Scribd Logo
Upload

Welcome to Scribd!

  • 22 views

    Module 3

    Uploaded by

    Shubham Sarkar
    This document provides an overview of cyber security topics including hacking, ethical hacking, attack vectors, phishing, penetration testing, vulnerability assessments, social engineering, and insider threats. It defines key terms such as threats, vulnerabilities, and defines different types of hacking, attack vectors, and penetration testing. It also explains the importance of topics like ethical hacking, threat modeling, and remediation efforts to help secure systems and networks from various cyber attacks.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Module 3

    Uploaded by

    Shubham Sarkar
    22 views44 pages
    This document provides an overview of cyber security topics including hacking, ethical hacking, attack vectors, phishing, penetration testing, vulnerability assessments, social engineering, and insider threats. It defines key terms such as threats, vulnerabilities, and defines different types of hacking, attack vectors, and penetration testing. It also explains the importance of topics like ethical hacking, threat modeling, and remediation efforts to help secure systems and networks from various cyber attacks.

    Original Description:

    ok

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides an overview of cyber security topics including hacking, ethical hacking, attack vectors, phishing, penetration testing, vulnerability assessments, social engineering, and insider threats. It defines key terms such as threats, vulnerabilities, and defines different types of hacking, attack vectors, and penetration testing. It also explains the importance of topics like ethical hacking, threat modeling, and remediation efforts to help secure systems and networks from various cyber attacks.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    22 views44 pages

    Module 3

    Uploaded by

    Shubham Sarkar
    This document provides an overview of cyber security topics including hacking, ethical hacking, attack vectors, phishing, penetration testing, vulnerability assessments, social engineering, and insider threats. It defines key terms such as threats, vulnerabilities, and defines different types of hacking, attack vectors, and penetration testing. It also explains the importance of topics like ethical hacking, threat modeling, and remediation efforts to help secure systems and networks from various cyber attacks.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 44

    CYBER SECURITY

    1. What is hacking?

    2. What is Ethical hacking and its purpose?

    3. Types of HAcking?
    4. Advantages and disadvantages of hacking?

    5. Why is ethical hacking important?


    6. Difference between Threat, vulnerability, Attack and Attack vector.

    7. What is a Threat?
    A Threat is a possible security risk that might exploit the vulnerability of a

    system or asset, whether purposefully or unintentionally. The origin of the

    threat may be accidental, human negligence, or human failure. There are various

    types of security threats such as Interruption, Interception, Fabrication, and

    Modification.

    Threats can be divided into three categories −

    a. Floods, storms, and tornadoes are examples of natural disasters.

    b. Unintentional threats, such as an employee accessing incorrect

    information.

    c. Spyware, virus, adware companies, or the activities of a rogue employee

    are all examples of intentional dangers.

    Bugs and malware are classified as dangers because they can hurt your

    firm if you are exposed to a computerized attack rather than one carried

    out by humans. Many firms do cyber threat assessments to determine


    where they should focus their monitoring, protection, and remediation

    efforts. So, if an asset is something you're attempting to protect, a threat

    is something you're trying to avoid.

    8. Scope of Ethical Hacking.

    The main purpose of Ethical hacking is to increase the security of systems


    and networks and defend them against malicious attacks. Cyber security
    attacks and hacking cases increased because of the huge uses of online
    services and online transactions. Because of these increasing attacks, many
    industries like Information technology, and the banking sector are hiring
    Ethical hackers to secure their data and information. Also, in the future, the
    demand for this job role will be higher than any other job role due to an
    increased threat of vulnerabilities.
    9. Type of hackers.
    10.Attack vectors
    11.How do cyber attackers exploit attack vectors?

    12.What is the difference between attack vector and attack surface?

    An attack vector is a path or means by which an attacker or hacker can gain


    access to a computer or network server in order to deliver a payload or
    malicious outcome.
    Attack surface is what is being attacked. An attack surface is the total
    number of attack vectors an attacker can use to manipulate a network or
    computer system or extract data.

    13.What is Phishing?
    14. Types of phishing?

    15.Why is phishing a cyber crime?


    16. 10 of the most common attack vectors.
    17.How to protect devices against common vector attacks?
    18.Enterprise Information Security Architecture (EISA)
    19.What is threat modeling?

    20.How does threat modeling work?


    21.Advantages of threat modeling.

    22.Eg of threat modeling

    23. Which 4 steps make the threat model?

    24.What are the 3 common threat techniques?


    25.Importance of threat modeling

    26.Threat model diagram


    27.Threat modeling process includes 5 steps:

    28.
    29.Disadvantages of threat modeling.
    a. Threat Modeling Process Saturation
    b. Non-monolithic, scaled-up applications
    c. More entry points and trust boundaries that are not recognized
    d. Abuse of authentication tokens
    e. Difficulties breaking down threats and predicting actual risk

    30.What is penetration testing?


    31.What is Vulnerability assessment?
    32. Differences between penetration testing and vulnerability assessments.
    33.Which option is ideal to practice?

    34. Steps of penetration testing.


    6.Repoting
    35. Types of penetration testing.
    36. Areas of pen testing

    37. Types of penetration testing.


    2 types:
    a. Manual penetration testing
    b. Automated penetration testing
    38. Manual vs automated penetration testing.

    39.What is a VAPT tool? Importance.


    40.Penetration testing tools.

    41.Common pen testing mistakes.

    42.Benefits of pen testing


    43.Pen testing vs ethical hacking
    44.Limitations of pen testing

    45.What is remediation?

    46. Benefits of Remediation Efforts in Information Security and Compliance


    a. They help you contain security risks
    b. They prevent financial losses to your organization
    c. They help you gain the trust of your customers
    d. They can help you address cybersecurity risks in real-time
    47.When to perform pen testing?

    48.Web application testing

    49. Types of vulnerability assessment


    50.Types of vulnerability assessment
    51.What is social engineering

    52.Social engineering life cycle.


    53.Social engineering attack techniques

    1.Baiting

    2.Scanware

    3. Pretext
    4. Phishing (pg 9)

    5. Spear phishing
    54.Social engineering prevention
    55.What is an Insider attack?

    56. Prevent Insider threats

    You might also like