What is Cybersecurity?

Cybersecurity is the process of protecting computer systems and network from being damaged or attacked by any malicious sources.

CIA Traid?

1. Confidentiality

• Prevents unauthorized data access.

• Data can be protected with strong passwords, multi-factor authentication.

2. Integrity

• Ensure data consistency.

• Protects data from being modified or altered by unauthorized access.

3. Availability

• Make resources available to authorized user on demand.

• Deal with continues maintenance of systems and hardware etc.

Most Common Attack Types

Cyber threats come in various forms, targeting vulnerabilities in sysytems and users, some of them are;

• Malware

Malware software like virus, worms, trojans, and ransomware that infect system and steal or damage data.

• Phishing

Social engineering attack where attackers trick user into revealing sensitive information through fake email or website.

• Denial Of Service (DoS) & Distributed Denial Of Service (DDoS)

Overloading a system or network to disrupt services.

• Man In The Middle (MITM) Attack

Intercepting and altering communication between two parties to steal data.

• SQL Injection

Injecting malicious SOL code into database to manipulate or extract sensitive data.

• Zero Day Exploit

Attacks that explicit unknown software vulnerabilities before a fix is available.

• Brute Force & Credential Stuffing

Attempting multiple username - password combinations to gain unauthorized access.

Networking Basics (OSI Model, TCP/IP)

🔹 OSI Model (Open Systems Interconnection Model)

The OSI Model is a theoretical framework that standardizes network communication in 7 layers:

7 Application - User interaction (HTTP, FTP, DNS)

6 Presentation - Data formatting, encryption, compression (SSL, JPEG)

5 Session - Manages sessions between devices (RPC, NetBIOS)

4 TransportEnsures reliable data transfer (TCP, UDP)

3 NetworkRouting and IP addressing (IP, ICMP, ARP)

2 Data LinkMAC addressing, error detection (Ethernet, Wi-Fi)

1 PhysicalHardware, cables, signals (RJ45, Fiber, Hubs)

🔹 TCP/IP Model

The TCP/IP Model is a simplified, practical model used for real-world networking. It has 4 layers:

• Application

• Transport

• Internet

• Network Access

🔹 Key Protocols

• TCP (Transmission Control Protocol): Reliable, connection-oriented (e.g., Web browsing, Email).

• UDP (User Datagram Protocol): Faster but unreliable (e.g., Streaming, VoIP, Gaming).

• IP (Internet Protocol): Assigns IP addresses and routes packets.

• ICMP (Internet Control Message Protocol): Used for error messages (e.g., ping command).

• ARP (Address Resolution Protocol): Resolves IP addresses to MAC addresses.

  
  

🔹 Why is This Important for Cybersecurity?

• Packet Analysis: Understanding network traffic in Wireshark.

• Firewall Rules: Configuring based on TCP/UDP ports.

• Network Attacks: Identifying MITM, DDoS, IP Spoofing, etc.

• Incident Response: Analyzing logs, Nmap scans, and security alerts.