Section 1: Basic Introduction to Cyber Security and Information Security
Definition of cyber security: Keeping everything you do online safe.
Definition of information security “denoted by InfoSec”: authorizing only people
belonging to an organization to access its information.
Difference between cyber security and InfoSec:
InfoSec deals with protecting all types of data but cyber security deals digital or
electronic data.
Principles of cyber security:
There are three principles of cyber security that are defined by a relation called “CIA
Triad”
Availabilty
refers to authorization
CIA
Triad
Confidentiality Integrity
referes to privacy refers to accuracy
Protocol: digital language through which we communicate with others on the internet.
Types of Protocols:
1. TCP: transmission central protocol
Data is broken down into packets then sent to destination used for communication over
network.
2. FTP: file transfer protocol
Basically used for transferring files to different networks in a quicker way than other.
1
�3. SMTP: simple mail transfer protocol
Manages the transmission and outgoing mail over the net.
4. HTTP: hypertext transfer protocol
Used for the connection between the web client and the web server.
5. ARP: address resolution protocol
Used to find a hardware address of a device from IP. It’s used when a device wants to
communicate with some other device on a local network.
6. DNS: domain name protocol
Maintain directory of domain name and translate them to IP address.
7. SSL: Secure Sockets Layer
Establishes encrypted connection between a web server and a browser in an online
connection.
8. TLS: Transport Layer Security
Provides privacy and data integrity between two communicating applications.
9. HTTPS: Hypertext Transfer Protocol Secure
It is a secure version of HTTP. It is often used to protect highly confidential online
transactions like online banking or online shopping…
10. SSH: Secure Socket Shell
Gives system administrators a secure way to access a computer over an unsecured
network.
Section 2: Some Basics about Hacking
What is hacking? Hacking refers to an unauthorized intrusion into a computer or
network.
Types of hacking:
1. Ethical Hacking: It is a legal type where it is done to find weakness in a computer or
network system for testing purpose
2
�2. Network Hacking: Gathering information about a network with the intent to harm its
system and hamper its operation.
3. Email Hacking: Getting unauthorized access on an Email account and using it
without the permission of its owner.
4. Password Hacking: Process of recovering secret passwords from data that has been
stored by a computer system.
5. Computer Hacking: Stealing computer ID and password by applying some methods
and getting unauthorized access to its system.
Attacks from hackers:
1. Phishing: It is an email fraud method in which the perpetrator sends out legitimate-
looking emails, in an attempt to gather personal and financial information from
recipients.
2. BFA: Brute Force Attack.
It is an automated and the simplest kind of method to gain access to a system or
website. It tries different combination of usernames and passwords until it gets in.
3. DOS Attack: Denial of service attack.
It is a malicious attempt to make a server or a network resource unavailable to users,
usually by temporarily interrupting or suspending the services of a host connected to
the internet.
4. DDOS Attack: Distributed denial of service attack.
It occurs when multiple systems flood the bandwidth or resources of a targeted
system, usually one or more web servers. It is often the result of a multiple
compromised systems flooding the targeted system with traffic.
5. Botnets: It also known as zombie army; is a group of computers controlled without
their owners’ knowledge. They are used to send spam or make denial of service
attacks.
6. MITM: Man in the Middle Attack.
It is a type of Eavesdropping attack where the attacker establishes an independent
connection with both the sender and the receiver. It is done in order to hijack their
communication session.
3
�7. IP Spoofing: It refers to connection hijacking through a fake internet protocol (IP)
address. It is the action of making a computer IP address looks like it is authentic.
During this masking process, the fake IP address sends what appears to be a
malevolent message coupled with an IP address that appears to be trusted.
8. URL Spoofing: It is the process of creating a fake URL which impersonates a
legitimate and secure website.
9. SQL Injection: Structured Query Language+ Injection.
SQL: Language designed to manipulate and manage data in a database.
SQL Injection: It is an attack that targets these databases using specifically crafted
SQL statements to trick the systems into doing unexpected things.
10. LDAP Injection: Lightweight Directory Access Protocol+ Injection.
LDAP: Client / server protocol used to access and manage directory information.
LDAP Injection: It is a type of attack on web application where hackers place code in
a user input field in an attempt to gain unauthorized access or information.
Section 3: Basic Terminologies
Malware: It is a shorthand for malicious software and is designed to cause damage to a
computer, server or network.
Viruses: Malicious software program loaded onto a user’s computer without the user’s
knowledge and performs malicious actions.
Worms: Malware computer program that replicates itself in order to spread to other
computers.
Trojan: Type of malicious software developed by hackers to disguise as legitimate
software to gain access to target user’s systems.
Ransom ware: Type of malicious software designed to block access to a computer
system until a sum of money is paid.
Spyware: Program that secretly records what you do on your computer.
4
�Rootkit: Set of programs or utilities that allows someone to maintain root-level access to
the system. It can be installed in number of ways including phishing attacks … Once
installed, it gives the remote actor access to control over almost every aspect of the
operating system.
Section 4: Defenses
Antivirus: Class of program designed to prevent, detect and remove malware infections
on individual computing devices, networks and IT systems.
Firewall: Network security device that monitors incoming and outgoing network traffic
and decides whether to allow or block specific traffic based on a defined set of security
rules.
Encryption: Method by which plaintext or any other type of data is converted from a
readable form to an encoded version that can only be decoded by another entity which
have access to decryption key.
2FA (2 Factor Authentication): Two- step verification or dual factor authentication; it is
a security process in which the user provides two different authentication factors to verify
itself to better protect the user’s credentials.
Honey Pots: Network- attached system set up as a decoy to lure cyber attackers and to
detect, deflect or study hacking attempts in order to gain unauthorized access to
information system.
DMZ (Demilitarized Zones): Small sub network that sits between a trusted internal
network such as a corporate or private LAN, and an untrusted external network such as
the public Internet.
