Cybersecurity all-in-one for dummies
Cybersecurity All-in-One For Dummies covers a lot of ground in the world of keeping computer systems safe from those who want to break in. This book offers a one-stop resource on cybersecurity basics, personal security, business security, cloud security, security testing, and security awareness. Fil...
| Otros Autores: | , , |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Hoboken, N.J.:
Wiley
c2023.
Indianapolis, Indiana : [2022] |
| Colección: | --For dummies.
|
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009720738806719 |
Tabla de Contenidos:
- Intro
- Title Page
- Copyright Page
- Table of Contents
- Introduction
- About This Book
- Foolish Assumptions
- Icons Used in This Book
- Beyond the Book
- Where to Go from Here
- 1 Cybersecurity Basics
- Chapter 1 What Exactly Is Cybersecurity?
- Cybersecurity Means Different Things to Different Folks
- Cybersecurity Is a Constantly Moving Target
- Technological changes
- Digital data
- The Internet
- Cryptocurrency
- Mobile workforces and ubiquitous access
- Smart devices
- Big data
- The COVID-19 pandemic
- Social shifts
- Economic model shifts
- Political shifts
- Data collection
- Election interference
- Hacktivism
- Greater freedom
- Sanctions
- New balances of power
- Looking at the Risks Cybersecurity Mitigates
- The goal of cybersecurity: The CIA Triad
- From a human perspective
- Chapter 2 Getting to Know Common Cyberattacks
- Attacks That Inflict Damage
- Denial-of-service (DoS) attacks
- Distributed denial-of-service (DDoS) attacks
- Botnets and zombies
- Data destruction attacks
- Is That Really You? Impersonation
- Phishing
- Spear phishing
- CEO fraud
- Smishing
- Vishing
- Pharming
- Whaling: Going for the "big fish"
- Messing around with Other People's Stuff: Tampering
- Captured in Transit: Interception
- Man-in-the-middle attacks
- Taking What Isn't Theirs: Data Theft
- Personal data theft
- Business data theft
- Data exfiltration
- Compromised credentials
- Forced policy violations
- Cyberbombs That Sneak into Your Devices: Malware
- Viruses
- Worms
- Trojans
- Ransomware
- Scareware
- Spyware
- Cryptocurrency miners
- Adware
- Blended malware
- Zero-day malware
- Fake malware on computers
- Fake malware on mobile devices
- Fake security subscription renewal notifications
- Poisoned Web Service Attacks
- Network Infrastructure Poisoning
- Malvertising.
- Drive-by downloads
- Stealing passwords
- Exploiting Maintenance Difficulties
- Advanced Attacks
- Opportunistic attacks
- Targeted attacks
- Blended (opportunistic and targeted) attacks
- Some Technical Attack Techniques
- Rootkits
- Brute-force attacks
- Injection attacks
- Cross-site scripting
- SQL injection
- Session hijacking
- Malformed URL attacks
- Buffer overflow attacks
- Chapter 3 The Bad Guys You Must Defend Against
- Bad Guys and Good Guys Are Relative Terms
- Bad Guys Up to No Good
- Script kiddies
- Kids who are not kiddies
- Terrorists and other rogue groups
- Nations and states
- Corporate spies
- Criminals
- Hacktivists
- Terrorists
- Rogue insiders
- Cyberattackers and Their Colored Hats
- How Cybercriminals Monetize Their Actions
- Direct financial fraud
- Indirect financial fraud
- Profiting off illegal trading of securities
- Stealing credit card, debit card, and other payment-related information
- Stealing goods
- Stealing data
- Ransomware
- Cryptominers
- Not All Dangers Come From Attackers: Dealing with Nonmalicious Threats
- Human error
- Humans: The Achilles' heel of cybersecurity
- Social engineering
- External disasters
- Natural disasters
- Pandemics
- Environmental problems caused by humans
- Cyberwarriors and cyberspies
- The impotent Fair Credit Reporting Act
- Expunged records are no longer really expunged
- Social Security numbers
- Social media platforms
- Google's all-knowing computers
- Mobile device location tracking
- Defending against These Attackers
- 2 Personal Cybersecurity
- Chapter 1 Evaluating Your Current Cybersecurity Posture
- Don't be Achilles: Identifying Ways You May Be Less than Secure
- Your home computer(s)
- Your mobile devices
- Your Internet of Things (IoT) devices
- Your networking equipment
- Your work environment.
- Identifying Risks
- Protecting against Risks
- Perimeter defense
- Firewall/router
- Security software
- Your physical computer(s) and any other endpoints
- Backups
- Detecting
- Responding
- Recovering
- Improving
- Evaluating Your Current Security Measures
- Software
- Hardware
- Insurance
- Education
- Privacy 101
- Think before you share
- Think before you post
- General privacy tips
- Banking Online Safely
- Safely Using Smart Devices
- Cryptocurrency Security 101
- Chapter 2 Enhancing Physical Security
- Understanding Why Physical Security Matters
- Taking Inventory
- Stationary devices
- Mobile devices
- Locating Your Vulnerable Data
- Creating and Executing a Physical Security Plan
- Implementing Physical Security
- Security for Mobile Devices
- Realizing That Insiders Pose the Greatest Risks
- Chapter 3 Cybersecurity Considerations When Working from Home
- Network Security Concerns
- Device Security Concerns
- Location Cybersecurity
- Shoulder surfing
- Eavesdropping
- Theft
- Human errors
- Video Conferencing Cybersecurity
- Keep private stuff out of camera view
- Keep video conferences secure from unauthorized visitors
- Social Engineering Issues
- Regulatory Issues
- Chapter 4 Securing Your Accounts
- Realizing You're a Target
- Securing Your External Accounts
- Securing Data Associated with User Accounts
- Conduct business with reputable parties
- Use official apps and websites
- Don't install software from untrusted parties
- Don't root your phone
- Don't provide unnecessary sensitive information
- Use payment services that eliminate the need to share credit card numbers
- Use one-time, virtual credit card numbers when appropriate
- Monitor your accounts
- Report suspicious activity ASAP
- Employ a proper password strategy
- Utilize multifactor authentication.
- Log out when you're finished
- Use your own computer or phone
- Lock your computer
- Use a separate, dedicated computer for sensitive tasks
- Use a separate, dedicated browser for sensitive web-based tasks
- Secure your access devices
- Keep your devices up to date
- Don't perform sensitive tasks over public Wi-Fi
- Never use public Wi-Fi in high-risk places
- Access your accounts only in safe locations
- Use appropriate devices
- Set appropriate limits
- Use alerts
- Periodically check access device lists
- Check last login info
- Respond appropriately to any fraud alerts
- Never send sensitive information over an unencrypted connection
- Beware of social engineering attacks
- Establish voice login passwords
- Protect your cellphone number
- Don't click on links in emails or text messages
- Securing Data with Parties You've Interacted With
- Securing Data at Parties You Haven't Interacted With
- Securing Data by Not Connecting Hardware with Unknown Pedigrees
- Chapter 5 Passwords
- Passwords: The Primary Form of Authentication
- Avoiding Simplistic Passwords
- Password Considerations
- Easily guessable personal passwords
- Complicated passwords aren't always better
- Different levels of sensitivity
- Your most sensitive passwords may not be the ones you think
- You can reuse passwords - sometimes
- Consider using a password manager
- Creating Memorable, Strong Passwords
- Knowing When to Change Passwords
- Changing Passwords after a Breach
- Providing Passwords to Humans
- Storing Passwords
- Storing passwords for your heirs
- Storing general passwords
- Transmitting Passwords
- Discovering Alternatives to Passwords
- Biometric authentication
- SMS-based authentication
- App-based one-time passwords
- Hardware token authentication
- USB-based authentication.
- Chapter 6 Preventing Social Engineering Attacks
- Don't Trust Technology More than You Would People
- Types of Social Engineering Attacks
- Six Principles Social Engineers Exploit
- Don't Overshare on Social Media
- Your schedule and travel plans
- Financial information
- Personal information
- Information about your children
- Information about your pets
- Work information
- Possible cybersecurity issues
- Crimes and minor infractions
- Medical or legal advice
- Your location
- Your birthday
- Your "sins"
- Leaking Data by Sharing Information as Part of Viral Trends
- Identifying Fake Social Media Connections
- Photo
- Verification
- Friends or connections in common
- Relevant posts
- Number of connections
- Industry and location
- Similar people
- Duplicate contact
- Contact details
- Premium status
- LinkedIn endorsements
- Group activity
- Appropriate levels of relative usage
- Human activities
- Cliché names
- Poor contact information
- Skill sets
- Spelling
- Age of an account
- Suspicious career or life path
- Level or celebrity status
- Using Bogus Information
- Using Security Software
- General Cyberhygiene Can Help Prevent Social Engineering
- 3 Securing a Business
- Chapter 1 Securing Your Small Business
- Making Sure Someone Is In Charge
- Watching Out for Employees
- Incentivize employees
- Avoid giving out the keys to the castle
- Give everyone separate credentials
- Restrict administrators
- Limit access to corporate accounts
- Implement employee policies
- Enforce social media policies
- Monitor employees
- Dealing with a Remote Workforce
- Use work devices and separate work networks
- Set up virtual private networks
- Create standardized communication protocols
- Use a known network
- Determine how backups are handled
- Be careful where you work remotely.
- Be extra vigilant regarding social engineering.
