Scribd
Upload
95 views2 pages

CyberSecurity Module3 Notes

The document outlines key concepts in cyber security, focusing on the four pillars of security: deter, prevent, detect, and respond. It covers network security, protection of resources, core security services, types of network-based attacks, and various attack methods including phishing and tailgating. Additionally, it discusses Wi-Fi authentication and encryption, highlighting the importance of strong encryption protocols like WPA3.

Uploaded by

akshattyagi146
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
95 views2 pages

CyberSecurity Module3 Notes

The document outlines key concepts in cyber security, focusing on the four pillars of security: deter, prevent, detect, and respond. It covers network security, protection of resources, core security services, types of network-based attacks, and various attack methods including phishing and tailgating. Additionally, it discusses Wi-Fi authentication and encryption, highlighting the importance of strong encryption protocols like WPA3.

Uploaded by

akshattyagi146
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Cyber Security - Module 3: Protection Mechanisms, Attacks, and Security Services

1. 4 Pillars of Security: Deter, Prevent, Detect, Respond

- Deterrence: Warns attackers using signs and policies.

- Prevention: Blocks access (firewalls, biometrics).

- Detection: Alerts on suspicious activity (IDS).

- Response: Actions after breach (lock accounts, block IPs).

2. Introduction to Network Security

- Protects users, data, devices in a network.

- More complex than single computer security.

3. Protection of Network Resources

- Hardware: Routers, switches, firewalls.

- Software: OS, apps, servers, databases.

4. Core Security Services (CIA + 2)

- Access Control: Controls resource access.

- Authentication: Verifies identity.

- Confidentiality: Encryption to protect data.

- Integrity: Hashing ensures unchanged data.

- Non-repudiation: Digital signatures prove actions.

5. Network-Based Attacks

- DoS/DDoS: Overload servers.

- MITM: Intercept communications.

- IP/DNS Spoofing: Fake identity or site.


- SQLi, XSS: Code injection into apps.

- Sniffing, Brute Force, Zero-Day, Insider threats.

6. Active vs Passive Attacks

- Active: Modifies data (e.g., DoS, SQLi).

- Passive: Observes data (e.g., sniffing).

7. Phishing & Types

- Email, Spear, Whaling, Vishing, Smishing, Clone, Pharming, BEC.

8. Tailgating

- Follows someone into secure area.

- Prevention: Mantraps, smart cards.

9. 802.11 Wi-Fi Authentication & Encryption

- Phases: Discovery -> Auth -> Key Derivation -> Encrypted Comms.

- WPA3: Strong encryption, mutual auth.

You might also like