cybersecurity _compressed

Cyber Security Technical Terms

  • Compromise: Hacked

  • Legitimate: Genuine

  • Remediation: To prevent

  • Mitigation: To reduce effect

  • Containment: Controlling

  • Eradication: Removal

  • Exploit: Attack

  • Vulnerability: Weakness

  • Bypass: Skip

  • Breached: Hacked

  • Suspicious: Cautious distrust of someone or something

  • Malicious: Any program or file harmful to computer users

  • Vendor: Supplier

  • Log: Record of events occurring within an organization's system and network

  • Honeypot: A technique aimed at distracting hackers with fake targets

  • Ransomware: A type of malicious program

Cyber Security Overview

  • Definition: Cybersecurity refers to the technologies and processes designed to protect networks and devices from attacks, damage, and unauthorized access.

  • Advantages:

    • Protection of business interests

    • Increased productivity

    • Customer confidence

    • Prevention of website downtime

    • Protection of consumer/client information

  • Disadvantages:

    • Firewalls can be complex to configure

    • Potential slowdown of system performance

    • Need for continuous software updates

    • Can be costly for average users

  • Categories of Cybersecurity:

    • Network Security

    • Application Security

    • Information Security

    • Operational Security

    • Endpoint Security

    • Database Security

    • Cloud Security

    • Mobile Security

Importance of Cyber Security

  • Cybersecurity safeguards data against theft and damage, including sensitive information. Without it, organizations are vulnerable to data breaches, making them attractive targets for cybercriminals.

  • The CIA Triad:

    • Confidentiality: Only authorized parties can access sensitive information (e.g., military secrets).

    • Integrity: Information must remain unmodified except by authorized individuals.

    • Availability: Data and functions must be accessible according to agreed-upon service parameters.

Human Factors in Cyber Security

  • Confidentiality: Protects sensitive data from unauthorized access.

  • Integrity: Ensures information is not altered maliciously.

  • Availability: Focuses on maintaining access to data and systems.

  • Types of Cybercrime:

    • Computer-assisted: Crimes using computers as tools.

    • Targeted: Focused on specific systems or networks.

    • Incidental: Computer involvement is accidental to the primary crime.

Motivations Behind Cyber Attacks

  • Disrupting business operations

  • Creating fear

  • Theft of information

  • Financial gain

  • Achieving specific military objectives

  • Damaging a target's reputation

Cyber Security Practices

  • A strong cyber security framework includes:

    • Secure Passwords

    • Authorization protocols

    • Regular software updates

    • DNS security

    • Antivirus measures

    • Firewall management

    • Anti-phishing measures

Cyber Security Expert Role

  • A cyber security expert protects data for organizations through techniques such as:

    • Finding vulnerabilities

    • Monitoring systems

    • Analyzing network breaches

  • Domains in Cybersecurity include:

    • Asset Security

    • Security Architecture

    • Communication and Network Security

    • Identity and Access Management

    • Security Operations

    • Software Development Security

    • Risk Management

Incident Response Planning

  • Incident response is crucial for managing security events and minimizing their impact.

  • Phases include:

    • Preparation

    • Identification

    • Containment

    • Eradication

    • Recovery

    • Lessons learned

Firewall Types

  • Stateless Firewalls: Basic filtering based on static information.

  • Stateful Firewalls: Monitors active connections and traffic patterns for enhanced security.

Types of Attacks

  • SQL Injection: Exploiting application vulnerabilities to manipulate databases.

  • XSS (Cross-Site Scripting): Injecting malicious scripts into trusted applications.

  • DoS and DDoS: Overloading a system with traffic to disrupt service.

Encryption Types

  • Symmetric: Uses a single key for both encryption and decryption.

  • Asymmetric: Uses pairs of keys (public and private).

Data Loss Prevention (DLP)

  • DLP technologies prevent sensitive information from leaving an organization.

Malware Types

  • Ransomware: Restricts access until a ransom is paid.

  • Worm: Self-replicating software that spreads across networks.

  • Trojan: Masquerades as legitimate software.

  • Spyware: Monitors user behavior and steals information.

Anti-Phishing Strategies

  • Regular monitoring for phishing attempts.

  • Educating users on recognizing suspicious emails.

  • Implementation of antivirus and email security measures.

Cyber Kill Chain**

  • A sequence from reconnaissance to the execution of goals.

  • Steps include: Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command and Control, and Actions on Objectives.