BIT 4624 Review

man command

A command used in Linux to display the manual or documentation for any command or tool available in the terminal

What happend with FISA after 9/11

Bush II authorized a secret terrorist surveillance program (TSP) outside of FISA for collecting telephone and internet data to be used in the war on terror.

Emphasizes the security of the data itself, meaning that even if a database is breached, the data might not be of much value to an attacker

Data-Centric Security

Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event

Detect

Failing to identify an actual attack

False negative

Incorrectly identifying normal behavior as an attack

False positive

A security device that monitors and controls incoming and out going network traffic

Firewalls

A technique used to break ciphers by analyzing the frequency of characters or symbols in a cipher tex

Frequency Analysis

Algorithm that takes a block of data and returns a fixed size value.

Hashing

Decoy systems set up to attract and analyze attackers, gathering intelligence on their tactics and techniques

Honeypots

develop an organizational understanding to manage cybersecurity risk to systems, assets, data, and capabilities

Identify

when attackers are operating within the trusted bounds of your infrastructure

In-Network Attackers

When nation-state actors conduct an infrastructure attack, they're attempting to damage one of their country's adversaries by disrupting critical services like power, water, transportation, internet access, medical care and other essential requirements for daily life. Infrastructure attacks are a major component of modern spy craft and warfare.

Infrastructure Attack

New AI Executive Order

International AI unity: 28 countries uniting for responsible AI development. Ethical innovation drive: ensure AI innovation is matched with strong ethical practices

A security system that detects and alerts administrators about potential security breaches in the network

Intrusion Detection System (IDS)

Intrusion Detection vs. Intrusion Prevention

Intrusion Detection detects and alerts about intrusions. Intrusion Prevention Systems detects and actively blocks intrusions in real-time

A security system that actively blocks or prevents malicious traffic in real time.

Intrusion PreventionSystem (IPS)

a command interpreter that allows you to type commands from the keyboard to interact with the operating system kernel

Linux shell

Allows us to quantitatively compare different models. Measures how well a model's predictions match the actual results

Loss function

Why is ML not AI?

ML helps to create the basis of core blocks of AI but it there is much more parts to the make up of AI. AI can achieve near-human-level intelligence

AI vs ML

Machine learning is a subset of Artificial Intelligence

Adware

Malware

Ransomware

Malware

Spyware

Malware

Trojan

Malware

Worm

Malware

IoT Vulnerabilities

Many IoT devices lack adequate security measures ,making them attractive targets for hackers

Nation State Actors

Might look to steal military intelligence, intellectual property, and other types of sensitive information held by government organizations, contractors, and other businesses

describes the universe of models from which we can choose. Types of algorithms (e.g., decision trees, k-NN)

Model family

the broad practice of protecting computer networks and network-accessible endpoints from malice, misuse, and denial

Network security

Allows us to choose the best model in the family. The method of adjusting model parameters tominimize the loss function

Optimization procedure

Outlier vs. Novelty Detections

Outliers are unusual within a known dataset; novelty detection is for detecting entirely new patterns.

do not initiate communication with nodes in the network and do not interact with or modify network data

Passive Attacks

Data used to train a model

Training Data

There is a No "one size fits all" and security in US? (True/False)

True

AI as a Tool

Using the same tools that equip attackers with advanced capabilities can also serve useful in cyber defenses.

A tool for network traffic analysis, capturing and displaying data packets that are transmitted across a network.

Wireshark

What is IoT (Internet of Things)

a network of physical objects that can connect to the internet and exchange data

Why are Virtual Machines (VMs) important?

a powerful tool for all cybersecurity professionals. The terminal allows a user to manipulate files, create users, and run terminal programs to perform certain tasks.

Foreign Intelligence Surveillance Act of 1978 (FISA)

regulates certain types of foreign intelligence collectionincluding certain collection that occurs with compelledassistance from U.S. telecommunications companies.

Removes directories.

rmdir

What kind of security is Steganography

security by obscurity

earliest shell, being developed for UNIX back in the late 1970's

sh (Bourne Shell)

is an improved version of the C Shell. It is the default shell used on FreeBSD systems

tsch

an improved version of the bash shell

zsh (Z Shell)

Pros about Hashing

• Easy to compute • Infeasible to generate • Infeasible to modify • Infeasible to find two different messages

Motivations of a Cyber Criminal

• Financial Gain • Recognition and Achievement • Insider Threats • Political Motivation (Hacktivists) • State Actors • Corporate Espionage

More IoT

• They're cheap • No time for security • Many players and lack of standards • Users forget or lack knowledge to perform firmware updates

NIST Core Framework

•Recover •Identify •Protect •Detect •Respond

What must be met for FISA:

•non-U.S. persons •reasonably believed to be located outside the United States •to acquire foreign intelligence information.

Goals of Cryptography

○ Confidentiality: Ensuring data is accessible only to authorized users. ○ Integrity: Ensuring data has not been altered. ○ Authentication: Verifying the identity of users or systems. ○ Non-repudiation: Preventing the denial of an action or communication.

Caesar Cipher Weakness

The main problem with the Caesar Cipher is that it has an extremely simple key

Importance of Time Series

Time-dependent data used for detecting patterns over time (e.g., detecting abnormal traffic spikes).

Ransomware attacks have risen due to...

- Corporations have consistently been hit hard. - Start seeing more critical infrastructure and municipal services

Ransomware and AI

- Raised skill level -Better use of English language in communications -The skilled actors are now even better. The unskilled actors now have basic skills quickly

AI as a threat

- Use of AI and ML to automate and enhance their capabilities, making attacks more sophisticated and adaptive

Number of ransomware actors is increasing due, How?

- because the barriers to entry are decreasing (through AI) - the operations are scalable (adapt and grow) -improved skillsets

Why is Linux considered to be a good operating system?

- extremely stable (rarely crashes) -very fast -less expensive

Where is Linux Prevalent?

-500 super computers run on some variant of Linux -84% of enterprise business runs on Linux -Linux is used by 71.9% of all the websites whose operating system is known -96.3% of the world's top 1 million websites were powered by Linux -Android phones and Kindles run Linux

A = ? in Caesar Cipher

0

/home/student/ is an example of what kind of path

Absolute Path

Full path from the root directory

Absolute Path

a form of authorization by which you can control which users, roles, or hosts in the organization can access each segment of the network

Access Control

What kind of attacks include breaches, spoofing, pivoting, and denial of service (DoS)

Active

These are nationalistcybercrime outfits with sophisticated levels of expertise andsignificant resources that work to achieve the goals of thegovernment that supports them, undertaking defined operationswith specific goals that forward the objectives of their country

Advanced Persistent Threat (APT)

What is Linux?

An open-source operating system

Uses a public key for encryption and a private key for decryption

Asymmetric

What type of encryption is RSA

Asymmetric

Verifying the identity of users or systems

Authentication

COME BACK TO LANDSCAPE

COME BACK TO LANDSCAPE

Examples of sector specific privacy laws

COPPA: Children's Online Privacy Protection Act FERPA: Family Educational Rights & Privacy Act HIPPA: Health Insurance Portability and Accountability Act

A substitution cipher where each letter in the plaintext is shifted by a certain number

Caesar Cipher

Supervised and groups similar data without labels

Classification

An unsupervised learning method that groups similar data points together based on shared characteristics?

Clustering

Develop and implement the appropriate safegaurds to ensure delivery of services

Protect

A method of encryption that uses quantum mechanics to secure data, promising theoretically unbreakable encryption.

Quantum Cryptography

What attack is preferred by nation-state actors?

Ransomware

Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event.

Recover

What is the difference between Regression and Anomaly Detection?

Regression predicts continuous values, while anomaly detection identifies unusual patterns

../ ia an example of what kind of path

Relative Path

Path relative to the current directory

Relative Path

Develop and implement the appropriate activities to take action regarding a detected cybersecurity event

Respond

big 4" sponsors of APTs

Russia, China, North Korea and Iran

a cybersecurity approach where a system is made excessively large or complex to make it harder for attackers to find and exploit vulnerabilities.

Security by Obesity

writing hidden message in a way that prevents those who don't know that it is there from seeing it

Steganography

What kind of learning is classifying emails as spam or not?

Supervised Learning

What is the difference between Supervised vs Unsupervised Learning?

Supervised learning uses labeled data, unsupervised learning identifies patterns without labels

The same key is used for both encryption and decryption

Symmetric

What type of encryption is AES

Symmetric

an improved version of the sh shell and is one of the most popular shells today. It's the default shell used by most Linux distributions

bash (Bourne-Again Shell)

Displays file contents

cat

Changes directories

cd

was originally developed for BSD UNIX . It uses a syntax that is very similar to C programing

csh (C Shell)

Vigenère Cipher Weakness

frequency analysis due to its repetitive key pattern, allowing attackers to determine the key length, break it into smaller Caesar ciphers

Lists directory contents

ls

What state-sponsored activity is on the rise by Iran

malware and ransomware operations

Displays manual pages for commands.

man

Creates directories

mkdir