Lab – Threat Identification
Evidente, Juan Paolo
Objectives
Explore the security features used by organizations to keep data safe.
Part 1: Exploring the Threat of Cyberattacks
Part 2: CIA Triad
Background / Scenario
The threats posed by the cyber world are real. These threats have the potential to wreak havoc
on life in a computer centric world. Understanding these threats is important to everyone and in
order to combat them, the world needs committed individuals that can recognize threats, and
outmaneuver and outsmart cyber criminals. In order to develop the talent needed,
organizations like CompTIA, Cisco Systems and ISC2 have created programs to educate and
certify cyber professionals.
Required Resources
PC or mobile device with Internet access
Part 1: Exploring the Threat of Cyberattacks
Cyberattacks top the list of threats facing countries around the world. When people think of
threats to national or world security, most people think of physical attacks or weapons of mass
destruction. The fact is cyber threats top the list in over twenty countries around the world. The
ranking of cyberattacks in the number one spot reveals a few things about how society has
changed. Computers and computer networks affect the way we learn, shop, communicate,
travel, and live. Computer systems control almost every aspect of our lives.
The disruption of computer systems and computer networks can have a devastating impact on
modern life. Electrical power generation and distribution systems, water treatment and supply
systems, transportation, and financial systems are all targets of cyberattacks. Each of these systems
has been a victim of cyberattacks.
Watch the video below. Break into groups of 3-4 people. After viewing the video, answer the
questions below.
Step 1: Research Threats.
In step 1, you will research threats.
a. Click here to view the video. According to the video, what is the most dangerous weapon
in the world? Why? Do you agree?
Answer:
According to the video, a computer in the wrong hands is the most dangerous weapon
in the world, I believe, because some people nowadays are truly dedicated to stealing
and exploiting data, such as sensitive information. That can have an impact on the
lives of people all over the world with just the palm of your hands inside a room can
be terrifying. I agree that it is a weapon of mass destruction because it spreads at
such a rapid pace that we never know when we will be attacked by these hackers.
b. List five ways a cyber-criminal can use computers to break the law. Can any of the
crimes you listed affect you personally? Have you or your family members been
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Page 1 of
Cisco Public. 4
� affected by these crimes?
Cyberstalking
Phishing
Identity Theft
Break in in personal Compute
By using keylogger
Answer:
As far as I know my mother and friend got attacked by phishing and cause
their accounts to be leaked online that they cannot access it anymore now.
c. Have any of the potential threats portrayed in the video actually happened? Click here
to learn more about these attacks.
Answer:
In our country, we often see cases in the media of people being extorted by
cybercriminals or having their bank accounts stolen. Very common because a
lot of filipinos are not aware what is the consequences especially middle
aged people/ elderly.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Page 2 of
Cisco Public. 4
�Lab – Threat Identification
Step 2: Explore Recent Attacks.
a. The impact and scope of recent cyberattacks have many business and government
officials concerned. Click here to review the top 10 most devastating cyber hacks or 2015.
How many people did the US Office of Personnel Management data breach affect?
Answer:
The data breach involved the theft of addresses, health, and financial information
from 19.7 million people who had undergone government background checks, as well
as another 1.8 million people.
b. Describe the TalkTalk attack of 2015. Who was responsible and what did the cyber criminals
steal?
Answer:
Those responsible for the attack on the mobile technology company were hackers
located in the United Kingdom; the data of more than 20,000 customers were stolen
including confidential information of the users such as personal data.
Part 2: CIA Triad
Confidentiality, integrity, and availability are the three fundamental cybersecurity principles.
These three principles make up the CIA triad. The elements of the triad are the three most
crucial components of security. All cybersecurity professionals should be familiar with these
core principles.
Step 1: Explore the CIA Triad.
a. Click here to view the video. What is data confidentiality? Why is data confidentiality
so important to people and organizations?
Answer:
Data needs to be taken seriously or else you or everyone that is around you
will be affected if its not been taken care of it keeps the data or information
be secured around the organization or keep hackers or attackers from
stealing your information it keeps the secrets to be secret.
b. What is data integrity? Name three ways data integrity or trustworthiness is affected.
Answer:
To keep and ensure accurate data and learning how to know the errors of an
information it keeps its integrity to be true or valid not to be modified or
altered.
c. What is system availability? What can happen if a critical computer system is no longer
available?
Answer:
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Page 3 of
Cisco Public. 4
� Having the system running can be a crucial part of the data how can the clients access the
resources if the system is not available for example how can the client or employee access their
accounts if the company’s system is down.
Step 2: Explore Cyberattacks.
Click here to watch a video. What were the cybercriminals trying to do? What time of the day
did the attack occur? Are network attacks likely to occur after hours? Why?
Most of the time cyber criminals are trying to steal personal information it can be money
sensitive data’s or other resources that can benefit them the usual time of attack is where the
employees are in a break time such as afternoon or if the time is busy enough so the attackers
attack might not be detected. Without knowing what is truly happening to their computers they
are trying to attack especially if they know the company is unprepared of this kind of situation.
© 2016 Cisco and/or its affiliates. All rights reserved. This document is Page 4 of
Cisco Public. 4
