Cyse 2023 - Study guides, Class notes & Summaries

How does a spear phishing attack differ from a general phishing attack? whether message has embedded javascript or not size of the message number of targets and custom messages whether message has malware attached or not number of targets and custom messages Is it OK to use the same password for all of our accounts? yes because using different passwords is hard to remember no because a compromise of one account leads to a compromise of all accounts using the same passwo...

Confidentiality Unauthorized users cannot access sensitive information. Integrity Information is complete and corrupted. 00:03 04:10 Availability Authorized users can get to the information or resources. Vulnerability A flaw, weakness, or hole in a system or component. Examples of Vulnerabilities. *Software buffer overflow *System: weak or no password *Comm: no authentication or encryption. Threat Something that exploits a vulnerability to aff...

What is the difference between a stateful packet filtering firewall and a basic packet filtering firewall? A stateful packet filtering firewall tracks sessions between systems For what might we use the tool Kismet? To detect wireless devices 00:46 04:07 What tool mentioned in the text might we use to scan for devices on a network, to include fingerprinting the operating system and detecting versions of services on open ports? nmap Which of the following is not a...

Cybersecurity countermeasures are: the tools and techniques we use to reduce risk One vulnerability in air traffic control system case was unauthenticated messages 00:37 04:10 What does non-repudiation mean? suffuncent evidence exists such taht a user cannot deny an action What is the Parkerian hexad compared to the CIA triad Parkenian has 6 elements including the 3 from the CIA but is not as widely known Why does access control based on the Media Access...

List a vector for malware propagation E-mail Exploit framework It is a category of sets of tools. Most provide a variety of tools such as network mapping tools, sniffers, etc. But one of the main tools we can find in exploit frameworks is the exploit. Exploit Small bits of software that exploit (take advantage of) flaws in other software to cause them to behave in ways that were not intended by the creators. Port Scanner can look for open ports and versions of services t...

Which of the following would not be part of a solution in the Polycom case study? d. Off site backups Which of the following is not true about complex and automatically generated passwords that are unique to each system and are a minimum of 30 characters in length, such as !Hs4(j0qO$&zn1%2SK38cn^!Ks620! ? b. Brute force password crackers will break them as quickly as a 4-digit PIN Which of the following is true regarding the history of cybersecurity as presented in class and the ...

CYSE 101 quiz & lab review(updated 2023 )fully solvedIf we are using an 4-character password that contains only lowercase English alphabetic characters (26 different characters), how many more possible passwords are there if we use a 5-character password (still only lowercase English alphabetic characters? a. 11,424,400 more possibilities b. 26 more possibilities c. Same number of possibilities because still using lowercase English alphabetic characters d. 456,976 more possibilities 11,42...

Which of the following is true regarding the history of cybersecurity as presented in class and the associated document? Advances (firewalls, intrusion detection, encryption algorithms, etc.) often followed attacks or apparent weaknesses How do we know at what point we can consider our environment to be secure? Never; perfect security does not exist Considering the CIA triad and the Parkerian hexad, which of the following is true? Parkerian is more complete but not as widely kno...

Vulnerability vs. Threat A vulnerability is a weakness that can be use to harm us, meanwhile a threat is an entity that seeks to exploit a weakness and harm us. Logical Controls • Passwords • Encrptions • Firewalls • Intrusion Detection Systems • Logical Access Controls Utility usefulness of data Interception attack against confidentiality Concept of defense in depth for layers of confidentiality Data Layers Encryption Access Controls Vulnerabili...

What Kismet used for? Finding wireless access points even when attempts have made it difficult to do so. What is the concept of network segmentation and why do it? Divide networks into subnets. Do this for controlling network traffic. Boost Performance. Troubleshooting network issues. Why is a BYOD policy bad for an enterprise network? Potential for malware to be brought into the network from outside sources is high. Rogue access points. Three main protocols of wire en...