Xcoder:
What is cyber security ?
The technique of protecting internet connected system from malicious attacks
IP
IP (internet protocol) it is a unique id . It is network layer protocol responsible for routing and delivering data packets between device accross networks . It assigens unique ip address to devices and ensures packets reach the corrent destination.
IPV4 32 bit addressing IPV6 128 bit addressing
TCP
TCP (Transmission control protocol)
It is a Transport layer protocol that ensures reliable ordered and error checked data transmission between devices over a network. It is connection oriented meaning it establishes a connection before data transfer using a Three way handshake
(SYN,SYN-ACK,ACK)
UDP
UDP (User Datagram Protocol)
It is a connectionless communication protocol used for sending data over a network. UDP does not establish a connection before sending data and does not guarantee the delivery of data, making it faster but less reliable.
UDP is used when speed is preferring over reliability
OSI
OSI ( Open System Interconnection)
model is a conceptual framework protocols in 7 distinct layers. each layer serves a specific function and interacts with the layers directly above and below it
OSI Model
L7 Application layer
L6 Presentation layer
L5 Session layer
L4 Transportation layer
L3 Network layer
L2 Data link layer
L1 physical layer
Switch
It is a device that connects multiple devices in a network and helps them communicate efficiently. It receives data from one device and forwards it only to the intended recipient
Router
It is a device that connects different networks it directls data between devices and ensures it reaches the right destination
Routers also provide wifi assign ip address and offer security features like firewalls.
They are essential for accessing the internet and connecting multiple devices in a network
CIA
C = Confidentiality
I = Integrity
A = Availability
Confidentiality
The protection of sensitive information from being absent or disclosed by unauthorised
individuals
Integrity
The protection of data from modification or destruction
Availability
The assurance of timely and reliable access to Tata and systems by authorised uses
AAA
Authentication
Authorised
Accounting
Network security
are designed to identify and block these attacks cyber solutions include data and access control such as data loss prevention DLP IAM identify access management NAC and NGFW application control to enforce safe web use policies.
Application security
Web application like anything else directly connected to the internet are Targets threat since 2007 OWASP has tracked the top 10 threads to critical web application security follows such as injection broken authentication miss configaration and cross site scripting to name a flow with application security the OWASP top 10 attacks can be prevents bot attacks and stops any malicious interaction with applications and APIS with continuous learning apps will remain protected even as Devops releases new content.
Cloud security
mobile security
iot security
end point security
zero of trust security
Cloud services
IAAS
SAAS
PAAS
Cyber Attack
Malware
It is a software designed to infiltrate a computer system & possibly damage it with out the users knowledge or consent
Vires
Worms
Trojan horse
Ransomware
Spyware
Rootkits
Spam
System of infection
Removing Malware
Vulnerability catagorys
Cyber kill chain model
Reconaissance
Weaponization
Delivery
Exploitation
Installation
Command & control
Action on the objective
Nist cyber security framework
Mitre attack framework
PCIDSS
ISO 27001
SOC
SIEM
Process of ethical hacking
Reconaissance
Scanning & enumeration
Gaining access
Maintaining access
Covering tracks
Proxy
A proxy site between your browser and the internet, acting as a middleman.
It intercepts requests from the browser and response from the server, allowing you to inspect and even modify them
Proxies are essential in security testing becouse they give you control over the data sent & received
Vulnerability: A vulnerability is an error in the design or implementation of a system that can be exploited to cause unexpected or undesirable behaviour. There are many ways a computer can become vulnerable to security threats. A common vulnerability is for attackers to exploit system security vulnerabilities to gain access to systems without proper authentication.
Exploit: Exploits are tools that can be used to exploit vulnerabilities. They are created using vulnerabilities. Exploits are often patched by software vendors as soon as they are released. They take the form of software or code that helps control computers and steal network data.
Mac addresses (Media access control)
It is unique identifier signed to a network interface card NIC or other hardware devices for use in communication within a network it is used in the data link layer of OSI model.
Mac address is usually represented as a 12 digit hexadecimal number (00:1A:2B:3C:4D:5E ) and it is 48 bit address 24 bit ouid & 24 bit nicid each mac address is designed to be globally unique to the device for identification within a network.
This structure allows every device in a network to have a unique mac address ensuring that data send within the network reaches the correct device
Cyber security
Switch
It is a device that connects multiple devices in a network and helps them communicate efficiently.It receives data from one device and forwards it only to the intended recipient
Router
It is a device that connects different networks it directls data between devices and ensures it reaches the right destination.
Routers also provide wifi assign ip address and offer security features like firewalls.
They are essential for accessing the internet and connecting multiple devices in a network
Mac addresses
(Media access control)
It is unique identifier signed to a network interface card NIC or other hardware devices for use in communication within a network it is used in the data link layer of OSI model.
Mac address is usually represented as a 12 digit hexadecimal number(00:1A:2B:3C:4D:5E) and it is 48 bit address 24 bit ouid & 24 bit nicid each mac address is designed to be globally unique to the device for identification within a network.
This structure allows every device in a network to have a unique mac address ensuring that data send within the network reaches the correct device
Confidentiality.
The protection of sensitive information from being absent or disclosed by unauthorised
individuals.
Integrity
The protection of data from modification or destruction.
Availability
The assurance of timely and reliable access to Tata and systems by authorised uses
Malware
It is a software designed to infiltrate a computer system & possibly damage it with out the users knowledge or consent.
Vires,Worms,Trojan horseRansomware,
Spyware,Rootkits,Spam
DNS (Domain Name System)
is like the phonebook of the internet. It translates human-readable domain names (like www.example.com) into IP addresses that computers use to identify each other on the network. This system enables users to access websites using easy-to-remember names instead of numerical IP addresses.
Proxy
A proxy site between your browser and the internet, acting as a middleman.
It intercepts requests from the browser and response from the server, allowing you to inspect and even modify them.
Proxies are essential in security testing becouse they give you control over the data sent & received
Vulnerability: A vulnerability is an error in the design or implementation of a system that can be exploited to cause unexpected or undesirable behaviour. There are many ways a computer can become vulnerable to security threats. A common vulnerability is for attackers to exploit system security vulnerabilities to gain access to systems without proper authentication.
Exploit: Exploits are tools that can be used to exploit vulnerabilities. They are created using vulnerabilities. Exploits are often patched by software vendors as soon as they are released. They take the form of software or code that helps control computers and steal network data.
Network security
are designed to identify and block these attacks cyber solutions include data and access control such as data loss prevention DLP IAM identify access management NAC and NGFW application control to enforce safe web use policies.
Application security
Web application like anything else directly connected to the internet are Targets threat since 2007 OWASP has tracked the top 10 threads to critical web application security follows such as injection broken authentication miss configaration and cross site scripting to name a flow with application security the OWASP top 10 attacks can be prevents bot attacks and stops any malicious interaction with applications and APIS with continuous learning apps will remain protected even as Devops releases new content.
Cloud security
refers to practices and technologies designed to protect data, applications, and services hosted in the cloud. It involves measures like encryption, identity management, access control, and threat detection to safeguard against cyberattacks, data breaches, and unauthorized access, ensuring p
rivacy and compliance in cloud environments.
Network
network is a system of interconnected devices or entities that can communicate with each other to exchange data, share resources, and collaborate.computers connected by cables or wireless.
Personal Area Network
is a small network typically used for connecting personal devices, such as smartphones, laptops, and tablets, within a limited range.
Local Area Network
is a network of computers and devices connected within a limited geographic area, like a home, office, or building. It allows for fast data sharing, resource access (e.g., printers, servers), and communication between devices, typically using wired or wireless connections.
Campus Area Network
is a network that connects multiple LANs within a limited geographic area, such as a university campus or a business complex. It typically spans several buildings and provides high-speed communication and resource sharing between devices across the campus, often using wired or wireless connections.
Metropolitan Area Network
is a network that covers a larger geographic area than a LAN but is smaller than a WAN. It typically spans a city or a large campus, providing high-speed internet access, data sharing, and resource management between local networks.
Wide Area Network
is a large-scale network that covers a broad geographic area, often spanning cities, countries, or even continents. It connects multiple smaller networks (like LANs or MANs) and enables communication and data sharing across vast distances. The internet is the most common exa
mple of a WAN.
