CYB 203

    avatar
    Created by
    Mo_hadi27

    Cards (15)

    • Cybersecurity is the protection of computer systems, data and networks from unauthorized access with the aim ensuring confidentiality, integrity and availability of information
    • Cybersecurity Fundamentals(CIA triad):
      1. Confidentiality: This is the protection of sensitive information from unauthorized access.
      2. Integrity: This is the assurance that sensitive information/ data remains accurate, unaltered and trustworthy throughout its lifecycle.
      3. Availability: This is ensuring that information can be easily accessed by authorized users only
    • A cybersecurity attack is a deliberate compromise of a computer system, data or networks with the sole aim of stealing information, disrupting normal operation or to cause damage
      Types of Cyberattack:
      1. web based attack
      2. system based attack
    • Injection Attack

      An attack where data or a malicious code is injected into a computer system or network to compromise or manipulate its functionality or to steal information
      View source
    • Dictionary attack
      An attack where an attacker gets a list (dictionary) of password and keeps on trying until the right password
      View source
    • Man-in-the-middle
      An attack where a third party intervenes a communication between two parties without their knowledge to steal information, often to eavesdrop, or to inject malicious content
      View source
    • Phishing
      An attack where attackers impersonate trustworthy entities with the purpose of tricking users into providing sensitive information
      View source
    • Protocol attacks

      Attacks that exploit the vulnerabilities in the protocols used in a network or computer system
      View source
    • Session Hijacking
      An attack where an attacker takes over an active session between a user and a computer system or network
      View source
    • Brute force
      An attack where attackers try to gain unauthorized access by trying to guess encrypted keys, password or personal identification number until it is found
      View source
    • DNS spoofing
      A cyberattack whereby the Domain Name System is manipulated to a different IP address thereby leading the user to a malicious site which makes their system vulnerable to attackers
      View source
    • Web-Based Attack
      An attack that takes place over the internet
      View source
    • URL interpretation
      A type of attack where the URL is manipulated to gain unauthorized access or steal information
      View source
    • File inclusion attack
      An attack where an attacker makes use of the vulnerabilities that are in a web application with the sole purpose of planting malicious file or script
      View source
    • Denial-of-Service
      An attack where the normal functioning of a network or computer system is disrupted by overwhelming it with traffic or requests
      View source
    See similar decks