SlideShare a Scribd company logo
1 of 32
Download to read offline
CYBER SECURITY
FUNDAMENTALS
By – Apurv Singh Gautam
WHAT TO EXPECT??
NEED OF SECURITY
• Increasing awareness of technology but not Security
• Continuous Development & Competition in IT
• Increasing number of Cyber Criminals
• Increasing use of Network elements & applications
• Decreasing level of skill set
NEED OF SECURITY
• Any Security breach in the website of any person increases the
risk of the public image
• Any Security breach in the website of any company increases
the risk of company reputation
• Any Security breach in the government website may increase
the risk on project management and government operations
WHAT IS HACKING??
• Hacking is an art of exploring various security breaches
• What people believe: It’s an anti-social activity
: All the hackers are bad people
• The terms Hacker and Hacking are being misinterpreted and misunderstood
with negative sidelines
COMMUNITIES OF HACKERS
• Hackers
• Crackers
• Phreaks
• Script Kiddies
TYPES OF HACKERS
• White Hat Hacker - They use their knowledge and skill set for good
constructive intents. They find out new security loopholes and their
solutions
• Black Hat Hacker - They use their knowledge and skill set for illegal
activities and destructive intents
• Grey Hat Hacker – They use their knowledge and skill set for legal and illegal
purpose. They are white hats in public but internally they do some black hat
work
NETWORKING
FUNDAMENTALS
IP ADDRESS
IP Address is also known as,
• Logical Address, or
• Unique Identity Address
It is used to identify the systems. Whenever any computer connects itself with the
internet or with LAN, it gets one IP address, that IP address is always unique in the
network. This means, once an IP address is assigned to any system in the network,
it cannot be assigned to any other system. The same in the internet, if one IP
address has been assigned to one system, it cannot be assigned to anyone else
IP TYPES
• Internal IP - Whenever a computer connects itself with an Internal Network
(LAN) , it gets an Internal IP. This IP will be the identity of the particular
computer in the network
• External IP - Whenever a computer connects itself with the internet , it gets
an IP address by ISP. This IP will be the identity of the particular computer
over the internet.
IP TYPES
Both the Internal & External IP address can be allocated in two forms.
• Static IP Address - Static IP Address remains same in all the sessions.
• Dynamic IP Address - Dynamic IP Address keeps changing in all the
sessions.
INTRODUCTION TO
TROJANS
VIRUS & WORMS
Virus, Vital Information Resource Under Seize , is a piece of code
which is meant for the malicious purpose. It can replicate itself In the
same system or also to the external hard drive. It may harm your
system by deleting vital information from your hard drive or by
corrupting the operating system files.
Worms are the virus that replicates itself by resending itself as an e-
mail attachment or as part of a network message. Worms does not
alter files but resides in active memory and duplicates itself. Worm
use parts of an operating system that are automatic and usually
invisible to the user
TROJANS
Trojans are piece of code which is meant for the remote
administration purpose. It may or may not harm your computer
but the hacker can administrate your computer remotely. A
hacker may see the webcam, can get the logs of all the key
strokes and can also delete any file & folders from your system.
Trojans are one of the most dangerous and widely used by
hackers to get into the systems
TYPES OF TROJANS
• Direct Connection Trojan
• Reverse Connection Trojan
DIRECT CONNECTION TROJAN
In the direct connection Trojan, Victim’s IP Address plays
essential role. Hacker sends Trojan to victim, victim
unknowingly executes it. To get the remote connection of
victim’s computer, hacker needs to have IP Address of
victim. Hacker uses different methods to get the IP
address of victims such as,
• Email Tracing
• IP Grabbing
• Social Engineering
REVERSE CONNECTION TROJAN
Hacker creates the Trojan with his own IP address. In this case, when a victim
executes the Trojan, hacker gets the connection. Hacker needs to open one
port to get the connection.
RAT (REMOTE ADMINISTRATION TOOL)
RAT IS, Remote Administration Tool used to create the Trojans. One
can use their own coding to create the Trojans also but RAT may help
you to create it easily.
• It is also used to control the victim’s computer. After creating and
sending the Trojan, hacker needs to open a port on his own system,
for this a hacker can use RAT.
• RAT is created by the hackers to help the hackers,
• Also after getting the connection hacker can perform various tasks
such as accessing the webcam, file & folder operations, edit the
registry and even can edit the command prompt of the victim using
RAT.
RAT (REMOTE ADMINISTRATION TOOL)
RATs are available for both the types of Trojans. There are
numerous RATs available over the internet such as,
• Cyber Gate
• Dark Comet
• Pro Rat
• Poison Ivy
• Net Bus
Etc, etc, etc, …
INTRODUCTION TO
SOCIAL ENGINEERING
“Cause there’s no PATCH for HUMAN
STUPIDITY”
WHAT IS SOCIAL ENGINEERING??
In context of Information Security, it is the use of
deception to manipulate individuals into divulging
confidential or personal information that may be
used for fraudulent purposes.
TECHNIQUE
• Human Interaction
• Respectable & Known Person or Entity
• Assembling all gathered information together
TYPES OF SOCIAL ENGINEERING
• Quid Pro Quo – Something for something
• Phishing
• Baiting
• Pretexting
• Diversion Theft
WEAKEST LINK??
No matter how strong your:
• Firewalls
• IDS & IPS
• Cryptography
• Anti-Virus Software
• You are the weakest link in computer security. People are more vulnerable
than computers.
• “The weakest link in the security chain is the human element: - Kevin
Mitnick
WAYS TO PREVENT SOCIAL ENGINEERING
• User Awareness
• Policies
• Third party Test
• Be Smart
CONTACT
• Email – apurvsinghgautam@gmail.com
• Mobie No. - +91 9918045500
• Social Name – Apurv Singh Gautam
(Google, Facebook, Twitter, LinkedIn, Quora, etc etc)

More Related Content

What's hot

Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Securitybelsis
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness TrainingJen Ruhman
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityA. Shamel
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays worldSibghatullah Khattak
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee TrainingPaige Rasid
 
Introduction: CISSP Certification
Introduction: CISSP CertificationIntroduction: CISSP Certification
Introduction: CISSP CertificationSam Bowne
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awarenessJason Murray
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptOoXair
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Securitychauhankapil
 
Application Security - Your Success Depends on it
Application Security - Your Success Depends on itApplication Security - Your Success Depends on it
Application Security - Your Success Depends on itWSO2
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Jay Nagar
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
cyber security presentation.pptx
cyber security presentation.pptxcyber security presentation.pptx
cyber security presentation.pptxkishore golla
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 

What's hot (20)

End-User Security Awareness
End-User Security AwarenessEnd-User Security Awareness
End-User Security Awareness
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Security
 
Cybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacksCybersecurity 2 cyber attacks
Cybersecurity 2 cyber attacks
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays world
 
Cyber security ppt
Cyber security pptCyber security ppt
Cyber security ppt
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee Training
 
Security Awareness Training by Fortinet
Security Awareness Training by FortinetSecurity Awareness Training by Fortinet
Security Awareness Training by Fortinet
 
Introduction: CISSP Certification
Introduction: CISSP CertificationIntroduction: CISSP Certification
Introduction: CISSP Certification
 
Cyber security awareness
Cyber security awarenessCyber security awareness
Cyber security awareness
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Security
 
Application Security - Your Success Depends on it
Application Security - Your Success Depends on itApplication Security - Your Success Depends on it
Application Security - Your Success Depends on it
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
 
Basic Security Training for End Users
Basic Security Training for End UsersBasic Security Training for End Users
Basic Security Training for End Users
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
cyber security presentation.pptx
cyber security presentation.pptxcyber security presentation.pptx
cyber security presentation.pptx
 
Cyber security training
Cyber security trainingCyber security training
Cyber security training
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
 

Similar to Cyber Security Fundamentals

Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and crackingHarshil Barot
 
Workshop on Cyber security
Workshop on Cyber security Workshop on Cyber security
Workshop on Cyber security Mehedi Hasan
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security PresentationPraphullaShrestha1
 
Internetsecuritypowerpoint 130404101055-phpapp02
Internetsecuritypowerpoint 130404101055-phpapp02Internetsecuritypowerpoint 130404101055-phpapp02
Internetsecuritypowerpoint 130404101055-phpapp02sanjay kumar
 
Workshop on Cyber security and investigation
Workshop on Cyber security and investigationWorkshop on Cyber security and investigation
Workshop on Cyber security and investigationMehedi Hasan
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpointArifa Ali
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpointArifa Ali
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationJoshua Prince
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer SecurityVibrant Event
 
Ethical Hacking - Introduction to Computer Security
Ethical Hacking - Introduction to Computer Security Ethical Hacking - Introduction to Computer Security
Ethical Hacking - Introduction to Computer Security Vibrant Event
 

Similar to Cyber Security Fundamentals (20)

Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and cracking
 
Workshop on Cyber security
Workshop on Cyber security Workshop on Cyber security
Workshop on Cyber security
 
Hacking intro
Hacking introHacking intro
Hacking intro
 
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hacking
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
 
Internetsecuritypowerpoint 130404101055-phpapp02
Internetsecuritypowerpoint 130404101055-phpapp02Internetsecuritypowerpoint 130404101055-phpapp02
Internetsecuritypowerpoint 130404101055-phpapp02
 
Cyber Security Seminar Day 2
Cyber Security Seminar Day 2Cyber Security Seminar Day 2
Cyber Security Seminar Day 2
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
 
Workshop on Cyber security and investigation
Workshop on Cyber security and investigationWorkshop on Cyber security and investigation
Workshop on Cyber security and investigation
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptx
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentation
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer Security
 
Ethical Hacking - Introduction to Computer Security
Ethical Hacking - Introduction to Computer Security Ethical Hacking - Introduction to Computer Security
Ethical Hacking - Introduction to Computer Security
 
Ethical Hacking - Introduction to Computer Security
Ethical Hacking - Introduction to Computer SecurityEthical Hacking - Introduction to Computer Security
Ethical Hacking - Introduction to Computer Security
 

More from Apurv Singh Gautam

Automating Threat Hunting on the Dark Web and other nitty-gritty things
Automating Threat Hunting on the Dark Web and other nitty-gritty thingsAutomating Threat Hunting on the Dark Web and other nitty-gritty things
Automating Threat Hunting on the Dark Web and other nitty-gritty thingsApurv Singh Gautam
 
Threat Hunting on the Dark Web
Threat Hunting on the Dark WebThreat Hunting on the Dark Web
Threat Hunting on the Dark WebApurv Singh Gautam
 
All about Cyber Security - From the perspective of a MS student
All about Cyber Security - From the perspective of a MS studentAll about Cyber Security - From the perspective of a MS student
All about Cyber Security - From the perspective of a MS studentApurv Singh Gautam
 
SIT Summer School (Cyber Security)
SIT Summer School (Cyber Security)SIT Summer School (Cyber Security)
SIT Summer School (Cyber Security)Apurv Singh Gautam
 
Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)Apurv Singh Gautam
 
Encrypted database management system
Encrypted database management systemEncrypted database management system
Encrypted database management systemApurv Singh Gautam
 

More from Apurv Singh Gautam (14)

Automating Threat Hunting on the Dark Web and other nitty-gritty things
Automating Threat Hunting on the Dark Web and other nitty-gritty thingsAutomating Threat Hunting on the Dark Web and other nitty-gritty things
Automating Threat Hunting on the Dark Web and other nitty-gritty things
 
Threat Hunting on the Dark Web
Threat Hunting on the Dark WebThreat Hunting on the Dark Web
Threat Hunting on the Dark Web
 
All about Cyber Security - From the perspective of a MS student
All about Cyber Security - From the perspective of a MS studentAll about Cyber Security - From the perspective of a MS student
All about Cyber Security - From the perspective of a MS student
 
SIT Summer School (Cyber Security)
SIT Summer School (Cyber Security)SIT Summer School (Cyber Security)
SIT Summer School (Cyber Security)
 
Cyber Security Seminar Day 1
Cyber Security Seminar Day 1Cyber Security Seminar Day 1
Cyber Security Seminar Day 1
 
Bitcoin Forensics
Bitcoin ForensicsBitcoin Forensics
Bitcoin Forensics
 
Log Out Cyber Awareness
Log Out Cyber AwarenessLog Out Cyber Awareness
Log Out Cyber Awareness
 
OSINT
OSINTOSINT
OSINT
 
Intro to Network Vapt
Intro to Network VaptIntro to Network Vapt
Intro to Network Vapt
 
Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)
 
Anonymous traffic network
Anonymous traffic networkAnonymous traffic network
Anonymous traffic network
 
Flexible Displays
Flexible DisplaysFlexible Displays
Flexible Displays
 
India against corruption
India against corruptionIndia against corruption
India against corruption
 
Encrypted database management system
Encrypted database management systemEncrypted database management system
Encrypted database management system
 

Recently uploaded

Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...amber724300
 
Dynamical Context introduction word sensibility orientation
Dynamical Context introduction word sensibility orientationDynamical Context introduction word sensibility orientation
Dynamical Context introduction word sensibility orientationBuild Intuit
 
QMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfQMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfROWELL MARQUINA
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Laying the Data Foundations for Artificial Intelligence!
Laying the Data Foundations for Artificial Intelligence!Laying the Data Foundations for Artificial Intelligence!
Laying the Data Foundations for Artificial Intelligence!Memoori
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Deliver Latency Free Customer Experience
Deliver Latency Free Customer ExperienceDeliver Latency Free Customer Experience
Deliver Latency Free Customer ExperienceOpsTree solutions
 
WomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyoneWomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyoneUiPathCommunity
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 

Recently uploaded (20)

Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
 
Dynamical Context introduction word sensibility orientation
Dynamical Context introduction word sensibility orientationDynamical Context introduction word sensibility orientation
Dynamical Context introduction word sensibility orientation
 
QMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfQMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdf
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Laying the Data Foundations for Artificial Intelligence!
Laying the Data Foundations for Artificial Intelligence!Laying the Data Foundations for Artificial Intelligence!
Laying the Data Foundations for Artificial Intelligence!
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Deliver Latency Free Customer Experience
Deliver Latency Free Customer ExperienceDeliver Latency Free Customer Experience
Deliver Latency Free Customer Experience
 
WomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyoneWomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyone
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 

Cyber Security Fundamentals

  • 2.
  • 4. NEED OF SECURITY • Increasing awareness of technology but not Security • Continuous Development & Competition in IT • Increasing number of Cyber Criminals • Increasing use of Network elements & applications • Decreasing level of skill set
  • 5.
  • 6. NEED OF SECURITY • Any Security breach in the website of any person increases the risk of the public image • Any Security breach in the website of any company increases the risk of company reputation • Any Security breach in the government website may increase the risk on project management and government operations
  • 7.
  • 8. WHAT IS HACKING?? • Hacking is an art of exploring various security breaches • What people believe: It’s an anti-social activity : All the hackers are bad people • The terms Hacker and Hacking are being misinterpreted and misunderstood with negative sidelines
  • 9. COMMUNITIES OF HACKERS • Hackers • Crackers • Phreaks • Script Kiddies
  • 10. TYPES OF HACKERS • White Hat Hacker - They use their knowledge and skill set for good constructive intents. They find out new security loopholes and their solutions • Black Hat Hacker - They use their knowledge and skill set for illegal activities and destructive intents • Grey Hat Hacker – They use their knowledge and skill set for legal and illegal purpose. They are white hats in public but internally they do some black hat work
  • 12. IP ADDRESS IP Address is also known as, • Logical Address, or • Unique Identity Address It is used to identify the systems. Whenever any computer connects itself with the internet or with LAN, it gets one IP address, that IP address is always unique in the network. This means, once an IP address is assigned to any system in the network, it cannot be assigned to any other system. The same in the internet, if one IP address has been assigned to one system, it cannot be assigned to anyone else
  • 13. IP TYPES • Internal IP - Whenever a computer connects itself with an Internal Network (LAN) , it gets an Internal IP. This IP will be the identity of the particular computer in the network • External IP - Whenever a computer connects itself with the internet , it gets an IP address by ISP. This IP will be the identity of the particular computer over the internet.
  • 14. IP TYPES Both the Internal & External IP address can be allocated in two forms. • Static IP Address - Static IP Address remains same in all the sessions. • Dynamic IP Address - Dynamic IP Address keeps changing in all the sessions.
  • 16. VIRUS & WORMS Virus, Vital Information Resource Under Seize , is a piece of code which is meant for the malicious purpose. It can replicate itself In the same system or also to the external hard drive. It may harm your system by deleting vital information from your hard drive or by corrupting the operating system files. Worms are the virus that replicates itself by resending itself as an e- mail attachment or as part of a network message. Worms does not alter files but resides in active memory and duplicates itself. Worm use parts of an operating system that are automatic and usually invisible to the user
  • 17. TROJANS Trojans are piece of code which is meant for the remote administration purpose. It may or may not harm your computer but the hacker can administrate your computer remotely. A hacker may see the webcam, can get the logs of all the key strokes and can also delete any file & folders from your system. Trojans are one of the most dangerous and widely used by hackers to get into the systems
  • 18. TYPES OF TROJANS • Direct Connection Trojan • Reverse Connection Trojan
  • 19. DIRECT CONNECTION TROJAN In the direct connection Trojan, Victim’s IP Address plays essential role. Hacker sends Trojan to victim, victim unknowingly executes it. To get the remote connection of victim’s computer, hacker needs to have IP Address of victim. Hacker uses different methods to get the IP address of victims such as, • Email Tracing • IP Grabbing • Social Engineering
  • 20. REVERSE CONNECTION TROJAN Hacker creates the Trojan with his own IP address. In this case, when a victim executes the Trojan, hacker gets the connection. Hacker needs to open one port to get the connection.
  • 21. RAT (REMOTE ADMINISTRATION TOOL) RAT IS, Remote Administration Tool used to create the Trojans. One can use their own coding to create the Trojans also but RAT may help you to create it easily. • It is also used to control the victim’s computer. After creating and sending the Trojan, hacker needs to open a port on his own system, for this a hacker can use RAT. • RAT is created by the hackers to help the hackers, • Also after getting the connection hacker can perform various tasks such as accessing the webcam, file & folder operations, edit the registry and even can edit the command prompt of the victim using RAT.
  • 22. RAT (REMOTE ADMINISTRATION TOOL) RATs are available for both the types of Trojans. There are numerous RATs available over the internet such as, • Cyber Gate • Dark Comet • Pro Rat • Poison Ivy • Net Bus Etc, etc, etc, …
  • 23. INTRODUCTION TO SOCIAL ENGINEERING “Cause there’s no PATCH for HUMAN STUPIDITY”
  • 24. WHAT IS SOCIAL ENGINEERING?? In context of Information Security, it is the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.
  • 25.
  • 26. TECHNIQUE • Human Interaction • Respectable & Known Person or Entity • Assembling all gathered information together
  • 27. TYPES OF SOCIAL ENGINEERING • Quid Pro Quo – Something for something • Phishing • Baiting • Pretexting • Diversion Theft
  • 28.
  • 29. WEAKEST LINK?? No matter how strong your: • Firewalls • IDS & IPS • Cryptography • Anti-Virus Software • You are the weakest link in computer security. People are more vulnerable than computers. • “The weakest link in the security chain is the human element: - Kevin Mitnick
  • 30. WAYS TO PREVENT SOCIAL ENGINEERING • User Awareness • Policies • Third party Test • Be Smart
  • 31.
  • 32. CONTACT • Email – apurvsinghgautam@gmail.com • Mobie No. - +91 9918045500 • Social Name – Apurv Singh Gautam (Google, Facebook, Twitter, LinkedIn, Quora, etc etc)