Cyber Security - Week 2

Personal Security

Covers the major threats present to personal information and the methods to ensure this. In addition to using the Internet at work, people use the Internet for various personal activities, including bank transactions, social networking, and shopping. It is important to ensure the protection of information while browsing and using the Internet.

Insider Hackers

Current employees or former employees with access to a business or organization's system that attempt to penetrate a system without authorization are referred to as these type of hackers. They may want to damage the system or steal information.

Geographical Aspects

Cyber crime is a global issue. It is prevalent in many countries. Leading countries that promote cyber espionage and damage include: Russia, North Korea, Romania, China.

Bring Your Own Device (BYOD)

Exposure from this which is a common practice in many organizations. However, the risks are significant since data is readily available on the devices, so it provides an attractive target. Users frequently do not use the security measures provided on the device and devices are often lost or stolen.

Physical Security

Focuses on the physical threats and security measures in order to ensure the physical protection of data resources. Much sensitive electronic information is stored physically on servers and it is important to ensure that the servers and other IT-service-providing systems are protected from physical intrusions and tampering.

United States Computer Emergency Readiness Team (US-CERT)

Formed in 2003 and serves as a 24-hour operational hub which accepts, triages, and collaboratively responds to cyber incidents. This consists on these supporting branches: Threat Analysis & Information Sharing, Digital Analytics, Operations, Communications, International Operations.

Corporate Espionage

Hackers are hired to infiltrate a business's system to steal confidential information or cause systems damage. The hacking may be performed by someone in another country or within the country of the business. The data may be used by the original hacking organization or sold to another party.

Website Hijacking

Hackers can easily take over a reputable website if it has security flaws, such as unpatched software. Cyber criminals use these sites to spread malware to site visitors and often gather visitor data from unsuspecting visitors.

Nation States

Hackers hired by a government to steal or damage another country's (or business's) data. Cyber warfare is engaged by nation states. This data may be used for their own espionage or cyber war purposes, or it may be sold to another country or organization.

Hacktivists

Hackers that focus on penetration of an entity's system for a non-commercial reason such as a political or environmental cause are called hacktivists. They are generally not after financial gain, but rather creating awareness or disturbance.

National Coordinating Center for Telecommunications (NCC)

Joint industry government operation center which leads and coordinates the initiation, restoration, and reconstitution of national security or emergency preparedness (NS/EP) telecommunications services or facilities under all conditions. They continuously monitors national and international incidents that could impact communication systems.

Cybersecurity Standards and Law

Refer to the different standards in place to protect the various domains of cybersecurity. Additionally, the government has instituted different laws to protect the privacy and security of individuals, corporate and national assets. It is important to have an understanding of the standards and laws in order to effectively implement security measures.

Computer and Application Security

Refers to security threats and protective measures to guard computers and applications from security attacks and breaches. Computer systems encompass different components and it is important to guard the security of these components. Additionally, the software applications that are loaded on computers could have vulnerabilities that can be exploited by hackers in order to compromise systems. Therefore, it is important to ensure computer and application security is maintained at all times.

Data Breaches and Continuity Planning

Refers to the actual intrusions and how an organization prepares and responds to an event. The pertinent question is not if an entity will be a victim of cyber crime, but when and how significant will the intrusion be.

Network Security

Refers to the threats and protection measures used to safeguard information as it is transmitted across the network. Computer networks provide the pathway for moving information from a communication source to the destination. Depending on the proximity of the sender and receiver, the information will need to travel across different areas of the network. It is important to have an understanding of the security threats 2 and protection mechanisms that can be employed to protect the information at all points during its transmission.

Mobile and Wireless Security

Refers to the threats and protection measures used to safeguard information that is transmitted across mobile and wireless networks. With the growth rate in the use of mobile and wireless devices, it has become very important to ensure that the security of information is maintained and protected against attacks. Additionally, information transmitted wirelessly is in open air and is highly susceptible to intrusions.

Internet of Things

Risks due to the rapidly increasing number of "things" that have data storage or transfer ability without security measures. Items are as diverse as baby monitors and building control systems.

PMP: Project Management Professional

The PMP covers five performance domains: • Initiating the project • Planning the project • Executing the project • Monitoring and controlling the project • Closing the project

CCNP +S: Cisco Certified Network Professional + Security

This CISCI certification concentrates on Cisco ASA (mainly), a security implementation on Cisco routers and switches and also Intrusion Prevention Systems. It gives network professionals the tools needed to develop a secure infrastructure. • Securing Networks with Cisco Routers and Switches • Deploying Cisco ASA Firewall Solutions • Deploying Cisco ASA VPN Solutions • Implementing Cisco Intrusion Prevention System

CISSP: Certified Information Systems Security Professional

This certification covers the following ten domains: • Access control • Telecommunications and network security • Information security governance and risk management • Software development security • Cryptography • Security architecture and design • Operations security • Business continuity and disaster recovery planning • Legal, regulations, investigations and compliance • Physical (environmental) security

Comp TIA Security +

This certification focuses on applying knowledge of security concepts, tools and procedures in protecting information assets and responding to security incidents. The certification focuses on the following areas: • Network Security • Compliance and operational security • Threats and vulnerabilities • Application, data and host security • Access control and identity management • Cryptography

SalesForce.com Administrator

This certification helps you to prove the user knowledge in administrating the Salesforce CRM including functions for sales, service, and collaboration clouds.

RHCSA: Red Hat Certified System Administrator

This certification is an entry-level certification that focuses on actual competencies at system administration, including installation and configuration of a Red Hat Linux system and attaching it to a live network running network services.

CEH: Certified Ethical Hacker

This certification is provided by the International Council of E-Commerce Consultants and validates that the CEH has the knowledge to look for vulnerabilities and weaknesses using tools and knowledge in a lawful manner that are similar to the skills and techniques used by a hacker. The CEH focuses attention on the following 19 domains: • Introduction to Ethical Hacking • Footprinting and Reconnaissance • Scanning Networks • Enumeration • System Hacking • Trojans and Backdoors • Viruses and Worms • Sniffers • Social Engineering • Denial of Service • Session Hijacking • Hacking Webservers • Hacking Web Applications • SQL Injection • Hacking Wireless Networks • Evading IDS, Firewalls, and Honeypots • Buffer Overflow • Cryptography • Penetration Testing

CISM: Certified Information Security Manager

This certification provides a common body of knowledge for information security management and it helps to better fusion IT auditing and information security perspective. This requires demonstrated knowledge in four functional areas of information security: Information Security Governance, Information Risk Management and Compliance, Information Security Program Development and Management, Information Security Incident Management.

CASP: CompTIA Advanced Security Practitioner

This certification validates advanced level security skills and knowledge. This certification is designed to build on the elements of the CompTIA Security+ certification. The CASP certification includes the following domains: • Enterprise Security • Risk Management, Policy/Procedure and Legal • Research and Analysis • Integration of Computing Communications, and Business Disciplines

CCNA: Cisco Certified Network Associate

This certification validates the ability to install, configure, operate, and troubleshoot medium-size routed and switched networks.

VCP: VMware Certified Professional

This certification will help you build and recognize the skills and experience required to effectively design. Operate, and evolve the cloud environment.

Script Kiddies

This is a term used for predominantly young males that are experimenting with what systems they can penetrate. Their primary intent is not theft of data or to cause significant damage

Black Market Expansion

This is creating a big market for the selling of illegal data.

Web Security

Refers to the threats and protection measures used to safeguard web communication on the Internet. This includes the protection mechanism that ensures safe transmission of information, including web browser protection and procedures to ensure the information in transit is not tampered with.

NCCIC Operations & Integration (NO&I )

Responsible for planning, coordinating, and integrating capabilities to synchronize analysis, information sharing, and incident management within this branches and activities.

Industrial Control Systems Cyber Emergency Response Team (ICS-CERT)

Works with law enforcement agencies and the intelligence community coordinating efforts among federal, state, local, and tribal governments and control systems owners, operators, and vendors to protect the country's critical infrastructure sectors from any cyber-attack.