Cybersecurity Cheat Sheet

1. Personally Identifiable Information PII

• PII data that identifies or can be linked to a person name email location SSN

Benefits

• enables services maps shopping accounts
• personalization and better user experience

Concerns

• data breaches lead to identity theft and stalking
• companies collect and sell user data
• hard to control once online

2. Cyber Threats and Prevention

Virus

• self replicating program that spreads and infects files Prevention
• antivirus avoid unknown downloads

Malware

• any harmful software Prevention
• updates antivirus

Ransomware

• locks files and demands payment Prevention
• backups avoid suspicious files

Keylogging

• records keystrokes to steal passwords Prevention
• antivirus avoid sketchy apps

Phishing

• fake emails or sites to steal info Prevention
• verify links do not click unknown sources

Social Engineering

• tricking people into giving info Prevention
• do not trust urgency verify identity

Rogue Access Points

• fake wifi networks to intercept data Prevention
• avoid unknown or duplicate networks

3. Encryption Types

Symmetric

• same key for encrypt and decrypt Example Caesar cipher

Asymmetric

• public key encrypts private key decrypts Example RSA

4. Algorithm vs Key

Algorithm

• method used to encrypt

Key

• specific value used in that method

5. Ciphers and Encryption Methods

Caesar Cipher

• shift letters by fixed amount

Substitution Cipher

• letters replaced randomly

Vigenere Cipher

• uses keyword to shift letters

Public Key RSA

• asymmetric encryption

6. Cost of Free Apps

• you pay with your data tracking ads

7. Internet equals Postcard

• data travels through many routers
• can be intercepted if not encrypted

8. Alice Bob Eve RSA

• Alice has public and private key
• Bob encrypts with Alice public key
• Alice decrypts with private key
• Eve can see but not decrypt

9. Multifactor Authentication MFA

• requires two or more factors
• something you know
• something you have
• something you are

Pros

• stronger security

Cons

• slower privacy concerns

10. Diffie Hellman DH

Purpose

• create a shared secret key over a public network

Given

• shared numbers g and p
• private numbers a and b

Steps

• A equals g to the power a mod p sent by Alice
• B equals g to the power b mod p sent by Bob

Shared Secret

• Alice computes B to the power a mod p
• Bob computes A to the power b mod p

Both get the same number

Used for

• generating a key for symmetric encryption

11. RSA

Setup

• n equals p times q
• m equals p minus 1 times q minus 1
• choose e smallest valid
• find d such that e times d mod m equals 1

Encrypt

• c equals message to the power e mod n

Decrypt

• message equals c to the power d mod n

12. LSB Steganography

To hide better

• use fewer bits
• use detailed busy images

13. Identification Authentication Authorization

Identification

• claim identity

Authentication

• verify identity

Authorization

• determine access

14. Key Idea

• encryption protects data
• humans are weakest link phishing social engineering
• security uses multiple layers