Module 3 Summary: Cybersecurity Controls

Congratulations! You have completed this module. At this point in the course, you know:
 Network mapping is the process of understanding and visualizing a network’s physical and
logical connections. It serves as a valuable tool for IT and cybersecurity professionals to manage
networks effectively, but attackers also exploit this method to their advantage.
 Packet sniffing is a technique involving the use of software to capture and analyze data packets
as they traverse a network. IT professionals employ it for network troubleshooting, performance
monitoring, and activity oversight, whereas attackers use it to steal sensitive information.
 IP spoofing involves manipulating packet headers to alter the source address, effectively
concealing the true origin of the sender or pretending to be another host.
 A denial of service (DoS) attack is a malicious attempt to disrupt the normal functioning of a
targeted server, service, or network by overwhelming it with a flood of illegitimate traffic or
requests.
 Injection attacks are cyberattacks where an attacker injects malicious code into a query, web
application, or system, triggering remote commands that manipulate website data. It has two
variants - SQL injection and XSS.
 Security controls are essential for safeguarding the confidentiality, integrity, and availability of
critical information and other crucial assets from potential threats. Some of these include
administrative, physical, and technical controls.
 IT professionals actively implement a variety of methods and tools to maintain system security.
These include access controls, encryption, patching, regular backups, system-level firewalls, and
antivirus software.
 Network security protects networking infrastructure from unauthorized access, exploitation, or
theft. Its primary objectives include preventing unauthorized access, detecting and stopping
cyber threats, and facilitating secure access for legitimate users.
 Application security involves incorporating a series of secure practices and processes into every
phase of the software creation process.
 Organizations must incorporate vulnerability management into their cybersecurity strategy as it
identifies, assesses, and mitigates weak points. These programs spot security gaps and triage the
most critical issues by performing routine vulnerability scans.
 The National Institute of Standards and Technology, or NIST, is renowned for establishing
industry standards. The NIST plan outlines four key phases of the incident response (IR)
lifecycle. These are:
 Preparation and planning
 Detection and analysis
 Containment, eradication, and recovery
 Post-incident activities
Mark as completed
Like
Dislike
Report an issue
 Enable Two-Factor
Authentication
Introduction
Two-factor authentication is an identity confirmation method that necessitates users to
provide two forms of authentication, like a password and a one-time passcode (OTP), to
verify their identity and access an online account or other vulnerable resources.

You can use one of your personal devices or accounts to enable two-factor
authentication. This activity can be accomplished using a Windows machine, a Google
account, or a Mac.

Learning objectives
After completing this activity, you will be able to:

 Enable two-factor authentication for a Microsoft account

 Activate two-factor authentication for a Google account
 Set up two-factor authentication on a Mac

Instructions
Complete one or more of the following exercises based on your devices and accounts.

Enable two-factor authentication for a

Microsoft account
1. Visit https://account.microsoft.com/
2. Log in with your username and password.
3. From the top menu, select the Security tab.
4. In the Security tab, select Advanced Security Options.
5. Click Add a new way to sign in or verify.
6. You will see various methods to verify your identity. Select one of these options and
follow the prompts to enable two-factor authentication for your Microsoft devices.

Activate two-factor authentication for a

Google account
1. Visit myaccount.google.com
2. From the navigation panel on the left, select Security.
3. Under How do you sign into Google, select 2-Step Verification.
4. Select Get started.
5. Follow the prompts to enable two-factor authentication for your Google accounts.

Set up two-factor authentication on a Mac

1. On your Mac, select the Apple menu.

2. Select System Settings.
3. From the top of the sidebar, select your name. If your name is not visible, select Sign in
with your Apple ID. Then, enter your Apple ID and password.
4. Click Sign-In & Security.
5. Next to Two-Factor Authentication, select Turn on.
6. If prompted, enter your Apple ID and password again.
7. Provide answers to your security questions, and then click Continue.
8. Follow the prompts to enable two-factor authentication on your Apple devices.
 Enable Two-Factor
Authentication
Introduction
Two-factor authentication is an identity confirmation method that necessitates users to
provide two forms of authentication, like a password and a one-time passcode (OTP), to
verify their identity and access an online account or other vulnerable resources.

You can use one of your personal devices or accounts to enable two-factor
authentication. This activity can be accomplished using a Windows machine, a Google
account, or a Mac.

Learning objectives
After completing this activity, you will be able to:

 Enable two-factor authentication for a Microsoft account

 Activate two-factor authentication for a Google account
 Set up two-factor authentication on a Mac

Instructions
Complete one or more of the following exercises based on your devices and accounts.

Enable two-factor authentication for a

Microsoft account
1. Visit https://account.microsoft.com/
2. Log in with your username and password.
3. From the top menu, select the Security tab.
4. In the Security tab, select Advanced Security Options.
5. Click Add a new way to sign in or verify.
6. You will see various methods to verify your identity. Select one of these options and
follow the prompts to enable two-factor authentication for your Microsoft devices.

Activate two-factor authentication for a

Google account
1. Visit myaccount.google.com
2. From the navigation panel on the left, select Security.
3. Under How do you sign into Google, select 2-Step Verification.
4. Select Get started.
5. Follow the prompts to enable two-factor authentication for your Google accounts.

Set up two-factor authentication on a Mac

1. On your Mac, select the Apple menu.
2. Select System Settings.
3. From the top of the sidebar, select your name. If your name is not visible, select Sign in
with your Apple ID. Then, enter your Apple ID and password.
4. Click Sign-In & Security.
5. Next to Two-Factor Authentication, select Turn on.
6. If prompted, enter your Apple ID and password again.
7. Provide answers to your security questions, and then click Continue.
8. Follow the prompts to enable two-factor authentication on your Apple devices.

.
Question 1

As an IT consultant in a multinational organization, you manage user accounts on the company’s

network, from account creation to deletion. Which identity and access management (IAM)
component does this task fall under?

Authentication

Authorization

Audit
Administration
Status: [object Object]

1 point

2.
Question 2

You are a cybersecurity specialist implementing multifactor authentication (MFA) for your
employees. What solution will you deploy for users to verify login attempts by approving notifications
sent to their devices through an application?

Smart cards

Biometric authentication

Security tokens

Mobile push notifications

Status: [object Object]

1 point

3.
Question 3

File access controls allow administrators to delegate authority to users, enabling them to dictate
access permissions to various resources. Which file access control enables users to view file
contents?

Write permission

Execute permission

System permission
Read permission
Status: [object Object]

1 point

4.
Question 4

An IT company wants to improve its security system. How can it establish digital identities and
implement secure authentication using innovative access control methods?

Certificates

Tokens

Secure shell (SSH) keys

Geolocation and time-based restrictions

Status: [object Object]

1 point

5.
Question 5

What is the main advantage of Fast IDentity Online (FIDO) over traditional passwords?

FIDO synchronizes secrets across multiple devices.

FIDO stores the secret on the user’s device during authentication.

FIDO sends the secret across the Internet for authentication.

FIDO relies on password exchange for user authentication.

Status: [object Object]

1 point
Grading Criteria
**Task 1 questions:** [1] List three potential security concerns within the
existing security framework, mainly focusing on areas that could have
contributed to the compromise of credentials. ***– 3 points*** [2] Provide a
high-level solution (less than 25 words) for each of the three identified security
concerns. ***– 3 points***

Task 2 questions: [3] Select the authentication factor you consider the most
secure and practical for TechSolutions Inc. – 1 point [4] Explain how the two
authentication factors will work together to create an MFA plan for
TechSolutions Inc. – 2 points

Task 3 questions: [5] Identify security vulnerabilities in the physical

infrastructure or policies of TechSolutions Inc. (Select three). – 3 points [6]
Provide one recommendation for each of the three identified physical security
vulnerabilities. These recommendations must be practical, address the
concern effectively, and suggest a clear path for remediation or improvement.
– 3 points

1. List three potential security concerns within the existing security framework, particularly
focusing on areas that could have contributed to the compromise of credentials.
2. Question 3
|MULTIPLE SELECT
1 points
Select the authentication factor you consider the most secure and
practical for TechSolutions Inc.
A: PIN + Hardware security key
B: Password + Security questions
C: PIN + Pattern-based authentication
D: Facial recognition + Voice recognition
3. Question 4
 Provide a high-level solution (less than 25 words) for each of the three
identified security concerns.
4. Question 5
Provide one recommendation for each of the three identified physical
security vulnerabilities. These recommendations must be practical, address
the concern effectively, and suggest a clear path for remediation or
improvement.
5. Question 6
Explain how the two authentication factors will work together to create an
MFA plan for TechSolutions Inc.

1. WINDOWS OPERATING SYSTEM

In this module, you will learn about file systems and the directory structure of
the Windows operating system. You will also learn how Windows separates
32-bit and 64-bit applications. The module will also enable you to explore
Windows user mode and kernel mode components. Finally, you will have the
opportunity to manage Windows files and folders, explore Microsoft Windows
server features, and use Microsoft Windows command prompt tools for
administration through hands-on labs.

2. WINDOWS SECURITY
In this module, you will learn about Microsoft Windows security settings to protect your
system against various threats. You will also be able to create a firewall rule in Microsoft
Windows Defender through a hands-on lab. Next, you will recognize the importance of
patches and updates in protecting against cyberattacks. You will also explore Microsoft
Update and some critical practices to ensure a smooth and successful update
experience. The module will also explore Kerberos and its benefits in domain-based
authentication systems. Finally, you’ll learn to uncover system vulnerabilities and
weaknesses through security auditing techniques.

3. LINUX OPERATING SYSTEM

In this module, you will learn about Linux systems and shell commands to efficiently
perform various system administration tasks. You will have access to a Linux and Bash
commands cheat sheet, which will serve as a ready reckoner for commonly used
commands and their syntax in the Linux terminal. This module will also cover Linux file
systems, directory structures, and run levels. You will also have the opportunity to get
started with the Linux terminal, explore common Linux and Unix commands, and
navigate Linux user management tasks through hands-on labs.

4. MACOS AND VIRTUALIZATION

 In this module, you will learn about macOS, its features, preferences, and how to
upgrade it. You will also learn the differences between iOS and Android. The module will
cover fundamental concepts of virtualization and cloud computing. You will also have the
opportunity to explore macOS features, create a virtual machine simulation, and explore
containers, Docker, and IBM Cloud through hands-on labs.



































Windows Security
Module 2•3 hours to complete

Module details
















Linux Operating Systems
Module 3•4 hours to complete

Module details


















macOS and Virtualization
Module 4•3 hours to complete

Module details























Final Project
Module 5•1 hour to complete

Module details








