Scribd
Upload
200 views5 pages

1 - Info Security and Cyber Security Fundamentals

The document provides an overview of key information security concepts including the CIA triad of confidentiality, integrity and availability. It discusses common attack methods such as social engineering, privilege escalation and denial of service attacks. Specific security threats like malware, trojans and hackers are explained. Guidelines are offered for analyzing vulnerabilities, assessing risk with the CVSS, and mitigating threats through countermeasures and risk management.

Uploaded by

shimaa ashraf
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
200 views5 pages

1 - Info Security and Cyber Security Fundamentals

The document provides an overview of key information security concepts including the CIA triad of confidentiality, integrity and availability. It discusses common attack methods such as social engineering, privilege escalation and denial of service attacks. Specific security threats like malware, trojans and hackers are explained. Guidelines are offered for analyzing vulnerabilities, assessing risk with the CVSS, and mitigating threats through countermeasures and risk management.

Uploaded by

shimaa ashraf
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

2020

Info Security and


Cyber Security
Fundamentals for
CCNP SCOR Students
By
Eng. Abeer Hosni
Types of Data:
- At rest
- In motion

CIA Triad:
- Confidentiality: Hiding data from unauthorized persons/systems.
- Integrity: Prevents data from being corrupted.
- Availability: Ensures that data continues to be available at a required level.

Hint:
- Each vulnerability type has a unique number and date as showed in the CVE
or Common Vulnerability and Exposure database.
- The CVE was established by the US-CERT.
- A huge database of attack types is available in https://www.exploit-db.com
- The national vulnerability database https://nvd.nist.gov

CVSS (Common Vulnerability Scoring System):


- A free and open standard for accessing the severity of vulnerability.
- Current version is CVSS3.1
- https://www.first.org/cvss/calculator/3.1

Security Terms:
- Asset: anything of a value to an organization.
- Threat: A potential danger to the asset. In general it might be an attacker or a
piece of software.
- Vulnerability: a weakness in the system.
- Risk: the probability of the occurrence of the threat.
- Residual risk: The amount of risk left after safeguard.
- Exploit: A tool or a process that takes advantage of vulnerability.
- Countermeasure: a method of reducing and mitigating risk.
- Risk Management:
 Used to identify, assess, prioritize and monitor risks.
 Its goal is to eliminate or minimize risks.
Vulnerability Categories:
- Physical access to the equipment for unauthorized personnel.
- Hardware and Software vulnerabilities.
- Human factors (Incorrect designs and misconfigurations).
- Weaknesses in protocols, applications or systems.

Common Attack Methods:


- Reconnaissance (network discovery).
- Social Engineering (fouling/tricking people).
- Privilege Escalation (getting more access).
- Code Execution (activating malicious code).
- Backdoors (software installed to allow remote access in the future).
- Covert Channels (hidden communication channel).
- Trust Exploitation (utilizing an existing policy to obtain more access).
- Man in The Middle 'MITM' (an attacker puts himself into a session).
- Zero-day exploits.
- Denial of Service 'DOS' (making a device/system unusable): launched via
botnets.
- Disclosure of confidential information: a threat actor steals source code or
design document to sell them.
- Password Guessing/Cracking:
 Brute-Force Attack (trying all possible combinations of a password).
 Dictionary Attack (password guessing with a dictionary).
- Distributed DOS 'DDOS' (a DOS performed by multiple attackers, e.g. BotNet).
 Directed DDOS.
 Reflected DDOS (LAND attack).
- Malware (Malicious Software).
 Virus (needs human interaction).
 Worm (doesn’t need a carrier or human interaction).
 Spyware (stealing info, redirection, pop-up, eating BW….).
 Trojan horse (performs a different action).

Trojan Types:
- RAT (Remote-access Trojans)
- E-banking
- DOS
- DDOS
- Ransomeware
- Proxy
- FTP attack
- Security Software Disabler
- Backdoor
Ex: Keystroke Logger

Hint:
Users can be infected by Trojans using P2P, chat, instant messages, e-mails,
physical access, browser add-ons, untrusted mobile applications, free ware
applications or watering holes.
Hint:
Malicious code can be merged with legal applications using:
- Wrapper or binder (ex: iexpress)
- Packers (ex: winrar or SFX archive)
- Dropper
- Crypters

Attacker Types (The Threat Actor):


- Script kiddies
- Hackers
- Cracker
- Cyber attack
- Disgruntled employees
- Competitors
- State sponsors and governments
- Organized crime groups
- Hacktivisits (Political Reasons)

Hackers Categories:
- White hat hackers (Ethical hacker)
- Black hat hackers
- Gray hat hackers

Malware Analyzing:
- Static Analysis (Ex: Evan’s debugger)
- Dynamic Analysis (ex: Virtual environment)

Evasion techniques against security devices:


- Fragmentation
- Spoofing / Proxy
- Pattern change
- Encryption

Best Wishes
Abeer :)

You might also like