Cybersecurity Notes - Basic to Advanced

1. Basics of Cybersecurity

- Cybersecurity: Protecting systems, networks, and data from digital

attacks.
- Importance: Prevent data breaches, ensure privacy, and maintain trust.
- Common Threats:
- Malware: Malicious software like viruses, worms, spyware.
- Phishing: Trick users into giving sensitive info.
- Ransomware: Locks files until ransom is paid.
- CIA Triad:
- Confidentiality - keep data private.
- Integrity - ensure data isn't altered.
- Availability - ensure systems are accessible.
- Firewalls: Filter traffic between trusted and untrusted networks.
- Antivirus: Detects and removes malicious software.

2. Intermediate Cybersecurity

- TCP/IP & OSI Model: Basics of network communication.

- Cryptography:
- Symmetric: Same key for encrypt/decrypt (AES).
- Asymmetric: Public/private key (RSA).
- Hashing: Converts data to fixed-length string (SHA, MD5).
- Tools:
- Wireshark - Network packet analysis.
- Nmap - Port scanning.
- Metasploit - Exploitation framework.
- VPN: Secures internet connection via encryption.
- IDS/IPS: Detects/prevents intrusion attempts.
- Linux Commands:
 Cybersecurity Notes - Basic to Advanced

- ls, cd, pwd, chmod, chown, netstat, ps

3. Advanced Cybersecurity

- Penetration Testing Phases:

- Reconnaissance, Scanning, Gaining Access, Maintaining Access,
Covering Tracks.
- SIEM Tools: Collect and analyze logs (Splunk, Wazuh).
- SOC (Security Operations Center): Monitors and responds to security
incidents.
- OWASP Top 10: Common web app vulnerabilities (XSS, SQLi, CSRF, etc.).
- Digital Forensics:
- Identify, collect, preserve, analyze digital evidence.
- Cloud Security:
- Secure AWS, Azure resources.
- IAM roles, encryption, audits.
- Red Team vs Blue Team:
- Red - attackers.
- Blue - defenders.
- Zero Trust: "Never trust, always verify" model.
- Incident Response:
- Preparation, Identification, Containment, Eradication, Recovery,
Lessons Learned.