The document provides a detailed summary of an introductory cybersecurity course, covering essential concepts such as the definition of cybersecurity, client-server relationships, authorization, and public key architecture. It explores common threats like passive and active attacks, insider threats...
Define Cybersecurity
Openness
Client-server Relationship
Authorization
Discretionary Access control
Non-repudiation
Public key architecture
NIST Cybersecurity Framework
Discussion/ Notes:
What is cybersecurity? Cybersecurity is the practice of protecting systems, networks,
and programs from digital attacks. These cyberattacks are usually aimed at accessing,
changing, or destroying sensitive information; extorting money from users via
ransomware; or interrupting normal business processes.
The term "openness" in the context of cybersecurity refers to the vulnerability of digital
devices to potential attackers. It signifies that all interactions on any digital device
provide a vector or path for potential attackers due to the inherent accessibility of the
Internet. This vulnerability is a fundamental concern in cybersecurity.
In the context of cybersecurity, what is the primary objective of an attacker when
targeting the Authentication process? The primary objective of an attacker when
targeting the Authentication process in cybersecurity is to gain unauthorized access by
assuming a legitimate identity. Attackers use techniques such as masquerading or
spoofing to impersonate someone who has legitimate access credentials. This allows
them to bypass security measures and gain entry to the network or system.
Client-server Relationship: The flow of information from your computer to the destination
What type of attack involves an attacker intercepting and eavesdropping on
communications to compromise Confidentiality?
, An interception and eavesdropping attack is aimed at compromising Confidentiality in
cybersecurity. In this type of attack, the attacker intercepts and eavesdrops on
communication to gain unauthorized access to sensitive information. The goal is to read
and capture data during transmission, potentially exposing it to unauthorized parties.
Authorization: The concept of authorization is that step that occurs after the
authentication and is the right or permission to access a resource. The most common
method of identifying the user is by issuing a token. In UNIX and Linux we refer to this
as the UID or user identifier. Then in Windows, we refer to that token as the SID or
security identifier.
Discretionary Access control: Segregate users according to role, privileges. To include
superusers that could use elevated privileges as required
Non-repudiation: Non-Repudiation is the component of the security model that ensures
that the sender cannot deny sending a message, and the recipient cannot deny having
received it. It provides a declaration and guarantee of the authenticity of the message's
origin and receipt, making it difficult for either party to deny their involvement in the
communication.
Public key architecture: This is the concept that was created to trace the origin of
ownership of data and the implementation of a public key architecture. The problem is,
what is the state of the machine or the device that the keys are being used in? You
cannot guarantee this in my and other opinions. Let me ask you a question.
NIST Cybersecurity Framework
- Identify
- Protect
- Detect
- Respond
- Recover
Summary:
With technology dominating every aspect of our lives, cybersecurity has become an
increasingly pressing concern. There is an increasing need to safeguard our systems
from hackers as the world moves towards digitalization. In order to breach weak
systems, hackers exploit people's openness and vulnerability.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller banizwasman. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $17.89. You're not tied to anything after your purchase.
