0% found this document useful (0 votes)
19 views3 pages

Reviewer

The document outlines key concepts in cybersecurity, including the CIA triad, common cyber threats like malware and phishing, and essential practices for network and system security. It emphasizes the importance of incident response, forensic analysis, and compliance with frameworks such as ISO 27001 and GDPR. Additionally, it discusses preventive measures and response strategies for various types of security breaches.

Uploaded by

Jhonel Alam
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
19 views3 pages

Reviewer

The document outlines key concepts in cybersecurity, including the CIA triad, common cyber threats like malware and phishing, and essential practices for network and system security. It emphasizes the importance of incident response, forensic analysis, and compliance with frameworks such as ISO 27001 and GDPR. Additionally, it discusses preventive measures and response strategies for various types of security breaches.

Uploaded by

Jhonel Alam
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

1.

Fundamentals of Cybersecurity • Monitor and Analyze Network


Traffic: Use IDS/IPS for traffic analysis
• Definition and Importance of to detect malicious activity.
Cybersecurity
The practice of protecting systems, • Restore from Secure Backups: If data
networks, and programs from digital corruption occurs, restore systems from
attacks. secure backups.
• CIA Triad (Confidentiality, Integrity,
Availability)
A fundamental model in cybersecurity 3. System Security
ensuring data protection.
• Operating System Security (Windows
Common Cyber Threats: & Linux Hardening)
Strengthening OS defenses against
• Malware: Malicious software like
threats.
viruses, worms, and trojans that harm
• Patch Management and System
systems.
Updates
• Phishing: Fraudulent attempts to obtain Regular updates to fix security
sensitive information via email or vulnerabilities.
messages.
Response to Breach:
• DDoS (Distributed Denial of Service):
• Isolate Compromised Systems:
Attack that overwhelms a target system
Disconnect the affected systems to
with traffic.
prevent further damage.
• Social Engineering: Manipulating
• Full Security Audit: Assess how the
individuals into divulging confidential
breach occurred and the extent of the
information.
damage.
• Restore from Backups: Use secure
2. Network Security backups to recover compromised data
and systems.
• Basics of Networking (OSI Model,
TCP/IP)
Foundational concepts of data
4. Web Security
communication.
• Firewalls and IDS/IPS • Cross-Site Scripting (XSS)
Security mechanisms to monitor and Injection of malicious scripts into
control network traffic. websites.
• Virtual Private Networks (VPNs) • SQL Injection
Secure communication channels over Exploiting vulnerabilities in databases
untrusted networks. through input fields.
• HTTPS and SSL/TLS Certificates
Response to Breach:
Encryption protocols for secure web
• Immediate Network Segmentation: communication.
Isolate the affected network or devices
Response to Breach:
to prevent further compromise.
• Quarantine the Affected Web • Common Penetration Testing Tools
Application: Temporarily disable the Nmap, Metasploit, Burp Suite, Kali
web application or isolate it from the Linux.
network. • Red Team vs Blue Team vs Purple
Team
• Analyze Logs: Investigate the breach by
Offensive and defensive cybersecurity
reviewing server logs and identifying
roles.
attack methods.
• Fix Vulnerabilities: Address exploited
vulnerabilities and patch the system. 8. Compliance and Risk Management

• Common Compliance Frameworks


ISO 27001, NIST, GDPR, HIPAA, PCI-
5. Cryptography
DSS.
• Symmetric vs Asymmetric Encryption • Risk Assessment and Mitigation
Two primary encryption methods for Strategies
secure data transfer. Identifying and reducing security risks.
• Hashing Algorithms (SHA, MD5,
bcrypt)
Methods for ensuring data integrity. 9. Command-Line Security Tools

• CMD & PowerShell for Security


Auditing
6. Incident Response & Forensics
List running processes, view network
• Incident Response Lifecycle connections, and check system logs.
Stages of handling security breaches
(Preparation, Detection, Containment,
Eradication, Recovery, Lessons 10. Unknown Terminologies &
Learned). Implementation for Education
• Digital Forensics
Investigating cyber incidents to gather • Homomorphic Encryption
legal evidence. Encryption that allows computation on
ciphertexts without decryption.
Response to Breach: • Polymorphic Malware
Malware that changes its code to evade
• Incident Response Plan: Ensure an
detection.
effective plan is in place to handle
breaches quickly. • Cyber Kill Chain
A framework describing the stages of a
• Forensic Analysis: Gather evidence to cyberattack.
understand the scope of the attack and • MITRE ATT&CK Framework
prevent future breaches. A knowledge base of cyber adversary
tactics and techniques.
• Post-Incident Review: Perform a root
cause analysis to identify areas for
improvement in security practices.
Solutions for Security Breaches:
System Security Breach:
7. Ethical Hacking & Penetration Testing
• Isolate Systems: Disconnect affected 10. Python Security Scripting
systems to limit damage.
Simple Port Scanner
• Audit and Investigate: Review logs
python
and identify how the breach occurred.
import socket
• Restore from Backups: Use clean
backups to recover affected systems. for port in range(20, 1025):
Preventive Measures: sock = socket.socket(socket.AF_INET,
socket.SOCK_STREAM)
• Implement patch management, harden
systems, and use strong authentication sock.settimeout(1)
methods.
result = sock.connect_ex(("127.0.0.1", port))
Web Security Breach:
if result == 0:
• Quarantine Affected Application:
Disable or isolate the compromised print(f"Port {port} is open")
application. sock.close()
• Analyze Logs: Investigate attack
methods and patch vulnerabilities.
• Notify Affected Parties: Inform
customers or regulatory bodies if
necessary.
Preventive Measures:
• Use secure coding practices, HTTPS,
and deploy WAFs.
Network Security Breach:
• Segment the Network: Isolate
compromised segments or devices.
• Monitor Traffic: Use IDS/IPS to detect
further malicious activity.
• Restore Data: Restore from backups if
necessary.
Preventive Measures:
• Use firewalls, VPNs, and network
segmentation.

You might also like