In this module, computer basics are explained, including hardware and operating systems. You will also learn where threats to cybersecurity can originate in the computing landscape, and cover a broad overview of how these threats can result in a security breach.
Learning Objectives
- Identify components of a computer system and describe how they interact with an operating system
- Define the term “threat landscape”
- Explain the role of an operating system and list different OS types
- Course introduction
- Video: Introduction to the program: Microsoft cybersecurity analyst
- Video: Introduction to the course: Introduction to computers and operating systems and security
- Reading: Skills measured: Exam SC-900
- Reading: Course syllabus
- Video: A day in the life
- Reading: Additional resources: Microsoft cybersecurity analyst
- Threat landscape
- Introduction to computing devices
- Operating systems
- Video: What is an operating system and what does it do?
- Reading: Types of operating systems
- Video: Popular operating systems
- Reading: Proprietary and open-source software
- Practice Quiz: Knowledge check: Operating systems
- Video: Module summary: Introduction to computers and operating systems
- Module quiz: Introduction to computers and operating systems
- Reading: Additional resources: Operating systems
Course introduction
Video: Introduction to the program: Microsoft cybersecurity analyst
- Cybersecurity is crucial for everyone: Cybercrime is prevalent and targets everyone, regardless of device or background.
- The demand for cybersecurity professionals is high: With technology advancing and cybercrime increasing, skilled analysts are needed across all sectors.
- This program equips you for a cybersecurity career: Learn foundational knowledge, build work samples, and earn industry-recognized certificates.
- Course content covers key areas: You’ll explore computer basics, business systems, cyber threats, risk mitigation, and security tools like Azure Active Directory.
- Capstone projects and mock exams test your skills: Gain practical experience and prepare for real-world scenarios and certifications.
- Start your cybersecurity journey today: Make a difference and help secure the online world.
Key takeaways:
- This program offers a comprehensive path to a rewarding career in cybersecurity.
- No prior experience is necessary; the program builds you up from the basics.
- You’ll gain valuable skills and certifications sought after by employers.
- Join the fight against cybercrime and make a positive impact.
Cybercrime is everywhere and
does not favor one person over the next. >> Think about how many devices you use
every day, perhaps a laptop, tablet and a phone. These three devices are three
potential gateways for cyberattacks. >> With technology continually advancing, cyberattack activities have
become easier to carry out. >> So how do cybercriminals get it right? They follow trend stories and
use this to lure you. It often requires you
to click on a link or enter your personal information through
which cybercriminals gain access. The good news is that there are
cybersecurity defense mechanisms that you can practice and implement. >> So learning about cybersecurity gives
you the tools to prevent cyberattacks. Cybersecurity isn’t only valuable for
personal safety, it’s also in demand at
an organizational level. >> Career opportunities in cybersecurity
include a range of roles, from cybersecurity analysts to cybersecurity
engineers and security engineers. >> With cybercrime on the rise,
the demand for these roles across all business
sectors is greater than ever. >> With the right knowledge and skills, you could be the next cybersecurity
analyst or security engineer. However, maybe you don’t have
that specific university degree, the right certifications,
and hands on experience. >> Or maybe the cost is just too high. Now you have the opportunity to join us on
a learning journey that prepares you for an exciting career in cybersecurity. >> This program consists of several
courses that will help you build the foundational knowledge you
need to succeed in this field. >> And completion will earn you
a Coursera Professional Certificate. >> This certificate serves as
proof of your job readiness and can be shared with your
professional network. >> Along the way, you’ll also create work
samples that can showcase your expertise to potential employers. >> In addition, finishing this program
will help prepare you for the Microsoft certified exam SP 900 Microsoft Security
Compliance and Identity Fundamentals. >> Earning a Microsoft certification
provides industry endorsed evidence of your skills and demonstrates your
willingness to stay on top of the latest trends and demands and
stand out in a fast changing industry. >> You’ll begin this program with
an overview of how computers work and how they are used by businesses. This covers basics such as hardware,
software and operating systems before expanding into
the specific infrastructure, storage and networking needs of enterprise systems. >> This should help you understand
the importance of keeping these systems secure, and you’ll follow up by exploring
the cyber threats landscape that businesses face and
what they can do to protect themselves. >> You’ll be introduced to
common types of cyberattacks, how they are carried out, and
the impact they can have. >> Fortunately,
there are ways to fight back, and you’ll become aware of approaches for
minimizing risk. >> This includes strategies for limiting
access, securing communication, and complying with security regulations. >> Maintaining security for
business systems is no small task, and that’s why you’ll learn about software
solutions that can help administrators automate a lot of the work. >> You’ll become familiar with
Azure Active Directory in particular, an identity and access management
service that can be configured to grant permissions based on roles and policies. >> Setting up a security
plan is one thing, but you’ll also need to make
sure it works as intended. >> That’s why you’ll dig
into testing strategies for checking the integrity
of your defense system. >> And you’ll also find out what to assess
for compliance with Microsoft’s privacy principles, as well as various
international standards. >> This program has been
uniquely mapped to key job skills required in
cybersecurity analyst roles. In each course, you’ll be able to consolidate what you
have learned by completing a Capstone project that simulates real
world cybersecurity scenarios. You’ll also complete a final
Capstone project that enables you to demonstrate your
cybersecurity analyst skills. To round off your learning, you’ll take
a mock exam that has been set up in a similar style to the industry recognized
Microsoft Exam SC 900 Microsoft Security, Compliance and Identity Fundamentals. >> Once you complete the program, it’s
time to start exploring potential careers. >> And don’t forget to share your Coursera
Professional certificate to get that extra advantage. >> Congratulations on your decision
to become a difference maker and help ensure a safer online
experience experience for others. >> Now, let’s get started.
Video: Introduction to the course: Introduction to computers and operating systems and security
- Cybersecurity vulnerability: Online convenience exposes personal data and business assets to cyberattacks.
- Importance of protection: Cybersecurity safeguards your digital information, devices, and systems from theft, disruption, and exploitation.
- Course focus: “Introduction to Computers and Operating Systems and Security” prepares you for a cybersecurity career by covering:
- Computer basics: Components, operating systems, and how they interact.
- Business context: Cybersecurity practices, threats, and business computing environments.
- Enterprise systems: Servers, storage, backups, and security frameworks.
- Business software: Solutions for communication, productivity, and data storage.
- Interactive learning: Apply knowledge through exercises, real-world examples, and self-assessment tools.
- Career preparation: Prepare for the Microsoft SC-900 exam and launch your cybersecurity path.
Key takeaways:
- Learn essential cybersecurity skills to protect personal data and businesses.
- Gain foundational knowledge for entry-level cybersecurity roles.
- Take practical steps toward a promising career in a growing field.
Have you ever experienced a cyberattack? Cyberattacks target individuals,
organizations and systems. Having an online profile has made life
more convenient by allowing you to perform transactions for purchases,
engage socially, or work remotely via the Internet. However, it has also put your
valuable data at greater risk. Cybercriminals target
your private data online, including your financial information. Think about what might happen if someone
steals your social security number, date of birth,
credit card information, and address. This can make it easy to apply for credit
cards in their name and run up debt. Being a victim of identity theft often
leaves you feeling helpless as you scramble to close or freeze accounts and
change your account passwords. There are necessary security protocols
that you can put in place to keep your personal information safe and
confidential. This is known as cybersecurity. Cybersecurity protects your digital
information, devices and assets, such as your bank accounts,
files, or even photos. System protection is equally important. It is a feature that creates restore
points that allow you to set your devices to a previously healthier state before
changes may have led to malfunctions or data loss. It is your backup plan. Within a business context, cybersecurity
and system protection is essential to protecting any business from
cyberattacks and vulnerabilities. Think about the importance of protecting
staff anonymity, product developments and innovations from competitors,
or even payroll data. The Introduction to Computers and
Operating Systems and Security course is designed for anybody that’s interested
in learning about cybersecurity and system protection within
a business context. It establishes a foundation for
anyone striving to become a cybersecurity analyst, a cybersecurity engineer,
or a security engineer. You’ll focus on identifying the various
components of a computer system and how the components interact
with an operating system. You’ll familiarize yourself with
the cybersecurity landscape and the various business
computing environments. You’ll then gain some context by
unpacking the threat landscape so that you recognize where and
how cybercrime takes place. Furthermore, you’ll be introduced to
computing devices and how hardware and software interact. You’ll learn about various operating
systems with their respective advantages and disadvantages. Your learning journey will continue to
explore enterprise systems and security. It involves the comprehensive security
framework required by larger companies or corporations. The focus is on servers, storage and
backups computing environments, and the process of maintenance and patching. Next, you’ll examine different
business software solutions. You’ll draw a correlation between
the appropriate business software as a solution to
a particular business need. You’ll learn how email
apps came to exist and how common functions can boost your
communication and productivity. You’ll also investigate storage solutions
such as large scale types of data storage, data lakes, and data warehouses. Finally, you’ll have a chance to
recap on what you’ve learned and zone in on areas you feel
you can improve upon. Throughout your learning, you’ll have
an opportunity to apply your knowledge through interactive exercises and
real-world examples. Assess your progress with knowledge
checks and a practice exam. All this prepares you for the Microsoft
Exam SC 900 at the end of this program, giving you a career stepping
stone in the right direction. Good luck as you start this
exciting learning journey.
Reading: Skills measured: Exam SC-900
Reading
Exam SC-900 Microsoft Security, Compliance, and Identity Fundamentals
Microsoft has certification paths for many technical job roles. Each of these certifications consists of passing a series of exams to earn certification. In this professional certificate, you’ll be provided with resources that will help you to prepare for the Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals.
Study guide
The study guide provided in this link will help you understand what to expect in this exam: Study guide for Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals. It includes a summary of the topics the exam covers, along with links to additional resources. The information and materials in this document should help you focus your studies as you prepare for the exam.
Exam skills measured
In this section, you’ll review a summary of the topics the exam might cover, and an updated list of skills measured. The exams are updated at least periodically, and the information covered in this reading refers to the English version updated on May 5, 2023.
Audience profile
This certification is targeted at those looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services. This is a broad audience that may include business stakeholders, new or existing IT professionals, or students who have an interest in Microsoft security, compliance, and identity solutions.
Exam categories
The exam categories include:
- Describe the concepts of security, compliance, and identity (10–15%)
- Describe the capabilities of Microsoft Azure Active Directory (Azure AD), part of Microsoft Entra (25–30%)
- Describe the capabilities of Microsoft Security solutions (25–30%)
- Describe the capabilities of Microsoft compliance solutions (25–30%)
The higher the percentage, the more questions that specific section of the exam will contain. For example, ‘Describe the capabilities of Microsoft Security solutions’ will account for 25-30% of the questions you might encounter on the exam.
Note: Most questions cover features that are general availability (GA). The exam may contain questions on preview features if those features are commonly used. Preview features are features that aren’t complete, but are made available on a “preview” basis so that customers can get early access and provide feedback.
Assessing the skills
The following is a list of skills measured. The bullets that follow each of these skills are intended to illustrate how that particular skill is assessed. Related topics may be covered in the exam.
Describe the concepts of security, compliance, and identity
Describe security and compliance concepts
- Describe the shared responsibility model
- Describe defense in depth
- Describe the Zero-Trust model
- Describe encryption and hashing
- Describe compliance concepts
Define identity concepts
- Define identity as the primary security perimeter
- Define authentication
- Define authorization
- Describe identity providers
- Describe Active Directory
- Describe the concept of federation
Describe the capabilities of Microsoft Azure Active Directory (Azure AD), part of Microsoft Entra
Describe the basic identity services and identity types of Azure AD
- Describe Azure AD
- Describe Azure AD identities
- Describe hybrid identity
- Describe the different external identity types
Describe the authentication capabilities of Azure AD
- Describe the authentication methods available in Azure AD
- Describe Multi-factor Authentication
- Describe self-service password reset
- Describe password protection and management capabilities available in Azure AD
Describe access management capabilities of Azure AD
- Describe conditional access
- Describe the benefits of Azure AD roles
- Describe the benefits of Azure AD role-based access control
Describe the identity protection and governance capabilities of Azure AD
- Describe identity governance in Azure AD
- Describe entitlement management and access reviews
- Describe the capabilities of Azure AD Privileged Identity Management (PIM)
- Describe Azure AD Identity Protection
Describe the capabilities of Microsoft Security solutions
Describe basic security capabilities in Azure
- Describe Azure DDoS protection
- Describe Azure Firewall
- Describe Web Application Firewall
- Describe Network Segmentation with Azure Virtual Networks
- Describe Azure Network Security groups
- Describe Azure Bastion and JIT Access
- Describe ways Azure encrypts data
Describe security management capabilities of Azure
- Describe Cloud security posture management (CSPM)
- Describe Microsoft Defender for Cloud
- Describe the enhanced security features of Microsoft Defender for Cloud
- Describe security baselines for Azure
Describe security capabilities of Microsoft Sentinel
- Define the concepts of SIEM and SOAR
- Describe how Microsoft Sentinel provides integrated threat management
Describe threat protection with Microsoft 365 Defender
- Describe Microsoft 365 Defender services
- Describe Microsoft Defender for Office 365
- Describe Microsoft Defender for Endpoint
- Describe Microsoft Defender for Cloud Apps
- Describe Microsoft Defender for Identity
- Describe the Microsoft 365 Defender portal
Describe the capabilities of Microsoft compliance solutions
Describe Microsoft’s Service Trust Portal and privacy principles
- Describe the offerings of the Service Trust portal
- Describe Microsoft’s privacy principles
Describe the compliance management capabilities of Microsoft Purview
- Describe the Microsoft Purview compliance portal
- Describe compliance manager
- Describe the use and benefits of compliance score
Describe information protection and data lifecycle management capabilities of Microsoft Purview
- Describe data classification capabilities
- Describe the benefits of content explorer and activity explorer
- Describe sensitivity labels and sensitivity label policies
- Describe Data Loss Prevention (DLP)
- Describe Records Management
- Describe Retention Policies and Retention Labels and retention label policies
Describe insider risk capabilities in Microsoft Purview
- Describe Insider Risk Management
- Describe communication compliance
- Describe information barriers
Describe resource governance capabilities in Azure
- Describe Azure Policy
- Describe Azure Blueprints
- Describe the Microsoft Purview unified data governance solution
Requirements
Candidates should be familiar with Microsoft Azure and Microsoft 365 and want to understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution.
Microsoft Security, Compliance, and Identity Fundamentals Certification
At this point, you may be wondering if you’ll have access to the information that you need to pass the Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals successfully. The answer is yes!
By the end of the Microsoft Cybersecurity Analyst professional certificate, you will have covered the following topics:
- Describe the concepts of security, compliance, and identity
- Describe the capabilities of Microsoft Azure Active Directory (Azure AD), part of Microsoft Entra
- Describe the capabilities of Microsoft Security solutions
- Describe the capabilities of Microsoft compliance solutions
Reading: Course syllabus
Reading
Introduction
This course forms part of a series of courses that offers a good starting point for a career in cybersecurity. Specifically, this course will help you gain knowledge and skills related to Computers and Operating Systems, Enterprise Systems and Security, and Business Systems Applications, and takes you one step closer to certification.
When you complete all of the courses in the Microsoft Cybersecurity Professional Certificate, you’ll earn a Coursera Certificate to share with your professional network. Taking this program not only helps you to become job ready but also prepares you for the Microsoft Certified Exam SC-900: Microsoft Security, Compliance, and Identity Fundamentals.
Earning a Microsoft Certification is globally recognized evidence of real-world skills. A Microsoft Certification showcases your commitment to keeping pace with rapidly changing technology and positions you for increased skills and efficiency in your professional roles.
To pursue this certification, you don’t need a background in IT-related fields. Your affinity for technology and interest in learning about business-level cybersecurity and system protection make this learning journey exactly what you need to achieve your career goals.
After completing this course, you will be able to:
- Identify the various components of a computer system.
- Explain how the various components of a computer system interact with an operating system.
- Describe the basics of the cybersecurity landscape.
- Describe the various business computing environments.
Microsoft Azure account
In this program, you will need an Azure account because it will allow you to apply what you are learning through hands-on exercises.
Take note: You don’t need access to an Azure account in this course.
It is important to only create your Azure account when you are required to do so because your free trial will expire after 30 days. You will be notified later in the program when you need to create an account. And you will also be provided with all the necessary information and steps to guide you through this process.
Schedule
Over the next four weeks, you will gain an understanding of the threat landscape, enterprise systems, security best practices, and how to mitigate risks associated with cybercrime.
Week 1: Introduction to computers and operating systems
In the first week, you’ll begin with an introduction and explore possible career roles that you could follow as a Microsoft Cybersecurity Analyst. You’ll also review some tips to prepare you to complete this learning journey successfully and discuss what you hope to learn.
You’ll then unpack the threat landscape that includes concepts pertaining to it and where and how cybercrime takes place.
Furthermore, you’ll be introduced to computing devices and various operating systems.
After completing your first week, you’ll be able to:
- Discuss computer basics that include hardware and operating systems.
- Explain where cybersecurity threats originate from within the computing landscape.
- Describe how cybersecurity threats can result in a security breach.
Week 2: Enterprise Systems and Security
In the second week, you’ll begin by exploring what servers, storage, and backups are, their purpose, and how to mitigate associated risks. Then, you’ll move on to discovering what computing environments are. You’ll also examine personal, commercial, and cloud computing and some security best practices.
Finally, you’ll end the week with how to perform maintenance and patching as a solution to potential vulnerability issues.
After completing Enterprise Systems and Security, you will be able to:
- Identify server, storage, and backups options.
- Discuss computing environments.
- Define the process of maintenance and patches.
Week 3: Business Systems Applications
In your third week, you will build on your knowledge by examining different business software solutions. You’ll draw a correlation between the appropriate business software as a solution to a particular business need.
Next, you’ll learn how email apps came to exist and how they generally work. You’ll discover common functions that are used to effectively communicate and enhance productivity.
Following on from email apps, you’ll expand upon storage solutions. Specifically, you’ll focus on large-scale types of data storage, data lakes, and data warehouses.
After completing this week, you will be able to:
- Explain software in a business context.
- Describe how business software facilitates the performance of various tasks.
- Recognize how business software enhances productivity.
Week 4: Computers, Operating systems, and Security
In the final week, you will gain a real-life example of the role you could play in the digital transformation of a business enterprise as you embark on a cybersecurity career. You’ll have an opportunity to recap what you learned and identify your strengths as well as target topics that you would like to revisit.
You’ll complete a graded assessment that consists of a scenario-based approach. You’ll be required to complete 30 questions that will test your knowledge of all the topics covered in Introduction to computers and operating systems and security. This prepares you for what’s to follow before attempting the Exam SC-900 at the end of the program.
You’ll also reflect on your learning journey and explore the next steps to acquire new skills that will boost your career.
Thank you for taking the time to review this course syllabus. Good luck, and let’s get started!
Video: A day in the life
This course helps launch cybersecurity careers for beginners like Alex and Alyssa, and upskills experienced pros like Josh.
The course:
- Covers computer basics, operating systems, and security.
- Prepares you for the Microsoft SC-900 exam.
- Helps you identify cybersecurity career paths.
Meet the candidates:
- Alex: A customer service rep transitioning to cybersecurity analyst.
- Alyssa: A clerk upskilled to in-house security engineer.
- Josh: A software developer aiming to become a cybersecurity engineer.
Their paths:
- Alex: Enrolled in the program to become a junior cybersecurity analyst.
- Alyssa: Gained knowledge and network, transitioned to security engineer.
- Josh: Added cybersecurity expertise to his software development background.
This course is for you if:
- You’re new to cybersecurity and want to start a career.
- You’re an IT professional seeking upskilling and certification.
- You’re looking for a career change with good job prospects.
Take the first step towards a rewarding career in cybersecurity!
Key takeaways:
- Cybersecurity skills are in high demand and offer promising career paths.
- This course provides a foundational understanding and certification preparation.
- Different individuals can adapt the course to their career goals.
Remember, it’s never too late to start your cybersecurity journey!
This course can help you jumpstart your
career, whether you’re new to the field or just wanting to refresh your
knowledge as a seasoned professional. As technology evolves and becomes
more robust with security protocols, hackers also become savvier in their
cyberattack methods by taking advantage of technological advancements. Businesses are required to increase
their security measures to secure and safeguard their information,
device and assets. Because of this sought after professionals
such as cybersecurity analysts, cybersecurity engineers. And security engineers are in
demand to actively anticipate, detect and mitigate cyberattacks or
system vulnerabilities. Are you intrigued by this career field and
wondering how to get started? Let’s meet a few candidates and
explore their career paths and how they got started. Alex is currently a successful customer
service representative at a call center. She is a high school graduate and is well
versed in Microsoft 365 applications. She’s also upskilling herself
with Macros and Visual Basic for applications to automate some
processes in Microsoft Excel. Alex’s natural career progression is to
move to a managerial role where she can receive promotional benefits and
a salary increase. However, Alex has her sight set on
moving to an IT role within the digital technological industry. She has identified
cybersecurity as interesting, and her research has confirmed that
specialists in this field are in demand. She favors the career of
a cybersecurity analyst. It’ll allow her to help protect
a company’s network and assets, including hardware and
software from cyberattacks. She’ll be responsible for staying abreast
of cyber trends within the threat landscape and
identifying suspicious behavior that may threaten the company’s
confidentiality or damage the devices. Her plan is to focus on gaining
qualifications in this area, which will allow her to begin applying for
entry level cybersecurity jobs. Alex is a beginner, but
has already mapped out her career and certification path with
a view to getting ahead. Alex has enrolled in the Microsoft Cybersecurity Analyst
Professional Certificate, which began with the introduction to computers and
operating systems and security. She enjoys self paced learning because
she works shifts in her current job. Once she has completed the SC-900 exam,
she will begin applying for jobs as a Junior cyber analyst. Alyssa has worked as a clerk in the motor
vehicle sector for four years, and security of information is part
of her work related tasks. She became interested in IT related
issues when an online website that she subscribed to suffered a data breach. As a result, she has become conscious of
how her personal information is gathered, stored and used online. Alyssa wants to know more about
cybersecurity in hopes of understanding and assessing how security is handled by
online companies that she deals with. She would also like to be able
to protect her own devices. Prior to enrolling in the Microsoft Cybersecurity Analyst
Professional Certificate program, Alyssa completed several inhouse workshops
on data protection and data security. Upon completing the SC-900 exam, she has
a deeper understanding of the threat landscape and how to mitigate
risks against cyberattacks. Through this program,
she has extended her professional network with the relationships she has developed
with her classmates during these courses,. Alyssa has also been promoted to her
company’s inhouse Security Engineer, where she maintains all the computers and networks against
suspicious cyber activity. In her private capacity, she is
continuously broadening her skill set to not only identify suspicious cyber
behavior, but to create protocols and software that defend
the business against cybercrime. As the business expands,
Alyssa hopes to be promoted in the future to Security Engineer manager and expand
her team through the recruiting process. You may find yourself in
a similar situation to Alyssa, deciding to change
careers can be daunting. Alyssa found the change rewarding,
so taking the step can lead to you being instrumental in identifying
a need in your current workplace. And pioneering a new role that is
mutually beneficial and fulfilling for you and the company. Josh would like to advance his career. He graduated with a master’s
in computer science. Josh has more than four years
working as a software developer. He wants to add new credentials
to his portfolio and expand his expertise beyond
software into cybersecurity. Josh aspires to become a qualified
cybersecurity engineer, based on his research of the role,
he feels that his attention to detail and inclination to problem solve
would stand him in good stead. A cybersecurity engineer develops and
implements security systems. They monitor and evaluate
an organization’s security measures to protect their data from cyberattacks or
unauthorized access. Some of the day-to-day tasks include
performing security assessments and audits, crafting solutions
to security vulnerabilities, and investigating cybercriminals and
threat models. If this describes your ideal workday,
then this is the program for you. Josh completed the series of courses
in the Microsoft Cybersecurity Analyst Professional Certificate program
as well as the SC-900 exam. He is actively pursuing his
cybersecurity career by earmarking his next Microsoft Security certification
program in his learning journey. Congratulations on taking this
first step toward a career in the cybersecurity field. By the end of this program, you’ll emerge
with a stronger foundational knowledge, and you’ll be able to make more informed
decisions about where to proceed next. Some additional links to the various
Microsoft certifications are provided at the end so
that you can explore them in more detail. Good luck.
Reading: Additional resources: Microsoft cybersecurity analyst
Reading
This is the first of several Additional Resource readings to come. Additional readings conclude every topic covered and reflect some extra insights that are deemed relevant. Use this as an opportunity to expand your general knowledge or delve deeper. Additional Resources readings will generally align to the content covered. However, this reading relates to what lies ahead and the links below will provide you a high-level overview of the content that you’ll be engaging with as you progress.
Cyberthreats
The threat landscape: Get a broad overview and gain context on the current status of the cybercrime environment. Discover the trends that cybercriminals follow and latest cyberattack models that are used. This helps you understand the threat landscape so that you can mitigate risk by implementing appropriate security measures.
Computer components
Microsoft hardware component guidelines: Become familiar with the physical components that make up a computer. The more you know about your devices, the better your management practices. Read more to gain some interesting insights that will prepare you well.
Business software
Microsoft Office applications: Get a breakdown of the applications that comprise Microsoft Office 365. You’ll find a general description of each program and its intended purpose, along with links to more resources for more detailed information.
Data storage
All about SSD, HDD, and storage types: An introduction to different types of long-term data storage. Learning about the different types of storage allows you assess the requirements needed for specific applications to run. Similarly, there are also limitations to various storage types.
Microsoft exam
Microsoft Exam SC-900: Explore a detailed study guide that can help you prepare for this exam after you have completed this program. Passing the exam successfully gives you a certification in fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services.
By checking out these resources, you can get a preview of what to expect as you make your way through this course and show up better prepared.
Threat landscape
Video: Threat landscape overview
- The concept of the threat landscape and its three major areas: potential vulnerabilities of an application, attackers targeting these vulnerabilities, and the attacks used.
- Traditional threats to businesses, such as physical intruders and theft, as well as the emergence of online threats and attacks.
- The role of firewalls in protecting a company’s digital infrastructure by filtering and blocking potentially harmful elements.
- Common types of cyber attacks, including malware, ransomware, denial of service, and spam-related activities.
- The impact of remote work and the proliferation of remote access tools on the threat landscape, increasing the need for stronger defenses.
- The evolving nature of cyber attacks, with attackers constantly looking for new vulnerabilities to exploit and the need for developing new security strategies.
By understanding the threat landscape, you will be better equipped to implement effective safeguards and protect against cyber threats.
Welcome to Cyber Defenses: Navigating the Threat Landscape
Imagine you’re building a fortress, brick by sturdy brick. But what if you don’t know who or what might attack it? In the digital world, this lack of knowledge is a recipe for disaster. That’s where understanding the threat landscape comes in.
This tutorial will be your map and compass, guiding you through the ever-shifting terrain of cyber threats.
What is the Threat Landscape?
Think of it as a living, breathing ecosystem teeming with vulnerabilities, attackers, and attacks. Vulnerabilities are weak spots in systems, like security holes in your fortress walls. Attackers are the bad actors who exploit these vulnerabilities, like siege engines aimed at your gates. And attacks are their tactics, like catapults launching malware or battering rams of brute force.
Exploring the Landscape:
- Traditional Threats: We still face physical break-ins (digital intruders accessing internal systems directly).
- The Online Shift: With business going online, new threats emerged: malware, ransomware, denial-of-service attacks, and spam. These often involve clicking malicious links or downloads.
- The Firewall Frontier: Early defenses relied on firewalls, like guards at the gate, blocking harmful content.
- Remote Work Revolution: With remote work, the digital perimeter expanded, making firewalls less effective. Attackers now have more entry points through remote access tools and personal devices.
- Evolving Tactics: Cybercriminals adapt too. They exploit not just vulnerabilities but also personal data (like social engineering) to gain access through legitimate channels.
Why This Matters:
Understanding the threat landscape helps you:
- Prioritize defenses: Focus on vulnerabilities likely to be exploited with the most damaging attacks.
- Choose the right tools: Firewalls alone might not suffice. You need layered security that adapts to new threats.
- Stay vigilant: The landscape constantly changes, so continuous learning and adapting are crucial.
Remember:
- This is just the beginning. We’ll delve deeper into specific threats, attacker types, and security strategies.
- Knowledge is power. The more you understand the landscape, the better you can defend your digital fortress.
Ready to dive deeper and build your cyber defenses? Stay tuned for the next chapters!
Pro Tip: Check out the SANS Institute, MIT OpenCourseware, and OWASP for free cybersecurity resources and training.
Together, let’s navigate the evolving threat landscape and keep our digital worlds safe!
Which of the following are types of cyberattacks that an organization’s internal network may be vulnerable to without a firewall for protection? Select all that apply:
Denial of service
That’s correct! A denial of service attack bombards a network and inhibits its ability to respond to legitimate requests.
Ransomware
That’s correct! Ransomware prevents the organization from accessing its own applications.
Malware
That’s correct! Malware is malicious software that is installed on a system or network.
Imagine that you
have decided to take steps to improve the
security of your home. What options do you
have available? You could reinforce the
locks or install a gate. Perhaps you could set up a camera system to
monitor your property. Which is the best choice? Well, before deciding
on a solution, you first need to consider the threats that you are
most likely to face. Similarly, cybersecurity
threats exist in many forms. The first step toward
implementing effective safeguards is to better understand the types of threats
that are out there. In this video, you will become familiar with the
threat landscape, what it is, and how it can
potentially affect you. You’ll be introduced to several concepts that will be explored in greater
depth later on. On completion of this video, you should have a high
level understanding of the threat landscape, and how it has
changed over time. You’ll also be able to describe the manner and environment in which cyber attacks take place. To illustrate the importance
of these concepts, let’s examine them
from the perspective of the local ice cream
shop, Sam’s Scoops. With a recent surge
in popularity, the shop is struggling to keep up with phone and email orders. Sam has been advised to use business software to
manage these tasks, but she knows little about
the options available. She’s also weary of
taking any operations online because of
security issues associated with the
threat landscape. Let’s first breakdown what is
meant by threat landscape. This is an all encompassing term that refers to
three major areas, which are all potential vulnerabilities
of an application, the attackers that may
be targeting this area, and the attacks that are used. Traditionally, threats to a
business include intruders accessing a physical location and removing items of value. But as you may know, a large volume of business
these days takes place online. With this trend, new threats and attacks begin to manifest. The resources being guarded
become less distinct as companies have to care for
physical damage or theft, as well as guarding
information and access to a company’s
digital infrastructure. During this
transition, there was a clear distinction
between intranet, which is the internal
communications of a company, and Internet, or the
worldwide connected web. Companies and individuals
would typically set up a firewall to guard important
internal resources. A firewall can be
defined as a block or filter that prevents
some external items from entering your system. This firewall was
placed at the gate of a company’s digital
infrastructure and much like a security guard, prevents any potentially
harmful elements from entering. Threats of note would
include malware, which is software intended
to cause harm or discord. Ransomware, which prevents
an organization from accessing its own application’s,
denial of service, which bombards a system with requests so that it
cannot respond to legitimate digital requests
and spam related activities. These attacks are
typically clicked or triggered and access a
company’s internal system. To prevent this, a firewall limits the content that
is allowed to enter. However, the threat landscape
has further evolved as an increasing number of
individuals work from home. These added to the complexity of defending the system
due to the need to increase the level of external access that is
required for remote work. The proliferation of
remote access tool, which allow workers to access an organization’s network
content from outside, and the practice of
bring your own devices has drastically expanded
the threat landscape, reducing the efficacy
of firewalls and giving potential attackers far more
scope for infiltration. Much like the security
guard mentioned earlier, firewall’s typically relied on there being a limited
number of entry points. Defensive strategies
have evolved to identify past attack patterns, and develop solutions
based on them. However, cyber criminals
have evolved with these approaches to continue
gaining illicit access. Some modern
approaches don’t even require a direct
vulnerability to exploit, but instead, attempt to harvest personal data on an individual. This stolen data is then used to spoof or imitate their identity, and then gain access through
legitimate channels. You’ve observed
that the nature of accessing network
changes regularly, which means that
potential attackers look for new vulnerabilities
to exploit, and new security strategies must be developed as a result. As you progress
through this course, you will learn about these
approaches and many more, including both offensive
and defensive techniques. In this video, you’ve learned about the
threat landscape, and how it has
evolved over time. This includes being aware of how defensive and
offensive actors are constantly competing with one another to construct
and deconstruct security initiatives designed to secure digital applications.
Reading: Threat stats
Reading
Video: Linked threats
Summary of “The Importance of Strong Passwords”:
Key Takeaways:
- Weak passwords: Reusing or choosing password combinations based on easily guessable personal information puts you at risk.
- Consequences: Account takeover, data compromise, and identity theft are potential outcomes.
- Sam’s example: Using weak passwords and predictable patterns for social media accounts led to a breach and access to other accounts, including a protected work email.
- Linked threats: A single compromised account can open doors to other connected accounts and networks.
- Strong password policy: Enforcing a policy with complexity requirements across all accounts is crucial to mitigate risks.
Overall:
This video emphasizes the importance of strong passwords and the dangers of reusing or employing weak password practices. It illustrates how a single breach can escalate and highlights the need for robust password policies for individuals and organizations to protect against linked threats.
The Importance of Strong Passwords: Protecting Your Digital Castle
In today’s digital world, our online accounts are like precious castles filled with personal information and valuable data. Just like a medieval fortress needs strong walls and vigilant guards, our online accounts need robust passwords to act as the first line of defense against intruders.
Why are strong passwords so important?
Imagine using a password like “123456” or “password123” to secure your online castle. These flimsy passwords are like rickety wooden gates that any determined attacker could easily break through. Weak passwords are easily guessed or cracked, putting your accounts at risk of:
- Account takeover: Hackers can gain access to your emails, social media, bank accounts, and more, causing chaos and potentially stealing your identity.
- Data compromise: Sensitive information like your personal details, financial records, and even private messages can be exposed.
- Identity theft: Hackers can use your stolen data to impersonate you, commit fraud, and damage your reputation.
The dangers of weak passwords:
Weak passwords are like open invitations for hackers. They often use automated tools that try millions of common passwords and combinations to break into accounts. Additionally, social engineering attacks can trick you into revealing your password or personal information that can be used to guess your passwords.
Sam’s story: A cautionary tale
Let’s meet Sam, an ice cream shop owner who decided to build a social media presence for her business. To save time, she used the same password for all her accounts, just adding a number at the end of each one. While this seemed convenient, it also made her accounts vulnerable.
An attacker easily guessed Sam’s password based on clues from her social media posts. This gave them access to all her accounts, including one linked to her business email. Thankfully, Sam had a strong password policy for her work email, preventing the attacker from gaining access. However, the attacker used her compromised social media account to impersonate Sam and contact her colleagues, potentially putting her business at risk.
Building your digital fortress:
To protect your online accounts, follow these tips to create strong passwords:
- Use a unique password for each account. Don’t reuse the same password for multiple accounts, as a breach in one could compromise them all.
- Make it long and complex. Aim for at least 12 characters and include a mix of uppercase and lowercase letters, numbers, and special symbols.
- Forget the personal touch. Avoid using easily guessable information like your birthday, pet’s name, or family member’s names.
- Use a password manager. These tools generate and store strong passwords for all your accounts, making them easy to remember and manage.
Remember, your passwords are the keys to your digital castle. Choose them wisely and keep them safe!
Bonus tips:
- Enable two-factor authentication (2FA) whenever possible. This adds an extra layer of security by requiring a second verification step, like a code sent to your phone, to log in.
- Be cautious about phishing attacks. Don’t click on suspicious links or download attachments from unknown senders, as these could be attempts to steal your password.
- Regularly update your passwords, especially if you suspect they may have been compromised.
By following these tips and building strong password habits, you can significantly reduce the risk of cyberattacks and keep your online accounts safe and secure.
Let’s all be responsible digital citizens and build a more secure online world, one strong password at a time!
I hope this tutorial helped you understand the importance of strong passwords and provided you with valuable tips to create and manage them effectively. Remember, protecting your online accounts is not just about personal security, it’s about protecting your privacy, identity, and even your livelihood. So, invest in strong passwords and build a strong digital fortress!
How was the attacker able to access several of Sam’s social media accounts?
After figuring out one, a pattern was found that uncovered the rest.
Correct! Sam’s use of incremental numbering is a common pattern that was easily guessed.
If you have any online accounts such
as those for email or social media, then you’re no doubt familiar with
the practice of setting a password for each one that is used to log in. To save yourself some trouble,
perhaps you’ve developed the habit of using the same email address and password
across several different accounts. While this creates convenience, it could
also increase the risk of unauthorized access if you’re not careful
with your choice of password. In this video,
you will learn why strong passwords are so important with any online account. You’ll also discover the potential
consequences of weak passwords and how a breach of one account can present
a linked threat to other accounts. To help illustrate this threat,
let’s check in on Sam. Sam has been building
a social media presence for Sam’s Scoops by creating accounts with
different social media providers. Along with a personal email account,
Sam also has a work email that she uses to take ice cream orders and
field questions from customers. With so many different accounts to
keep track of, Sam has opted for easy to remember passwords so
they are not forgotten. Like many people, Sam’s logic for coming up with a password involves tying
it to personal data, like a birthday or something that is meaningful to her,
like a pet’s name. Sam does not want to lose access to these
accounts or go through the password reset process, so keeping it simple
seems to be the best option for her. Sam has chosen an email address and
password combination for each social media account. She knows that it’s a good idea to have
different passwords on each account, so to keep it simple, she adds a number at the end of each
one to make them a little different. Sam is happy with this approach
of using different passwords, and she feels confident that her
accounts are all well protected. However, there are a couple of problems. For one, each password contains
the name of her favorite place. This information isn’t known
only to Sam as she talks about it often on social media and
with her friends. Many of these details are accessible
to anyone else on the platform. Additionally, the practice of using
incremental numbers in passwords is more common than Sam realizes. Making it an easy pattern for
attackers to pick up on. This weak password has allowed an attacker
to easily guess the password to gain access to one of the accounts. This password has also allowed them
easy access to the other newly created accounts. The attacker has also tried to gain access
to one of the email accounts that is used by Sam to sign in and
respond to clients, but this has failed. This is because, in contrast to her
approach with the social media accounts, Sam has followed a strong password policy
for her Sam’s Scoops email account. This policy requires a combination of
uppercase and lowercase letters, numbers, special characters, and a length of
at least twelve characters long. However, this is not the end of the attack
as now the hacker has access to one of the social media accounts. They can use this to send a message to one
of Sam’s colleagues explaining that they need a password reset link. So Sam’s Scoops is now also exposed, even
though they have a good password policy. Any attack that results in someone
gaining unauthorized access to devices, services, or
networks is considered a security breach. Imagine a security breach as similar to
a break in where an intruder successfully breaks into a building. In Sam’s case,
the intruder was an attacker and the building was an online account. In this example, you’ve witnessed how Sam
was exposed on several different fronts. First, one of her passwords was discovered
due to it being weak along with Sam, leaving hints in her social media posts. Then, her usage of a predictable pattern
led to her other passwords being compromised. Finally, a door is open for the attacker
to use Sam’s social media account to impersonate her and potentially access
accounts associated with Sam’s Scoops. In this video,
you learned that using weak passwords or reusing passwords on multiple
accounts is a frequent practice. That puts Internet users at risk of
account takeover, data compromise, and identity theft. This is already a big deal when it affects
an individual, but the damage can be exponentially worse when a single breach
impacts an entire network or organization. Having a strong password policy across all
of your online accounts is critical to stop these linked threats.
Reading: Exercise: Explaining the threat landscape
Reading
Introduction
So far, you have received a general overview of the threat landscape, and you should be aware that it is comprised of three components:
- The areas that are vulnerable to attack.
- The people that are liable to make an attack.
- The types of attacks used.
By completing this exercise, you will further your understanding of the real-world implications of the threat landscape by assessing specific potential dangers to a company and conveying the possible impacts they may have on the organization.
How to complete this exercise
In this exercise, you will create a report for Sam’s Scoops discussing the threat landscape.
As you create this document, bear in mind that your audience has a limited knowledge of online dangers, so keep it simple and explain all unfamiliar terms. You can also support your explanations with images and diagrams as needed.
The topics you will cover include:
- Identify three online threats and explain how each threat is caused.
- Highlight the potential dangers associated with each threat that you have identified.
- Prescribe some preventative methods that you can employ for Sam’s Scoops.
To complete this exercise, you will need access to Microsoft Word. If you do not have the Microsoft Word application, you can use Free Office for the web. This version of Office allows you to view and edit files in apps like Word, Excel, and PowerPoint. This free service is available to anyone with a Microsoft account. Note that this exercise is for applying your knowledge, and the completed document will not be submitted.
Case study
The staff at Sam’s Scoops are excellent ice cream makers and make a product that is much loved in their seaside community; however, they know little about good online practices. Your task is to gather information on the do’s and don’ts of online actions and then share your findings with the team. To be more specific, you’ll identify three vulnerabilities, and for each one, you’ll describe the risk it brings, the type of attack that a cybercriminal might use to exploit it, and a mitigation technique that can be used to reduce risk and improve safety.
Instructions
Step 1: Identify plausible online threats
Identify three potential threats that present a risk to a budding ice cream business looking to establish an online presence. Consider the types of online activities that small businesses tend to engage in. You can review the previous lesson content for ideas but expect to conduct some external research as well.
Hint: Consider these resources on malware, phishing, and network security issues as starting points for gathering information.
Step 2: Identify the risks posed by each threat
Once you have figured out the threats, explain how each one can put the company at risk of an attack.
Step 3: Identify attacks used to exploit each threat, and their effects
By which means might an attacker exploit each vulnerability, and how would the company be affected if an attack is carried out?
Step 4: Identify preventative measures relative to each threat that one can take to better protect the business
Make Sam’s team aware of what steps they can take to reduce vulnerabilities and better safeguard themselves against risks.
Step 5: Present your findings
Write a summary of what you have found and consult the example below to understand how to format your report. Remember that you are presenting to an audience with limited knowledge of online dangers, so keep it simple and explain all unfamiliar terms. You can also support your explanations with images and diagrams as needed.
Threat #1:
[Vulnerability]: Account password shared with an acquaintance
Making a password known to even one person significantly raises the risk of that password ending up in the hands of someone with malicious intent.
[Risk]: Unintended access
The password may be used to gain access to an account by someone who isn’t meant to have it.
[Attack]: Theft of sensitive data
Once unauthorized access has been gained, an individual may acquire sensitive information such as personal and financial details.
[Mitigation]: Change the password, don’t share!
If a password has been shared, the account password should be changed immediately to render the shared one useless. And make sure no one knows the new password!
Conclusion
In this exercise, you identified three online threats, explained how each one is caused, highlighted the potential dangers associated with them, and prescribed some preventative methods that one could employ for Sam’s Scoops. In the process, you have developed a better understanding of the threat landscape for yourself.
Reading: Exemplar: Explaining the threat landscape
Reading
Overview
In the previous exercise, you were tasked with writing a report that identifies three potential vulnerabilities that Sam’s Scoops should be aware of so that Sam can better prepare a plan for taking the business online. In addition, you were asked to include the risk that each one might lead to, the type of attack that might be used and the possible damage caused, and methods for deterring these adverse outcomes from happening.
Below, you’ll find an example of some of the information that could be expressed in such a report. Keep in mind that these may differ from what you came up with.
Explaining the threat landscape
Threat number One: Poor password protection
Vulnerability: poor password
Passwords are the first step in protecting a business, as they offer a legitimate way for an authorized user to gain access to a system. Using an oversimplified password poses a severe risk to an organization.
Risk: Brute force attack
A brute force attack involves running through a list of common passwords in an effort to see whether a password can be guessed to gain access to a system.
Attack: Ransomware
Once an external party has gained access to a system, it is possible for them to make internal changes that could have very harmful side effects for a business. One potential danger might be locking the account owner from the system until such a ransom is paid.
Mitigation: Choose strong passwords, and never use the same passwords for different applications.
Threat Number Two: Malware
Vulnerability: Poor cyber hygiene
Cyber hygiene is the practice of maintaining the health and security of a system and includes such habits as regularly updating software and scanning for malware and other unwanted elements. Poor cyber hygiene opens the door for malware, which is one of the oldest forms of carrying out a cyberattack. It involves getting a legitimate user within a system to trigger some code from within the system that is designed to alter the system in some unintended way. Malware often requires a user within a system to click on a link. This is often achieved by sending an email with a link or an attachment and directions to click on it to claim a reward.
Risk: Trojans
A trojan is an umbrella term for several attacks that can be executed by unsuspectingly clicking on a link containing malware.
Attack: Malware
Malware can be designed to perform any number of ill effects on a system once executed. It is a blanket term that can encompass theft of information, disruption of services, or application of ransomware. Injecting it into a system by unsuspectingly clicking on a link can be very harmful.
Mitigation:
Generally, practicing good cyber hygiene can mitigate against malware. Be careful when clicking on external links, and always check email addresses to ensure that they originate from a trusted source. Watch the language used in emails, which is often an indicator of a dubious source and can be identified through poor grammar and spelling. The image below provides an example of a potentially malicious email:
![](https://i0.wp.com/stackfolio.xyz/wp-content/uploads/2024/01/malicious-email-1024x573.png?resize=1024%2C573&ssl=1)
Threat Number Three: Virus
Vulnerability: Outdated Software
When software is first released it is prone to bugs or flaws in it that were not identified previously. Once these bugs are discovered, a patch to close or fix them will typically be released in the form of an update. This is why it is so important to always keep your software updated.
Risk: Virus
Outdated software builds up an increasing risk of viruses as more and more bugs are found with the application.
Attack: Exploiting software bug
Outdated software can leave an opening in your firewall that a malicious actor can exploit. Depending on the flaw any number of attacks may be released.
Mitigation:
Enable automatic updates on your software if available or check for updates and install them on a regular basis.
Conclusion
In this reading, you have observed an example of how you might create a report to express potential threats toward a business that is going online. The example includes three potential security flaws and the risks they pose and explains how attacks might be implemented. It also provides possible mitigating steps for each one.
Practice Quiz: Knowledge check: Elements of the threat landscape
Which sentence best describes what the threat landscape is?
The threat landscape relates to all potential vulnerabilities of an application, the attackers that may be targeting this area, and the attacks that are used.
Correct. It is an encompassing term that relates to the attack, area under attack and the attackers.
True or False: Ransomware can involve locking someone out of their system.
True
Correct. Ransomware prevents an owner from accessing their application, and it does not require stealing any items or data.
Which of the following are cybercrime exploits? Select all that apply.
Trojan.
Correct! This involves sneaking some malicious code past a firewall.
Denial of Service
Correct! This is a type of malware that bombards your application with requests to disrupt service.
Which of the following password traits would increase the risk of an attacker gaining access to multiple accounts from the same user? Select all that apply.
Using the same email address and password across all accounts.
Correct! If an attacker obtains the email address and password combination from one account, it is likely that they will apply it elsewhere.
Following a pattern for all passwords, like the name of a favorite vacation destination.
Correct! People frequently use patterns or personal information in their patterns, a trend that attackers are aware of and will exploit.
With the increased number of people working from home, which practices create more points for potential attackers to enter a business’ internal network? Select all that apply.
Employees accessing the network with their personal devices, under the practice of bring your own device (BYOD).
Correct! Personal devices typically are not as secure as company-provided devices.
Employees accessing the network with remote access tools.
Correct! More employees entering the network from outside means that the firewall must deal with more traffic.
Reading: Additional resources: Threat landscape
Reading
You’ve received a general overview of the threat landscape and should be more familiar with the threats that exist, the impact they can produce, and what you can do to mitigate risk. However, you’ve only tapped the surface, and there is much more to learn. This reading will help you to expand your knowledge further.
Cyberthreats and attacks
You should now know about cyberthreats as a general concept, but these resources provide specific examples of large-scale attacks and their impacts, along with detailed statistics of who is being affected:
- What is a cyberattack? This page from Microsoft Security provides a breakdown of common types of cyberattacks, which are exemplified with real-life instances. It also offers advice on the steps you can take to ensure that you are better protected.
- How many cyberattacks happen per day in 2023? Discover recent trends in cybercrime, which includes information and statistics on how phishing, malware, ransomware and fraud have affected large businesses and organizations, and the impact they may continue to have.
- Microsoft Digital Defense Report 2022: Explore Microsoft’s report on the threat landscape from the past year, which contains detailed data and key takeaways on the state of cybercrime, including implications for the future.
Cybersecurity
Fortunately, there is not only bad news to share! Along with cybercrimes, there are also cybersecurity solutions and best practices that can greatly reduce the chances of becoming a victim. You’ll learn about them in greater detail later, but until then, these resources can provide a general picture of the options available for staying safe:
- What is cybersecurity? A general introduction to cybersecurity, expanding upon the common threats you have already become familiar with. It also lists cybersecurity best practices and details the Microsoft Security products and services that can be used toward that end.
- How to choose a strong and secure password for your digital life: A guide from Microsoft on how to create strong passwords, along with some tips for keeping your accounts secure.
By exploring these resources, you’ll increase your awareness of where and how cyberattacks are happening, as well as the strategies used to fight back.
Introduction to computing devices
Video: What is a computer and what is inside it?
Summary: Inside Your Device
This video explores the essential hardware components that make up computers, smartphones, and tablets, regardless of their differences in form.
Key Components:
- Motherboard: The central circuit board holding everything together. Apple calls it a logic board.
- CPU (Central Processing Unit): The brain of the device, responsible for processing information. Measured in gigahertz (GHz) for clock speed, indicating processing power. Modern phones often have quad-core processors (four CPUs working together).
- RAM (Random Access Memory): Short-term memory, crucial for running multiple tasks simultaneously. Larger RAM allows for faster and more powerful performance. Minimum of 8GB for PCs, with gamers opting for up to 64GB. Tablets typically have 2-16GB RAM.
- Storage: Long-term memory for storing information. Two main types:
- HDD (Hard Disk Drive): Older technology, cheaper, slower access speed.
- SSD (Solid State Drive): Newer technology, faster, more expensive.
- Power Supply: Provides electricity to run the device. Larger devices require more power (500-1000 watts) compared to mobile devices (2-6 watts).
Additional Notes:
- RAM can be upgraded in most computers by adding more modules.
- Software will be covered in a future video, explaining how it interacts with these hardware components.
Which component should you add to increase your computer's processing power?
Add more CPUs
Correct! Adding more CPUs will increase the processing you can perform by adding additional cores.
Right now you’re using a computer,
tablet, or smartphone to navigate
through this course. Despite these devices being different,
they function in the same way, in that you can input data, the data is stored,
and then process to produce an output. A computer connects you
to the digital world. You use it to enjoy entertainment,
interact socially via social media platforms, or work efficiently from
anywhere in a paperless environment. So what makes up a computer? A computer consists of two overarching
parts, the hardware and the software. The hardware relates to the physical
devices that make up a computer, it is the part that the software runs on. Software gives the hardware instructions
on what to do and how to do it. The desirable components for
a gamer’s personal computer, PC, differ from those found on a college
laptop or within a tablet or phone. But fundamentally, there are a few
key components that are involved. In this video, you’ll unpack essential hardware
components that make up a computer. The motherboard is the hub in the form
of a circuit board with slots for the components required
to make up a computer. When dealing with Apple devices,
it is referred to as a logic board. Following on from the motherboard,
a predominant item required in creating a computer is the central processing unit,
more commonly referred to as the CPU. The capacity of a CPU is measured by
its clock speed or how fast it can run. The unit of measurements
is called a gigahertz. CPUs are typically found on integrated
circuit microprocessors that contain one or more CPUs. You may hear the expression
multicore processors, that means several CPUs are present. These can be configured to
tackle a job in tandem. The microprocessor attaches
to the motherboard and functions as the computer’s
reasoning center. Modern phones would
typically run on quad cores. Quad here is a reference to four,
meaning there are four CPUs used for processing content. CPUs have limited scope for holding
memory, so this is stored in the RAM, which stands for random access memory. The RAM specs are important when
purchasing a computer because they relate to how large a task the computer
can process at one time. Think of RAM in the same way as
a human’s short term memory. How many well informed decisions can
you make without referencing additional information externally, such as using
a book for research, which takes time. The more information you
mentally retain at any time, the greater your ability to recall
information instantaneously. Therefore, the larger the RAM, the quicker
and more powerful a computer is. Typically, the minimum RAM
size of a small desktop or PC starts at 8 gigabytes and
increases in increments of eight. 16 gigabytes of RAM achieves
most standard operations. However, high end gamers opt for
up to 64GB of RAM. A tablet would typically have
between 2 and 16 gigabytes of RAM. The motherboard will have
unique slots where RAM fits in. It is also possible to upgrade
computers by buying more RAM and manually plugging it
into your motherboard. If RAM is associated
with short term memory, then long term memory can
be related to hard drives. These are additional memory sources
that hold more information. Hard drives come in many forms, the two most common types being hard
disk drives and solid state drives. You’ll commonly find these
names shortened to HDD and SSD. Hard drives allow permanent
storing of information and are attached to the motherboard with
adapters called serial advanced technology attachment cables,
otherwise known as SATA cables. A flash drive is an example of an SSD,
meaning it has quicker lookup speeds. HDD is considered an older technology. The final crucial element required to make
a computer function is the power source. Large computers will require
more power than mobile devices. One might need 500 to 1,000 watts
of power to run a computer. This dwarfs the power
consumption of a mobile phone. It typically only requires
two to six watts of power. In this video, you learned about
the essential components that create a computer with reference
to smartphones and tablets. Some of the fundamental components
discussed include the motherboard, CPU, RAM, long term memory storage,
and the power supply. You’ll expand upon these concepts and learn about how software
interacts with them a bit later.
Reading: Hardware versus software
Reading
Previously, you discovered which hardware components are essential in building a computer. Have you ever wondered how interacting with the information displayed on your computer, tablet, or smartphone actually works? Consider a movie set where there are actors, directors, and staff who operate equipment like cameras. These individuals are like the ‘hardware’ of the film. But everyone needs instructions to fulfill their role; they get this from the script, which serves as the film’s ‘software’.
Introduction
Hardware makes the physical device operate, and software gives instructions so that the hardware knows what to do and how to do it. This interdependent relationship allows you to interact with your computer. In this reading, you’ll be introduced to software aspects that are necessary to run a computer.
What are hardware and software?
Software correlates to any virtual programs that are run on the computer. These include operating systems, programs such as Microsoft Word and Excel, or internet browsers. The hardware installed on your computer determines which of these software applications can run and where it should run.
Broadly speaking, software systems consist of two overarching categories:
- Application software
- System software
Application software is responsible for running specific applications like Microsoft Word or Excel. System Software relates to running the actual hardware itself. An example of this would be device drivers or operating systems like Windows or Mac. An operating system can run on a PC, Mac, phone, or other devices. You’ll explore operating systems in more detail at a later stage.
Hardware
Application and system software makes the hardware function as intended. Hardware is typically the long-lasting aspect of a computer. It is possible to update your hardware by adding additional features like more RAM or installing SSDs. There may be a slight improvement, but it mostly retains its original state from when it was first purchased. The way you interact with your computer can be improved by buying better monitors or keyboards. Hardware has a certain life span, and components tend to age and wear down over time.
Software
Contrary to this, software runs consistently over time but changes constantly with patches and updates for programs that are regularly being released. Generally, these releases relate more to security issues than improving performance. As a program matures and is used widely, various flaws and bugs are detected. Once it’s reported, fixes are rolled out. This is why you are regularly prompted to upgrade your system.
Recall that hardware and software are interdependent to work. A computer is just a heap of plastic and silicon without an interface to receive input commands. Note that you are able to automate software to run continually. Some examples include sensor lights or traffic light sequences. If a program is compatible, it can run on various types of hardware.
If a software upgrade is not working well, a workable solution is to upload an older version and restore it to a functional previous state.
Conclusion
This reading taught you what software is and how it relies on hardware to run. While there is a distinction, ultimately, hardware and software depend on each other. You can’t interact with hardware without having some software to interpret and execute your commands. Equally, software needs somewhere to be housed. Computer programs and applications cannot exist without some substance to ground them. You’ll gain some more insight when you explore different operating systems.
Video: How does a computer operate?
Sam Scoops’ Journey to Computer Basics: A Summary
Sam Scoops is expanding, and Sam wants to understand the tech behind it all! This video dives into computers, their components, and how they process information.
Key Takeaways:
- Computers perform four tasks: input, store, process, output.
- Input: Comes through devices like keyboards, cameras, microphones. Data is converted to ones and zeros for storage.
- Storage: Both volatile (RAM, loses data when powered off) and non-volatile (hard drives, USBs, retain data).
- Processing: Done by the CPU, the brain of the computer. It has a control unit for instructions and an arithmetic/logic unit for calculations.
- Output: The final result, like showing an image or running a program.
For Sam:
- Understanding these basics helps Sam make informed decisions about technology for her growing business.
- It prepares her for learning about cybersecurity to protect Sam Scoops’ data and employees.
Next Steps:
Sam’s journey continues with cybersecurity concepts!
Is the memory in a computer permanent?
Occasionally
Correct! Memory comes in two forms, volatile and non-volatile. Only non-volatile memory is permanent, regardless of whether there is power being supplied or not.
Sam, the owner of Sam Scoops, is currently operating
her business from a single home-bound
personal laptop. The demand for
local ice cream is continuously growing
within the community. There is an expansion
plan for Sam Scoops that includes opening a store front to meet the growing demand. Sam realizes that getting more hands on board to
meet the demands of her growing customer
base means that more computer devices with adequate security
measures are needed soon. With Sam’s desire to grow the brands footprint
and expand the team, she needs to have a
basic understanding of the hardware and
software requirements for Sam’s Scoops to
operate efficiently. This allows Sam to
advise the team on using the technological
infrastructure to create future
product development. In addition, Sam can implement the appropriate
security measures to protect Sam scoops employees
and her customers. Let’s join Sam on her journey to learn about computer
basics so that she’ll be able to make
more informed decisions about the right tools
for her business. This video summarizes what a computer is and
what it consists of. You’ll gain more
clarity as to what happens when inputted
data is entered into a computer and the
various transformations it undergoes before it
displays on the screen. Knowing how a computer works, will set the stage for the cybersecurity concepts
that you’ll learn about later. So to start, let’s think
about the components required to take in user input
and display it on screen. A computer must perform the following four tasks
which are inputting, storing, processing, and
outputting information. Let’s begin by discussing input. Taking input can be done
through a host of devices. Consider how you access
this course today. Did you do it from a laptop, phone or personal computer? Devices used also
include cameras, microphones, keyboards,
and computer mice. Depending on the device, once the signal begins, a conversion happens between the input and the
storage it is sent to. Consider what happens when you push a key on your keyboard. The key triggers a
series of zeros and ones and transports it to the
storage unit of your device. Devices communicate
with software by means of a device driver. What is stored after
receiving the input? When a computer
receives an input, it immediately stores the
information in memory. There are different
types of memory available, but generally, it can be classified as
volatile or non-volatile. Volatile memory such as RAM, is temporary and saves data only while the computer is used. Items that are stored
in RAM are not permanent and are sustained as long as the RAM
receives power. This means that if
the power is cut, then the items are lost. Non-volatile memory
is permanent and data is stored whether the
computer is on or off. Typically, computers will come with some secondary memory built-in for additional storage to hold items permanently. Additional memory is
stored in hard drives, commonly referred to
as secondary drives. It is categorized as
non-volatile memory. Alternatively, you
can make use of external hard drives
or USB drives. Once the input data is stored, it needs to be processed. Let’s explore the
processing aspect. All processing on a computer
is done by the CPU. The CPU has two parts, which are the control unit and the arithmetic or logic unit. A CPU has a small memory
component called a register, but mostly reads information
from the secondary memory. It then performs the
required operation and stores the result
back into the memory. To help you understand
this process, think of a CPU like
a human brain, the control unit
receives a signal, whereas the computer takes
input from a mice or keyboard, the brain does so through
sensors like cyto touch. The arithmetic unit contains logic for how to
handle the input, like the reasoning part
of the brain that holds math formulas you
learned in school. Registers are like
short-term memory, while secondary
storage is closer to long-term memory that may
take more time to recall. The CPU is the computer’s brain for all the calculations
and processes run. A control unit will
receive an instruction, decode this instruction, and then issue signals based on
the results of the decoding. CPUs follow a cycle which
includes three steps. The first step is fetch. Here data is collected
from memory. The second step decode is
where the data is interpreted. Finally, in the execute step, an action is performed based on the
instructions provided. Memory on a bus retrieves
the information. A bus is a set of
physical components that connects and transfers data
from the memory to the CPU. Next, the information is returned to where it is
stored on the computer. Once the data has
been processed, the memory bus returns the
information for storage. Notice that
information is loaded constantly from and to memory. This accounts for much of the time used for
executing a program. The last step to processing
information that is displayed on your
computer is the output. The output reflects the final
transaction in the process. Once the input has been
received by the device and the appropriate process
applied to it by the CPU, it generates an output. This might be
performing an action, streaming a video or
executing a program. Depending on the
device and its use, the output manifest differently. It usually takes the
form of an image or a light showing that a process
successfully executed. An example of this
is a tollbooths. A green light indicates that
your payment is accepted. To summarize, a computer goes
through four basic steps. Information is taken in through an input where the
signal is stored in short-term memory before
being processed by the CPU. Much like how the
human brain works, the CPU performs a series of actions that pulls
items from memory, then it perform some computation
and returns a result. The final step is the output. For humans, this might be verbalizing the thought
that has been processed. For a computer, it could be
displaying a text message. In this video, you learned what a computer is and
what it consists of. You have a better
understanding of what happens when inputted
data is entered into a computer and the
various transformations it undergoes before
displays onscreen. With this knowledge, you
are ready to continue on your cybersecurity journey.
Practice Quiz: Knowledge check: Introduction to computing devices
Which component connects various important computer hardware components?
The motherboard
Correct! The motherboard is a central circuit that connects various hardware elements and helps them function efficiently.
What metric is used to measure the clock speed of a computer?
Gigahertz
Correct! Clock speed is measured in gigahertz and reflects the speed that a computer can function at.
Which of the following types of memory is classified as volatile memory?
Read Access Memory (RAM)
Correct! RAM is the volatile memory of a computer which means it is temporary and saves data only while the computer is used.
What type of software regulates how a system runs?
System software
Correct! System software relates to running the actual hardware itself.
Which of the following items facilitates communication between a device and software?
Driver
Correct! A device driver allows a device to communicate with software.
Reading: Additional resources: Introduction to computing devices
Reading
Up to now, you’ve learned about the hardware and software components that make up a computer. This includes exploring how data input in a computer is retrieved, stored, and processed before decoding it, resulting in an output that displays on the screen. Some of these interactions are more complex than others, and you only touched upon them at a high level. However, in this reading you’ll find some resources that explain these concepts in-depth.
- What is a driver? Find out what a driver is, the different types of drivers and their purpose. You’ll find this useful because you may need to identify the appropriate driver that works with your applications to ensure your computer functions correctly.
- Managing RAM in the cloud: A consideration to keep in mind when you navigate from an in-house solution to a cloud-based one is the use of RAM. Recall that RAM is temporary memory that holds applications and data being processed. It is the most expensive form of memory to rent or buy so managing it efficiently in your applications is very important.
- CPU analysis: Discover how the CPU works. Much like a brain, it is a complex component that includes many processes. Understanding how the CPU functions can help you write code faster, and with less bugs.
By exploring these resources, you’ll be able to understand how certain components work at a more technical level. But don’t worry if it doesn’t quite make sense yet! At this point, it is more important that you are familiar with the role filled by each component.
Operating systems
Video: What is an operating system and what does it do?
Operating System: The Unsung Hero Behind Every Computer
Think of a computer as a bustling restaurant kitchen. Ingredients (data) flow in, chefs (software) create delicious dishes (tasks), and waiters (hardware) deliver them to eager patrons (users). But who keeps everything running smoothly, preventing chefs from tripping over each other and ensuring customers get their meals on time?
That’s the operating system (OS), the invisible maestro orchestrating the whole show. Let’s break down its three key roles:
1. Hardware Whisperer:
- The OS acts as a translator, communicating with different devices through device drivers. Imagine these as recipe cards telling each chef (printer, keyboard, etc.) what to do with the ingredients.
- Plug and play? The OS welcomes new devices, installs their drivers, and stores their settings like a restaurant manager prepping a new chef’s station.
2. User Interface Guru:
- The OS offers two ways to interact:
- Command Line: Think of it as a chef shouting orders directly to the kitchen. Powerful but requires precise instructions, like a programmer telling the computer what to do in code.
- Graphical User Interface (GUI): The friendly face of computing! Click, drag, and drop icons like navigating a menu – perfect for most users.
3. File and Application Manager:
- The OS juggles applications (software programs) like a restaurant managing different dishes.
- Each application has an API (Application Programming Interface), like a recipe format understood by both chef and manager (OS).
- When you launch an app, the OS loads it into RAM (temporary storage), allocating resources like CPU power and space like assigning a station and ingredients to a chef.
- Some apps are light eaters (word processors), while others are resource-hungry gourmands (high-resolution games). The OS ensures everyone gets their fair share.
Remember, the OS is the silent hero behind every smooth computing experience. Now, you can appreciate its invisible magic the next time you use your computer!
Which of the following is a means of directly interacting with the Operating System? Select all that apply:
Graphic user interface (GUI). Command line interface (CLI).
Think of Sam Scoops and all the employees working together to
ensure the business runs smoothly. This might include attendants,
dishwashers, and cashiers. While their duties are clearly defined, it
doesn’t mean that they work in isolation. Their tasks must be monitored to ensure
that the whole team can work together without blocking each other. Computers work on a similar principle. Different components are competing for
limited resources, and their access to such resources must
be regulated to avoid conflict. This role is fulfilled
by an operating system. In this video, you’ll learn what
exactly an operating system is. You’ll be able to explain
the role it plays and how it interacts with
the various software and hardware components to create
a smooth experience for the user. The operating system is the software
component that interacts with the hardware and software programs to provide users
with a standard computer experience. You can think of it as a go between that
starts up the computer hardware and file systems and allows for the interaction
between multiple users, CPUs and Tasks. You can simplify the responsibilities
of the operating system into three broad categories,
which are controlling hardware access, providing a user interface, and
managing files and applications. Let’s explore each of these one at a time, starting with how an operating
system controls hardware access. When interacting with
the hardware of a computer, the operating system will communicate
instructions through a device driver. These are essentially small pieces of
code written by a device manufacturer, which allow messages and instructions
to be passed between the hardware and other software to control the device. Most devices are installed to a computer
through a plug and play process, which means that a device
connects to a computer and sends a signal to the operating system. The software then installs a device
driver that enables interaction and stores this application’s
settings in a central location. This is saved in the registry
on a Windows computer or the Preferences folder on a Mac. Plug and play comes from a time when all
devices were physically connected, but these days devices can be
connected digitally as well. Consider printers or any device found on
the internet of things that can connect via Bluetooth,
which are still examples of plug and play. You’ll explore the Internet of
things in greater detail later on. Another role of an operating system is to
provide a user interface which facilitates the way a user communicates with
the hardware and software of a computer. This interface is available in two forms,
one is the command line or terminal window. You will be familiar with this from many
movies dealing with hackers breaking into computers. Command line or terminals allow for access
to every part of a computer system, but require the user to provide very detailed
instructions, often as programmer code. The other type is
the graphical user interface. This is the most common way for
users to interact with computer programs, including controlling the options for
the operating system. It involves using a mouse to click on
menus and icons to initiate programs. Most operating systems will provide
the user with both CLI and GUI options. Finally, let’s find out how an operating
system manages files and applications. An application is a software
program that performs a task. Microsoft Excel, Microsoft Word, or your
Web browser are examples of commercial applications that you
likely use every day. However, users can also develop
their own applications, which the operating system can run. An application will typically have
an application programming interface, more commonly known as an API,
which determines a set of rules for interacting with the program. In other words, an API ensures that a program is
compatible with a given operating system. When an application is called for
use through a user interface, the operating system loads the program
from its place in memory into the RAM. Recall that RAM is immediate storage
that holds files currently in use. The operating system then
determines how much space and CPU power an application will be given. Some applications, such as a word
processor, require relatively few resources, while others, such as
a game with high resolution graphics, are CPU intensive, and
will dominate a computer’s resources. In this video, you’ve received an overview
of what an operating system is and the role it plays on a computer. You should now know that the
responsibilities of an operating system fall into three general categories,
which are controlling hardware access, providing a user interface, and
managing files and applications.
Reading: Types of operating systems
Video: Popular operating systems
Five Popular Operating Systems: A Quick Guide
This video dives into the top 5 operating systems (OS) dominating the modern world: Windows, macOS, Android, iOS, and Linux. Here’s a concise summary:
Key Points:
- Role of an OS: Manage software, hardware, and communication between them.
- Desktop OS: Windows, macOS (Mac), Linux (open-source, diverse).
- Mobile OS: Android (open-source, customizable), iOS (Apple-exclusive, streamlined).
- Windows: Preloaded on PCs, user-friendly GUI, compatible with many applications.
- macOS: Apple computers only, clean interface, limited customization.
- Android: Most popular mobile OS, open-source, diverse experiences across devices.
- iOS: Smooth, consistent experience across Apple devices, less customization than Android.
- Linux: Powerful for cloud computing, growing in popularity, command-line focused.
Bonus:
- Processing power of modern phones surpasses early moon mission computers.
- Windows can run some Linux applications.
- Different OS cater to specific needs and capabilities of devices.
Overall: Understanding these key players in the OS landscape equips you to choose the right system for your needs and appreciate the diverse software ecosystem.
By now, you should be
familiar with the role of an operating system and the several major types
that are available. But what is the
specific software that people are actually using? Despite the many
options available, the modern operating system is dominated by just a
few major competitors, each of which offer unique
advantages over the others. In this video, we will explore the five most popular operating
systems in use today, which are Windows, Mac, Android, iOS, and Linux. You’ll become aware of the
key characteristics of each one and find out how
they compare with each other. Recall that the core function of an operating system is
to allow you to access various software and
hardware components and to facilitate communication
between them all. There are different types of operating systems that
you may encounter, but all of them should
fulfill this role. For desktop and
laptop computers, the three most common
operating systems are Microsoft Windows, Apple’s macOS, and Linux. These are primarily
found on PCs. Whereas other devices
such as phones, tablets, and music players, run on different
operating software because they have
different specifications. The most notable examples
of operating systems for mobile devices are Google
Android, and Apple iOS. So why are their distinct operating
systems across devices? Generally, a PC is expected
to perform more complex, varied, and process
intensive tasks. As such, it requires a more sophisticated
operating system. In contrast, mobile devices typically do not have the same memory or
processing capacity. Mobile operating systems
are tailored to instead maximize the device’s resources and utilize them
more efficiently. In spite of this, it’s worth noting that the
processing power found in a current day phone is
greater than that of the computers that were used to first send a man to the moon. Now that you know what the most popular operating systems are, let’s explore them one
at a time more deeply. Starting with one of the oldest programs,
which is Windows. Windows is proprietary
software that is often preloaded into PCs as the
default operating system. As such, the popularity of Windows ensures
that developers are highly likely to make their applications
compatible with the system. While windows can be used with
a command line interface, it heavily favors a graphical
user interface approach. This means there is greater
emphasis on pop-up menus and clickable icons as a means
of navigating applications. The second most popular OS for computers is Apple’s macOS. It is preloaded on all Apple computers and is
also proprietary software. Uses are discouraged
from altering the code and instead should use
the software as sold. As with Windows, it is typically used with a graphical
user interface. While Apple and Windows are the systems of choice for PCs, mobile devices need something else to handle
their unique needs. Let’s move on to those next. First is Android, which receives regular updates and
additional features. While it can be used
for devices such as cameras and gaming consoles, this software is most frequently found on smartphones
and tablets. Android is open source, making it highly customizable. Overall, Android is the most popular
operating system for mobile devices worldwide. However, it does have
one major competitor, another mobile device OS, Apple’s iOS is a popular
alternative to Android. A key difference is
that rather than being available to
numerous device makers, it is proprietary
software that is exclusive to Apple products. Compared to Android, users have limited ability to
customize the software. IOS is run on iPhones,
iPads, and iPods, and is the second most widely
used OS for mobile devices. Lastly, let’s examine an
operating system that doesn’t currently have
the mainstream appeal of the previous four, but is noted for playing a
large role in OS innovation. An alternative to
proprietary software, Linux is an open-source OS for both computing
and mobile devices. This means that
the code is freely available for people to
alter as they feel fit. This has led to a
large community of enthusiasts who develop an
optimized many variations. Linux offers a Command
Line Interface, CLI, over a GUI based approach. While Linux is not as widely distributed
as Windows or Mac, it is popular for
Cloud computing and will likely experience growth as more people embrace this format. MacOS is descended from Unix, and while similar to Linux, it is different enough that an Android app
won’t work on iOS. Windows nice ships with
a built-in Linux kernel, allowing Linux apps to
run on Windows too. Now that you’re familiar with the five major
operating systems, let’s observe each
of them in action. Specifically, you’ll witness
the startup process of each one along with the interface that
is first presented, once that process completes. In a typical Windows setup, you’ll begin by logging
in with a password. After a few moments, you
will arrive at the desktop, which is the main workspace and a core part of the Windows GUI. The bar at the bottom
is the task bar. This can hold several
apps at once, making it easy to
switch between them. Starting up macOS is similar to Windows and you’ll
need to login first. A difference you might
notice this time around is the bar
with the icons. This is the dock, and you
can customize it to hold your favorite apps so that you can access them more quickly. On the mobile side,
you have Android. Most Android devices
can be unlocked with a pin or a biometric
feature like a fingerprint. Because the software
is open source, the appearance capabilities and the overall experience in one device can be different
from those of another. This depends on how the
manufacturer has altered it. The other major mobile
operating system is iOS, which you’ll find
on Apple devices like the iPhone and iPad. The software can’t be
customized as much as Android, but it’s well-known for giving a consistent experience
across different devices. Finally, there is Linux. Linux is open source and has a very active
developer community, which means that it
takes on many forms. One of the most
popular versions for Cloud computing is a Ubuntu, this is because Cloud computing relies on resources
that are stored online and Ubuntu can access these resources with
both speed and security. In this video, you’ve
become familiar with the five most popular
operating systems for both computers and
mobile devices. You should now be aware
that Windows, Mac, and Linux are the
most common programs for desktops and laptops. While Android and iOS are the dominant software for
smartphones and tablets
Reading: Proprietary and open-source software
Reading
Introduction
One decision you will face at some stage in your career is determining what type of software you should use to achieve a business need. A business need is a set of company goals, and the actions to take to achieve those goals, and generate money for business success.
Sam sells ice cream, so the business needs are related to purchasing and selling ice cream with additional associated tasks that generate revenue. To achieve efficiency and automation of processes while maintaining a quick turnaround time, Sam must decide which software or hardware components are best suited.
An important consideration is the type of software. In this reading, you’ll discover the distinction between open-source and proprietary software, and whether one is preferred over the other.
Software Licensing
There are two main types of software licensing, namely, Open-source software (OSS) and Proprietary software (PS). To summarize the key difference, an OSS license includes permissions for content to be freely distributed and modified for appropriate use. In contrast, a PS license must be purchased, and restrictions are placed on how the software is used. Some restrictions might also dictate that the source code cannot be altered or determine how it is sold or further distributed. Next, let’s explore each of these license types in greater detail.
Characteristics of Open source vs. Proprietary Software
OSS allows users to modify source content without consulting the original owners of the software. This often leads to rapid fixing of bugs and issues related to a software package. This unrestricted access also attracts a community of dedicated hobbyists who voluntarily provide fixes and support for one another. The downside is code changes are not performed by the owner of the code.
PS, in comparison, is more restrictive. It ensures that any alterations made to the code improve it overall for the users. There is a sense of security and credibility because changes to the code are made by verified professionals. Proprietary software typically comes with drivers, so developers can efficiently interact with the program.
Additionally, proprietary software contains extensive documentation on the changes made and appropriate use of the software. The goal of PS distributors is to create a product that people wish to use. A private developer may have different motivations, such as tailoring software to private projects. In the event of a bug being detected in a paid product, you can raise the issue and the product owner is responsible for addressing it. Accountability such as this isn’t necessarily applicable to OSS products that have been freely given to the community.
Using open source can be beneficial because there are no costs associated with it. If a software application is not popular, however, errors and bugs may go unaddressed. This is in contrast with PS, where the issue might be extended wait times until an error is addressed.
Another consideration of PS to be aware of is the price. PS will have a polished and professional product, and the attention to detail comes with a price tag. If your company makes a small application, you can factor the cost into production. However, if your product is starting out small with the aim to scale up, then this cost might increase with frequent use. This price does ensure that you have recourse should an issue emerge with the software package.
Some major advantages in using open-source software with a strong community following include good opportunities for collaboration, and robust technical support to help users adapt to the software, as well as addressing any integration issues faced. It offers flexibility, as one can alter the software or make use of a variation made to the software that suits your project. Finally, it removes the dangers of vendor lock-in. This is when a company’s IT infrastructure becomes overly reliant on one vendor, and the cost of altering the infrastructure is prohibitive, forcing a company’s dependency on a given vendor.
Some well-known examples of open-source software include Linux, React, and Free Office. Some notable examples of PS include Avast, MacOS, and Windows. All these examples are popular programs from both approaches. It is not as simple as concluding that one type of software supersedes the other, as your specific business need ultimately determines the best software solution.
Conclusion
In this reading, you discovered the difference between OSS and PS and explored the characteristics of each type of software. Succinctly, OSS is free and modifiable code with a community of developers who contribute to it. This can be an excellent resource for seeking help and changing the source code to suit your specific needs. It does not have the same level of restrictions associated with PS.
In contrast, PS comes with a purchase price, but if there are issues with the product then the software owners commit to fixing it. It comes with the guarantee that it has been rigorously tested, with clear documentation of how to use it.Go to next item
Practice Quiz: Knowledge check: Operating systems
Which of the following statements are true about an Operating System? Select all that apply.
An operating system controls hardware access.
Correct! The operating system interacts with the hardware drivers to allow access.
An operating system provides a user interface.
Correct! The operating system allows users to interact with all hardware and software components through a user interface.
Which of the following are instances of Operating Systems? Select all that apply.
Batch operating system
Correct. This is an OS that allows multiple users to work in tandem.
Time-sharing operating system
Correct. This multitasking system enables the processing of a diverse range of tasks.
What is the definition of proprietary software?
Software developed commercially which requires a license for use or distribution.
Correct! Proprietary Software is private and requires special licensing for use and distribution.
True or False: The OS is responsible for directing hardware.
True
Correct! The OS is tasked with three areas, one of which is directing the actions of the hardware.
Where does a Windows OS store the application settings?
Registry
Correct! Windows OS stores the application settings in the registry. However, on Mac, it is not centralized and can be found in Preferences.
Video: Module summary: Introduction to computers and operating systems
Course Recap: Cybersecurity Foundations Built
This summary highlights the key takeaways from the “Introduction to Computers and Operating Systems and Security” course:
Cybersecurity Landscape:
- You understand cyberattacks, current trends, and their impact on multiple devices.
- The threat landscape consists of application vulnerabilities, attack types, and perpetrators.
Computer Basics:
- You explored essential components like CPU (brain), RAM (memory), input/output devices, and the motherboard (communication hub).
- Grasped the difference between hardware (physical parts) and software (instructions).
Operating Systems:
- You learned about their role in directing hardware and configuring applications.
- Different types of operating systems like proprietary and open-source were covered.
- Now equipped to choose an OS based on specific business needs.
Operating System Responsibilities:
- Understand the crucial aspects: hardware access control, user interface, and file/application management.
- Familiar with command-line and graphical interfaces.
Overall Outcome:
- Solid foundation in computer basics, OS knowledge, and cybersecurity threats.
- Equipped to delve deeper into cybersecurity with a grasp of potential threats and mitigation strategies.
Bonus: You learned about security breaches and their potential harm to businesses.
Well done on completing introduction
to Computers and Operating Systems and Security, before you continue,
let’s recap on some key takeaways. After familiarizing yourself with
the course learning objectives, you began with an introduction
to the threat landscape. Here you learned about
how cyberattacks occur. You can now describe current cyberattack
statistics and trends and explain how unauthorized access gained has a huge
impact on multiple devices or domains. You discovered that the threat landscape
is broken up into three distinct areas the vulnerabilities of the
application, the types of attacks used, and the perpetuators of the crime. Next, you were introduced
to computing devices and discussed the basic components
that make a computing device. Whether it is a laptop, desktop or mobile
device, it requires some basic components. Let’s recap on four of these components. The first component is
the Central Processing Unit, or CPU. It is often referred to as
the brain of the computer, where the computation is performed. The second component is RAM. RAM is a plug and play addition to
a computer that stores information. Can you imagine if you had to relearn
every task when you woke up every morning? RAM ensures the computer can recall, and
recollection is a core requirement for intelligence. You then learned about input and
output devices. This is crucial to a computer because
it takes in the input, decodes and processes the data and displays an output. The final component is the motherboard,
which enables the operation. It does not actively take part in
computation, but it provides a hub through which all these components interact and
generate the desired output. You broadened your understanding of
computers by unpacking the difference between hardware and software. Remember that hardware makes the physical
device operate and software gives instructions so that the hardware
knows what to do and how to do it. It’s an interdependent relationship that
allows you to interact with your computer. Finally, you focused on operating systems, which provide the directions
that are sent to the hardware. They configure applications so that they communicate efficiently
with hardware devices. You examined several
major operating systems, including those specific to computers and
to mobile devices. Then you explored the two main categories
that the software generally falls into, which are proprietary or open source. You should now be better informed about
how to choose a suitable operating system for a specific business need. Recall the three key responsibilities
of an operating system. It controls the access of hardware that
is connected to the device physically or digitally. It provides the interface
that enables you, the user, to communicate with the computer’s
hardware and software. Specifically, the interface is
a command line interface or a graphical user interface,
and it manages files and applications by allocating suitable
system resources as determined by an API. Now that you’ve completed the introduction
to Computers and Operating Systems and Security, you have a good foundation
to navigate cybersecurity further. You are well versed in both computer
basics such as hardware, software and operating systems. You have also gained insight as to where
the cybersecurity threats might come from and how to mitigate some of these threats. You then further learned what
a security breach entails and why it’s potentially harmful for
your business. Nice work.
Module quiz: Introduction to computers and operating systems
True or False: Plug-and-play refers to the process of installing a device to a computer by connecting the device and then clicking on a “play” button to activate it.
False
Correct! Plug-and-play means that when a device is connected to a computer, it automatically sends a signal to the OS that prompts it to install a device driver.
True or False: The increased number of individuals working from home has complicated the threat landscape.
True
Correct! The need to increase the level of external access needed for remote work has made it more difficult to defend a system.
An attack that attempts to overwhelm a system with requests is known as a ________ attack.
botnet
Correct! Botnet attacks are a form of denial of service that makes it difficult for a system to process legitimate requests.
True or False: An attacker has discovered the password for Sam’s personal email, but it doesn’t work for Sam’s work email. Sam’s work email account is now safe.
False
Correct! The attacker can still use Sam’s personal email to impersonate her and potentially gain the password for the work email.
________________ refers to specific applications like Microsoft Word or Excel.
Application software
Correct! Application software relates to individual applications, as opposed to system software that runs the computer’s hardware.
The memory on a hard disk drive (HDD) is best described as __________.
non-volatile
Correct! Non-volatile memory is intended for long-term storage, as the memory will persist even when power is removed.
Which one of the following statements is true?
The CPU has two parts, which are the control unit and the arithmetic / login unit.
That’s correct! The CPU contains these two components.
Which of the following refers to a set of rules for interacting with a program?
API
Correct! An API, or application programming interface, ensures that a program is compatible with a given operating system.
Which type of operating system connects several CPUs to execute a task?
Distributed operating system
Correct! This approach can scale computing power up or down depending on the processing need.
Which of the following is an example of open-source software?
Linux
That’s correct! Linux is open source and has many variations.
Reading: Additional resources: Operating systems
Reading
You’ve been introduced to operating systems and should now have a better idea of what they are and the different types that are available, and also be familiar with some of the most popular operating systems in use today. In this reading, you’ll find resources that further break down the differences between proprietary and open source software, and that shed some light on how Windows works.
Proprietary versus open source
While you probably know by now that proprietary software is the work of a single developer while open source software is created by a community of programmers, these resources will help you better understand some of the advantages and limitations of each type:
- Proprietary software: A definition for proprietary software, including a summary of the legal implications associated with it.
- What is open source? Find out some of the reasons why a person or organization might prefer to use open source software.
Microsoft Windows
The following resources explain what is going on behind the scenes when you are using a Windows machine:
- Windows client devices: Compare how the Windows experience changes when used across different devices, such as desktop computers and tablets.
- Booting Windows: Expand your understanding of what happens when a Windows machine starts up.
- Windows registry: Learn more about how Windows configures and manages software and drivers.
By exploring these resources, you’ll discover that while operating systems serve a simple role on the surface, there is actually a lot going on in the background to ensure that resource distribution to all components is done carefully.