Lesson Conclusion

Lesson Summary

In this lesson, you looked at security trends with different cybersecurity events and protection techniques. It helps us to better understand the importance of cybersecurity for all organizations. You also saw what you need to do to establish a cybersecurity career. This lesson also taught you about core security principles, critical security controls, and cybersecurity best practices. Lastly, you learned about some security best practices for keeping yourself and others safe online.

Now that you’re done with this lesson, you should be able to

• Identify current trends in cybersecurity events and protection techniques
• Describe careers as a cybersecurity professional and skill qualifications
• Explain security fundamentals including core security principles, critical security controls, and cybersecurity best practices

Use this as a foundation throughout the rest of this course.

Glossary

• Phishing: A technique for attempting to acquire sensitive data, such as bank account numbers, through a fraudulent solicitation in email or on a web site, in which the perpetrator masquerades as a legitimate business or reputable person.
• Malware: Software or firmware intended to perform an unauthorized process that will have an adverse impact on the confidentiality, integrity, or availability of an information system. A virus, worm, Trojan horse, or other code-based entity that infects a host. Spyware and some forms of adware are also examples of malicious code
• Ransomware: A type of malicious software designed to block access to a computer system until a sum of money is paid.
• Business Email Compromise: An exploit in which an attacker obtains access to a business email account and imitates the owner's identity, in order to defraud the company and its employees, customers or partners
• Internet of Things: The interconnection via the Internet of computing devices embedded in everyday objects, enabling them to send and receive data
• Multi-Factor Authentication (MFA): Authentication using two or more factors to achieve authentication.
• AntiVirus (AV) applications: A program or tool specifically designed to detect many forms of malware and prevent them from infecting computers, as well as cleaning computers that have already been infected.
• Patching: A software component that, when installed, directly modifies files or device settings related to a different software component without changing the version number or release details for the related software component.
• Updating: An authorized increase in the level of protection to be provided to specified information, e.g., from a Low impact-level to a Moderate impact-level.

Further reading

• Definitions from the NIST CSRC Glossary: https://csrc.nist.gov/glossary
• ISACA - https://www.isaca.org/
• (ISC)2 - https://www.isc2.org/
• Cyberseek - https://www.cyberseek.org/
• Peerlyst, "How to move to or start an InfoSec career" - wiki - https://www.peerlyst.com/posts/a-collection-of-links-about-transitioning-into-infosec-or-starting-an-infosec-career-and-making-it-peerlyst
• National Cybersecurity Alliance, How to Stay Safe Online: https://staysafeonline.org/stay-safe-online/
• Stop.Think.Connect., General Tips and Advice: https://stopthinkconnect.org/tips-advice/general-tips-and-advice