Pre Security Module 1: Introduction to Cyber Security

These flashcards cover the fundamental concepts, definitions, and tools related to cyber security as outlined in the lecture notes.

What is Cyber Security?

The practice of protecting computers, networks, programs, and data from unauthorized access, damage, or attack.

Offensive Security

The discipline of identifying and exploiting vulnerabilities to find weaknesses in systems before criminals do.

Defensive Security

A practice focused on protecting systems, detecting threats, and responding to incidents.

Red Team

The offensive security team that simulates attackers.

Blue Team

The defensive security team responsible for detecting and responding to attacks.

SOC

Security Operations Centre - the team and facility that monitors for and responds to threats in real time.

Engagement

The formal written agreement between a pentester and an organization defining the scope and rules of a security test.

Reconnaissance (Recon)

The gathering of information about a target before attempting to exploit it.

dirb

A web directory enumeration tool that discovers hidden pages on a website.

IDS

Intrusion Detection System - a system that passively monitors traffic and raises alerts on suspicious patterns.

IPS

Intrusion Prevention System - actively blocks suspicious traffic in addition to detecting it.

SIEM

Security Information & Event Management - collects and correlates logs from across an organisation.

Firewall

A system that controls network traffic based on predefined security rules.

Rate Limiting

Restricting the number of requests a source can make in a given time window.

Access Control

Rules determining who can access what resources on a system.

Broken Access Control

A vulnerability where users can access resources or functions they should not be able to.

Containment

The immediate priority when an attack is confirmed, stopping further damage before full analysis.

Penetration Testing

Legally and ethically attempting to exploit vulnerabilities in a system under a formal agreement.

Red Teaming

A senior-level, full-scale, long-term simulated attack against an organisation.

Bug Bounty

A program where companies pay ethical hackers for reporting valid vulnerabilities.

OWASP Top 10

A regularly updated list of the ten most critical web application security risks.

The Attacker Mindset

The approach in offensive security that requires thinking creatively and adversarially.

Vulnerability Assessment

Identifies weaknesses but does not attempt to exploit them; lower risk and faster.

Penetration Testing (Pentesting)

Actively attempts to exploit vulnerabilities under a formal agreement.

Red Team Engagement

A full simulated attack against an organization, including physical and social engineering elements.

Bug Bounty Hunting

Companies invite ethical hackers to find vulnerabilities and reward them for valid reports.

Common Offensive Security Tools

Tools like dirb, Nmap, Metasploit, Burp Suite, Wireshark used for security assessments.

The Ethics of Offensive Security

The key difference between criminal hackers and ethical hackers is authorization.

The Golden Rule of Ethical Hacking

Never test a system you do not have written permission to test.

IP Blocking

A quick and effective first step that controls network traffic but is not a permanent solution.

Rate Limiting Importance

Protects against brute-force or enumeration attacks by controlling the number of requests.

Incident Response Lifecycle

A structured response process to attacks including identification, analysis, containment, eradication, recovery, and lessons learned.

SOC Analyst Roles

Includes Tier 1 monitoring alerts, Tier 2 investigating incidents, and Tier 3 proactively searching for hidden threats.

Containment in Incident Response

Stopping the attack immediately before fully analyzing it.

Skills for Security Analysts

Log analysis, threat intelligence, incident documentation, and familiarity with SIEM tools.

Day-to-Day Responsibilities of Security Analysts

Monitor SIEM dashboards, investigate alerts, create reports, and recommend security improvements.

What is a Security Engineer?

Builds and maintains defensive systems to protect an organization from attacks.

Main Responsibilities of Security Engineers

Design, deploy, and maintain security tools, assess attack surfaces, and write security policies.

The Role of Penetration Testers

Simulate attacks under controlled conditions to find exploitable vulnerabilities.

Red Teaming vs Penetration Testing

Red teaming simulates a full-scale attack, while penetration testing focuses on specific systems.

Certifications for Cyber Security Professionals

CompTIA Security+, CompTIA Network+, eJPT, CEH, OSCP are recommended starting points.

TryHackMe

A platform for practical, guided learning paths in cybersecurity.

Hack The Box

A more challenging, competitive platform for advanced cybersecurity skills.

PicoCTF / CTFtime

Capture The Flag competitions that enhance problem-solving skills for cybersecurity.

PortSwigger Web Security Academy

Offer free, world-class training for web application security.

Competitive Entry-Level Salaries

Reflect the growing demand for cybersecurity professionals.

Cyber Security Skills Gap

Over 3.5 million cybersecurity roles are currently unfilled globally.

Why Cyber Security Matters

Data breaches expose sensitive information and ransomware attacks can disrupt essential services.

Key Terms & Definitions

Understand terms like Offensive Security, Defensive Security, Reconnaissance, IDS, IPS, SIEM, Firewall.

Concepts in Offensive Security

Involves tools and techniques to identify and exploit vulnerabilities before criminals do.

Concepts in Defensive Security

Focus on building defenses, monitoring systems, and responding to incidents.

Salaries in Cyber Security

Entry-level roles can lead to competitive salaries reflecting constant growth in the field.

Importance of Continuous Learning

Maintaining up-to-date knowledge is crucial due to evolving threats in cybersecurity.