IDEAR CYBER SEC

Week 1: Introduction to Cyber Security

Session 1 (Monday): Fundamentals of Cyber Security

1. What is Cyber Security?

Cyber security is the practice of protecting computers, networks, data, and
systems from unauthorized access, attacks, or damage. It helps keep
sensitive information safe from hackers, cybercriminals, and other threats.

2. Why is Cyber Security Important?

Our lives are increasingly connected to the internet through computers,
phones, and smart devices. We store personal data, financial information,
and other sensitive information online, so it’s essential to protect this data
from being accessed or stolen by unauthorized people.

Cyber attacks can lead to data breaches, financial losses, and even identity
theft. Protecting against these attacks helps ensure our safety and privacy.

3. Key Concepts in Cyber Security: The CIA Triad

Confidentiality: Ensures that only authorized people can access certain
information. For example, only you and your bank should be able to access
your bank account details.

Integrity: Keeps data accurate and unaltered. This means that data should
not be changed in unauthorized ways. For instance, your medical records
should remain correct and unchanged unless authorized by a professional.

Availability: Ensures that information and resources are accessible when

needed. For example, if you need to access an online service, it should be
available without disruptions.

4. Common Cyber Security Terms

Hacker: Someone who finds and exploits weaknesses in a computer
system.

Malware: Software that is harmful to computers. It includes viruses, worms,

and ransomware.

IDEAR CYBER SEC 1

 Firewall: A security system that monitors and controls network traffic based
on security rules.

Encryption: A process that converts data into a code to prevent

unauthorized access.

Session 2 (Tuesday): Types of Cyber Threats

1. Malware
Malware is any software that is made to harm or exploit a device. Common
types of malware include:

Viruses: Programs that attach to files and spread to other files or devices
when opened.

IDEAR CYBER SEC 2

 Worms: Standalone programs that spread across networks without needing
to attach to a file.

Trojans: Malware that disguises itself as legitimate software to trick users

into installing it.

IDEAR CYBER SEC 3

 Ransomware: Locks users out of their data and demands payment to
restore access.

IDEAR CYBER SEC 4

 Adware: Adware is a type of software that automatically displays or
downloads advertising content, often without user consent. It typically
generates revenue for its creators through pop-up ads or banner ads, but it
can also slow down devices and lead to unwanted data collection.

IDEAR CYBER SEC 5

 Scareware: Scareware tricks users into believing their computer is infected
with malware or has serious security issues. It often uses fake alerts to
frighten users into buying unnecessary or harmful software, exploiting fear
to make a profit.

2. Phishing Attacks and Social Engineering

Phishing: Cybercriminals pretend to be legitimate contacts (like banks or
government agencies) to trick people into providing sensitive information

IDEAR CYBER SEC 6

 like passwords or credit card numbers. They often do this by sending fake
emails or messages.

Social Engineering: Manipulating people into giving up confidential

information. For example, an attacker might call someone pretending to be
tech support to trick them into revealing their password.

3. Insider Threats
Insider threats come from people within an organization, such as
employees or contractors, who misuse their access to data. This can be
intentional (malicious) or accidental, like an employee accidentally sharing
private data with the wrong person.

4. Advanced Persistent Threats (APTs)

APTs are prolonged and targeted attacks usually carried out by skilled
hackers or groups who want to steal specific information or cause harm.

IDEAR CYBER SEC 7

 These attacks are usually complex and well-planned, targeting high-value
entities like government organizations or big corporations.

5. Recent Cyber Attack Case Studies

Equifax Data Breach (2017): Hackers exploited a vulnerability in the
company’s system to steal the personal data of 147 million people.

WannaCry Ransomware Attack (2017): A massive ransomware attack that

targeted computers around the world, encrypting data and demanding a
ransom for its release.

Week 1 Assignment: Cyber Security Basics

Instructions: Answer the following questions to demonstrate your

understanding of the material covered in Week 1. Be clear and concise in your
responses.

1. Define Cyber Security and explain why it is important in today’s digital

world. Give two examples of situations where cyber security can help
protect individuals or organizations.

2. Describe the CIA Triad in cyber security. For each element (Confidentiality,
Integrity, and Availability), provide a simple example that illustrates its
importance.

3. List and briefly explain three common types of malware. For each type,
describe how it might affect a computer or network.

4. What is Phishing? How do cybercriminals use phishing to steal information

from people? Provide an example of a phishing attempt and how someone
might recognize it as a fake.

5. Explain the difference between an Insider Threat and an Advanced

Persistent Threat (APT). In your own words, describe why both types of

IDEAR CYBER SEC 8

 threats can be challenging to prevent.

Please Submit your Assignment here:- Week 1

Assigmnet

Week 2:

Session 1 (Monday): Key Principles of Cyber Security

1. Passwords and Authentication

What is a Password?
A password is a secret word or phrase used to access a system or account.
It keeps your data safe from unauthorized people.

Characteristics of a Strong Password:

At least 12 characters long.

A mix of uppercase and lowercase letters, numbers, and symbols.

Avoid using personal information like your name or birthday.

Example: T@ke$ecure2024!

Multi-Factor Authentication (MFA):

Adds an extra layer of security.

You need two or more verification methods (e.g., password + code sent
to your phone).

Example: Logging into your email with a password and a one-time code.

2. Firewalls
What is a Firewall?

A firewall is like a security guard for your computer or network.

It decides which data can enter or leave your system based on rules.

Why Are Firewalls Important?

They block harmful traffic and allow safe traffic.

IDEAR CYBER SEC 9

 Protect your computer from hackers and malware.

3. Encryption
What is Encryption?

A way to scramble data so only authorized people can read it.

Example: Sending a coded message that only the receiver can decode.

15 Minutes Practice Of Encryption

How Encryption Protects You:

Keeps your personal information safe during online activities like

shopping or banking.

Even if hackers steal encrypted data, they can’t read it without the
decryption key.

4. Safe Browsing Habits

What is Safe Browsing?

Using the internet carefully to avoid falling victim to cyber threats.

Tips for Safe Browsing:

Only visit trusted websites (look for “https://” in the URL).

Avoid clicking on suspicious links or ads.

Don’t download files from unknown sources.

Use a secure and updated browser.

Session 2 (Tuesday): Introduction to Information Gathering

1. What is Information Gathering?

Definition:
The process of collecting data about a person, company, or system. This is
also called "reconnaissance or OSINT."

IDEAR CYBER SEC 10

 Why is it Important?

Cyber criminals use this step to plan attacks.

Ethical hackers (good hackers) use it to identify weaknesses and fix

them.

2. Types of Information Gathering

Passive Information Gathering:

Collecting data without interacting with the target.

Example: Searching for a company’s details on Google or LinkedIn.

Active Information Gathering:

Interacting with the target to get data.

Example: Sending an email to check if an email server is working.

3. Tools for Information Gathering

Google Search:

Use search engines to find public data about a target.

Example: Searching “Company Name + Contact Information.”

WHOIS Lookup:

IDEAR CYBER SEC 11

 A tool to find information about website ownership.

1. Example: Checking who owns “example.com.”

PRACTICAL DNS LOOKUP FOR 10 Minutes

https://viewdns.info/

https://whois.com/whois/

Social Media:

Hackers often collect data from platforms like Facebook, Instagram, or

LinkedIn.

Tip: Be careful about what you post online!

4. Ethical Use of Information Gathering

What is Ethical Hacking?

Using hacking skills to find and fix security problems, not to harm.

Rules for Ethical Hacking:

IDEAR CYBER SEC 12

 Always get permission before gathering information.

Use the information only to improve security.

Respect privacy and avoid harm.

Week 2 Summary
Cyber security is built on strong passwords, firewalls, encryption, and safe
browsing habits.

Information gathering is the first step in both attacks and defenses.

Learning how to gather data ethically is a valuable skill for staying secure
online.

By mastering these topics, you’re taking important steps toward becoming

cyber security-aware and capable of protecting yourself and others.

WEEK 2 ASSIGMENT

IDEAR CYBER SEC 13