SlideShare a Scribd company logo

Intro to Cyber Security Fundamentals

Download as PPTX, PDF
M
MsVaishaliKumar

Fundamentals of cyber security.

Engineering
1 of 58
Unit 1 Fundamentals of Cyber Security
Introduction to Cyber Security • The technique of protecting internet-connected systems such as computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks is known as cybersecurity. • Cybersecurity into two parts one is cyber, and the other is security. • Cyber refers to the technology that includes systems, networks, programs, and data. • And security is concerned with the protection of systems, networks, applications, and information.
Cont... • Cyber Security is the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, theft, damage, modification or unauthorized access. • Cyber Security is the set of principles and practices designed to protect our computing resources and online information against threats. • Cybersecurity refers to a set of techniques used to protect the integrity of networks, programs and data from attack, damage or unauthorized access
Types of Cyber Security • Network Security: It involves implementing the hardware and software to secure a computer network from unauthorized access, intruders, attacks, disruption, and misuse. • It involves technologies such as Firewalls, Intrusion detection systems (IDS), Virtual private networks (VPNs), and Network segmentation.
Cont.. • Application Security: • It involves protecting the software and devices from unwanted threats. • This protection can be done by constantly updating the apps to ensure they are secure from attacks. • Successful security begins in the design stage, writing source code, validation, threat modeling, etc., before a program or device is deployed.
Cont.. • Information or Data Security: It involves implementing a strong data storage mechanism to maintain the integrity and privacy of data, both in storage and in transit. • It includes Encryption, Access controls, Data classification, and Data loss prevention (DLP) measures. • Identity management: It deals with the procedure for determining the level of access that each individual has within an organization.
Cont.. • Cloud Security: It involves securing data, applications, and infrastructure hosted on cloud platforms, and ensuring appropriate access controls, data protection, and compliance. • It uses various cloud service providers such as AWS, Azure, Google, etc., to ensure security against multiple threats.
Cont.. • Mobile Security: It involves securing the organizational and personal data stored on mobile devices such as cell phones, computers, tablets, and other similar devices against various malicious threats. • These threats are unauthorized access, device loss or theft, malware, etc. • Regularly backing up mobile device data is important to prevent data loss in case of theft, damage, or device failure. • Mobile devices often connect to various networks, including public Wi-Fi, which can pose security risks. It is important to use secure networks whenever possible, such as encrypted Wi-Fi networks or cellular data connections.
Cont.. • Endpoint Security: refers to securing individual devices such as computers, laptops, smartphones, and IoT devices. • It includes antivirus software, intrusion prevention systems (IPS), device encryption, and regular software updates.
Cont.. • Internet of Things (IoT) Security : Devices frequently run on old software, leaving them vulnerable to recently identified security vulnerabilities. • This is generally the result of connectivity problems or the requirement for end users to manually download updates. • Manufacturers frequently ship Internet of Things (IoT) devices (such as home routers) with easily crackable passwords, which may have been left in place by suppliers and end users. • These devices are easy targets for attackers using automated scripts for mass exploitation when they are left exposed to remote access.
Importance of Cyber Security • Self Study
Cyber Security Goals • Cyber Security's main objective is to ensure data protection. • There is a triangle of three related principles to protect the data from cyber-attacks. • This principle is called the CIA triad. • The CIA triad which stands for Confidentiality, Integrity, and Availability is a design model to guide companies and organizations to form their security policies.
CIA Model • When any security breaches are found, one or more of these principles has been violated. • The components of the triad are considered to be the most important and fundamental components of security.
CIA Model- Confidentiality • Confidentiality : is equivalent to privacy that avoids unauthorized access of information. • It involves ensuring the data is accessible by those who are allowed to use it and blocking access to others. • It prevents essential information from reaching the wrong people. • Data encryption is an excellent example of ensuring confidentiality.
CIA Model- Integrity • This principle ensures that the data is authentic, accurate, and safeguarded from unauthorized modification by threat actors or accidental user modification. • If any modifications occur, certain measures should be taken to protect the sensitive data from corruption or loss and speedily recover from such an event. • It indicates to make the source of information genuine.
CIA Model- Availability • This principle makes the information to be available and useful for its authorized people always. • It ensures that these accesses are not hindered by system malfunction or cyber- attacks.
Cyber Security Terminologies • Vulnerability: A Security Vulnerability is a weakness, flaw, or error found within a security system that has the potential to be leveraged by a threat agent in order to compromise a secure network. • In the process of building and coding technology mistakes happen. What’s left behind from these mistakes is commonly referred to as a bug. • bugs aren’t inherently harmful, many can be taken advantage of by nefarious actors—these are known as vulnerabilities. • Vulnerabilities can be leveraged to force software to act in ways it’s not intended to. • Once a bug is determined to be a vulnerability, it is registered as common vulnerability or exposure (CVE), and assigned a Common Vulnerability Scoring System (CVSS) score to reflect the potential risk it could introduce to your organization.
Security Vulnerability Examples • There are a number of Security Vulnerabilities, some common examples are: • Broken Authentication: When authentication credentials are compromised, user sessions and identities can be hijacked by malicious actors to pose as the original user. • SQL Injection: As one of the most prevalent security vulnerabilities, SQL injections attempt to gain access to database content via malicious code injection. A successful SQL injection can allow attackers to steal sensitive data, spoof identities, and participate in a collection of other harmful activities. • Cross-Site Scripting: Much like an SQL Injection, a Cross-site scripting (XSS) attack also injects malicious code into a website. However, a Cross-site scripting attack targets website users, rather than the actual website itself, which puts sensitive user information at risk of theft.
Cont.. • Cross-Site Request Forgery: A Cross-Site Request Forgery (CSRF) attack aims to trick an authenticated user into performing an action that they do not intend to do. This, paired with social engineering, can deceive users into accidentally providing a malicious actor with personal data. • Security Misconfiguration: Any component of a security system that can be leveraged by attackers due to a configuration error can be considered a “Security Misconfiguration.”
Cyber Threat • Exploit: A means of attack on a computer system, either a series of commands, malicious software, or piece of infected data. • Hacker (Black Hat, White Hat): Any hacker who attempts to gain unauthorized access to a system with the intent to cause mischief, damage, or theft. They can be motivated by greed, a political agenda, or simply boredom. – White Hat : A hacker who is invited to test out computer systems and servers, looking for vulnerabilities, for the purposes of informing the host of where security needs to be buffed up.
Cont.. • Security breach — A security breach is any incident that results in unauthorized access to computer data, applications, networks or devices. • Facebook saw internal software flaws lead to the loss of 29 million users' personal data in 2018. This compromised accounts included that of company CEO Mark Zuckerberg. • Data Breach-The occurrence of disclosure of confidential information, access to confidential information, destruction of data assets or abusive use of a private IT environment. • Generally, a data breach results in internal data being made accessible to external entities without authorization. • Risk assessment — The process of evaluating the state of risk of an organization. Risk assessment is often initiated through taking an inventory of all assets, assigning each asset a value, and then considering any potential threats against each asset. • Threats are evaluated for their exposure factor (EF) in order to calculate a relative risk value known as the ALE (Annualized Loss Expectancy). • The largest ALE indicates the biggest concern or risk for the organization.
Cont.. • Threat assessment — The process of evaluating the actions, events and behaviors that can cause harm to an asset or organization. Threat assessment is an element of risk assessment and management. • link jacking — A potentially unethical practice of redirecting a link to a middle-man or aggregator site or location rather than the original site the link seemed to indicate it was directed towards. • For example, a news aggregation service may publish links that seem as if they point to the original source of their posted articles, but when a user discovers those links via search or through social networks, the links redirect back to the aggregation site and not the original source of the article.
Social Engineering • Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. • It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information. • Social engineering attacks happen in one or more steps.
Cont.. • A perpetrator first investigates the intended victim to gather necessary background information, such as potential points of entry and weak security protocols, needed to proceed with the attack. • Then, the attacker moves to gain the victim’s trust and provide stimuli for subsequent actions that break security practices, such as revealing sensitive information or granting access to critical resources.
Social Engineering Lifecycle
Baiting • Baiting attacks use a false promise to pique a victim’s greed or curiosity. They lure users into a trap that steals their personal information or inflicts their systems with malware. • Baiting scams don’t necessarily have to be carried out in the physical world. Online forms of baiting consist of enticing ads that lead to malicious sites or that encourage users to download a malware-infected application.
Scareware • Scareware involves victims being bombarded with false alarms and fictitious threats. • Users are deceived to think their system is infected with malware, prompting them to install software that has no real benefit or is malware itself. • Scareware is also referred to as deception software, rogue scanner software and fraudware.
Cont.. • A common scareware example is the legitimate-looking popup banners appearing in your browser while surfing the web, displaying such text such as, “Your computer may be infected with harmful spyware programs.” It either offers to install the tool (often malware-infected) for you, or will direct you to a malicious site where your computer becomes infected.
Pretexting • Here an attacker obtains information through a series of cleverly crafted lies. The scam is often initiated by a perpetrator pretending to need sensitive information from a victim so as to perform a critical task. • The attacker usually starts by establishing trust with their victim by impersonating co-workers, police, bank and tax officials, or other persons who have right-to-know authority. • The pretexter asks questions that requires to confirm the victim’s identity, through which they gather important personal data.
Phishing • As one of the most popular social engineering attack types, phishing scams are email and text message campaigns aimed at creating a sense of urgency, curiosity or fear in victims. • It then trick them into revealing sensitive information, clicking on links to malicious websites, or opening attachments that contain malware.
Phishing • An example is an email sent to users of an online service that alerts them of a policy violation requiring immediate action on their part, such as a required password change. • It includes a link to an illegitimate website— nearly identical in appearance to its legitimate version—prompting the unsuspecting user to enter their current credentials and new password. Upon form submission the information is sent to the attacker.
Social engineering prevention • Don’t open emails and attachments from suspicious sources – If you don’t know the sender in question, you don’t need to answer an email. Even if you do know them and are suspicious about their message, cross-check and confirm the news from other sources, such as via telephone or directly from a service provider’s site. • Use multifactor authentication – One of the most valuable pieces of information attackers seek are user credentials. Using multifactor authentication helps ensure your account’s protection in the event of system compromise.
Cont. • Be wary of tempting offers – If an offer sounds too enticing, think twice before accepting it as fact. • Keep your antivirus/antimalware software updated – Make sure automatic updates are engaged, or make it a habit to download the latest signatures first thing each day.
Footprinting • Footprinting refers to the process of collecting data over time in order to make a targeted cyberattack . • The process of cybersecurity footprinting involves profiling organizations and collecting data about the network, host, employees and third-party partners. • This information includes the OS used by the organization, firewalls, network maps, IP addresses, domain name system information, security configurations of the target machine, URLs, virtual private networks, staff IDs, email addresses and phone numbers.
Cont.. • Footprinting can be performed manually or using automated tools. • It may involve scanning for open ports, identifying user accounts, and mapping network topologies. • By understanding the layout of the target’s infrastructure, attackers can identify potential vulnerabilities that may be exploitable.
What Information Is Collected in Footprinting? • Network topology. Collecting this type of information involves identifying the IP addresses and hostnames of all systems on the network and mapping out the connections among them. • Operating systems and applications. Information about the target’s operating system and applications can be used to identify potential security vulnerabilities. For example, if a company uses an outdated version of Windows, it may be vulnerable to specific attacks that are not possible against newer versions.
Cont.. • User accounts. Footprinting can reveal usernames and passwords for user accounts on the target system, which can be helpful in the later stages of an attack. • Web servers. This includes the servers’ software versions, installed modules, and enabled features.
Types of Footprinting • There are two main types of footprinting: passive and active. • Passive footprinting involves collecting data without actively engaging with the target system. • Under this approach, information is collected through crawling websites and social media platforms, among other methods. • For example, tools like tcpdump and Wireshark can be used to capture packets sent and received by the target system.
Active Footprinting • Active footprinting involves interacting with the target system to gather information. This can be done manually or using automated tools like using the traceroute commands. • Active footprinting is more intrusive and can potentially cause harm to the target system if not done carefully, but it can also gather information that can’t be collected through passive footprinting.
Steps of Footprinting • 1. Identifying Targets: The first step is to identify which systems or organizations to footprint by scanning networks for open ports or performing reconnaissance using Google searches and other tools. • 2. Gathering Information: After the target has been identified, the next step is to gather as much information about it as possible
Cont.. • 3. Analyzing Results: After all relevant data has been collected, it needs to be analyzed to determine the most vulnerable points. This is done by identifying common weaknesses across multiple systems or comparing results against known exploits. • 4. Planning Attacks: The final step is to use the information gathered during footprinting to plan a successful attack against the target’s systems, networks, and devices. This may involve developing custom exploits or choosing a suitable attack vector based on the data collected.
Advantages of footprinting • Footprinting techniques in ethical hacking help businesses identify and secure IT infrastructure before a threat actor exploits a vulnerability. Users can also build a database of known vulnerabilities and loopholes. • Footprinting also helps companies better understand their current security posture through analysis of data gathered about the firewall, security configuration and more. • Drawing a network map helps cover all trusted routers, servers and other network topologies. Users can pursue a reduced attack surface by narrowing it down to a specific range of systems.
Scanning • Scanning can be considered a logical extension (and overlap) of active reconnaissance that helps attackers identify specific vulnerabilities. • The attacker has gained valuable insights about the target. • But a deeper insights are required. • Scanning helps in getting more specific information about the target. • Attackers use automated tools such as network scanners and application scanners to locate systems and attempt to discover vulnerabilities. • The scanning methods may differ based on the attack objectives, which are set up before the attackers actually begin this process.
Types of scanning in ethical hacking • Scanning is the second step in ethical hacking. • It helps the attacker get detailed information about the target. • Scanning could be basically of three types: 1. Port Scanning 2. Network Scanning 3. Vulnerability Scanning
Port Scanning • Port Scanning is Detecting open ports and running services on the target host. • Port scanning could be further divided into 5 types: 1. Ping Scan – This is the simplest scan. Ping scan sends ICMP packets and wait for the response from the target. If there is a response, the target is considered to be active and listening. 2. TCP Half Open – Also, referred to as SYN scan, this is another very common type of scanning method 3. TCP Connect – TCP connect is similar to TCP half open, except for the fact that a complete TCP connection is established in TCP connect port scanning. 4. UDP – UDP is used by very common services like DNS, SNMP, DHCP. So, sending a UDP packet and waiting for a response helps gather information about UDP ports. 5. Stealth Scanning – As the word says, stealth means a quieter activity. When an attacker wants to be undetected while scanning, a stealth scan is used.
Network Scanning • Network scanning is the process or technique by which we scan the network to gain details such as active hosts, open ports including running TCP and UDP services, open vulnerabilities, details about the host like operating system and much more. • For IP (internet protocol) networks, generally “ping” is used for reaching a host and checking its status. Ping is an ICMP (Internet Control Message Protocol) utility and sends packets to the target and receives an ICMP echo reply.
Vulnerability Scanning • Vulnerability Scanning – Scanning to gather information about known vulnerabilities in a target. • Vulnerability scans are conducted via automated vulnerability scanning tools to identify potential risk exposures and attack vectors across an organization’s networks, hardware, software, and systems.
Difference Between Scanning and FootPrinting • During active reconnaissance, there is contact with the target network. • However, in the scanning step (2nd step of ethical hacking), the attacker already has basic information about the network and the infrastructure. • The aim is to get details like active host names, open ports, operating systems on the active hosts, etc. • While they might seem the same, scanning is not possible or rather, would not be successful without an in-depth and detailed reconnaissance. The scanning step further expands reconnaissance and takes it to the next level.
Security Architecture • Cybersecurity establishments need an adaptive security architecture. • It’s a valuable framework to help enterprises classify all potential and existing security investments to determine where they’re deficient and make sure there’s a balanced approach to cyber security.
Security Architecture
Perimeter Security • The set of physical & technical security and programmatic policies that provide levels of protection against remote malicious activity; used to and protect the back-end systems from unauthorized access. • When properly configured, the perimeter defense security model can prevent, delay, absorb and/or detect attacks, thus reducing the risk to critical back-end systems.
Network Security • The layer that partitions the broader network of assets and connections into enclaves; • an enclave is a distinctly bounded area enclosed within a larger unit. • Enclaves incorporate their individual access controls and protection mechanisms. • Network Security layer when properly used can prevent damages to travel from one enclave to others and also sets policies of accesses specific to the enclaves.
Cont.. • Endpoint Security: Security protection mechanisms and controls that reside directly on an endpoint device (final devices such as computers, laptops, mobile devices, tablets, etc.) interfacing with any network or system. • Application Security: Security protection mechanisms and controls that are embedded within the applications residing on the network, enclaves, and Endpoint devices. Examples of such applications could be – MS Office, ERP application, Mobile Apps, etc.
Cont.. • Data Security: The layer of security that protects data in the Enterprise regardless of the data’s state, that is, whether it is in motion, at rest or in use. • Prevention: This is achieved by Policies, procedures, training, threat modelling, risk assessment, penetration testing and all other inclusive sustainment activities to posture a secure position. • Operations: Constant observation of the Enterprise with a keen eye, coupled with the right tools and processes, to recognize incidents & events, and respond accordingly in a timely manner.
Security Operations (SecOps) • Security operations (SecOps) is a term used to describe the collaboration between security and operations teams within an organization. • IT operations has continued to expand over the years, branching out into individual specialties that tends to create siloed (individual) activities. • SecOps seeks to foster more collaboration between IT security and IT operations to help prioritize network and data security and mitigate risk without sacrificing IT performance. • A key tenet of SecOps, however, is to ensure that security is a fundamental part of every project and included in even the earliest stages of project development.
Cont… • The SecOps team is a team of highly skilled IT and security professionals who monitor threats and assess risk across an organization. The SecOps team is the lifeblood of a security operations center (SOC). • Roles include SOC analysts, security engineers, a security manager, an IT operations manager and system admins, who all report up to the chief information security officer (CISO). • The goal of SecOps is to improve an organization’s security posture, identify security issues and detect vulnerabilities, and facilitate a unified approach to security across individual departments. This approach helps with cross-team collaboration to complete tasks more efficiently and eliminate duplication of effort.
Cyber terrorism • Cyber terrorism (also known as digital terrorism) is defined as disruptive attacks by recognised terrorist organisations against computer systems with the intent of generating alarm, panic, or the physical disruption of the information system. • Cyberterrorism is often defined as a politically motivated attack against information systems, programs and data that threatens violence or results in violence.
Thank You

Recommended

Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsBilalMehmood44
 
3-UnitV_security.pptx
3-UnitV_security.pptx3-UnitV_security.pptx
3-UnitV_security.pptxSubhadipDutta36
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)Zara Nawaz
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
attack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxattack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxJenetSilence
 
Introduction to cyber security.pptx
Introduction to cyber security.pptxIntroduction to cyber security.pptx
Introduction to cyber security.pptxSharmaAnirudh2
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxTikdiPatel
 
Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxWeek-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxyasirkhokhar7
 

Recommended

Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsBilalMehmood44
 
3-UnitV_security.pptx
3-UnitV_security.pptx3-UnitV_security.pptx
3-UnitV_security.pptxSubhadipDutta36
 
information security (network security methods)
information security (network security methods)information security (network security methods)
information security (network security methods)Zara Nawaz
 
Information security ist lecture
Information security ist lectureInformation security ist lecture
Information security ist lectureZara Nawaz
 
attack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxattack vectors by chimwemwe.pptx
attack vectors by chimwemwe.pptxJenetSilence
 
Introduction to cyber security.pptx
Introduction to cyber security.pptxIntroduction to cyber security.pptx
Introduction to cyber security.pptxSharmaAnirudh2
 
Cyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxCyber-Security-Unit-1.pptx
Cyber-Security-Unit-1.pptxTikdiPatel
 
Week-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxWeek-09-10-11-12 Fundamentals of Cybersecurity.pptx
Week-09-10-11-12 Fundamentals of Cybersecurity.pptxyasirkhokhar7
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedBule Hora University
 
Cysecc.pptx
Cysecc.pptxCysecc.pptx
Cysecc.pptxjondon17
 
crisc_wk_5.pptx
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptxdotco
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptxjondon17
 
SEMINAR ON CYBER SECURITY.pptx
SEMINAR ON CYBER SECURITY.pptxSEMINAR ON CYBER SECURITY.pptx
SEMINAR ON CYBER SECURITY.pptxGauravWankar2
 
Security (IM).ppt
Security (IM).pptSecurity (IM).ppt
Security (IM).pptGooglePay16
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx56ushodayareddy
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxMBRoman1
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for businessDaniel Thomas
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxANIKETKUMARSHARMA3
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdfKARANSINGHD
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber securitySweta Kumari Barnwal
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxAkshayKhade21
 
Vulenerability Management.pptx
Vulenerability Management.pptxVulenerability Management.pptx
Vulenerability Management.pptxThavaselviMunusamy1
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxRoshni814224
 
COMPUTER APPLICATIONS Module 4.pptx
COMPUTER APPLICATIONS Module 4.pptxCOMPUTER APPLICATIONS Module 4.pptx
COMPUTER APPLICATIONS Module 4.pptxArti Parab Academics
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking Јаѓќеѕн Јажѕшаф
 
Computing safety
Computing safetyComputing safety
Computing safetytitoferrus
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxnull - The Open Security Community
 

More Related Content

Similar to Intro to Cyber Security Fundamentals

Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedBule Hora University
 
Cysecc.pptx
Cysecc.pptxCysecc.pptx
Cysecc.pptxjondon17
 
crisc_wk_5.pptx
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptxdotco
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptxjondon17
 
SEMINAR ON CYBER SECURITY.pptx
SEMINAR ON CYBER SECURITY.pptxSEMINAR ON CYBER SECURITY.pptx
SEMINAR ON CYBER SECURITY.pptxGauravWankar2
 
Security (IM).ppt
Security (IM).pptSecurity (IM).ppt
Security (IM).pptGooglePay16
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxMBRoman1
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for businessDaniel Thomas
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdfKARANSINGHD
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxAkshayKhade21
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxRoshni814224
 
Computing safety
Computing safetyComputing safety
Computing safetytitoferrus
 

Similar to Intro to Cyber Security Fundamentals (20)

Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganised
 
Cysecc.pptx
Cysecc.pptxCysecc.pptx
Cysecc.pptx
 
crisc_wk_5.pptx
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptx
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptx
 
SEMINAR ON CYBER SECURITY.pptx
SEMINAR ON CYBER SECURITY.pptxSEMINAR ON CYBER SECURITY.pptx
SEMINAR ON CYBER SECURITY.pptx
 
Security (IM).ppt
Security (IM).pptSecurity (IM).ppt
Security (IM).ppt
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for business
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdf
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Vulenerability Management.pptx
Vulenerability Management.pptxVulenerability Management.pptx
Vulenerability Management.pptx
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptx
 
COMPUTER APPLICATIONS Module 4.pptx
COMPUTER APPLICATIONS Module 4.pptxCOMPUTER APPLICATIONS Module 4.pptx
COMPUTER APPLICATIONS Module 4.pptx
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
 
Computing safety
Computing safetyComputing safety
Computing safety
 

Recently uploaded

Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
Introduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxIntroduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxvipinkmenon1
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2RajaP95
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024hassan khalil
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfAsst.prof M.Gokilavani
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLDeelipZope
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningmisbanausheenparvam
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfAsst.prof M.Gokilavani
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxbritheesh05
 
microprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingmicroprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingjaychoudhary37
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZTE
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 

Recently uploaded (20)

Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 
Introduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptxIntroduction to Microprocesso programming and interfacing.pptx
Introduction to Microprocesso programming and interfacing.pptx
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCL
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
chaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learningchaitra-1.pptx fake news detection using machine learning
chaitra-1.pptx fake news detection using machine learning
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptx
 
microprocessor 8085 and its interfacing
microprocessor 8085 and its interfacingmicroprocessor 8085 and its interfacing
microprocessor 8085 and its interfacing
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 

Intro to Cyber Security Fundamentals

  • 1. Unit 1 Fundamentals of Cyber Security
  • 2. Introduction to Cyber Security • The technique of protecting internet-connected systems such as computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks is known as cybersecurity. • Cybersecurity into two parts one is cyber, and the other is security. • Cyber refers to the technology that includes systems, networks, programs, and data. • And security is concerned with the protection of systems, networks, applications, and information.
  • 3. Cont... • Cyber Security is the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, theft, damage, modification or unauthorized access. • Cyber Security is the set of principles and practices designed to protect our computing resources and online information against threats. • Cybersecurity refers to a set of techniques used to protect the integrity of networks, programs and data from attack, damage or unauthorized access
  • 4. Types of Cyber Security • Network Security: It involves implementing the hardware and software to secure a computer network from unauthorized access, intruders, attacks, disruption, and misuse. • It involves technologies such as Firewalls, Intrusion detection systems (IDS), Virtual private networks (VPNs), and Network segmentation.
  • 5. Cont.. • Application Security: • It involves protecting the software and devices from unwanted threats. • This protection can be done by constantly updating the apps to ensure they are secure from attacks. • Successful security begins in the design stage, writing source code, validation, threat modeling, etc., before a program or device is deployed.
  • 6. Cont.. • Information or Data Security: It involves implementing a strong data storage mechanism to maintain the integrity and privacy of data, both in storage and in transit. • It includes Encryption, Access controls, Data classification, and Data loss prevention (DLP) measures. • Identity management: It deals with the procedure for determining the level of access that each individual has within an organization.
  • 7. Cont.. • Cloud Security: It involves securing data, applications, and infrastructure hosted on cloud platforms, and ensuring appropriate access controls, data protection, and compliance. • It uses various cloud service providers such as AWS, Azure, Google, etc., to ensure security against multiple threats.
  • 8. Cont.. • Mobile Security: It involves securing the organizational and personal data stored on mobile devices such as cell phones, computers, tablets, and other similar devices against various malicious threats. • These threats are unauthorized access, device loss or theft, malware, etc. • Regularly backing up mobile device data is important to prevent data loss in case of theft, damage, or device failure. • Mobile devices often connect to various networks, including public Wi-Fi, which can pose security risks. It is important to use secure networks whenever possible, such as encrypted Wi-Fi networks or cellular data connections.
  • 9. Cont.. • Endpoint Security: refers to securing individual devices such as computers, laptops, smartphones, and IoT devices. • It includes antivirus software, intrusion prevention systems (IPS), device encryption, and regular software updates.
  • 10. Cont.. • Internet of Things (IoT) Security : Devices frequently run on old software, leaving them vulnerable to recently identified security vulnerabilities. • This is generally the result of connectivity problems or the requirement for end users to manually download updates. • Manufacturers frequently ship Internet of Things (IoT) devices (such as home routers) with easily crackable passwords, which may have been left in place by suppliers and end users. • These devices are easy targets for attackers using automated scripts for mass exploitation when they are left exposed to remote access.
  • 11. Importance of Cyber Security • Self Study
  • 12. Cyber Security Goals • Cyber Security's main objective is to ensure data protection. • There is a triangle of three related principles to protect the data from cyber-attacks. • This principle is called the CIA triad. • The CIA triad which stands for Confidentiality, Integrity, and Availability is a design model to guide companies and organizations to form their security policies.
  • 13. CIA Model • When any security breaches are found, one or more of these principles has been violated. • The components of the triad are considered to be the most important and fundamental components of security.
  • 14. CIA Model- Confidentiality • Confidentiality : is equivalent to privacy that avoids unauthorized access of information. • It involves ensuring the data is accessible by those who are allowed to use it and blocking access to others. • It prevents essential information from reaching the wrong people. • Data encryption is an excellent example of ensuring confidentiality.
  • 15. CIA Model- Integrity • This principle ensures that the data is authentic, accurate, and safeguarded from unauthorized modification by threat actors or accidental user modification. • If any modifications occur, certain measures should be taken to protect the sensitive data from corruption or loss and speedily recover from such an event. • It indicates to make the source of information genuine.
  • 16. CIA Model- Availability • This principle makes the information to be available and useful for its authorized people always. • It ensures that these accesses are not hindered by system malfunction or cyber- attacks.
  • 17. Cyber Security Terminologies • Vulnerability: A Security Vulnerability is a weakness, flaw, or error found within a security system that has the potential to be leveraged by a threat agent in order to compromise a secure network. • In the process of building and coding technology mistakes happen. What’s left behind from these mistakes is commonly referred to as a bug. • bugs aren’t inherently harmful, many can be taken advantage of by nefarious actors—these are known as vulnerabilities. • Vulnerabilities can be leveraged to force software to act in ways it’s not intended to. • Once a bug is determined to be a vulnerability, it is registered as common vulnerability or exposure (CVE), and assigned a Common Vulnerability Scoring System (CVSS) score to reflect the potential risk it could introduce to your organization.
  • 18. Security Vulnerability Examples • There are a number of Security Vulnerabilities, some common examples are: • Broken Authentication: When authentication credentials are compromised, user sessions and identities can be hijacked by malicious actors to pose as the original user. • SQL Injection: As one of the most prevalent security vulnerabilities, SQL injections attempt to gain access to database content via malicious code injection. A successful SQL injection can allow attackers to steal sensitive data, spoof identities, and participate in a collection of other harmful activities. • Cross-Site Scripting: Much like an SQL Injection, a Cross-site scripting (XSS) attack also injects malicious code into a website. However, a Cross-site scripting attack targets website users, rather than the actual website itself, which puts sensitive user information at risk of theft.
  • 19. Cont.. • Cross-Site Request Forgery: A Cross-Site Request Forgery (CSRF) attack aims to trick an authenticated user into performing an action that they do not intend to do. This, paired with social engineering, can deceive users into accidentally providing a malicious actor with personal data. • Security Misconfiguration: Any component of a security system that can be leveraged by attackers due to a configuration error can be considered a “Security Misconfiguration.”
  • 20. Cyber Threat • Exploit: A means of attack on a computer system, either a series of commands, malicious software, or piece of infected data. • Hacker (Black Hat, White Hat): Any hacker who attempts to gain unauthorized access to a system with the intent to cause mischief, damage, or theft. They can be motivated by greed, a political agenda, or simply boredom. – White Hat : A hacker who is invited to test out computer systems and servers, looking for vulnerabilities, for the purposes of informing the host of where security needs to be buffed up.
  • 21. Cont.. • Security breach — A security breach is any incident that results in unauthorized access to computer data, applications, networks or devices. • Facebook saw internal software flaws lead to the loss of 29 million users' personal data in 2018. This compromised accounts included that of company CEO Mark Zuckerberg. • Data Breach-The occurrence of disclosure of confidential information, access to confidential information, destruction of data assets or abusive use of a private IT environment. • Generally, a data breach results in internal data being made accessible to external entities without authorization. • Risk assessment — The process of evaluating the state of risk of an organization. Risk assessment is often initiated through taking an inventory of all assets, assigning each asset a value, and then considering any potential threats against each asset. • Threats are evaluated for their exposure factor (EF) in order to calculate a relative risk value known as the ALE (Annualized Loss Expectancy). • The largest ALE indicates the biggest concern or risk for the organization.
  • 22. Cont.. • Threat assessment — The process of evaluating the actions, events and behaviors that can cause harm to an asset or organization. Threat assessment is an element of risk assessment and management. • link jacking — A potentially unethical practice of redirecting a link to a middle-man or aggregator site or location rather than the original site the link seemed to indicate it was directed towards. • For example, a news aggregation service may publish links that seem as if they point to the original source of their posted articles, but when a user discovers those links via search or through social networks, the links redirect back to the aggregation site and not the original source of the article.
  • 23. Social Engineering • Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. • It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information. • Social engineering attacks happen in one or more steps.
  • 24. Cont.. • A perpetrator first investigates the intended victim to gather necessary background information, such as potential points of entry and weak security protocols, needed to proceed with the attack. • Then, the attacker moves to gain the victim’s trust and provide stimuli for subsequent actions that break security practices, such as revealing sensitive information or granting access to critical resources.
  • 26. Baiting • Baiting attacks use a false promise to pique a victim’s greed or curiosity. They lure users into a trap that steals their personal information or inflicts their systems with malware. • Baiting scams don’t necessarily have to be carried out in the physical world. Online forms of baiting consist of enticing ads that lead to malicious sites or that encourage users to download a malware-infected application.
  • 27. Scareware • Scareware involves victims being bombarded with false alarms and fictitious threats. • Users are deceived to think their system is infected with malware, prompting them to install software that has no real benefit or is malware itself. • Scareware is also referred to as deception software, rogue scanner software and fraudware.
  • 28. Cont.. • A common scareware example is the legitimate-looking popup banners appearing in your browser while surfing the web, displaying such text such as, “Your computer may be infected with harmful spyware programs.” It either offers to install the tool (often malware-infected) for you, or will direct you to a malicious site where your computer becomes infected.
  • 29. Pretexting • Here an attacker obtains information through a series of cleverly crafted lies. The scam is often initiated by a perpetrator pretending to need sensitive information from a victim so as to perform a critical task. • The attacker usually starts by establishing trust with their victim by impersonating co-workers, police, bank and tax officials, or other persons who have right-to-know authority. • The pretexter asks questions that requires to confirm the victim’s identity, through which they gather important personal data.
  • 30. Phishing • As one of the most popular social engineering attack types, phishing scams are email and text message campaigns aimed at creating a sense of urgency, curiosity or fear in victims. • It then trick them into revealing sensitive information, clicking on links to malicious websites, or opening attachments that contain malware.
  • 31. Phishing • An example is an email sent to users of an online service that alerts them of a policy violation requiring immediate action on their part, such as a required password change. • It includes a link to an illegitimate website— nearly identical in appearance to its legitimate version—prompting the unsuspecting user to enter their current credentials and new password. Upon form submission the information is sent to the attacker.
  • 32. Social engineering prevention • Don’t open emails and attachments from suspicious sources – If you don’t know the sender in question, you don’t need to answer an email. Even if you do know them and are suspicious about their message, cross-check and confirm the news from other sources, such as via telephone or directly from a service provider’s site. • Use multifactor authentication – One of the most valuable pieces of information attackers seek are user credentials. Using multifactor authentication helps ensure your account’s protection in the event of system compromise.
  • 33. Cont. • Be wary of tempting offers – If an offer sounds too enticing, think twice before accepting it as fact. • Keep your antivirus/antimalware software updated – Make sure automatic updates are engaged, or make it a habit to download the latest signatures first thing each day.
  • 34. Footprinting • Footprinting refers to the process of collecting data over time in order to make a targeted cyberattack . • The process of cybersecurity footprinting involves profiling organizations and collecting data about the network, host, employees and third-party partners. • This information includes the OS used by the organization, firewalls, network maps, IP addresses, domain name system information, security configurations of the target machine, URLs, virtual private networks, staff IDs, email addresses and phone numbers.
  • 35. Cont.. • Footprinting can be performed manually or using automated tools. • It may involve scanning for open ports, identifying user accounts, and mapping network topologies. • By understanding the layout of the target’s infrastructure, attackers can identify potential vulnerabilities that may be exploitable.
  • 36. What Information Is Collected in Footprinting? • Network topology. Collecting this type of information involves identifying the IP addresses and hostnames of all systems on the network and mapping out the connections among them. • Operating systems and applications. Information about the target’s operating system and applications can be used to identify potential security vulnerabilities. For example, if a company uses an outdated version of Windows, it may be vulnerable to specific attacks that are not possible against newer versions.
  • 37. Cont.. • User accounts. Footprinting can reveal usernames and passwords for user accounts on the target system, which can be helpful in the later stages of an attack. • Web servers. This includes the servers’ software versions, installed modules, and enabled features.
  • 38. Types of Footprinting • There are two main types of footprinting: passive and active. • Passive footprinting involves collecting data without actively engaging with the target system. • Under this approach, information is collected through crawling websites and social media platforms, among other methods. • For example, tools like tcpdump and Wireshark can be used to capture packets sent and received by the target system.
  • 39. Active Footprinting • Active footprinting involves interacting with the target system to gather information. This can be done manually or using automated tools like using the traceroute commands. • Active footprinting is more intrusive and can potentially cause harm to the target system if not done carefully, but it can also gather information that can’t be collected through passive footprinting.
  • 40. Steps of Footprinting • 1. Identifying Targets: The first step is to identify which systems or organizations to footprint by scanning networks for open ports or performing reconnaissance using Google searches and other tools. • 2. Gathering Information: After the target has been identified, the next step is to gather as much information about it as possible
  • 41. Cont.. • 3. Analyzing Results: After all relevant data has been collected, it needs to be analyzed to determine the most vulnerable points. This is done by identifying common weaknesses across multiple systems or comparing results against known exploits. • 4. Planning Attacks: The final step is to use the information gathered during footprinting to plan a successful attack against the target’s systems, networks, and devices. This may involve developing custom exploits or choosing a suitable attack vector based on the data collected.
  • 42. Advantages of footprinting • Footprinting techniques in ethical hacking help businesses identify and secure IT infrastructure before a threat actor exploits a vulnerability. Users can also build a database of known vulnerabilities and loopholes. • Footprinting also helps companies better understand their current security posture through analysis of data gathered about the firewall, security configuration and more. • Drawing a network map helps cover all trusted routers, servers and other network topologies. Users can pursue a reduced attack surface by narrowing it down to a specific range of systems.
  • 43. Scanning • Scanning can be considered a logical extension (and overlap) of active reconnaissance that helps attackers identify specific vulnerabilities. • The attacker has gained valuable insights about the target. • But a deeper insights are required. • Scanning helps in getting more specific information about the target. • Attackers use automated tools such as network scanners and application scanners to locate systems and attempt to discover vulnerabilities. • The scanning methods may differ based on the attack objectives, which are set up before the attackers actually begin this process.
  • 44. Types of scanning in ethical hacking • Scanning is the second step in ethical hacking. • It helps the attacker get detailed information about the target. • Scanning could be basically of three types: 1. Port Scanning 2. Network Scanning 3. Vulnerability Scanning
  • 45. Port Scanning • Port Scanning is Detecting open ports and running services on the target host. • Port scanning could be further divided into 5 types: 1. Ping Scan – This is the simplest scan. Ping scan sends ICMP packets and wait for the response from the target. If there is a response, the target is considered to be active and listening. 2. TCP Half Open – Also, referred to as SYN scan, this is another very common type of scanning method 3. TCP Connect – TCP connect is similar to TCP half open, except for the fact that a complete TCP connection is established in TCP connect port scanning. 4. UDP – UDP is used by very common services like DNS, SNMP, DHCP. So, sending a UDP packet and waiting for a response helps gather information about UDP ports. 5. Stealth Scanning – As the word says, stealth means a quieter activity. When an attacker wants to be undetected while scanning, a stealth scan is used.
  • 46. Network Scanning • Network scanning is the process or technique by which we scan the network to gain details such as active hosts, open ports including running TCP and UDP services, open vulnerabilities, details about the host like operating system and much more. • For IP (internet protocol) networks, generally “ping” is used for reaching a host and checking its status. Ping is an ICMP (Internet Control Message Protocol) utility and sends packets to the target and receives an ICMP echo reply.
  • 47. Vulnerability Scanning • Vulnerability Scanning – Scanning to gather information about known vulnerabilities in a target. • Vulnerability scans are conducted via automated vulnerability scanning tools to identify potential risk exposures and attack vectors across an organization’s networks, hardware, software, and systems.
  • 48. Difference Between Scanning and FootPrinting • During active reconnaissance, there is contact with the target network. • However, in the scanning step (2nd step of ethical hacking), the attacker already has basic information about the network and the infrastructure. • The aim is to get details like active host names, open ports, operating systems on the active hosts, etc. • While they might seem the same, scanning is not possible or rather, would not be successful without an in-depth and detailed reconnaissance. The scanning step further expands reconnaissance and takes it to the next level.
  • 49. Security Architecture • Cybersecurity establishments need an adaptive security architecture. • It’s a valuable framework to help enterprises classify all potential and existing security investments to determine where they’re deficient and make sure there’s a balanced approach to cyber security.
  • 51. Perimeter Security • The set of physical & technical security and programmatic policies that provide levels of protection against remote malicious activity; used to and protect the back-end systems from unauthorized access. • When properly configured, the perimeter defense security model can prevent, delay, absorb and/or detect attacks, thus reducing the risk to critical back-end systems.
  • 52. Network Security • The layer that partitions the broader network of assets and connections into enclaves; • an enclave is a distinctly bounded area enclosed within a larger unit. • Enclaves incorporate their individual access controls and protection mechanisms. • Network Security layer when properly used can prevent damages to travel from one enclave to others and also sets policies of accesses specific to the enclaves.
  • 53. Cont.. • Endpoint Security: Security protection mechanisms and controls that reside directly on an endpoint device (final devices such as computers, laptops, mobile devices, tablets, etc.) interfacing with any network or system. • Application Security: Security protection mechanisms and controls that are embedded within the applications residing on the network, enclaves, and Endpoint devices. Examples of such applications could be – MS Office, ERP application, Mobile Apps, etc.
  • 54. Cont.. • Data Security: The layer of security that protects data in the Enterprise regardless of the data’s state, that is, whether it is in motion, at rest or in use. • Prevention: This is achieved by Policies, procedures, training, threat modelling, risk assessment, penetration testing and all other inclusive sustainment activities to posture a secure position. • Operations: Constant observation of the Enterprise with a keen eye, coupled with the right tools and processes, to recognize incidents & events, and respond accordingly in a timely manner.
  • 55. Security Operations (SecOps) • Security operations (SecOps) is a term used to describe the collaboration between security and operations teams within an organization. • IT operations has continued to expand over the years, branching out into individual specialties that tends to create siloed (individual) activities. • SecOps seeks to foster more collaboration between IT security and IT operations to help prioritize network and data security and mitigate risk without sacrificing IT performance. • A key tenet of SecOps, however, is to ensure that security is a fundamental part of every project and included in even the earliest stages of project development.
  • 56. Cont… • The SecOps team is a team of highly skilled IT and security professionals who monitor threats and assess risk across an organization. The SecOps team is the lifeblood of a security operations center (SOC). • Roles include SOC analysts, security engineers, a security manager, an IT operations manager and system admins, who all report up to the chief information security officer (CISO). • The goal of SecOps is to improve an organization’s security posture, identify security issues and detect vulnerabilities, and facilitate a unified approach to security across individual departments. This approach helps with cross-team collaboration to complete tasks more efficiently and eliminate duplication of effort.
  • 57. Cyber terrorism • Cyber terrorism (also known as digital terrorism) is defined as disruptive attacks by recognised terrorist organisations against computer systems with the intent of generating alarm, panic, or the physical disruption of the information system. • Cyberterrorism is often defined as a politically motivated attack against information systems, programs and data that threatens violence or results in violence.