SMARTKIDS HOLIDAY

BOOTCAMP
Cyber security BOOK level 1

PREFACE

In this book, we shall talk about Cybersecurity at a lay man’s level.

That is, with as much basic terms as possible and in a way the students

undertaking this course will understand with ease. Here, we are going to

work mostly with simple definitions which include the least amount of

technical terms possible, enough explanation, images to illustrate where

necessary and practical exercises for students to understand. The

practical exercises are for students to see how important being a security

literate can be at the end of this bootcamp. And it is important to note

that cybersecurity and IT in general without practicing is a waste of

time. Our team hopes at the end of this, student shall be more security

aware, that is know what to avoid and when to avoid, help others to

protect themselves and many more.

 WELCOME TO CYBERSECURITY MADE EASY

MODULE 01 :

INTRODUCTION TO
CYBERSECURITY

Objectives :

At the end of this module, students should be able to ;

👍 Know what is meant by Cybersecurity

👍 Know what is meant by Information Security

👍 Know and understand the Elements of Information Security

👍 Know what is meant by Hacking

👍 Know who a Hacker is

👍 Know what is meant by Ethical hacking

👍 Know who an Ethical Hacker is

👍 Know the main types of Hackers

👍 Know and understand our main Security Challenge in our case

👍 Know some of the various through which our data could be corrupted

👍 Understand the importance of being a security literate

2
1.1 What is Cybersecurity ?

It is the practice of protecting internet-connected systems such as

software, hardware and data from cyber threats or attacks.

1.2 What is Information Security ?

It refers to the protection of information from unauthorized access, so

as for them not to be destructed, altered or used to harm mankind.

1.3 Elements of Information Security

There are several elements of Information Security, but at this level

we shall focus on the three first of the list. The latter which are ;

1) Confidentiality : It is the assurance that the information is

accessible only to authorized users.

2) Availability : It is the assurance that the desired information is

accessible when required by authorized users.

3) Authenticity : It is the assurance that the information has the

quality of being legit and uncorrupted.

1.4 What is Hacking ?

Hacking is the act of identifying and exploiting the weaknesses in a

computer system or network, usually to gain unauthorized access to
personal or organizational data.
Hacking is not always a malicious activity, but the term is usually
known to be used in a negative way.

1.5 Who is a Hacker ?

A hacker is simply a person who performs hacking. A hacker’s

classification depends on what he uses hacking for.

1.6 What is Ethical Hacking ?

Ethical Hacking is hacking, with the addition of doing that in order

to assist organizations.

1.7 Who is an Ethical Hacker ?

An Ethical Hacker is an individual who performs Ethical Hacking

and can also be identified as a white hat.

3
1.8 The Main Types of Hackers

1) White Hats : Also known as ethical hackers and are security

specialists whose skills are aimed at protecting organizations’ data
and scanning system networks in search of vulnerabilities.

2) Black Hats : These are hackers that employ their computer skills
for bad purposes. These may include stealing, blackmailing, revenge
and many others.

3) Grey Hats : These are hackers which are both white and black.
They use their computer skills to help organizations at times and
at other times they use it for whatever bad reasons that suit them.

Our Main Security Challenge

Our main security challenge here will be the lack of qualified

and skilled
cybersecurity professionals. Many people and organizations today see
security as a challenge. This is simply because we lack security
professionals who will help individuals as well as organizations to protect
computer systems and networks.

In our everyday life we use the internet 99% of the time, and for this
reason we
are being exposed to cyber attacks daily since we are connected to the
internet almost all the time. Also, our sensitive information is stored in
the cloud or is being transferred all day long through the internet.

There are several ways through which our information could be used
against us.
Such ways include ;

1) Stolen passwords could enable an individual to access confidential

information.

2) One could steal money from us.

3) One could blackmail us with sensitive information.

4) One could pretend to be us and use critical information to lure

people into scams.

There are many ways through which black hats could harm us. With
the world’s
significant growth in technology, with daily updates, security literacy will
always be important. This is because, when you are a security literate,

4
you are conscious of how important keeping your data safe is. You will
understand that with the least information that an individual has about
you and can enable him or her to use it against you.

During our class, we shall discuss with more details on how

being a security
literate is useful and important.

MODULE 02 :

PROTECTION OF MOBILE
DEVICES
Objectives :

At the end of this module, students should be able to ;

👍 Tell what they understand by protection of mobile devices

👍 Name the different ways through which their mobile

devices can be attacked 👍 Explain the latter

👍 Explain the various ways through which their mobile devices can be
protected

👍 Demonstrate and explain how he or she did to attack his or her

classmate

👍 Demonstrate and explain how he or she did to protect his or herself

from classmate

👍 Go back home and sensitize relatives and close ones how to protect
themselves

👍 Bring back a report or/and show to the class what he or she went
back home and did

2.1 What is meant by Protection of Mobile Devices ?

5
 Protection of devices has no technical significance. It simply means
protecting our
mobile devices from fraudulent usage or activities. Mobile devices include
smartphones, tablets, computers, smart watches, etc. In our case, we
shall discuss the primary types of attack a basic security literate should
be aware of.

1) Viruses :
A virus is malware ( malicious software) that is designed to cause
damage to data and software. Today, it is very easy to get infected by
viruses digital wise, because many do not know the rules to follow when
they face certain situations.
2) Phishing emails :
A phishing email is an email sent to targets with the aim of
gathering sensitive information such as bank details, credit card numbers
and passwords.
3) Malicious links :
Clicking on links which contain malwares is a very common way
by which people get hacked. Links of unknown sources most
especially are those ones which should be avoided. Detailed
examples with their various explanations shall be given on site.
4) Visiting unsure sites :
When websites are created, they are being deployed or
launched using security certifications which can expire.
Some websites are being deployed without security certifications
simply because they were built specifically for cyber
attacks.

6
figu 1.1

7
 Figure 1.1 as seen above, shows a website which is not secured.
You can see on the top left the annotation “Not secure” with a warning
signal before it. The security certification might have expired or the
website was created for malicious purposes. This applies to all “http”
websites.

figu 1.2

And as you can see on figure 1.2 above, a sample image of a

secured website. No annotation nor warning signal is seen here showing
it is a trustworthy website and can be visited without fear. But at least
the padlock icon can be seen and this applies for all “https” websites.

2.2 How our Mobile Devices can be protected (Countermeasures) :

1) In the case of viruses, people should stop downloading apps

directly from the internet which are not verified. Rather, people
should download apps from verified and protected areas such as
the App store for iOS users and Play Store for Android users.
Also, all your devices should have antiviruses in them for
preventive measures.

8
2) We all are aware 90% of those around us rarely consult their
emails. It is an advantage for them since they unknowingly protect
themselves from phishing emails. But as a security literate, it is
important to know how to protect ourselves from phishing emails.
To be able to achieve this is quite easy, as one should simply
avoid responding to emails which ask us unusual information such
as card details, passwords and other personal information.

3) As a security literate you should know that it is not on every link

you should click on. For instance, links of unknown sources and
suspicious links from known sources should be avoided at all times.

4) Avoid visiting unsure sites, sites which appear like that shown on
figure 1.1. If you ever visit such a site accidentally, immediately
leave the site and close the window or tab, and open a new one if
on a p.c ( personal computer) as shown below.

figu 1.3

You will see in the above image the google open tab and to close
it, you simply click on the “x” sign which appears on the
designated tab to be closed. The tab will then disappear after that.
 MODULE o3 :

SECURE USAGE OF SOCIAL

MEDIA

Objectives :

At the end of this module, students should be able to ;

👍 Know what social media are

👍 List the different social media they know

👍 Follow some rules when using them

👍 Tell how to protect themselves from being hacked

👍 Monitor their accounts so as to identify if they have been hacked or

not

👍 Know what to do if you have been hacked

9
3.1 What is Social Media ?

Social media are websites and applications that enable users to

create and share

10
content across via the internet.

3.2 Different Social Media that exist

Some common examples of social media include ;

1) Whatsapp
2) Instagram
3) Facebook
4) Snapchat
5) Tiktok
6) Thread
7) X (old Twitter)
8) Telegram
9) Youtube
10) Skype
11) Badoo
12) Wechat

And many more which are commonly used for communication. But with
the rapid growth of the online population, entertainment and business are
now the main reasons people use these websites and applications since it
generates income. Hackers now take advantage of the fact that there are
many people they can attack, and a great part of this online population
is not a security aware one. In this class, we shall make you security
literate for you to be protected against so many of these hackers who
turn to take advantage of such vulnerabilities.

3.3 Some of the rules users need to follow when using Social Media

1) Do not share vulgar pictures nor videos via social media.

2) Do not use vulgar language to comment on people’s posts.
3) Do not click on links that people send to you taking as an excuse
that it’s to help them.
4) Avoid commenting on certain posts which might put you in
trouble some day.
5) Avoid accepting friendship requests from any person, many
come to you to scam you.
6) Do not consider any unusual request from a friend without being
sure it is actually to your friend you are talking to.

Many other rules apply in social media usage. Others will be

discussed during our class, but these are the main rules you should
follow and be aware of to be a security literate. Examples of situations
for each rule will be given and explained in class.
3.4 How to Protect yourself from being Hacked

1) Use strong passwords.

2) Enable two factor authentication.
3) Change passwords at least twice per year.
4) Do not share passwords or confidential info via the internet. Not
doing that at all would be preferable.

Again, more details will be given during our class for students to
understand and
with some illustrations to facilitate comprehension. But for the meantime,
the various ways to protect yourself listed above are the key ways to
avoid unwanted surprises in the nearest or furthest future.

3.5 How to Monitor your accounts

There are some ways through which you can identify whether
you have been
hacked or not. These ways include ;

1) Consulting log in history.

2) Checking messages to see if there are any messages you do not
recognize.
3) Consulting your friends list to see if there’s any odd person
present. As a good security literate, it is important for you to be
able to identify all your friends on social media. Not followers, but
friends.

3.6 What one should do if he or she finds out if he or she has been
hacked

If you notice any of the cases named earlier, do any or all of

the following ;

1) Change your passwords, both the social medium and your

email.
2) Report the problem to the social medium involved.
3) Call me and hold money.
4) If not, consider your account gone, or consider yourself as a non
efficient security literate.
But the way we train you, it is not to be non efficient security
literate. Instead,
after everything will be explained to you, you all will be more than
efficient to help yourself and others around you. Take the fact that being
security aware gives you advantages over people who are not. With time,

12
you will understand how privileged you are. Taking into consideration the
fact that such a skill can be monetized.

SEE YOU AT THE NEXT LEVEL

11