CyberS C1

Question 1

What is Cybersecurity?

Answer 1

Cybersecurity is the practice of protecting computer systems, networks, and data from digital threats, attacks, and unauthorized access

Question 2

What are the responsibilities of businesses in the cybersecurity world regarding data?

Answer 2

Businesses in the cybersecurity world have the responsibility to collect and harness the power of data and analytics. They must protect this data from misuse and unauthorized access to ensure the growth of data creates opportunities for cybersecurity specialists.

Question 3

What risks are associated with the growth of data collection and analytics in the cybersecurity domain?

Answer 3

The growth in data collection and analytics poses risks to individuals and modern life if precautions are not taken to protect sensitive data from criminals or others with harmful intent.

Question 4

Differentiate between white hat, gray hat, and black hat attackers

Answer 4

White hat attackers break into networks to improve security, gray hat attackers may report vulnerabilities Matching with their agenda, while black hat attackers violate security for personal gain or malicious reasons

Question 5

What are the motives of script kiddies, vulnerability brokers, and hacktivists in the realm of cybersecurity?

Answer 5

Script kiddies, often teenagers or hobbyists with limited skills, engage in pranks and vandalism. Vulnerability brokers are grey hat hackers discovering exploits for rewards, and hacktivists protest against political or social ideas through various means.

Question 6

Provide examples of different types of cyber criminals and their motives

Answer 6

Cyber criminals come in various forms, such as script kiddies engaging in pranks, vulnerability brokers seeking exploits, hacktivists protesting against organizations, and state-sponsored hackers involved in espionage and sabotage

Question 7

What factors contribute to the spread and growth of cybercrime?

Answer 7

Spread || unproctected data and a lack of CyberS meassures

Growth || a growth a tech incing attack surfaces and a connectivity and dependence of Digital sys

Question 8

Analyze the efforts committed to expanding the cybersecurity workforce

Answer 8

Organizations and efforts are dedicated to expanding the cybersecurity workforce, reflecting the recognition of the importance of skilled professionals in addressing the challenges in the cybersecurity domain

organization and efforts reflect the recognition of the importance of skilled professionals in addressing the challenges in the CyberS domian

Question 9

Provide examples of Information Security Management Standards

Answer 9

Information Security Management (ISM) Standards, such as ISO 27000, offer a framework for implementing cybersecurity measures within organizations

Question 10

How do new laws contribute to cybersecurity efforts, and can you name a few examples?

Answer 10

New laws, tracked by groups like ISACA, address cybersecurity, ranging from individual privacy to the protection of intellectual property. Examples include the Cybersecurity Act, Federal Exchange Data Breach Notification Act, and the Data Accountability and Trust Act

Question 11

Define the term “cyber vulnerability’’

Answer 11

A cyber vulnerability is a weakness that makes a target vulnerable to an attack in the cybersecurity domain

Question 12

List some examples of data sources that can be targeted by cyber criminals

Answer 12

Examples include personal information, medical records, education records, employment, and financial records

Question 13

Explain the threats associated with network services like DNS, HTTP, and online databases

Answer 13

Cyber criminals often target network services like DNS and use packet-sniffing tools to capture data streams. Rogue devices, such as unsecured Wi-Fi access points, and packet forgery are common techniques

Question 14

Differentiate between internal and external security threats

Answer 14

Internal security threats originate from within an organization, potentially causing greater damage due to direct access and insider knowledge. External threats, from amateurs or skilled attackers, exploit vulnerabilities or use social engineering to gain access

Question 15

What challenges do mobile devices pose in terms of cybersecurity, and why is Bring Your Own Device (BYOD) a growing trend?

Answer 15

Mobile devices, including BYOD, pose challenges in central management and updates, becoming a growing threat as more people use them to access enterprise information

Question 16

How does the emergence of the Internet of Things (IoT) impact cybersecurity efforts?

Answer 16

The IoT, connecting billions of devices to the Internet, increases the amount of data needing protection. Users accessing devices remotely and the expanded storage capacity through the Cloud lead to exponential growth, requiring enhanced cybersecurity measures

Question 17

How does the National Institute of Standards and Technologies (NIST) address the shortage of cybersecurity specialists in the U.S.?

Answer 17

NIST created a framework that helps companies and organizations identify major responsibilities, job titles, and workforce skills needed for cybersecurity professionals. The framework categorizes cybersecurity work into seven categories, covering areas such as operation, maintenance, protection, investigation, collection, analysis, oversight, and development.

Question 18

What are the seven categories of cybersecurity work within the Workforce Framework?

Answer 18

1. Operate and Maintain
2. Protect and Defend
3. Investigate
4. Collect and Operate
5. Analyze
6. Oversight and Development
7. Securely Provision

Question 19

How can individuals build and practice the skills necessary to become cybersecurity specialists?

Answer 19

Individuals can participate in online cybersecurity communities, collaborate with professional colleagues, join cybersecurity student organizations, and take part in cybersecurity skills competitions

Question 20

What are the benefits of participating in online cybersecurity communities?

Answer 20

Cybersecurity specialists can collaborate with professional colleagues, explore resources, and stay updated on industry trends through international technology organizations’ sponsored workshops and conferences

Question 21

Name two cybersecurity certifications and briefly describe their focus

Answer 21

(ISC)^2 Certified Information Systems Security Professional (CISSP): Suitable for cybersecurity specialists with technical and managerial experience, globally recognized, and approved by the U.S. Department of Defense.

2. ISACA Certified Information Security Manager (CISM): For cybersecurity specialists responsible for managing, developing, and overseeing information security systems at the enterprise level.

CISSP: Globally recognized certification for cybersecurity specialists with technical and managerial experience, approved by the U.S. Department of Defense.

CISM: Ideal for cybersecurity specialists overseeing and managing enterprise-level information security systems.

Question 22

What are the different types of Tools for Thwarting crimes

Answer 22

Vulnerability DataBases - CVE (Public DB of all known vulnerabilities)

Earley waring Sys - HoneyNet Project (Project providing a honeymap which displays real-time visualization pof attacks)

Shared Cyber Intelligence - InfraGard (Partnership between FBI and Private sectors)

ISM standrads - ISO 27000 (Framework implementing cybers messures)

New Laws - ISACA (provides laws to safdeguard data such laws as Cyber Act Law )