My name is Michelle Ayaim. I am a freshman at Old Dominion University in Norfolk , Virginia. I am a black young girl and I am 19 years old. I live in Alexandria, Virginia and I’m from West Africa, Ghana. I love computers, playing games and listening to music. I am a Cybersecurity major.

E-Portfolio this is everything I learned in CYSE 200T

First of all, framework provides organized procedures for managing cybersecurity risk. 

Cybersecurity frame work are set of standards methodologies and process that are prioritized  as  flexible and cost effective that align  with the protection and resilience of businesses.  With the framework in place it becomes easier to define the procedures that can organization must take to monitor and assess  Cybersecurity risk. There are many examples of Cybersecurity frameworks, some are the NIST Cybersecurity framework.

Cybersecurity frameworks are used because:

  • it makes works easier
  • flexible and scalable

There are basically 5 core of  NIST’s Cybersecurity framework and they are the Identify, Protect, Detect, Response and Recover.

  • Identity
  • Protect
  • Detect
  • Response 
  • Recover

The IDENTITY function helps in developing an organizational understanding to control cybersecurity risk to systems, people and data. 

The PROTECT function configures proper protection to ensure distribute of critical services. The protect role supports the ability to limit  the impact of a possible cybersecurity events.

The DETECT function defines the right activities to identify the incidents of a cybersecurity event. The Detect role enables appropriate  disclosure of cybersecurity events.

The RESPOND function contains appropriate activities that takes actions concerning  identified cybersecurity incident. The Respond role supports the ability to contain the impact of a possible cybersecurity incident.

The RECOVER function identifies good activities to restore any  services that were harmful due to a cybersecurity incident. The Recover role supports the recovery to reduce the impact from a cybersecurity incident.

Cybersecurity frameworks is for organizations of all sizes, maturity and sectors.

There are three members of the information security triad and they are; Confidentiality, Availabity and Intergrity.

  • Firstly, Confidentiality is one of the security that prevents an an unintended disclosure. In other words, it can be seen as a set of rules that limit access to information. 
  • Next, Availability refers how accessible information  is to authorized users. Basically it ensures that only authorized individuals can access information.
  • Nonetheless, Intergrity also prevents unauthorized restrictions. Howerever, it make sure that having this information guarantees that it is accurate and reliable.

Q2. Authentication however means a proof of indentification anyhow using passwords and other methods, it is possible to ensure that the computer is only used by the person they claim to be. 

Q3.  Multi-factor authentication verifies a user’s identity, such as login credentials or other transactions, multi-factor authentication is a security system that involves using one, two, or three factors of authentication. For instance, lets take a scenario of logging into your online banking account a code will be sent to your phone to authenticate yourself.

Q4. Role Based Access Control  allows authorized users to access an account in a secure manner and it organizes users according to their roles based on their jobs and  tasks to grant access. However, each role has its own set of rights and permissions.

Q5. Primarily encryption happens when  plain text can be encoded in an unreadable form  known as cypher text in order to prevent it from being read by other computers. Encrytion is used to protect privacy and non-disclosure informations.

Q6. Pretexting happens when an attacker pretends to be an authorized user who is having difficulties logging into the system and calls the help desk. This happens to be a threat in the Cyber Security landscape because hackers seem to have so many difference ways to attack highly secured informations.

Q7. There are three components of a good backup plan and they consist of ; Backups and Arching, Business Continuity and Disaster recovery. The point of backups is to fabricate a duplicate data which can be retrieve when a primary data failure occurs. 

Q8. Firewall is a  hardware device that analyzes incoming and outgoing network traffic and builds a barrier to block viruses and attackers based on organized criterias.

Q9. There are five (5) types of firewalls which consist of;

  1. Packet filtering firewall are installed at the places where equipment like routers and switches perform their functions.
  2. Circuit-level gateway
  3. Proxy firewall serves as the only point of entry and exit of the network.
  4. Stateful inspection firewall provides higher security than packet filtering, while at the rate of network performance.
  5. Next-generation firewall 

Q10. Physical security is the preservation of hardware, software, networks and the physical actions that causes a major harm to other institutions. Thereby, it protects cybersecurity by reducing who has to access to places where data are kept.

Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data like personally identifiable information, banking and credit card details, and passwords. That information is then used to access important accounts and can result in identity theft and financial loss.

Moreover, phishing is often used to gain a foothold in corporate or governmental networks as a part of a larger attack like an advanced persistent threat (APT) event. In this latter scenario, employees are compromised in order to bypass security perimeters, distribute malware inside a closed environment, or gain privileged access to secured data.

There are some common features of phishing emails, and they are;

  • Too good to be true. These emails are eye-catching and have attention grabbing statements that are designed to attract people’s attention immediately. For example, many claim that you have won an iPhone, a lottery, or some other lavish prize. Just don’t click on any suspicious emails. Remember that if it seems too good to be true, it probably is!
  • Sense of urgency.
  • Hyperlinks.
  • Attachments
  • Unusual senders. It looks like someone you don’t know or someone you do know, if anything seems out of the ordinary or suspicious in general don’t click it.

Phishing can be prevented even though hackers are constantly coming up with new techniques. There are some things that  you can do to protect yourself and your organization.

https://www.phishing.org/what-is-phishing

When starting a small business you need capital, employees, equipment, and building. Small businesses have limited resources so they have to use what they have and use them profitably. Small businesses can shut down at any time without notice so a small business owner always needs to have a backup plan to keep the business flowing smoothly as well as keep the money coming in. Small businesses face a ton of challenges. Small businesses do not have a chain of different businesses, so they are not as popular as the big booming businesses. Small businesses do not have stable security systems because they don’t have a lot of money to work with. Most of the small businesses are privately owned. Small businesses have high risks for cyber-attacks. They fall for phishing very easily because of their minimum resources. They need antivirus software to help them be less likely to fall for a phishing attack or any other cyber-attack instance. Small businesses are vulnerable when it comes to viruses and malware because they do not always have enough money to be able to afford top of the line anti-malware software. There are tons of different free ways for small businesses to get free software to help them along until they can afford some decent applications for antiviral protection. Sometimes small business owners take out a business loan in hopes of making enough money to be able to have profit and also pay back the loan. The loans always have interest on them because the loaners must be able to make profit from loaning out money. There are a ton of challenges for small businesses, and they must deal with the struggles the best way they can. 

SCADA security is a process of protecting supervisory control and data acquisition (SCADA) networks, which serve as a basic system for control systems used in factories. SCADA systems include Supervisory Computers and a number of other devices, the most important of which are Programmable Logic Controllers (PLCs) and Remote Transmission Units (RTUs). PLCs and RTUs each play a role in the local management of more specific sub-processes. PLCs have sensors and devices that collect commands from and send the information to other SCADA system components.

SCADA security threats affect all of us, from huge companies to the state and federal government. They include; hackers, malware, inside error, technical malfunction, service denial and terrorists. 

Suspicious people or groups with the goal of getting access to sensitive materials in SCADA networks. These hackers could be a part of a federal plan to conduct cyber warfare. 

Secondly, computer viruses, spyware, and other programs don’t always target SCADA networks. Since malware doesn’t always target specific networks, they still represent a risk to the activity of critical infrastructure. Hackers, on the other hand, are targeting systems with some of the same common weaknesses. They may include; challenges with monitoring, lack of maintenance, exposure over the internet,  lack of training, lack of encryption  etc. 

SCADA is almost certainly vulnerable to the same cyber threats as our information systems, but as SCADA expands, it makes new vulnerabilities, causing us to face even more attacks every day. As a result, no one designed SCADA systems with built-in cyber security.

Firstly, Cyber-harassment is more than just being mocked; it’s a type of behavior intended to humiliate, threaten, or scare the people who are being harassed. It’s illegal, and it’s certainly not OK. People who experience cyber harassment go through situations like without your permission, someone may share images or videos of you, or even leak false rumors about you.

Moreover, cyber stalking is more like you’re being followed by someone who keeps contacting you, emailing or even messaging you on any kind of internet site and it makes you feel terrified and irritated.

The real question here is how do these people get to worry others online? They do it with the help of technology. What then is technology? Technology refers to tools and machines that connect to the internet and make work easier, faster, and more productive. It also improves and enables faster communication.

Despite the fact that new inventions have great positive effects in our lives, the sometimes neglected implications are terrifying. 

Some positive effects of technology through appropriate behavior because it impacts health, it promotes business, politics, education and society and vice versa. 

So, do you think technology has a positive or harmful impact on society?

It’s not as straightforward as that, as you might imagine. Technology has always had both huge advantages and serious disadvantages.

Although there are some disadvantages to technology, it is something we should be mindful of and continue to work to reduce, the total effects appears to be positive.

When anything new enters our life, we must determine whether it is beneficial or harmful to us. Technology is merely another tool, and what we do with it and how we utilize it is all up to us. It’s nearly difficult to develop something without negative consequences, but we shouldn’t let that stop us from reaping the benefits that are also available. Technology impacts human behaviors both appropriately or inappropriately depending on what they choose to use it for. Others choose to work using technology and  others choose to commit criminal activities with. Technology is what you make it to be and being impacted also depends on your choices.

Network technology has improved through the years. For instance, the third-generation wireless mobile telecommunications which is also known as the 3G network. The 3G network cannot be compared to the 4G and 5G network now. Why? Because technology got advances, they were updated, they got better. 

Internet Speed as a matter of fact, dial-up was the type of internet connection that used a phone line to connect to the internet. This meant you could only use the phone or the internet at the same time but as compared to today we now access the internet totally wirelessly, no matter where we are.

Another example on how technology has improved is the use and improvement of the Memory card. There is a huge difference in data storage in the past years and now. People used floppy disks and compact disc rewritable to store information like documents and images years ago, yet despite their vast physical size, they couldn’t hold much data. SD cards now carry over 250GB, a significant improvement over the 32, 64, and 128 MB cards that were available years ago. 

Yes, I do agree with the writer. Through technology advancement transition it was years of experience seeing technology change systematically. Technology grows each and every time and we’ve all seen how fast they do occur. 

Regarding my life, the improvement of technology has impacted my health in a good way because of the smart health tracking devices. I am able to track the amount of calories I consume in a day.

Secondly, devices such as the smartwatch and smartphone have been made possible by today’s technology to make my life easier. I can access my emails from my phone  and it doesn’t matter  where I find myself as long as the interwork is good. Computers are becoming quicker, more portable, and more powerful than they have ever been. Like my HP laptop, it has an aspect of being a touch screen. Technology has made our lives easier, simpler, safer, and more delightful as a result of all of these transformations.

Module 1

As a societal issue, cybersecurity covers a broad spectrum of issues. It has economic factors, information key aspects, and aspects that lay in the core of computer design and computer engineering, as well as comprehending that security is a bigger collection of concerns that spill over into many fields, not only saying. Cyber security is built on the foundation of five key computer-based disciplines: Computer Science is the study of computers. Information Systems in Bioinformatics. Information and Communication Technology, Software Development.

With the development of information and communication technologies, cyber security has become a necessary discipline . The way individuals communicate and distribute information electronically has changed as a result of technological improvements, posing new problems to the security of that information. Governments and businesses have become more aware of the need to secure and defend structures as the threat of cyber assaults has grown.

There are so many pathways regarding cybersecurity careers. Like the cybersecurity specialist, Cybercrime Analyst, Cybersecurity Analyst, Cybersecurity Engineer and many more.

Module 2

In the data security (InfoSec) community, “CIA” has not anything to do with a positive well-identified US intelligence agency. These 3 letters stand for confidentiality, integrity, and availability, in any other case referred to as the CIA triad.

In order to make certain the confidentiality, integrity, and availability of information, businesses can select from a whole lot of equipment. Each of those equipment may be applied as a part of an basic information-safety policy, to be able to be mentioned in the subsequent section. Which consist of Authentication, Encryption,  Access Control and others. Authentication may be done with the aid of identifying a person through one or extra of 3 factors: something they know, something they have, or something they are. For example, the maximum common shape of authentication these days is the person ID and password. In this case, the authentication is accomplished with the aid of confirming that the person knows their ID and password. Once a person has been authenticated, the subsequent step is to make certain that they could most effectively get entry to the data sources which can be appropriate. This is completed through using get admission to manipulate. Access control determines which users are legal to read, modify, add, and/or delete information.

Encryption is a technique of encoding records upon its transmission or garage in order that best legal people can study it. This encoding is executed by a laptop program, which encodes the apparent textual content that wishes to be transmitted; then the recipient gets the cipher textual content and decodes it . In order for this to work, the sender and receiver want to agree on the approach of encoding in order that each event can talk properly. Both events percentage the encryption key, permitting them to encode and decode each other’s messages.

Depending on what aspect you are using a firewall for, one must consider when selecting a firewall for your organization. First, consider the visibility and control of your applications. 

Statistics rank some international countries who are on top of cybersecurity. Besides the US, UK , Malaysia, China, France leads the top 3 international countries. The United States is a huge target for attacks on business and large companies.

Module 3

Engineers ensure delicate information against an ever-evolving cluster of dangers by applying their abilities in areas like frameworks design, machine learning, modeling, and invert designing. They play a crucial part in building a more secure future for advances like self-driving cars and associated restorative gadgets. The 33 IT security principles are gathered into the taking after 6 categories: Security Establishment, Risk Based, Ease of Utilize, Increase Versatility, Decrease Vulnerabilities, and Design with Network in Intellect. 

Module 4

Cyber security set up is greatly critical for business. They can secure companies’ data from hackers and from human mistakes. Setting up cyber security programs can be expensive in spite of the fact that. One fetched would be starting to set up this would incorporate enlisting a cyber security company to come and introduce their framework on your computers. The company ought to do a few inquiries about what sort of cyber security program they would need and what they accept they are most at risk in order to ensure themselves the most excellent. Another reason why cyber security programs are imperative is since it keeps your workers secure from individual attacks. In case your framework is hacked your workers and yourself individual data may be discharged such as title, address and phone number. Generally Cyber security programs may be costly to introduce and up keep but within the long run are unquestionably worth the venture.

Module 5

Security Terminology simply means the glossary of security terms. There are so many ways to protect information. For instance, using strong passwords that can not be easily guessed. Install anti-virus and malware protection. Backing up your data and being wary of suspicious emails. Firstly, A network vulnerability is a defect or weakness in software, hardware, or work policies that can lead to a security breach if it is exploited by a threat. Malware is a term used to describe harmful software such as Trojan horses, viruses, and worms that are placed on a user’s computer or a host server. Attacks that use social engineering to trick people into divulging personal information such as a username or password. Out-of-date or unencrypted software that expose the application’s running systems, as well as the entire network. Firewalls and operating systems that are disabled or have default policies activated. Criminals have been able to carry out unlawful crimes online against someone else thanks to the ease with which technology, such as the Internet and social media platforms, has enabled them. Cybercriminals can cause just as much chaos online as they do in person. If a cyber criminal obtained access to a company’s software, the criminal might steal the company’s data and potentially sell it for a profit. Even though this occurred over the internet rather than in person, it would still be considered robbery. This offense carries the same penalty as if it were committed face to face. In today’s society, cyber technology has revolutionized the way people are victimized by crime.

Module 6

Cyberwarfare is the use of digital attacks, such as computer viruses and hacking, by one country against another’s essential computer systems in order to cause harm, death, and devastation. Hackers will fight alongside troops using traditional weapons like guns and grenades in future wars, attacking an enemy’s infrastructure using computer code. Governments are becoming aware that societies are so dependent on computer systems to run everything from financial institutions to transportation networks that using hackers carrying weapons with malware or other tools to shut down those systems could be just as effective and damaging as using army weapons and missiles.

Module 7

Cyber policies are crucial since the purpose of implementing them is to make the internet a safer environment for individuals to utilize. When trying to build cyber policy, the short arm of predictive information is vital to understand since it basically indicates that you should be prepared to alter your cyber policy when new information becomes available, such as a new firewall or a new attack strategy used by hackers. Overall, the growth of cyber policy and infrastructure should be approached on a day-to-day basis because it is impossible to predict the cyber world’s future, so wanting to take it day by day will ensure you create the best cyber policy and, if you continue to update it, you will remain secure and safe from cyber criminals.