Sws101_unit1_journel

Introduction to Cyber Security

---

1. Offensive Security

The practice of actively testing the security measures of the system, network, or application with the intention of finding vulnerabilities.

It is also known as RED TEAM

Red Team

Red Team is a group of security professionals who simulate attacks on an organization’s infrastructure to identify vulnerabilities and weaknesses.

Offensive Security Tactics

• Vulnerability Scanning
• Penetration Testing
• Red Teaming

Offensive Security skills and tools

• matasploit
• kali linux
• Nmap
• Sqlmap

2. Defensive Security

Defensive Security is a reactive approach that focuses on preventing and mitigating cyber attacks.

It is BLUE TEAM

Blue Team

Blue Team is a group of security professionals who are responsible for maintaining the security of an organization’s infrastructure. The goal of a Blue Team is to prevent and mitigate cyber attacks.

Networking

Networking is the process of making connections and building relationships

1.Network Types

A computer network can be categorized by their size. A computer network is mainly of four types:

Computer Network Types

• LAN(Local Area Network)
• PAN(Personal Area Network)
• MAN(Metropolitan Area Network)
• WAN(Wide Area Network)

2.Network Topologies

Topology defines the structure of the network of how all the components are interconnected to each other.

Types of network topology which are:

• Bus Topology
• Ring Topology
• Mesh Topology

3.Proxies

A proxy server is a system or router that provides a gateway between users and the internet.

Types of Proxy Servers

• Forward Proxy : sits in front of clients and is used to get data to groups of users within an internal network
• Transparent Proxy : they are connected without knowing it.
• Reverse Proxy : a reverse proxy is positioned in front of web servers and forwards requests from a browser to the web servers.

4.Networking Models

In the world of networking, two models play a vital role in describing the communication and data transfer processes between hosts: the OSI/ISO model and the TCP/IP model.

OSI/ISO Model

• serves as a reference model to describe and define communication between systems.
• It consists of seven individual layers, each with its defined set of tasks.

TCP/ISO Model

• responsible for exchanging and transporting data packets over the Internet.
• It is important to note that TCP/IP refers not only to the TCP and IP protocols but encompasses an entire family of protocols.

5.Network Layer

It is the part of the Internet communications process where these connections occur, by sending packets of data back and forth between different networks.

6.IPv4 Addresses

IP stands for Internet Protocol and v4 stands for Version Four (IPv4). IP version four addresses are 32-bit integers which will be expressed in decimal notation.

Characteristics of IPv4

• IPv4 could be a 32-Bit IP Address.

• IPv4 could be a numeric address and its bits are separated by a dot.
• The number of header fields is twelve and the length of the header field is twenty.
• It has Unicast, broadcast, and multicast style of addresses.
• IPv4 supports VLSM (Virtual Length Subnet Mask).
• IPv4 uses the Post Address Resolution Protocol to map to the MAC address.
• RIP may be a routing protocol supported by the routed daemon.
• Networks ought to be designed either manually or with DHCP.
• Packet fragmentation permits from routers and causing host.

7.MAC Addresses

A MAC (Media Access Control) address, sometimes referred to as a hardware or physical address, is a unique, 12-character alphanumeric attribute that is used to identify individual electronic devices on a network.

Types of MAC Address

1. Unicast: A Unicast-addressed frame is only sent out to the interface leading to a specific NIC.
2. Multicast: The multicast address allows the source to send a frame to a group of devices.

8.IPv6 Addresses

An IPv6 address is a 128-bit alphanumeric value that identifies an endpoint device in an Internet Protocol Version 6 (IPv6) network. An IPv6 address is a 128-bit alphanumeric value that identifies an endpoint device in an Internet Protocol Version 6 (IPv6) network.

Format of an IPv6 address

In precise terms, an IPv6 address is 128 bits long and is arranged in eight groups, each of which is 16 bits. Each group is expressed as four hexadecimal digits and the groups are separated by colons.

IPv6 addresses can bring a variety of benefits, including:

• More efficient routing with smaller routing tables and aggregation of prefixes.
• Simplified packet processing due to more streamlined packet headers.
• Support of multicast packet flows.
• Hosts can generate their own IP addresses.
• Eliminates the need for network address translation (NAT).
• Easier to implement services like peer-to-peer (P2P) networks, voice over IP (VoIP) and stronger security.

9.Wireless Networks

A wireless network is a computer network that uses wireless data connections between network nodes.

Examples of wireless networks include cell phone networks, wireless local area networks (WLANs), wireless sensor networks, satellite communication networks, and terrestrial microwave networks.

Wireless PAN

Wireless personal area networks (WPANs) connect devices within a relatively small area, that is generally within a person’s reach.For example, both Bluetooth radio and invisible infrared light provides a WPAN for interconnecting a headset to a laptop.

WiFi Connection

Wi-Fi is a wireless networking technology that allows devices such as computers (laptops and desktops), mobile devices (smart phones and wearables), and other equipment (printers and video cameras) to interface with the Internet.

linux Endpoint

Linux Endpoint Detection and Response (EDR) is a set of security techniques for searching possible threats in the system endpoints by monitoring and detecting suspicious behavior (like the EDR) but intended for systems with Linux as the operating system.