Week 1 Exercise Answers

Task 1 (Summary): What measures have you taken to protect yourself from cyber crimes? Write a short description of the actions you have done to fortify your defenses towards all sorts of cyber crimes. Have you been a victim of cyber crimes and do you think you could have prevented them? For example phishing and malware attacks. What could you improve on?

I am using a premium Antivirus to protect my Windows operated PC against viruses, malwares and attacks from untrusted sources. I use an opensource password manager to store my passowords and generate strong password for each and every website or application. Also use 2FA when possible. I've installed adblocker and vpn on browsers and avoid opening untrusted links. And I try to keep all the softwares and applications up to date.

I have been a victim of serious cyber attacks twice in my life. Once I got all my files encrypted by a ransomware attack, and the second time my personal information and data was stolen by a malware. Both of these attacks happened because I have used Modded OS and Softwares from untrusted sources. I was able to decrypt my data without paying the Bitcoin ransom by using a free decryption tool by kaspersky. But I lost a lot my personal data and information in the second attack. I could have prevented these attacks by avoiding using modded OS and softwares, and using trusted sources only.

Task 2 (Summary): Pick two topics from the list to write a security policy on.

Topic 1: Password Policy

Issue Statement:

The employees are responsible for keeping our passwords safe. Passwords are the first line of defense against hackers, so we need some basic rules to make sure they’re strong and secure.

Statement of the Organization's Position:

We need everyone to use strong passwords, not something easy like "123456" or your name, phone number, DOB etc. Passwords should be unique for every system, and you should change them every couple of months. Don’t share your passwords with anyone, and keep them stored in a safe place (maybe a password manager).

Applicability:

This applies to all employees who use company systems, accounts, or anything with sensitive data.

Roles and Responsibilities:

  • Employees: Create strong passwords and change them regularly.
  • IT department: Make sure that all systems are well protected and assist if there’s a problem with the system or passwords.
  • Management: Make sure everyone knows the password policies and give training if needed.

Compliance:

If you don’t follow this policy, you may face consequences like account lockouts or warnings.

Points of Contact and Supplementary Information:

If you need help with passwords, reach out to the IT Support team.


BYOD (Bring Your Own Device) Policy

Issue Statement:

This policy is about using personal devices like phones, tablets, or laptops for work. We want to make ssure that if you bring your own device, it should be secure and doesn’t put company's data at risk.

Statement of the Organization's Position:

Employees are allowed to bring their own devices to work, but they must follow basic security rules. Devices must have a password or PIN, and if you're using your device for work, you must make sure that it is safe. No unauthorized apps or software from untrusted sources should be installed. If you lose your device, it must be reported immediately.

Applicability:

This policy applies to all employees who use their personal devices to access company systems or data, whether at work or remotely.

Roles and Responsibilities:

  • Employees: Make sure your device is secure and only use approved softwares for work-related tasks.
  • IT Department: Monitor devices and ensure security, help employees with any issues.
  • Management: Make sure that everyone understands the policy and is provided enough support for securing devices.

Compliance:

If you don’t follow the policy, there may be restrictions on using personal devices for work or other actions depending on the situation.

Points of Contact and Supplementary Information:

If you need any help with securing your personal device or questions about the policy, contact the IT department.

Task 3A (Summary): Threat Modelling using Threat Dragon

Please find the Threat Model and PDF attached below:

Download Threat Model Report (PDF) Download Threat Model (JSON)
Task 3B (Summary): Create a personal threat model to identify and assess potential threats to your assets
Personal Cyber Sec Threat Model
Download Threat Model Report (PDF) Download Threat Model (JSON)
Task 4A (Summary): Scan network using Nmap and answer the following questions.
1. Did you find devices you did not know were in your network?

No, I didn't find any unknown devices in my network. All the devices detected by nmap were known to me.

2. Were there open ports which should have been closed?

Answer: Yes, I found some open ports that should have been closed.

3. Did nmap find any vulnerabilities with the scripts?

Answer: No, Nmap did not find any vulnerabilities using its scripts.

4. Screenshot of the topology of your network. You can redact device information if you want.
Nmap Network Topology
Task 4B (Account Security): This part of task 4 is to check yourself with haveibeenpwned.
1. Has your account details leaked?

Answer: Yes, some of my old account details have been leaked according to "haveibeenpwned". As I mentioned earlier, I have been a victim of a data breach a few years ago.

2. Screenshot of haveibeenpwned search, you can redact information if you want.
haveibeenpwned Search Result

3. Did you change passwords and/or email + password combos, that were leaked, if not, do it.

Answer: Yes, I have changed the passwords for the accounts that I have found to be leaked. I have also enabled 2FA, email and phone verification while logging in from new ips and new login alerts.