raised skill level -Better use of English language in communications -The skilled actors are now even better. The unskilled actors now have basic skills quickly
AI as a threat
- Use of AI and ML to automate and enhance their capabilities, making attacks more sophisticated and adaptive
Number of ransomware actors is increasing due, How?
- because the barriers to entry are decreasing (through AI) - the operations are scalable (adapt and grow) -improved skillsets
Why is Linux considered to be a good operating system?
- extremely stable (rarely crashes) -very fast -less expensive
Where is Linux Prevalent?
-500 super computers run on some variant of Linux -84% of enterprise business runs on Linux -Linux is used by 71.9% of all the websites whose operating system is known -96.3% of the world's top 1 million websites were powered by Linux -Android phones and Kindles run Linux
A = ? in Caesar Cipher
0
/home/student/ is an example of what kind of path
Absolute Path
Full path from the root directory
Absolute Path
a form of authorization by which you can control which users, roles, or hosts in the organization can access each segment of the network
Access Control
What kind of attacks include breaches, spoofing, pivoting, and denial of service (DoS)
Active
These are nationalistcybercrime outfits with sophisticated levels of expertise andsignificant resources that work to achieve the goals of thegovernment that supports them, undertaking defined operationswith specific goals that forward the objectives of their country
Advanced Persistent Threat (APT)
What is Linux?
An open-source operating system
Uses a public key for encryption and a private key for decryption
Asymmetric
What type of encryption is RSA
Asymmetric
Verifying the identity of users or systems
Authentication
COME BACK TO LANDSCAPE
COME BACK TO LANDSCAPE
Examples of sector specific privacy laws
COPPA: Children's Online Privacy Protection Act FERPA: Family Educational Rights & Privacy Act HIPPA: Health Insurance Portability and Accountability Act
A substitution cipher where each letter in the plaintext is shifted by a certain number
Caesar Cipher
Supervised and groups similar data without labels
Classification
An unsupervised learning method that groups similar data points together based on shared characteristics?
Clustering
Develop and implement the appropriate safegaurds to ensure delivery of services
Protect
A method of encryption that uses quantum mechanics to secure data, promising theoretically unbreakable encryption.
Quantum Cryptography
What attack is preferred by nation-state actors?
Ransomware
Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event.
Recover
What is the difference between Regression and Anomaly Detection?
Regression predicts continuous values, while anomaly detection identifies unusual patterns
../ ia an example of what kind of path
Relative Path
Path relative to the current directory
Relative Path
Develop and implement the appropriate activities to take action regarding a detected cybersecurity event
Respond
big 4" sponsors of APTs
Russia, China, North Korea and Iran
a cybersecurity approach where a system is made excessively large or complex to make it harder for attackers to find and exploit vulnerabilities.
Security by Obesity
writing hidden message in a way that prevents those who don't know that it is there from seeing it
Steganography
What kind of learning is classifying emails as spam or not?
Supervised Learning
What is the difference between Supervised vs Unsupervised Learning?
Supervised learning uses labeled data, unsupervised learning identifies patterns without labels
The same key is used for both encryption and decryption
Symmetric
What type of encryption is AES
Symmetric
an improved version of the sh shell and is one of the most popular shells today. It's the default shell used by most Linux distributions
bash (Bourne-Again Shell)
Displays file contents
cat
Changes directories
cd
was originally developed for BSD UNIX . It uses a syntax that is very similar to C programing
csh (C Shell)
Vigenère Cipher Weakness
frequency analysis due to its repetitive key pattern, allowing attackers to determine the key length, break it into smaller Caesar ciphers
Lists directory contents
ls
What state-sponsored activity is on the rise by Iran
malware and ransomware operations
Displays manual pages for commands.
man
Creates directories
mkdir
