Sec+ Chapter 1 Intro to Security
Cybercriminals
Individuals who launch attacks against other users and their computers IOT steal information or generate income.
What are the different types of hackers?
- Black hat hacker (hack for personal gain) - White hat hacker (hack with an organization's permission IOT find vulnerabilities) - Grey hat hacker (hack not for personal gain, solely to piss off an organization to prove a point)
Federal and state laws that protect the privacy of electronic data
- HIPAA (Health Insurance Portability and Accountability Act) - Sarbox (Sarbanes-Oxley Act) - GLBA (Gramm-Leach-Bliley Act) - PCI DSS (Payment Card Industry Data Security Standard) - California's Database Security Breach Notification Act
Information technology assets
- Information - Customized business software - System software - Physical items - Services
5 Fundamental Security Principles
- Layering (provides the most comprehensive protection) - Limiting (access must be restricted to a bare minimum) - Diversity (having different layers of security so one technique won't work at the next layer) - Obscurity (do not reveal what OS, protection type, computer systems, etc. you are using) - Simplicity (make your security system user friendly, so troubleshooting is easy)
Steps of a Cyber Kill Chain
- Reconnaissance (gain info on a target) - Weaponization (produce an exploit [virus] based off info gathered from recon) - Delivery (transmit the exploit to the target) - Exploitation (generally targets an app or OS vulnerability) - Installation (weapon is installed to either attack or create a "back door" to access a system) - C2 (remotely controlling the system) - Actions on Objective (attackers begin to take actions to achieve their ultimate goal)
Cybercrime categories
1st: focuses on individuals and businesses 2nd: focuses on businesses and governments
What is an exploit kit?
A tool that Script Kiddies can rent or purchase from other attackers to easily craft an attack.
Describe APT
Advanced Persistent Threat. Multiyear intrusion campaigns conducted by well-resourced and trained cybercriminals. Their advanced tools and techniques can defeat many conventional computer defenses.
Cyberterrorism
Any premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against noncombatant targets by subnational groups or clandestine agents.
Information Security Terminology
Asset (an item that has value) Threat (a type of action that has potential to **** shit up) Threat agent (the person or element that has the power to carry out a threat) Vulnerability (a flaw or weakness that allows a threat to bypass security) Threat likelihood (probability that a threat will occur) Risk (situation that involves exposure to some type of danger)
Brokers
Attackers who uncover vulnerabilities in a network and sell their knowledge to the highest bidder or even governments.
What is another set of protections that must be implemented
Authentication, Authorization, Accounting (AAA)
What are the three protections that must be extended over information?
Confidentiality, Integrity, and Availability (CIA)
Difference between Cyberterrorists and Hactivists
Cyberterrorists launch attacks against foreign nations to incite panic, hactivists simply attack certain websites or groups IOT make a statement against those who oppose their beliefs.
Define Availability in regards to Information Security
Ensures that data is accessible to authorized users
Define confidentiality in regards to Information Security
Ensures that only authorized parties can view information
Define Authentication
Ensures that the individual is who he/she claims to be and not a little imposter bitch
Define integrity in regards to Information Security
Ensures that the information is correct and no unauthorized person or malicious software has altered the data.
What is a State Sponsored Attack?
Governments use this to launch computer attacks against their foes. They target foreign governments or even citizens deemed hostile or threatening.
What is a Script Kiddie?
Individuals who want to attack computers yet they lack the knowledge of computers and networks to do so.
Insiders
Internal threats. Your own disgruntled peeps. Identify these people and whoop ass.
Hactivists
Normally engage in attacks as a means of protest or to promote a political agenda or just retaliate.
What are the information security layers?
Products (form the security around the data) People (those who implement and properly use security products to protect data) Policies and Procedures (plans and policies established by an organization to ensure that people correctly use the products)
Define Accounting
Provides tracking of events.
Define Authorization
Providing permission or approval to specific technology resources.
What options are available to deal with risks?
Risk avoidance (knowing the risk and deciding not to engage in the activity) Acceptance (IDGAF, do it anyways) Mitigation (making the risk less serious) Deterrence (warnings of what will happen if your shit is attacked) Transference (transferring risk to a third party i.e. insurance)
Information Security
That which protects the integrity, confidentiality, and availability of information on the devices that store, manipulate, and transmit the information through products, people, and transmit the information.
Cyberterrorists
These D-bags have ideological motivation. They attack for the sake of their principles or beliefs.
How do Script Kiddies hack?
They download automated attack software (scripts) from websites and use it to perform malicious acts.
Identity Theft
Thwarting. Involves stealing another person's personal information and then using the information to impersonate the victim (You are not you, you are me!)
What is the goal of Information Security?
To ensure that protective measures are properly implemented to ward off attacks and prevent the total collapse of the system when a successful attack does occur.
