Review of Cybersecurity
What is Hacking?
Hacking is the act of exploring, modifying, or exploiting computer systems, networks, or applications.
Goal: Gain unauthorized access to information or services.
Alternative view: Exploiting vulnerabilities to gain control over systems.
Cybersecurity Teams
Red Team (Offensive)
Simulates attackers.
Finds vulnerabilities before real hackers do.
Uses tactics like enumeration, phishing, social engineering, malware deployment.
Blue Team (Defensive)
Protects systems against attacks.
Acts as "guards at the gate."
Uses monitoring tools, intrusion detection systems (IDS), incident response, patching.
Purple Team
Collaboration of Red + Blue teams.
Considered best practice since it combines attack simulation with defense strengthening.
Vulnerability vs. Exploit
Vulnerability: A weakness in a system (like a hole in Swiss cheese).
Not inherently bad—it just presents risk.
Exploit: When someone actively takes advantage of that weakness.
What is Enumeration?
Systematic discovery of devices and configurations.
Collects information such as:
Hosts, open ports, OS versions, applications, usernames, groups, etc.
Often a first step in penetration testing.
What is Social Engineering?
The hacking of people, not just technology.
Uses deception to gain access.
Examples:
Phishing – fake emails or websites.
Impersonation – pretending to be someone trusted.
Baiting – offering something enticing to trick victims.
Tailgating – following someone into a secure area.
Pretexting – creating a false scenario to get info.
What is Malware?
Malicious software designed to disrupt, damage, or steal data.
Umbrella term covering:
Viruses, worms, trojans, keyloggers, adware, ransomware, spyware, etc.
What are Monitoring Tools?
Software that observes networks, systems, and applications for unusual activity.
Questions they answer:
Is an application using too much memory?
Why is a server’s network traffic suddenly spiking?
When was an account last accessed?
Generates logs, reports, and alerts to help defenders respond.