FOCUS MODE
EXTRACT IOC
0Trash

College Cybersecurity Notes Module 2 The Security Environment

iocOne
College Cybersecurity Notes Module 2 The Security Environment
This guide covers essential cybersecurity concepts, including definitions of cybercrime, the principles of cybersecurity, types of threats, vulnerabilities, and secure software development practices. Understanding these elements is crucial for organizations and individuals to strengthen their defenses against increasing cyber threats. Affected: Cybersecurity sector, organizations, individuals

Keypoints :

  • Cybercrime includes illegal activities performed using computers or the internet, such as hacking and phishing.
  • Cybersecurity is vital for protecting computers, networks, and data from threats, ensuring confidentiality, integrity, and availability.
  • Core cybersecurity principles include the CIA triad and the IAAA model: Identification, Authentication, Authorization, and Accountability.
  • Threat types include hacking, social engineering, and malware, sourced from various actors including nation-states and hacktivists.
  • Vulnerabilities arise from factors like unpatched software and weak passwords, potentially exposing systems to attacks.
  • Advanced Persistent Threats (APTs) are long-term cyberattacks by sophisticated attackers and require specific protection strategies.
  • Cryptography employs symmetric, asymmetric encryption, and hashing to secure data transmission and authenticity.
  • Access control mechanisms like DAC, MAC, and RBAC govern user permissions to enhance security.
  • Secure software development involves best practices such as integrating security in CI/CD pipelines and regular testing.

MITRE Techniques :

  • MITRE ATT&CK ID: T1086 – PowerShell: The use of PowerShell to automate tasks and perform actions.
  • MITRE ATT&CK ID: T1193 – Spear Phishing: Using deceptive emails to trick users into revealing sensitive information.
  • MITRE ATT&CK ID: T1203 – Exploitation for Client Execution: Exploiting vulnerabilities in client applications to execute malicious code.
  • MITRE ATT&CK ID: T1071 – Application Layer Protocol: Using application layer protocols for command and control.
  • MITRE ATT&CK ID: T1059 – Command-Line Interface: Leveraging command-line interfaces for executing commands and scripts.

Indicator of Compromise :

  • [Domain] example.com
  • [URL] http://malicious.com/path
  • [Email] attacker@example.com
  • [SHA-256] e38ad214943daad1d64c102faec29de4afe9da3d4
  • [IP Address] 192.168.1.1

Full Story: https://systemweakness.com/college-cybersecurity-notes-module-2-the-security-environment-a2a13cb9b777?source=rss——cybersecurity-5

Tags: BLOCKCHAIN, PHISHING, RECONNAISSANCE, BACKDOOR, EXFILTRATION, PERSISTENCE, PENETRATION, APT