Scribd
Upload
50 views6 pages

Cyber 3 Imp

Imp unit

Uploaded by

Agrup Singa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
50 views6 pages

Cyber 3 Imp

Imp unit

Uploaded by

Agrup Singa
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

1.

Ethical Hacking Concepts and Scopes

Ethical Hacking involves identifying and fixing security vulnerabilities in systems,


networks, or applications, but with proper authorization. Ethical hackers use similar
techniques as malicious hackers but aim to improve security.

It is a legal and authorized attempt to identify vulnerabilities in systems to protect them


from malicious attacks.

Scope of Ethical Hacking:

● Protecting systems from cyberattacks.


● Identifying security flaws in applications and networks.
● Preventing data breaches and unauthorized access.
● Compliance with industry regulations (e.g., PCI DSS, ISO 27001).

Example: Organizations hire Certified Ethical Hackers (CEH) to simulate cyberattacks


and improve security. Ethical hacking plays a crucial role in banking, e-commerce,
healthcare, and government sectors to secure critical data and infrastructure.

2. Threats and Attack Vectors

A threat is any potential danger to an organization’s assets, data, or systems.


An attack vector is the path or method an attacker uses to exploit vulnerabilities in a
system.
They are potential risks to an organization’s security, while attack vectors are the
methods used to carry out these threats.
Common Threats: Data theft, unauthorized access, and denial of service.
Attack Vectors: Phishing emails, malware, unpatched software, and social engineering
techniques.
Prevention: Regular updates, employee awareness, encryption, and firewalls.

Examples of Attack Vectors:

1. Phishing Emails: Deceptive emails to steal credentials.


2. Malware: Infected files or links used to compromise systems.
3. Man-in-the-Middle (MITM): Intercepting data during transmission.
4. Unpatched Software: Exploiting outdated or vulnerable software.
5. Social Engineering: Manipulating people into divulging sensitive information.
3. Information Assurance

Information Assurance (IA) is the practice of ensuring that data and systems are
protected against unauthorized access, modification, or destruction. It focuses on
maintaining confidentiality, integrity, and availability (CIA Triad).

Principles of Information Assurance:

1. Confidentiality: Protecting sensitive data from unauthorized access.


2. Integrity: Ensuring data is accurate and unaltered.
3. Availability: Ensuring data and systems are accessible when needed.
4. Authentication: Verifying the identity of users.
5. Non-repudiation: Ensuring actions cannot be denied later.

Information Assurance is the process of protecting digital and physical assets by


maintaining confidentiality, integrity, and availability. It includes:

● Risk management: Identifying and mitigating risks.


● Authentication: Verifying users to prevent unauthorized access.
● Compliance: Following security standards like ISO 27001.
Example: Encrypting sensitive data ensures confidentiality, while regular backups
ensure availability.

Key Notes for Memorization:

● IA: Protects data and systems (CIA Triad).


● Principles: Confidentiality, integrity, availability, authentication, non-repudiation.
● Tools: Encryption, backups, firewalls.
4. Threat Modelling

Threat Modelling is the process of identifying potential security threats to a system,


application, or network, assessing the risks, and finding ways to mitigate them. It helps
organizations anticipate and prepare for possible attacks. Threat Modelling is a
systematic approach to understanding and addressing security risks in systems or
applications.

Steps in Threat Modelling:

1. Identify Assets: Determine what needs protection (e.g., data, servers).


2. Identify Threats: Recognize possible attack methods or vulnerabilities.
3. Analyze Threats: Assess the impact and likelihood of each threat.
4. Mitigate Threats: Implement measures to reduce risks.
5. Validate Security: Test the effectiveness of the mitigation strategies.

Identify key assets like sensitive data and user information, Recognize potential threats,
such as unauthorized access or malware, Assess the likelihood and severity of threats to
prioritize them, Implement countermeasures like firewalls, encryption, and regular
updates.
Example: Banks use threat modelling to protect online banking systems from phishing
attacks and data breaches.

Key Notes for Memorization:

● Threat Modelling: Identifying and mitigating risks.


● Steps: Identify assets, recognize threats, analyze risks, mitigate, validate.
● Example: Protecting online banking from phishing.
5. Enterprise Information Security Architecture (EISA)

Enterprise Information Security Architecture (EISA) is a structured framework that


defines an organization’s security policies, processes, and technologies to protect its
data and systems. It is a strategic approach to securing an organization’s IT
environment.

Components of EISA:

1. Policies: Guidelines for data protection and system access.


2. Processes: Defined steps to handle security incidents and manage risks.
3. Technologies: Tools like firewalls, antivirus software, and encryption.
4. Governance: Ensures compliance with legal and industry standards.

6. Vulnerability Assessment and Penetration Testing

VAPT is a two-step process used to evaluate the security of IT systems


Vulnerability Assessment is the process of identifying and prioritizing security
vulnerabilities in systems or networks. Scans systems for known weaknesses such as
unpatched software or insecure configurations.
Penetration Testing involves simulating real-world attacks to evaluate a system’s
security defenses. Simulates cyberattacks to test the effectiveness of security
measures.

Benefits:

● Identifies vulnerabilities before attackers exploit them.


● Helps in compliance with security standards.

Example: Online payment systems undergo VAPT to ensure secure transactions.

Key Notes for Memorization:

● VAPT: Two-step process (Assessment + Testing).


● VA: Finds vulnerabilities.
● PT: Tests system defenses.
● Example: Ensuring secure online payments.
7. Types of Social Engineering

Social engineering is the art of manipulating people into revealing confidential


information or performing actions that compromise security. It relies on psychological
manipulation rather than technical hacking.

Phishing: Sending fake emails or messages to trick users into revealing sensitive
information.
Spear Phishing: A targeted phishing attack aimed at specific individuals or
organizations.
Baiting: Offering something enticing (like free software or a USB drive) to lure victims
into compromising security.
Pretexting: Creating a fake scenario to trick someone into providing information (e.g.,
pretending to be tech support).
Tailgating: Gaining physical access to restricted areas by following someone authorized.
Quid Pro Quo: Offering a service in exchange for information (e.g., posing as IT staff
offering help).

8. Insider Attack and Preventing Insider Threats

An Insider Attack occurs when an employee, contractor, or trusted individual


intentionally or unintentionally compromises an organization’s security. This could
involve leaking data, sabotaging systems, or abusing privileges.

Types of Insider Threats:

1. Malicious Insiders: Employees intentionally stealing or damaging data.


2. Negligent Insiders: Unintentional errors, like clicking on phishing links.
3. Compromised Insiders: Employees whose accounts have been hacked.

Preventing Insider Threats:

1. Implement strict access controls.


2. Conduct regular employee training on cybersecurity awareness.
3. Monitor user activity and flag suspicious behavior.
4. Limit access to sensitive data based on job roles.
5. Use multi-factor authentication (MFA).

Key Notes for Memorization:

● Insider Threats: Malicious, negligent, compromised.


● Prevention: Access control, training, monitoring, MFA.
● Example: Data leaks by employees.

9. Social Engineering Targets and Defense Strategies

Social engineering targets include employees, executives, and IT staff who can
unknowingly provide access to attackers.

Defense Strategies:

1. Conduct awareness training to educate employees about phishing and pretexting.


2. Implement phishing simulations to test and improve readiness.
3. Adopt a zero-trust security model to limit access to sensitive systems.
4. Set up clear channels for reporting suspicious activities or emails.
Example: Regular training helps employees recognize fake emails and avoid
clicking malicious links.

You might also like