BITS AND BYTES - THE FUTURE OF CYBERSECURITY - SENIOR PRELIM

To augment the number of devices and endpoints connected to the network.

To ensure the integrity, confidentiality, and availability of data and network resources against unauthorized access and cyber threats.

To optimize the throughput and latency of network communications.

To minimize the financial expenditure associated with network infrastructure and maintenance.

Adware: Software that automatically displays or downloads advertising material when a user is online.

Viruses, worms, ransomware: Malicious software that can replicate itself, spread across networks, and encrypt user data for ransom.

Trojan horses: Malicious programs disguised as legitimate software that can create backdoors for unauthorized access.

Spyware: Software that secretly monitors user activity and collects personal information without consent.

Neglect regular software updates and patches

Completely disable all security protocols and firewalls

Implement a comprehensive security framework that includes regular software updates, robust antivirus solutions, active firewall configurations, systematic data backups, cautious browsing habits, and thorough training on recognizing phishing attempts.

Download and install software from unverified and potentially malicious sources

Phishing is a type of online shopping that involves deceptive practices.

Phishing is a legitimate marketing strategy that uses targeted advertising.

Phishing is a secure method of data encryption that protects user information.

Phishing is a sophisticated cyber attack aimed at acquiring sensitive information by masquerading as a credible source, often utilizing social engineering techniques and deceptive URLs.

Implement a robust multi-factor authentication (MFA) system that includes biometric verification.

Conduct regular training sessions on advanced email threat detection and response for employees.

Enforce a comprehensive password management policy that includes the use of password managers and regular updates.

Deploy an enterprise-level endpoint protection solution that includes real-time phishing detection capabilities.

Encryption enhances data transmission speeds by compressing data.

Encryption transforms plaintext into ciphertext using algorithms, thereby ensuring data confidentiality and integrity against unauthorized access and tampering.

Encryption serves solely as a mechanism for data storage without affecting data transmission.

Encryption is mainly utilized for creating secure backups of data.

Symmetric encryption employs a single key for both the encryption and decryption processes, whereas asymmetric encryption utilizes a key pair consisting of a public key for encryption and a private key for decryption.

Symmetric encryption is primarily utilized for bulk data encryption due to its speed, while asymmetric encryption is often reserved for secure key exchange and digital signatures.

Asymmetric encryption generally incurs higher computational overhead compared to symmetric encryption, making it less efficient for large data sets.

Symmetric encryption requires secure key distribution methods to ensure confidentiality, while asymmetric encryption mitigates this issue through the use of a public key infrastructure.

Ethical hacking is a form of cybercrime that compromises system integrity.

Ethical hacking is exclusively applicable to multinational corporations with extensive IT infrastructure.

Ethical hacking refers to malicious software deployed by cybercriminals to exploit vulnerabilities.

Ethical hacking involves authorized penetration testing to identify and mitigate security vulnerabilities, playing a vital role in fortifying defenses against cyber threats.

Wireshark - A network protocol analyzer for capturing and analyzing packet data.

Burp Suite - A comprehensive platform for web application security testing.

Kali Linux - A Linux distribution specifically designed for penetration testing and security auditing.

Nmap, Metasploit - Nmap for network discovery and Metasploit for exploiting vulnerabilities.

Preparation, Detection, Containment, Eradication, Recovery, Post-Incident Analysis

Identification, Response Coordination, Communication Strategies, Follow-up Actions, Performance Evaluation

Risk Assessment, Incident Notification, Forensic Analysis, Documentation, Continuous Improvement

Investigation Protocols, Reporting Mechanisms, Mitigation Strategies, Training Programs, Simulation Exercises