Cybersecurity Tutorial For Beginners : Online Security Learning Lesson: Fundamentals of Cyber Security

Cybersecurity Tutorial For Beginners : Online Security Learning Lesson: Fundamentals of Cyber Security

Online Security Learning Lesson: Fundamentals of Cyber Security

Welcome to this lesson on the fundamentals of cyber security. In today's digital world, where we rely heavily on technology, cyber attacks are becoming more frequent and sophisticated. This makes cyber security essential for safeguarding personal information, business data, and even government systems. Cyber crime damages are estimated to cost trillions annually, highlighting the critical need for protection.

What is Cyber Security?

Cyber security is the practice of protecting systems, networks, and data from online threats. These illegal attacks are often referred to as hacking. Hacking itself is exploiting weaknesses in a computer network to gain unauthorized access to information.

The primary goal of cyber security is to protect an organization's critical assets.

Understanding Assets

An asset is anything that has value to an organization. This is not just hardware and software, but also people, information, and facilities. Assets can be tangible (like computers) or intangible (like company image or intellectual property) [Mentioned in previous conversation, supported by the broad definition in 11, 13]. Each asset has inherent value, whether monetary or strategic [Mentioned in previous conversation].

Protecting assets is crucial because a breach can lead to financial loss, customer dissatisfaction, legal issues, and potentially business failure [Mentioned in previous conversation]. Organizations must identify and prioritize their assets based on their value, importance, and sensitivity.

The Foundational Concepts: CIA Triad

The baseline for all information security concepts and practices is the domain of security and risk management. At the core of protecting assets is the CIA Triad:

  • Confidentiality (C): Protecting sensitive information from unauthorized access. This means only authorized individuals can view or access specific data.
    • Example: Using encryption to make data unreadable to those without the key. Implementing access controls and authentication mechanisms to verify users' identities.
  • Integrity (I): Ensuring the accuracy, completeness, and reliability of data. Data should not be modified or tampered with without authorization.
    • Example: Using digital signatures or checksums [Mentioned in previous conversation, related to data authentication in 45]. Employing mechanisms to detect even small changes in data [Mentioned in previous conversation, conceptually related to authentication header in 45].
  • Availability (A): Ensuring that systems, networks, and data are accessible and usable by authorized users when needed. Attacks on availability often involve preventing legitimate access.
    • Example: Protecting against Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks. Implementing redundant systems and backup procedures [Mentioned in previous conversation, related to business continuity planning in 12].

Security Governance and Compliance

To ensure the CIA triad, organizations implement security governance. This involves establishing and following management practices, standards, policies, and procedures. These practices help provide insights into security controls, which are the protective mechanisms in place. Compliance with standards and regulations (like PCI DSS, HIPAA, GDPR) also drives security governance.

Risk Management

Risk management is closely related to information security. It involves understanding and managing risks associated with assets. A risk is generally calculated as the likelihood of a threat exploiting a vulnerability multiplied by the impact of that event [Mentioned in previous conversation].

  • Threats: Potential dangers that could exploit vulnerabilities. Examples include malicious actors, internal employees, or configuration errors [Mentioned in previous conversation].
  • Vulnerabilities: Weaknesses in systems or practices that can be exploited by threats.
  • Exploits: Specific ways to take advantage of a vulnerability.

Based on risk analysis, organizations choose a risk treatment strategy:

  • Accept: Acknowledge the risk but decide not to take action.
  • Mitigate: Reduce the likelihood or impact of the risk through controls.
  • Avoid: Stop the activity that creates the risk.
  • Transfer: Shift the risk to another party, often through insurance.

Security Controls are the protective measures chosen based on the value of the asset and the calculated risk [Mentioned in previous conversation]. Their cost should generally not exceed the potential loss from a breach. Examples include encryption, physical security (guards, CCTV), and access controls.

Understanding Attackers: Types of Hackers

It's important to understand who might attack digital assets:

  • Black Hat Hackers: Individuals who illegally hack into systems for monetary gain or malicious purposes.
  • White Hat Hackers (Ethical Hackers): Individuals who exploit system vulnerabilities by hacking with permission to defend the organization. This is legal and ethical. They are hired to think like attackers and identify weaknesses before outsiders do.
  • Gray Hat Hackers: Discover vulnerabilities without permission, sometimes reporting them to the owner (a good act), but may ask for money in return.

Ethical Hacking and Penetration Testing

Ethical hacking or penetration testing is a crucial part of defense, acting as a vulnerability assessment. Skilled professionals simulate attacks to find weaknesses.

Ethical hacking is typically divided into phases:

  1. Reconnaissance: Gathering information about the target system. Tools like Nmap and Hping can be used.
  2. Scanning: Identifying vulnerabilities in the target system using tools like Nmap and Nexpose.
  3. Gaining Access: Exploiting identified vulnerabilities.
  4. Maintaining Access: Installing backdoors to keep access for future attacks, potentially using tools like Metasploit.
  5. Clearing Tracks: Removing evidence of the attack.
  6. Reporting: Documenting the attack, identified vulnerabilities, tools used, and success rate.

Key Cyber Security Tools

Ethical hackers and security professionals use various tools:

  • Network Scanners: Nmap
  • Packet Analyzers: Wireshark - used to capture and analyze network traffic, helping understand data transmission (like showing clear text passwords over HTTP vs encrypted HTTPS).
  • Penetration Testing Frameworks: Metasploit - powerful tool for exploiting vulnerabilities and gaining access.
  • Web Application Security Tools: Burp Suite, Nikto.
  • Wireless Hacking Tools: Wi-Fi Pineapple, Ubertooth One (Bluetooth), Airgeddon, Aircrack-ng, Hashcat.
  • Packet Generators/Analyzers: Hping3.
  • Operating Systems for Ethical Hacking: Kali Linux and Parrot Security OS - come pre-installed with necessary tools.

Common Cyber Attacks

Organizations protect against numerous attack types:

  • Phishing: Tricking victims (often via email) into revealing sensitive information like login credentials.
  • Ransomware: Encrypting data and demanding payment (ransom) for decryption, like the WannaCry attack.
  • Denial of Service (DoS) / Distributed Denial of Service (DDoS): Overwhelming a system or service with traffic to make it unavailable to legitimate users. Often uses a network of compromised devices called a botnet.
  • Brute Force Attacks: Trying numerous combinations of usernames and passwords until the correct one is found. The strength of the password is critical.
  • Botnets: A network of compromised devices (bots or zombies) controlled by an attacker to launch large-scale attacks like DDoS, data theft, or malware propagation. Examples include Mirai and Zeus.
  • Keyloggers: Malicious programs that record keystrokes (data typed on a keyboard) and send them to an attacker, used for stealing credentials or sensitive data.
  • Spyware: Malware that gathers information about a user or device and sends it to an attacker. Pegasus is a notable example.
  • SQL Injection: A common web application vulnerability where an attacker can inject malicious SQL code into input fields to manipulate a database.
  • Cross-Site Scripting (XSS): Injecting malicious scripts into web pages viewed by other users, often exploiting vulnerabilities in input validation.

Defense Strategies and Technologies

Key technical and procedural defenses include:

  • Network Security: Protecting network infrastructure. Includes Authentication (verifying user identity) and Authorization (determining allowed access levels). Tools include Firewalls and Intrusion Prevention Systems (IPS). Intrusion Detection Systems (IDS) monitor for malicious activity and alert administrators, while IPS can actively block it.
  • Cryptography: The science of securing information by transforming it (encrypting) so only authorized parties can understand it, and reversing the process (decrypting).
    • Symmetric Key Cryptography: Uses a single key for both encryption and decryption. Examples: DES, AES [Mentioned in previous conversation]. Primarily used in banking applications. Key sharing is a challenge.
    • Asymmetric Key Cryptography (Public Key Cryptography): Uses a pair of keys: a public key for encryption and a private key for decryption. The public key can be shared freely. Examples: RSA. Solves the key sharing problem of symmetric encryption.
    • Encryption is vital for sensitive data and communication (e.g., using HTTPS/TLS for secure web connections instead of HTTP).
  • Strong Passwords and Passphrases: Essential defense against brute force attacks. Passwords should be strong (mix of characters, length) and passphrases (longer sequences) are also effective [Mentioned in previous conversation]. Implementing account lockout after failed attempts helps prevent brute force.
  • Regular Updates and Patching: Applying security updates to software and operating systems is necessary to fix known vulnerabilities that attackers could exploit.
  • Secure Coding Practices: Writing code in a way that prevents common vulnerabilities like SQL injection or XSS [Mentioned in previous conversation].
  • Antivirus, Anti-spyware, and Firewalls: Software tools that help detect and prevent malware and unauthorized network access.
  • Virtual Private Networks (VPNs): Create encrypted connections for secure data transmission, useful for remote access.
  • Multifactor Authentication (MFA): Adding extra verification steps (like a code to your phone) beyond just a password to make unauthorized access much harder.
  • Behavioral Analytics: Monitoring network statistics and usage patterns over time to detect unusual activity that might indicate an attack.

Essential Skills for Cyber Security Professionals

To excel in cyber security, the sources highlight several key skills:

  • Mastering Operating Systems: Good knowledge of Windows, Linux (especially Kali Linux for ethical hacking), Unix, and Macintosh is crucial. This includes understanding file systems, user management (like sudo, su in Linux), and command-line skills.
  • Understanding Networking: Networking is the base of cyber security. Learn how data travels, network types (LAN, WAN), and basic protocols.
  • Basic Coding Skills: Helpful for automating tasks, analyzing data, and understanding software vulnerabilities. Languages like Python are recommended.
  • Hands-on Practice: Crucial for gaining practical experience. Setting up a home lab with virtual machines (like using VMware with Kali Linux or Parrot Security OS) is highly recommended to practice scenarios and tools in a controlled environment. Platforms like Hack The Box and TryHackMe offer real-world challenges.
  • Documentation: Keeping detailed notes on learning, tools, and methods is important for review, troubleshooting, and sharing knowledge.
  • Staying Updated and Networking: Attending events (conferences, webinars) helps stay current on trends, tools, and threats, and provides networking opportunities.

Career Paths and Certifications

The demand for skilled cyber security professionals is high and growing. Specializing in areas like network security, ethical hacking, or incident response can make you more valuable.

Various certifications demonstrate expertise:

  • Certified Ethical Hacker (CEH)
  • CompTIA PenTest+
  • Licensed Penetration Tester (LPT)
  • CompTIA Advanced Security Practitioner (CASP+)
  • (Compared to) Certified Information Systems Security Professional (CISSP)
  • GIAC Certified Incident Handler (GCIH)
  • Certified Information Security Manager (CISM)
  • CCIE Security
  • Offensive Security Certified Professional (OSCP)
  • GIAC Security Expert (GSE)

Important Concepts in Interviews

Some concepts frequently covered in cyber security interviews include:

  • CSRF (Cross-Site Request Forgery): An attack where a victim is tricked into performing an unwanted action on a website where they are authenticated.
  • Threads and Processes: Concepts related to how software executes and manages resources, and how vulnerabilities can be exploited within them.
  • Kerberos: A network authentication protocol providing mutual authentication between clients and servers using a trusted third party (Key Distribution Center).
  • Data Protection in Transit vs. At Rest: Protecting data while it is being transmitted over a network versus protecting data stored on devices or databases.
  • VPN vs. VLAN: Virtual Private Network (secure encrypted tunnel for remote access) vs. Virtual Local Area Network (logically segregating networks without physical connection).
  • Loopback Address: A virtual interface (like 127.0.0.1) used by a device to communicate with itself, useful for testing security measures.

General User Security Tips

Beyond organizational measures, individuals should practice basic security:

  • Use strong passwords.
  • Be cautious of emails asking for credentials (Phishing).
  • Avoid clicking random pop-ups or suspicious links.
  • Only enter sensitive information (like passwords) on secure websites (HTTPS with a lock symbol).
  • Keep system security protocols and software regularly updated.
  • Use antivirus/anti-spyware software.
  • Limit sharing personal data online.
  • Consider using a virtual keyboard for sensitive input to protect against keyloggers.

Cyber security is an evolving field requiring continuous learning and adaptation to new challenges. By understanding the basics, practicing with tools, and staying informed, you can build a strong foundation in this critical area.

Source : Simplilearn

Back to blog

Leave a comment

Please note, comments need to be approved before they are published.