CS unit 1

Cyber Security is the technique of protecting your system, digital devices,

network and all of the data stored in the devices from cyber attack

it is the practice of protecting digital devices, networks and sensitive data

from cyber threats such as hacking, malware and phishing attacks

It involves a range of strategies, technologies, and best practices designed to

safeguard computers, networks and data from cyber attacks

One crucial aspect of cybersecurity is Encryption, which ensures that

sensitive information remains private and readable only to authorized users.

In short, cybersecurity keeps your world safe and secure. It ensures that
sensitive information remains confidential, intact and accessible only to
authorized users. Whether its securing personal information, financial
transaction or corporation database

Elements of Information security

Confidentiality – Ensures that sensitive data is accessed only by authorized
individuals to prevent unauthorized disclosure.

Integrity – Maintains the accuracy and reliability of data by preventing

unauthorized modifications.

Availability – Ensures that information and systems are accessible to

authorized users when needed.

Authentication – Confirms the identity of users and systems to prevent

unauthorized access.

Authorization – Grants specific permissions to users based on their identity

and role.

Non-Repudiation – Ensures that actions or transactions cannot be denied

after being performed.

CS unit 1 1
 Risk Management – Identifies, assesses, and mitigates security threats to
protect information systems.

Auditing & Monitoring – Tracks and logs activities to detect and respond to
security incidents.

Security Policy
A Security policy in cyber security is a document that outlines the rules,
expectations, and overall approach an organization uses to maintain the
confidentiality, integrity, and availability of its data.

It serves as a foundation for an organization's entire cyber security process,

establishing guidelines for data security activities such as encrypting emails,
limiting access to critical systems, and maintaining data integrity.

In cybersecurity, there are several types of security policies that organizations

use to manage and protect their information assets.

These policies cover various aspects of security and are designed to address
different areas of concern.

Here are the main types of security policies:

Access Control Policy: This policy specifies authentication methods,

authorization processes, and auditing protocols to control access to
sensitive information.

Email Security Policy: This policy provides guidance on how to protect the
company’s sensitive information through email security measures.

Information Security Policy: This is a high-level document that outlines an

organization’s stance on security issues. It provides a security framework
that guides managers and employees throughout the organization.

Physical Security Policy: This policy addresses how security is handled at

data centers, server rooms, and end-points within the company’s offices
and elsewhere. It includes access management, monitoring, and
identification of secure areas.

CS unit 1 2
 Data Retention Policy: This policy defines which data the company
collects and processes, where, how, and for how long it should be stored.
It impacts several areas, including security, privacy, and compliance.

Data Encryption Policy: This policy outlines how the organization handles
the secure storage and transmission of data.

Security Goals and mechanisms

Security Goals
1. Confidentiality – Ensures that sensitive information is not accessed by
unauthorized users. Techniques like encryption and access control help
protect data.

2. Integrity – Ensures that data remains accurate, unmodified, and reliable. Hash
functions and digital signatures are used to maintain integrity.

3. Availability – Ensures that data and resources are accessible to authorized

users whenever needed. Load balancing, redundancy, and backups help
maintain availability.

4. Authentication – Confirms the identity of a user, device, or system before

granting access. Passwords, biometrics, and two-factor authentication (2FA)
are commonly used.

5. Authorization – Grants specific access permissions to users based on their

roles and privileges. Role-Based Access Control (RBAC) is a common method.

6. Non-Repudiation – Prevents users from denying their actions or transactions.

Digital signatures and logs help achieve non-repudiation.

Security Mechanisms
1. Encryption – Converts data into an unreadable format using cryptographic
algorithms (e.g., AES, RSA) to ensure confidentiality.

2. Firewalls – Hardware or software that filters incoming and outgoing network

traffic based on security rules to block malicious access.

CS unit 1 3
 3. Intrusion Detection Systems (IDS) – Monitors network traffic and detects
suspicious activities or potential attacks.

4. Access Control – Regulates who can access what resources using techniques
like Mandatory Access Control (MAC) and Discretionary Access Control
(DAC).

5. Multi-Factor Authentication (MFA) – Requires multiple verification factors

(e.g., password + OTP) to enhance authentication security.

6. Digital Signatures – Ensures data integrity and non-repudiation by verifying

the sender’s identity using cryptographic keys.

7. Backups & Disaster Recovery – Stores copies of data to ensure availability in

case of failures, cyberattacks, or disasters.

Operational Security Model for Network

Security
The OPSEC model follows five key phases to ensure secure network operations:

1. Identify Critical Information

Determine which data, assets, or processes are crucial to the organization.

Examples: user credentials, sensitive documents, system configurations.

2. Analyze Threats

Identify potential threats that could exploit vulnerabilities.

Examples: cybercriminals, insider threats, malware attacks.

3. Assess Vulnerabilities

Examine weak points in the network where threats could gain access.

Examples: unpatched software, weak passwords, misconfigured firewalls.

4. Assess Risk

Evaluate the likelihood and impact of a security breach.

Examples: financial loss, data leakage, system downtime.

CS unit 1 4
 5. Apply Countermeasures

Implement security measures to mitigate risks.

Examples: encryption, firewalls, multi-factor authentication (MFA),

intrusion detection systems (IDS).

This model ensures a structured approach to identifying and mitigating security

risks in network environments.

Basic Terminologies in Network Security

Here are some basic terminologies in Network Security:

1. Authentication – The process of verifying the identity of a user, device, or

system before granting access.

2. Authorization – The process of granting or restricting user permissions based

on their authentication.

3. Encryption – The technique of converting plaintext data into a coded format

(ciphertext) to protect it from unauthorized access.

4. Decryption – The process of converting ciphertext back into plaintext using a

decryption key.

5. Firewall – A security system that monitors and controls incoming and outgoing
network traffic based on security rules.

6. Intrusion Detection System (IDS) – A security tool that monitors network

traffic for suspicious activities or policy violations.

7. Intrusion Prevention System (IPS) – An advanced security tool that detects

and blocks potential threats in real time.

8. Malware – Malicious software designed to harm or exploit devices, networks,

or data (e.g., viruses, worms, Trojans, ransomware).

9. Phishing – A cyber-attack method where attackers trick users into providing

sensitive information via fraudulent emails or websites.

CS unit 1 5
 10. Denial of Service (DoS) Attack – An attack that overwhelms a network or
system, making it unavailable to users.

11. Distributed Denial of Service (DDoS) Attack – A DoS attack carried out using
multiple compromised devices to amplify the effect.

12. Man-in-the-Middle (MITM) Attack – An attack where a hacker secretly

intercepts and alters communication between two parties.

Threats and Vulnerabilities

A threat is a potential danger that can exploit a weakness in a system and
cause harm

It can be intentional (e.g. hacking, malware attacks) or unintentional (e.g.,

accidental data leak)

For example, a phishing attack is a threat where attackers trick users into
revealing sensitive information like passwords.

Ransomware is another threat where attackers encrypt a victim’s data and

demand payment for decryption.

Threats can lead to financial loss, data breaches, and reputational damage.

A vulnerability is a weakness or flaw in a system that can be exploit by threat.

It can exists due to poor coding, misconfigurations, or outdated software.

For instance, an unpatched operating system is a vulnerability that can be

exploited by hackers using malware.

Weak passwords are another common vulnerability that allows attackers to

gain unauthorized access.

Regular security updates, strong authentication, and vulnerability assessments

help reduce risks.

Difference Between Security and Privacy

Aspect Security Privacy

CS unit 1 6
 Protection of data, systems, and Control over personal data and
Definition networks from unauthorized ensuring it is not shared without
access, attacks, or damage. consent.

Safeguarding data from threats like Ensuring that personal information

Focus
hacking, malware, and breaches. is used and shared appropriately.

Using firewalls and encryption to Keeping user data confidential,

Example protect a network from such as hiding personal details
cyberattacks. from third parties.

Includes encryption, Includes data anonymity, user

Methods authentication, firewalls, and consent, and legal regulations
access controls. (e.g., GDPR).

Privacy can be compromised if

Data can be stolen, modified, or
Risk personal data is collected or
deleted if security is weak.
shared without permission.

Covers all aspects of protecting IT

Focuses mainly on personal and
Scope infrastructure, networks, and
sensitive data of individuals.
information.

Security is needed to protect Privacy can exist only if security

Dependency
privacy. measures are in place.

Concerned IT professionals, cybersecurity Individuals, legal regulators, and

Users experts, and organizations. data protection officers.

Cyber Attack
A cyber attack is a deliberate attempt by hackers or malicious entities to
compromise, damage, or gain unauthorized access to computer systems,
networks, or data.

These attacks can target individuals, businesses, or even governments to steal

sensitive information, disrupt services, or cause financial loss.

Different Types of Cyber Attacks

CS unit 1 7
 1. Malware Attack – Malicious software like viruses, worms, Trojans, and
ransomware infects systems to steal or destroy data.
Example: Ransomware encrypts files and demands payment for decryption.

2. Phishing Attack – Attackers trick users into revealing sensitive information via
fake emails or websites.

Example: A fraudulent email pretending to be from a bank asks for login

credentials.

3. Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attack –

Overloading a system or network to make it unavailable to users.
Example: A website becomes inaccessible due to excessive traffic from
botnets.

4. Man-in-the-Middle (MITM) Attack – Hackers intercept communication

between two parties to steal or alter data.
Example: An attacker eavesdrops on online banking transactions over an
unsecured Wi-Fi network

Active Attacks
Active attacks are unauthorized actions that alter the system or data.

In an active attack, the attacker will directly interfere with the target to damage
or gain unauthorized access to computer systems and networks.

This is done by injecting hostile code into communications, masquerading as

another user, or altering data to get unauthorized access.

This may include the injection of hostile code into communications, alteration
of data, and masquerading as another person to get unauthorized access.

Types of active attacks are as follows: DOS, MITM

CS unit 1 8
 Passive Attacks
A Passive attack attempts to learn or make use of information from the system
but does not affect system resources.

Passive Attacks are in the nature of eavesdropping on or monitoring

transmission.

The goal of the opponent is to obtain information that is being transmitted.

Passive attacks involve an attacker passively monitoring or collecting data

without altering or destroying it.

Examples of passive attacks include eavesdropping, where an attacker listens

in on network traffic to collect sensitive information, and sniffing, where an
attacker captures and analyzes data packets to steal sensitive information.

CS unit 1 9
CS unit 1 10