Chapter 1 Basic Structures: Sets, Functions, Sequences, Sums, and Matrices

Cybersecurity

Protecting digital systems and data from attacks that steal

Black Hat Hacker

A criminal who breaks into systems to steal data or cause harm for personal gain

White Hat Hacker

Security expert who finds flaws to fix them legally and ethically

Gray Hat Hacker

Hacks without permission but may report flaw if it benefits their agenda

Hacktivist

Hacker attacking to promote political or social causes

Script Kiddie

Unskilled person using ready-made tools for simple attacks for fun or attention

State-Sponsored Hacker

Attacker funded by government to spy

Cybercriminal

Organized group stealing billions through ransomware

Data is Currency

Valuable asset in cybersecurity like cash

Vulnerability

Weakness in system that attackers can exploit to gain unauthorized access

Threat

Potential danger that could exploit a vulnerability to cause harm

Attack

Actual event when threat exploits vulnerability to compromise system

Input Validation

Checking user input before processing to block malicious code like SQL injection

Bounds Checking

Preventing data from overflowing memory buffers to stop buffer overflow exploits

BYOD

Bring Your Own Device - personal phones/tablets accessing company networks increasing risk

IoT

Internet of Things - smart devices like cameras and locks expanding attack surface

Big Data

Large complex datasets hard to protect but highly valuable to attackers

APT

Advanced Persistent Threat - stealthy attack that stays hidden for months inside one target

Algorithm Attack

Uses system behavior like energy usage to identify targets or trigger false alerts

Federated Identity

One login works across multiple organizations - risky if one system is breached

911 Networks

Vulnerable because they use VoIP instead of traditional phone lines

NIST Framework

US standard dividing cybersecurity work into 7 key job categories

CompTIA Security+

Entry-level certification proving basic security knowledge and practices

CEH

Certified Ethical Hacker - proves understanding of hacking techniques and practices

CISSP

Advanced certification for managers validating enterprise security experience

CISM

Certified Information Security Manager - focuses on designing and overseeing security policies

Least Privilege

Give users only the minimum access needed to perform their job

Defense in Depth

Using multiple layers of protection (firewall

Phishing

Tricking people into giving passwords via fake emails or websites

Ransomware

Malware that locks files and demands payment to unlock them

DDoS Attack

Overloading server with fake traffic to crash it and deny service

Social Engineering

Manipulating people into revealing secrets through psychological manipulation

Zero-One Matrix

Matrix with only 0s and 1s used to model access rights (yes/no)

Boolean Product

Uses AND/OR logic on zero-one matrices to calculate reachable access paths

Malware

Any software designed to harm systems including viruses

Encryption

Scrambling data so only authorized users can read it

Authentication

Verifying identity through methods like passwords

Authorization

Determining what an authenticated user is allowed to do

Firewall

Network barrier blocking unauthorized traffic based on predefined rules

Patch

Software update fixing known vulnerability - must be installed promptly

Audit Log

Record of system events used to trace who did what and when

Backup

Copy of data stored separately for recovery after ransomware or breach

Incident Response

Plan for detecting

Digital Forensics

Investigating cybercrimes by collecting and analyzing digital evidence

Insider Threat

Attack from within organization by employee or contractor with access

External Threat

Attack from outside exploiting vulnerabilities in networked devices

Exploit

Code or technique used to take advantage of vulnerability

Zero-Day Attack

Exploiting vulnerability before vendor releases patch

Social Media Risk

Sharing personal info online helps attackers guess passwords

Pharming

Redirecting users from legitimate sites to fake ones even with correct URL

Man-in-the-Middle

Attacker intercepting communication between two parties to steal data

Spoofing

Faking identity like fake email sender

Trojan Horse

Malware disguised as legitimate software that users install unknowingly

Worm

Self-replicating malware that spreads without user action

RAT

Remote Access Trojan giving attacker full control over infected device

Keylogger

Software recording every key pressed to steal passwords and sensitive input

Credential Stuffing

Using leaked passwords from one site to try logging in on other sites

Brute Force Attack

Trying every possible password until correct one is found

Dictionary Attack

Trying common passwords from a list instead of all possibilities

Waterfall Model

Linear software development phases: Analyze → Design → Code → Test → Maintain

Agile Methodology

Iterative development with short cycles (sprints)

Threat Modeling

Identifying potential security threats during design phase

Secure Coding Standards

Practices to prevent common security vulnerabilities in code

Automated Security Testing

Using tools to detect security issues automatically during development

Vulnerability Scanning

Checking for security weaknesses before deployment in production

Data Classification

Labeling data by sensitivity level to apply proper protection

Incident Report

Documenting what happened during a breach for learning and legal purposes

Cybersecurity Law

Legal rules governing data protection

Privacy vs Security

Tension between protecting data and respecting personal freedom

Cybersecurity Specialist

Someone who uses hacker skills to protect systems and data

Cybersecurity is Shared Responsibility

Everyone in organization plays role in security

Vulnerability Database

Public list of known flaws like CVE to help patch systems faster

Honeynet

Network of decoy systems that attract attackers to study their methods

InfraGard

US program sharing cyber threat intelligence between government and private sector

Threat Intelligence

Information about emerging threats used to predict and prevent attacks

Cyber Hygiene

Basic security habits like updating software

Security Awareness

Training users to recognize threats like phishing and social engineering

Attack Surface

All possible entry points an attacker can use - reduce to improve security

Zero Trust

Security model that assumes no one is trusted - verify everything always

Two-Factor Auth (2FA)

Requires two proofs of identity like password + SMS code

Endpoint Security

Protecting devices like laptops and phones with security software

Cloud Security

Protecting data and apps stored in cloud using shared responsibility model

Supply Chain Attack

Attacker compromises third-party vendor to reach main target

AI in Cybersecurity

Used to detect anomalies and predict attacks but can also be used by attackers

Ethical Hacking

Legally testing systems for flaws with permission from owners

Penetration Test

Simulated attack to find weaknesses with authorization from owners

Security Policy

Formal rules for protecting data that must be clear

Risk Assessment

Identifying threats

Data at Rest

Data stored on device or medium when not being actively used or transmitted

Data in Transit

Data being transferred between systems or devices over network

Data in Process

Data being actively used

Packet Sniffing

Attack where attacker intercepts data traveling across network

Rogue Device

Unauthorized hardware connected to network that can steal or disrupt data

Network Access Control (NAC)

Requires devices to meet security policies before connecting

Content Filtering

Blocking access to harmful or inappropriate websites or content

VPN

Virtual Private Network encrypting data between user and network to protect data in transit

Encryption at Rest

Protecting stored data by encrypting it on disk or storage devices

Encryption in Transit

Protecting data while moving across networks using protocols like TLS

Data Loss Prevention (DLP)

Tools that detect and prevent unauthorized transfer or leakage of sensitive data

Security Audit

Independent review of security controls to ensure compliance with policies and standards