CH 1 - 12 marks

Page 1: Introduction

  • Parul R

  • University Fundamentals of Information Security

  • Prof. Jigar Gajjar

  • Credentials: Certified Ethical Hacker (EC-Council), ISO 27001 ISMS Lead Auditor

  • CSE - Cybersecurity

Page 2: Chapter Overview

  • Chapter 1: Introduction

  • Introduction to fundamental concepts of Information Security and Cybersecurity.

Page 3: Importance of the Unit

  • Fundamental understanding of cybersecurity and ethical hacking.

  • Recognizing the significance of protecting digital assets and data.

  • Relating the CIA Triad (Confidentiality, Integrity, Availability) to information protection.

  • Describing security architecture and its components.

  • Defining security governance and its critical role.

  • Understanding vulnerability identification and compliance.

  • Gaining knowledge of cybersecurity regulations and frameworks.

  • Understanding ethical hacking and its objectives.

  • Differentiating between black hat, white hat, and gray hat hackers.

  • Systematic approach for vulnerability identification.

  • Defining penetration testing and its significance.

  • Distinguishing between white box, black box, and gray box testing.

Page 4: Definition of Cybersecurity

  • Cybersecurity: Protecting and recovering computer systems, networks, devices, and programs from cyber attacks.

  • Cyber attacks are increasingly sophisticated, often using social engineering and AI.

  • Cybersecurity is also viewed as securing system devices in electronic form.

Page 5: Definition of Information Security

  • Information Security (InfoSec): Maintaining the well-being of information and infrastructure against theft and disruption.

  • Protects information and systems from unauthorized access, alteration, and destruction.

  • Information security encompasses all formats of information, from electronic to physical documents.

Page 6: InfoSec as Part of Information Risk Management

  • InfoSec: Shortened to signify the protection of information by mitigating risks.

  • Part of overall information risk management with an emphasis on safeguarding information systems.

Page 7: Understanding Data and Information

  • Data: Raw, unorganized facts that lack significance (e.g., text, figures).

  • Measured in bits and bytes, data alone does not suffice for decision-making.

  • Information: Processed and structured data that provides context and aids decision-making.

  • Example: A sale being data, becomes information when analyzed for trends.

Page 8: Difference Between Data and Information

  • Data: Unorganized facts without specific meaning.

  • Information: Processed data providing context, suitable for decision-making.

  • Example of Data: A student's test score; Information could be the average of a class.

Page 9: Cybersecurity vs Information Security

  • Cybersecurity:

    • Focus on network, application, and cloud security.

  • Information Security:

    • Encompasses cybersecurity alongside procedural, access, and technical controls.

Page 10: Key Differences Explained

  • Basic Definition:

    • Cybersecurity protects data from outside threats; Information Security focuses on protecting from unauthorized access.

  • Scope:

    • Cybersecurity safeguards the cyber realm; Information Security covers all information types.

  • Threats:

    • Cybersecurity addresses cyber offenses; Information Security addresses data protection.

  • Professionals:

    • Cybersecurity professionals focus on active threats; Information Security focuses on data security policies.

Page 11: The Need for Cybersecurity

  • Protects all data categories from theft and damage in a digital world.

  • Technology evolution leading to increased reliance on computers.

  • Rising complexity in managing computer infrastructures.

Page 12: Reasons for Cybersecurity Necessity

  • Rising Cyber Threats: Growing risks to digital systems.

  • Intellectual Property Protection: Safeguarding against IP theft.

  • Operational Disruption: Cyber incidents affecting business productivity.

  • Human Error Vulnerabilities: Importance of training in cybersecurity.

  • Reputation Damage: Cyber breaches can harm trust and reputation.

Page 13: Economic & Regulatory Impacts

  • Economic Costs: Theft affecting corporate resources and operations.

  • Regulatory Costs: Potential fines from data breach laws like GDPR.

  • Supply Chain Vulnerabilities: Breaches can affect multiple organizations in a chain.

Page 14: Security Assurance and the CIA Triad

  • CIA Triad: Principles of confidentiality, integrity, and availability are fundamental for security.

  • Information assurance aids organizations in identifying and managing risks associated with information.

Page 15: CIA Triad Components Explained

  • Confidentiality: Restriction of information access to authorized users comparing authorized communication.

  • Integrity: Ensuring information remains unaltered without authorization.

  • Availability: Information must be accessible to authorized users as needed.

Page 16: Authentication and Non-Repudiation

  • Authentication: Verifying user identities to ensure secure access.

  • Non-repudiation: Prevention of denial in communication and acknowledgment of actions taken.

Page 17: Maintaining Confidentiality

  • Importance of strict access control to prevent unauthorized viewing that could lead to breaches.

Page 18: Ensuring Data Integrity

  • Protecting data from unauthorized modifications through strict access controls.

Page 19: Ensuring Availability

  • Protecting systems to ensure data can be accessed when required by users.

Page 20: Non-Repudiation Processes

  • Validates communications ensuring parties cannot deny sending or receiving information.

Page 21: Authentication Procedure

  • The process of checking user credentials against a database to allow access and maintain data security.

Page 22: Understanding Hacking

  • Hacking: Exploiting weaknesses to gain unauthorized system access.

  • Common techniques used in network hacking such as viruses, DoS attacks, and phishing.

Page 23: Definition of Ethical Hacking

  • Ethical Hacking: Authorized attempts to find and fix security vulnerabilities.

  • Mimics malicious hackers to improve system security.

Page 24: Defining a Hacker

  • A skilled individual who exploits system weaknesses, often for fun or malicious intent.

Page 25: Definition of Ethical Hacker

  • Roles include identifying weaknesses but focusing on remediating them versus exploiting them.

Page 26: Types of Hackers Overview

  • Black Hat: Malicious hackers

  • White Hat: Security specialists

  • Gray Hat: Hackers that don't exploit vulnerabilities maliciously.

  • Green, Blue, Red Hats: Various roles and intents within hacking.

Page 27: Detailed Types of Hackers

  • Black Hat cybercriminals maliciously exploit systems.

  • White Hat seek vulnerabilities to prevent attacks.

  • Gray Hat often act without malicious intents, viewing hacking as sport.

Page 28: More on Types of Hackers

  • Blue Hat: Hired by companies for testing.

  • Red Hat: Adopt aggressive measures against black hats.

  • Green Hat: Newbies aspiring to learn ethical hacking.

Page 29: Phases of Ethical Hacking

  • Five Phases: 1. Reconnaissance 2. Scanning 3. Gaining Access 4. Maintaining Access 5. Clearing Tracks

Page 30: Phase 1 - Reconnaissance

  • Initial information-gathering phase focusing on understanding the target network or system.

Page 31: Reconnaissance Information Types

  • Collecting network and organizational information, including IP addresses, open ports, and employee details.

Page 32: Reconnaissance Techniques

  • Active Footprinting: Engaging directly with the target for information.

  • Passive Footprinting: Gathering information indirectly through public resources.

Page 33: Phase 2 - Scanning

  • Involves using reconnaissance data to identify vulnerabilities in the target.

Page 34: Types of Scanning

  • Port Scanning: Identifying open ports and services.

  • Vulnerability Scanning: Locating weaknesses in the target’s systems.

  • Network Scanning: Finding firewalls and routing within the networks.

Page 35: Phase 3 - Gaining Access

  • Using collected data to formulate an attack, employing various attack methods including phishing and DDoS.

Page 36: Phase 4 - Maintaining Access

  • Hackers maintain access using tools like rootkits and Trojans for continuous exploitation.

Page 37: Phase 5 - Clearing Tracks

  • Avoiding detection by erasing traces and manipulating log files after actions are executed.

Page 38: References

  • Useful Links:

  1. Synopsys - Ethical Hacking Glossary

  2. EC-Council - What is Ethical Hacking

  3. Bootcamp - Guide to Ethical Hacking

  4. Byjus - Data vs Information

  5. MRCET CyberSecurity Notes

  6. SlideShare - Introduction to Cybersecurity Fundamentals

Page 39: Conclusion

  • Parul R University

  • Digital Learning Content available on the university website or YouTube.