Lesson 1 - Infosec Training – Lesson One Flashcards
What is Cyber Security?
Cybersecurity is the protection to defend internet-connected devices and services from malicious attacks by hackers, spammers, and cybercriminals. The practice is used by companies to protect against phishing schemes, ransomware attacks, identity theft, data breaches, and financial losses.
Why is Cybersecurity Important?
In today’s digital world, one cannot ignore cybersecurity. One single security breach can lead to exposing the personal information of millions of people. These breaches have a strong financial impact on the companies and also loss of the trust of customers. Hence, cyber security is very essential to protect businesses and individuals from spammers and cyber criminals.
The Scale of the Cyber Security Threat
According to Forbes, 2022 will present us with a pack of diverse and terrifying cyber security challenges, everything from supply chain disruption to increased smart device risks to a continued cyber security talent drought.
According to Cybercrime Magazine, cybercrime will cost the world $10.5 trillion annually by 2025! Furthermore, global cybercrime costs are predicted to rise by almost 15 percent yearly over the next four years.
Concepts such as the pandemic, cryptocurrency, and the rise in remote working are coming together to create a target-rich environment for criminals to take advantage of.
what does cybersecurity encompass
technologies, processes, and methods to defend computer systems, data, and networks from attacks. To best answer the question “What is cybersecurity and how does it work?” we must divide it into a series of subdomains:
-identity management and data security
- disaster recovery and business continuity planning
- application security
- mobile security
- cloud security
- network security
- user education
what is identity management and data security
this subdomain covers activities, frameworks, and processes that enable authorization of legitimate individuals to an organization’s info. systems
what is disaster recovery and business continuity planning
Not all threats are humans based, the DR BC subdomain covers processes, alerts, monitors, and plans designed to help organizations prepare for keeping their business-critical systems running during and after any sort of incident (massive power outages, fires, natural disasters) and resuming and recovering lost operations and systems in the incident’s aftermath
what is application security
this covers the implementation of different defenses in and organization’s software and services against a diverse range of threats
what is mobile security
this is a big deal today as more ppl rely on mobile devices
this subdomain protects organization and personal info stored on mobile devices like tablets, cell phones and laptops from different threats like unauthorized access, device loss or theft, malware, viruses etc
In addition, mobile security employs authentication and education to help amplify security
cloud security
relates to creating secure cloud architectures and applications for companies that use cloud service providers like amazon web services, google, azure, Rackspace
network security
covers hardware and software mechanisms that protect the network and infrastructure from disruptions, authorized access, and other abuses
what user education
knowledge is power and staff awareness of cyber threats is valuable in the cyber security puzzle
giving business staff training on the fundamentals of computer security is critical in raising awareness about industry best practice organizational procedures and polices, monitoring and reporting suspicious, malicious activities
So, what do Cyber Security experts do? On any given day, they:
Asset security: Analyze networks, computers, routers, and wireless access points
Security architecture and engineering: Standardize security policies and procedures
Communication and network security: Regulate cloud storage and data transfer
Identity and access management: Track user authentication and accountability
Security operations: Monitor security to identify attacks
Security assessment and testing: Test security policies to ensure compliance with industry standards
Software development security: Create and repeatedly test code
Security and risk management: Identify potential risks and implement appropriate security controls
Security Principles or Objectives - CIA Triad
the security of any organization starts with 3 principles: confidentiality, integrity, availiability. This is called the CIA, which has served as the industry stanadrd for computer security since the time of first main frames
C in CIA
the principles of confidentiality asser that only authroirzed parties can access senstive info. and fucntion. Example:military secrets
I in CIA
the principes of integrity assert that only authroized people and means can alter, add or remove senstitve info. and fucntion. Ex: a user entering incorrect data into the data base
A in CIA
the principles of availability assert that systems, functions and data must be avaialble on-demand accordig to agreed-upon parametered based on levels of service
communication and network fundamentals
Introduction -A computer network is a system in which multiple computers are connected to each other to share information and resources. In other words, it is a network of various communicating devices or elements connected by communication links. The communication elements can be a computer, mobile, router, switch, etc., and communication links can be an optical fibre cable, coaxial fibre cable, wireless LAN, etc.. –
Each of the devices on the network can be thought of as a node; each node has a unique address. A node is either a connection point, a redistribution point, or a communication point. In other words, a node refers to a point or joint where a connection takes place.
It can be a computer or device that is part of a network. Generally, two or more nodes are needed in order to form a network connection.
A fiber-optic cable contains anywhere from a few to hundreds of optical fibers within a plastic casing. Also known as optic cables or optical fiber cables, they transfer data signals in the form of light and travel hundreds of miles significantly faster than those used in traditional electrical cables –higher banwidth
A coax cable is primarily made of copper and transmits data through electricity. The main difference between fiber and coax data connections is that the use of optical fiber enables higher Internet speeds than other forms of communication, such as copper wire, that drastically reduce bandwidth.
Basic Components of Computer Networks
Each device on a network that has a unique logical or IP (Internet Protocol) address can also be termed as a node. When connected in a network, every node in a network must have a MAC address. MAC address is a unique identifier assigned by device manufacturers to a network interface controller (NIC) for communications in a network. NIC is a computer hardware component that connects a computer to a computer network. When connected to the internet or intranet, the nodes are referred to as internet nodes. These nodes are identified by their IP addresses.
Addresses are numeric quantities that are easy for computers to work with, but not for humans to remember. Example: 205.251.242.103 (network and host IDs)
Some networks also provide names that humans can more easily remember than numbers. Example: www.amazon.com corresponding to the above numeric address
Network Fundamentals
A node may be a data communication equipment (that can be used to establish communication, such as modem, hub, bridge, switch, etc.) or a data terminal equipment (that can be an end device, such as digital telephone, handset, printer, host computer, etc.).
Components of Computer Networks
Let us assume a kingdom where the king sends a message through his messenger. The messenger collects the message, travels to all the countries, passes it to the rulers and the rulers pass it to their respective people.
Now replace Kingdom with a Hub in this scenario, and you have a computer network, which implies that -
- King as Server.
- Message as Shared data.
- Messenger as the Network Interface Unit (NIU).
- The mode of transport taken by messenger as Transmission media.
- Rulers as Switch.
- People as Clients.
Components of Computer Networks
servers
shared data
network interface unit (NIU)
switch
clients
firewall
a router
a wireless access point
defined the Components of Computer Networks
servers
- the main computer that acts as a host and provides data, software etc to teht other terminals linked with it or computer designed to process requests and deliver data to another computer over the internet or a local network
shared data
- the data filed that servers provide to clients such as e mail data files, printer access programs
network interface unit (NIU)
- an interpreter that is utilized in the process of establishing communication between the server and the workstations and is a device that is attached to each workstation and server
switch
- computer networking devce that connetcs devices on a computer network by using packet switching to recive, process and forward datato the destination device. (Uses MAC address table, sometimes called a content addressable memory (CAM) table to determine where to forward traffic on a LAN)
MAC: Media access control. It uses hardware address of a particular device in each incoming message to deliver the message to the right destination
clients
- computers (users) that access and use the service of the netwrok an dhsared netowrk resources
firewall
- a network security device that monitors incoming and outgoing network traffic and decided whether to allow or block specific traffic based on a defined set of security rules
Firewals have been a first line of defense in netwrok security for over 25 years
a router
- a networking device that forwards data packets between computer networks (internet or local network) Routers perform the traffic directing fnctions on the internet using IP addess. data sent thru the internet such as a web page or email is in the form of data packets
a wireless access point
- a device that creaes a wireless local area network, or WLAN usually in an office or large building. An access point connects to a wired router, switch or hub via an ethernet
Client-Server Architecture
The foundation of modern networking is the centralized process and IT framework known as the client-server model.
Serves have architecture that describes how servers share resources and interact with network devices. For been the machines and mechanisms to process end-user requests and deliver specific digital resources. These requests include anything from a Google search on a smartphone to a remote employee accessing confidential company information.
The client-server model is a network modern enterprises anddata centers, many servers facilitate processes like email,printing, internet connections,application hosting, and more.
The client-server model describes how network devices like workstations, laptops, and IoT devices — known as clients — make requests to network machines or software capable of completing the request, known as servers.
Client Examples – Workstation, Desktop, Laptop, Smartphone, IoT devices, Tablet,
Examples of Servers are database server, Domain Name Server, Web Application Server, Print Server, Virtual Machine, Proxy Server, File Server, etc.
How Does the Client-Server Model Work?
An operational client-server architecture facilitates the following process:
- The client submits a request through a network-enabled device.
- The network server receives and processes the request.
-The server delivers a response to the client.
Example of Client- Server Model
Emailing - When using their email accounts, staff are the clients making requests to send emails, upload attachments, and store contacts to an email server.
Accessing Web - When a web client wants to access a specific website, they enter the URL, and the browser requests an IP address from the domain name system (DNS). The DNS server assigns the user an IP address for identification and delivery of results.
clinet/server architecture
client
- front-end application
server
- back end application
communication middleware
- communications layer
Peer-to-Peer Networking Model
This network facilitates the flow of information from one peer to another without any central server. It can be termed as an ad hoc network (sometimes called a computer-to-computer network) or a temporary network used for sharing files, or an internet connection among multiple computer and devices. Devices must 30 feet apart.
Classification of Computer Network
A computer network can be classified on the basis of communication media, functional relationships, topology, and scale of the network
Classification based on communication media - Computer Networks can be broadly classified in the following two categories based on communication media:
Wired Network: It can be implemented using coaxial cable, optical fibre cable, etc.
Wireless Network: It can be implemented using Communication Satellites, Wireless LAN (Wi-Fi), etc.
Classification according to scale - Computer Networks can be broadly classified in the following three categories according to scale or the area of a network –
Classification according to scale
LAN: It is the acronym for Local Area Network. It is confined to a small geographical area such as a library, college building, etc.
MAN: It is the acronym for Metropolitan Area Network. It is confined to a large geographical area such as a state, city, or town.
WAN: It is the acronym for Wide Area Network. It is confined to a very large geographical area such as a country or even the whole world.
Classification based on Network topology
Computer Networks can be broadly classified in the following five categories based on network topology i.e. based on how the nodes are connected in a network:
Bus: In this network topology, every node is connected to a single cable, also called a bus.
Star: In this network topology, all the devices are connected to a single hub through a cable. This hub is the central node. The hub can be active or passive in nature.
Ring: In this network topology, a ring is formed between various nodes that connect a device with its exactly two neighbor devices.
Mesh: In this network topology, every node is connected to another node via a particular channel.
Hybrid: This network topology is a combination of two or more topologies.
Tree has a root node, and all other nodes are connected which form a hierarchy. So, it is also known as hierarchical topology
