Notes
.pdf
School
University of Illinois, Chicago**We aren't endorsed by this school
Course
CS 458
Subject
Computer Science
Date
Dec 20, 2024
Pages
3
Uploaded by j1929
CS 458: Introduction to CybersecurityWeek 1: Overview of Cybersecurity1. What is Cybersecurity?●Definition: The practice of protecting systems, networks, and programs from digitalattacks.●Goals of Cybersecurity:○Confidentiality: Ensuring that information is not disclosed to unauthorizedindividuals.○Integrity: Protecting information from being altered by unauthorized parties.○Availability: Ensuring authorized users have access to information and systemswhen needed.2. Why is Cybersecurity Important?●Threats and Risks:○Financial losses (e.g., ransomware attacks).○Loss of sensitive data (e.g., personal, business, government).○Damage to reputation and trust (e.g., data breaches like Equifax 2017).●Statistics:○Global cost of cybercrime is projected to reach $10.5 trillion annually by 2025(Source: Cybersecurity Ventures).3. Types of Cybersecurity Domains1.Network Security:○Protecting data transmitted over networks.○Techniques: Firewalls, Intrusion Detection Systems (IDS), VPNs.2.Application Security:○Securing software applications to prevent exploitation.○Techniques: Secure coding practices, software updates.3.Endpoint Security:○Protecting devices connected to the network (e.g., laptops, IoT devices).○Tools: Antivirus, Endpoint Detection and Response (EDR).4.Data Security:○Protecting data at rest, in transit, and in use.○Tools: Encryption, Data Loss Prevention (DLP).
5.Operational Security:○Managing and protecting processes and protocols.○Example: Least privilege principle.6.Disaster Recovery & Business Continuity:○Ensuring the ability to recover from incidents and maintain operations.4. Common Cyber Threats1.Malware:○Types: Viruses, worms, ransomware, spyware.○Example: WannaCry ransomware attack (2017).2.Phishing:○Social engineering attacks to steal sensitive information.○Example: Fake emails from "trusted" sources.3.Man-in-the-Middle (MitM) Attacks:○Interception of communication between two parties.4.Denial-of-Service (DoS) Attacks:○Overwhelming a system to make it unavailable.○Example: Distributed DoS (DDoS) using botnets.5.Zero-Day Exploits:○Attacks targeting vulnerabilities before they are patched.5. Key Principles in Cybersecurity1.Defense in Depth:○Using multiple layers of security controls.2.Least Privilege:○Granting users only the access necessary to perform their tasks.3.Risk Management:○Identifying, analyzing, and mitigating risks to acceptable levels.4.Security by Design:○Incorporating security measures into systems during the development phase.6. The Role of Cybersecurity Professionals●Job Roles:○Security Analyst○Penetration Tester (Ethical Hacker)○Network Security Engineer
○Incident Response Specialist●Tools:○Wireshark, Nmap, Metasploit, Burp Suite.●Certifications:○CompTIA Security+, CISSP, CEH, OSCP.7. Current Trends in Cybersecurity●Increasing use ofArtificial Intelligence (AI)for threat detection.●Growth inIoT Securitydue to widespread device usage.●Emphasis onZero Trust Security Models.●Proliferation ofCloud Securityas organizations migrate to cloud platforms.