course 5 – ASSETS, THREATS, AND VULNERABILITIES

Module 4: Threats to Asset Security

GOOGLE CYBERSECURITY PROFESSIONAL CERTIFICATE

Complete Coursera Study Guide

Enroll in Coursera Google Cybersecurity Professional Certificate

TABLE OF CONTENT

INTRODUCTION – Threats to Asset Security

In this comprehensive overview, participants will delve into the multifaceted landscape of digital asset security, gaining valuable insights into common types of threats that pose risks to the integrity and confidentiality of digital assets. The course will illuminate the various tools and techniques employed by cybercriminals to target assets, providing learners with a comprehensive understanding of the evolving tactics in the realm of cybersecurity. Additionally, participants will be introduced to the threat modeling process, a crucial aspect of proactive security measures, enabling them to anticipate potential risks and vulnerabilities.

Moreover, the course will shed light on the dynamic strategies adopted by security professionals to stay ahead of security breaches. Participants will gain practical knowledge about the ever-changing cybersecurity landscape, empowering them with the skills to analyze, assess, and fortify digital asset security effectively. By exploring real-world examples and case studies, this course ensures that participants not only comprehend theoretical concepts but also acquire practical skills essential for safeguarding digital assets in today’s interconnected and technology-driven environment.

Learning Objectives

  • Identify forms of social engineering.
  • Identify different types of malware.
  • Identify forms of web-based exploits.
  • Summarize the threat modeling process.

TEST YOUR KNOWLEDGE: SOCIAL ENGINEERING

1. Fill in the blank: _____ is the use of digital communications to trick people into revealing sensitive data or deploying malicious software.

  • Quid pro quo
  • Phishing (CORRECT)
  • Whaling
  • Baiting

Phishing is the use of digital communications to trick people into revealing sensitive data or deploying malicious software.

2. What type of phishing uses electronic voice communications to obtain sensitive information or to impersonate a known source?

  • Tailgating
  • Smishing
  • Vishing (CORRECT)
  • Angler phishing

Vishing refers to the use of electronic voice communications to obtain sensitive information or impersonate a known source.

3. Fill in the blank: The stages of a social engineering attack include to prepare, establish trust, use persuasion tactics, and ____.

  • spread awareness with others
  • evaluate defenses
  • disconnect from the target (CORRECT)
  • stay informed of security trends

The stages of a social engineering attack include to prepare, establish trust, use persuasion tactics, and disconnect from the target. Attackers typically break communications with their target after collecting the information they want. They do this to cover their tracks if they decide to target others in an organization.

4. Phishing kits typically contain which of the following tools to help attackers avoid detection? Select three answers.

  • Fraudulent web links (CORRECT)
  • Fake data-collection forms (CORRECT)
  • Malicious attachments (CORRECT)
  • Email filters

Phishing kits typically contain tools such as malicious attachments, fake data-collection forms, and fraudulent web links in order to help attackers avoid detection.

5. Which of the following may be stages of a social engineering attack? Select three answers.

  • Establish trust (CORRECT)
  • Disconnect from the target (CORRECT)
  • Implement least privilege
  • Use persuasion tactics (CORRECT)

The stages of a social engineering attack may be to establish trust, use persuasion tactics, and disconnect from the target. An attack may also include preparing information about the target. The use of persuasion tactics is when the attacker manipulates their target into volunteering information.

6. Which of the following is a form of phishing? Select two answers.

  • Vishing (CORRECT)
  • Smishing (CORRECT)
  • Rainbow tables
  • Credential stuffing

TEST YOUR KNOWLEDGE: MALWARE

1. Which of the following are types of malware? Select two answers.

  • Dictionary attacks
  • Spyware (CORRECT)
  • Credential stuffing
  • Viruses (CORRECT)

Viruses and spyware are a type of malware. A virus is designed to interfere with a computer’s operation and cause damage to data and software. Spyware collects information from users without their consent.

2. Fill in the blank: ____ are malware that automatically duplicate and spread themselves across systems.

  • Rootkits
  • Worms (CORRECT)
  • Botnets
  • Trojans

Worms are malware that automatically duplicate and spread themselves across systems.

3. What is it called when someone’s computing resources are illegally hijacked to mine cryptocurrencies?

  • Trojan horse
  • Spyware
  • Cryptojacking (CORRECT)
  • Rootkit

Cryptojacking is a cybercrime that is used to mine cryptocurrencies.

4. Which of the following are common signs of a malware infection? Select three answers.

  • Slowdowns in performance (CORRECT)
  • Improved battery life
  • Increased CPU usage (CORRECT)
  • Unusual system crashes (CORRECT)

Common signs of a malware infection include increased CPU usage, slowdowns in performance, and unusual system crashes.

5. Fill in the blank: _____ is a type of malicious attack where attackers encrypt an organization’s data and demand payment to restore access.

  • Spyware
  • Ransomware (CORRECT)
  • Worm
  • Phishing

Ransomware is a type of malicious attack where attackers encrypt an organization’s data and demand payment to restore access.

6. Which of the following actions can be taken to protect against cryptojacking?

  • Hashing user passwords in a database
  • Mining crypto coins on workstations
  • Using malware blocking browser extensions (CORRECT)
  • Reporting new CVEs®

Some actions that can be taken to protect against cryptojacking include using malware blocking browser extensions and setting up monitoring processes for increased CPU usage.

Test your knowledge: Web-based exploits

1. Fill in the blank: _____ are malicious code or behaviors that are used to take advantage of coding flaws in a web application.

  • Web-based exploits (CORRECT)
  • Social engineering
  • Command-line interface
  • Spear phishing

Web-based exploits are malicious code or behaviors that are used to take advantage of coding flaws in a web application.

2. Cross-site scripting (XSS) attacks are often delivered by exploiting which of the following languages? Select two answers.

  • JavaScript (CORRECT)
  • SQL
  • Python
  • HTML (CORRECT)

XSS attacks are delivered by exploiting the two languages used by most websites, HTML and JavaScript.

3. Fill in the blank: A _____ is a coding technique that executes SQL statements before passing them onto the database.

  • botnet
  • phishing kit
  • SQL injection
  • prepared statement (CORRECT)

A prepared statement is a coding technique that executes SQL statements before passing them onto the database. Prepared statements are used to defend against SQL injection attacks by validating code before performing a query.

4. What are two examples of when SQL injections can take place?

  • When a malicious script exists in the webpage a browser loads
  • When using the login form to access a site (CORRECT)
  • When a user enters their credentials (CORRECT) When a malicious script is injected directly on the server

Two examples of when SQL injections can take place are when using the login form to access a site and when a user enters their credentials. SQL injection can take place in areas of the website that are designed to accept user input.

5. In a SQL injection attack, malicious hackers attempt to obtain which of the following? Select two answers.

  • Categorize the environment
  • Gain administrative rights (CORRECT)
  • Sensitive information (CORRECT)
  • Exploiting languages

In a SQL injection attack, malicious hackers attempt to obtain sensitive information and gain administrative rights.

6. Which of the following are types of cross-site scripting (XSS) attacks? Select three answers.

  • Cryptojacking
  • Reflected (CORRECT)
  • Stored (CORRECT)
  • DOM-based (CORRECT)

Types of XSS attacks are: reflected, stored, and DOM-based. A DOM-based XSS attack is an instance when a malicious script exists in the webpage a browser loads.

7. Fill in the blank: A(n) _____ is an attack that executes unexpected queries on a database.

  • CVE
  • SQL injection (CORRECT)
  • virus
  • malware

A SQL injection is an attack that executes unexpected queries on a database. The injections take place in areas of the website that are designed to accept user input.

TEST YOUR KNOWLEDGE: THREAT MODELING

1. Fill in the blank: Threat modeling is a process that security teams use to _____ attacks.

  • conduct
  • remediate
  • engineer
  • anticipate (CORRECT)

Threat modeling is a process security teams use to anticipate attacks by examining organizational assets from a security-related perspective.

2. Which of the following are steps of a threat modeling process? Select three answers.

  • Mitigate risks. (CORRECT)
  • Classify assets.
  • Identify threats. (CORRECT)
  • Characterize the environment. (CORRECT)

Identify threats, characterize the environment, and mitigate risks are some steps of a typical threat modeling process. Characterizing the environment is the third step of threat modeling where security teams examine who and what interacts with assets.

3. A threat modeling team has identified potential threats and vulnerabilities that might be exploited. The team creates a diagram that maps the threats to assets. What type of diagram is this known as?

  • An attack vector
  • An attack tree (CORRECT)
  • An attack surface
  • An attacker mindset

The type of diagram the team created is an attack tree.  An attack tree is a diagram that maps threats to assets.

4. Which of the following are threat modeling frameworks? Select two answers.

  • PASTA (CORRECT)
  • Trike (CORRECT)
  • XSS
  • NIST

PASTA and Trike are threat modeling frameworks. Like other threat modeling frameworks, they can be used to proactively reduce risks to a system or business process.

5. What are the objectives of PASTA or any other threat modeling activity? Select three answers.

  • Improve security plans. (CORRECT)
  • Prepare fixes. (CORRECT)
  • Document potential risks. (CORRECT)
  • Eliminate all future attacks.

The objectives of PASTA or any other threat modeling activity is to document potential risks, prepare fixes, and improve security plans. Threat modeling helps identify plans to mitigate or remediate vulnerabilities.

6. Which of the following is a step of the threat modeling process? Select two answers.

  • Evaluate findings (CORRECT)
  • Identify threats (CORRECT)
  • Implement prepared statements
  • Remediate vulnerabilities

There are six steps of the threat modeling process: define the scope, identify threats, characterize the environment, analyze threats, mitigate risks, and evaluate findings.

7. Fill in the blank: PASTA is a popular _____ framework that’s used across many industries.

  • threat modeling (CORRECT)
  • attack tree
  • asset classification
  • vulnerability management

PASTA is a popular threat modeling framework that’s used across many industries. Threat modeling is the process of identifying assets, their vulnerabilities, and how each is exposed to threats.

MODULE 4 CHALLENGE

1. Fill in the blank: The four stages of a social engineering attack are to prepare, _____, use persuasion tactics, and disconnect from the target.

  • establish trust (CORRECT)
  • distribute malicious email
  • perform open-box testing
  • obtain access credentials

2. What is the main difference between a vishing attack and a smishing attack?

  • Vishing is used to target executives at an organization.
  • Vishing involves a widespread email campaign to steal information.
  • Vishing makes use of voice calls to trick targets. (CORRECT)
  • Vishing exploits social media posts to identify targets.

3. Fill in the blank: The main difference between a worm and a virus is that a worm can _____.

  • operate without the target’s knowledge
  • take control of an infected system by encrypting its data
  • be delivered inside of a legitimate-looking application
  • replicate itself across devices without requiring users to perform an action (CORRECT)

4. Which type of malware requires the user to make a payment to the attacker to regain access to their device?

  • Brute force attacks
  • Cryptojacking
  • Botnets
  • Ransomware (CORRECT)

5. Fill in the blank: Cryptojacking is a type of malware that uses someone’s device to _____ cryptocurrencies.

  • collect
  • mine (CORRECT)
  • earn
  • invest

6. What is malicious code that is inserted into a vulnerable application called?

  • Social engineering
  • Input validation
  • Injection attack (CORRECT)
  • Cryptojacking

7. An attacker sends a malicious link to subscribers of a sports news site. If someone clicks the link, a malicious script is sent to the site’s server and activated during the server’s response.

This is an example of what type of injection attack?

  • Stored
  • DOM-based
  • SQL injection
  • Reflected (CORRECT)

8. What are the reasons that an attacker would perform a SQL injection attack? Select three answers.

  • To send phishing messages to users in a database
  • To delete entire tables in a database (CORRECT)
  • To steal the access credentials of users in a database (CORRECT)
  • To gain administrative rights to a database (CORRECT)

9. What are some key benefits of the threat modeling process? Select all that apply.

  • Identify points of failure (CORRECT)
  • Help prioritize threats (CORRECT)
  • Reduce an attack surface (CORRECT)
  • Remediate all vulnerabilities

10. A security team is decomposing an application during a PASTA threat model. What information will they discover during this step of the process?

  • The types of threats that can be used to compromise data
  • Which data owners are compromising the organization
  • The vulnerabilities that have been reported to the CVE® list
  • How the application handles data and which controls are in place (CORRECT)

11. Which of the following could be examples of social engineering attacks? Select three answers.

  • An email urgently asking you to send money to help a friend who is stuck in a foreign country (CORRECT)
  • A pop-up advertisement promising a large cash reward in return for sensitive information (CORRECT)
  • An unfamiliar employee asking you to hold the door open to a restricted area (CORRECT)
  • A lost record of important customer information

12. Fill in the blank: _____ uses text messages to manipulate targets into sharing sensitive information.

  • Pretexting
  • Smishing (CORRECT)
  • Vishing
  • Whaling

13. A digital artist receives a free version of professional editing software online that has been infected with malware. After installing the program, their computer begins to freeze and crash repeatedly.

The malware hidden in this editing software is an example of which type of malware?

  • Spyware
  • Adware
  • Scareware
  • Trojan (CORRECT)

14. Fill in the blank: A(n) _____ tool can be used by security professionals to catch abnormal activity, like malware mining for cryptocurrency.

  • Intrusion detection system (IDS) (CORRECT)
  • Fileless malware
  • Spyware
  • Attack tree

15. A hacktivist group gained access to the website of a utility company. The group bypassed the site’s login page by inserting malicious code that granted them access to customer accounts to clear their debts.

What type of attack did the hacktivist group perform?

  • Quid pro quo
  • Watering hole
  • Injection (CORRECT)
  • Rainbow table

16. Fill in the blank: A _____ cross-site scripting (XSS) attack is an instance when malicious script exists in the webpage a browser loads.

  • Brute force
  • Stored
  • DOM-based (CORRECT)
  • Reflected

17. During which stage of the PASTA framework is an attack tree created?

  • Vulnerability analysis
  • Threat analysis
  • Decomposing an application
  • Attack modeling (CORRECT)

18. Which of the following are not types of malware? Select two answers.

  • Cross-site scripting (CORRECT)
  • Worm
  • Virus
  • SQL injection (CORRECT)

19. Which of the following are common signs that a computer is infected with cryptojacking software? Select three answers.

  • Unusually high electricity costs (CORRECT)
  • Sudden system crashes (CORRECT)
  • Modified or deleted files
  • Increased CPU usage (CORRECT)

20. Which of the following are areas of a website that are vulnerable to SQL injection? Select two answers.

  • Pop-up advertisements
  • Credit card payment forms (CORRECT)
  • Social media feeds
  • User login pages (CORRECT)

21. Which stage of the PASTA framework is related to identifying the application components that must be evaluated?

  • Implement prepared statements
  • Perform a vulnerability analysis
  • Define the technical scope (CORRECT)
  • Characterize the environment

22. A threat actor tricked a new employee into sharing information about a senior executive over the phone.

This is an example of what kind of attack?

  • SQL injection
  • Malware
  • Credential stuffing Social engineering (CORRECT)

23. What is the most common form of social engineering used by attackers?

  • Ransomware
  • Adware
  • Malware
  • Phishing (CORRECT)

24. A government contractor is tricked into installing a virus on their workstation that encrypts all their files. The virus displays a message on the workstation telling the contractor that they can have the files decrypted if they make a payment of $31,337 to an email address.

What type of attack is this an example of?

  • Cross-site scripting
  • Ransomware (CORRECT)
  • Brute force attack
  • Scareware

25. Security researchers inserted malicious code into the web-applications of various organizations. This allowed them to obtain the personally identifiable information (PII) of various users across multiple databases.

What type of attack did the researchers perform?

  • Ransomware
  • Injection (CORRECT)
  • Input sanitization
  • Social engineering

26. What are the characteristics of a ransomware attack? Select three answers.

  • Attackers display unwanted advertisements on the device.
  • Attackers make themselves known to their targets. (CORRECT)
  • Attackers demand payment to restore access to a device. (CORRECT)
  • Attackers encrypt data on the device without the user’s permission. (CORRECT)

27. A small business that sells online courses conducted a threat modeling exercise on its data systems. The team conducting the exercise started by defining the scope of the model. Then, they identified threat actors who might target the data systems. Next, the team is creating a diagram that maps threats to assets that are being protected.

What is this type of diagram called?

  • Bug bounty
  • User provisioning
  • Rainbow table
  • Attack tree (CORRECT)

CONCLUSION – Threats to Asset Security

This comprehensive exploration of digital asset security equips participants with a robust foundation in understanding and mitigating threats to digital assets. Through an in-depth examination of common threat types, cybercriminal tools and techniques, and proactive measures like threat modeling, participants are well-prepared to navigate the dynamic cybersecurity landscape.

The emphasis on practical insights and strategies employed by security professionals ensures that learners not only grasp theoretical concepts but also develop the practical skills needed to protect digital assets effectively. As participants conclude this course, they emerge with a heightened awareness of cybersecurity challenges and the tools necessary to contribute to the ongoing efforts to secure digital landscapes.

Previous Module
Next Course

Subscribe to our site

Get new content delivered directly to your inbox.

Quiztudy Top Courses

Popular in Coursera

Liking our content? Then, don’t forget to ad us to your BOOKMARKS so you can find us easily!

Subscribe