Add to collection(s) Add to saved
  1. No category
Uploaded by modugunavateja

Cybersecuirty Definitions

advertisement 
Definitions
LAN
It is a computer network which connects all the devices w
Eg: Home, School, Hospital
WAN
It is a computer network which connects all the devices a
Eg: offices located in India and US
MAN
It is a computer network which connects all the devices a
Eg: offices located in Hyderabad and Bangalore
Data Center
It is a room where all the servers and networking devices
They are deployed either by wall mounted or rack mount
Authentication
It is a process of prooving an user's identity or Who am I?
Authorisation
It is a process giving someone permission to have access
Active Directory
It is a database/server which stores and organizes all the
Domain Controller
It is a centralised authentication server in an organisation
Malware
It is a malicious software created by hacker/attacker by d
Types
Virus, worm, trojan, RAT, botnet, spyware, adware, backd
Anti Virus
For a single system/laptop
EDR
At the organisation level
AV/EDR
It monitors, detects and block malware category of attac
RJ45 Cable
It is a ethernet cable
Drawback - It supports only upto 1GBPS
To eliminate this drawback we use Optical Fibre cables
Abnormal/malicious/suspicious activity
Activity of bad intent b
Intruder/hacker/attacker/threat actor/adversary
He is a person/crimina
Alert
An alert is a suspicious activity in the network
Incident
An incident is a confirmed malicious activity in the netw
Log
Computer's any recorded activity is a log
Windows device
C:\Windows\system32\config\
Event
A log becomes an event when it matches any rule defined
SIEM Tool
It is a combination of SIM and SEM. It is a log collection, l
SIM
SEM
SOC
Security Information Management
Secuirty Event Management
It is a room where all the security analysts are seated and
It is also as CERT, CSIRT, SIRT
CERT
CSIRT
SIRT
Cybersecurity Emergenct Response Team
Cybersecurity Incidence Response Team
Security Incident Response Team
Three pillars of Cybersecurity/Organisation
CIA Triad
Confidentiality, Integrity, Availability
Confidentiality
How?
It ensures the privacy and secrecy of the data
Encryption, Access control
Integrity
How?
It ensures that data is not modified either in t
Hashing
Availability
How?
It ensures that all the systems and data in an
Deploying Load Balancers, Backups
Inbound Traffic
Traffic from out to in or external to internal o
Outbound Traffic
Traffic from in to out or internal to external of
Netflow Traffic
Sum of inbound and outbound traffic is called
Firewall
It monitors inbound traffic as well as outboun
WAF
Web Application Firewall
It is a feature/subset of firewall. It protects the organisati
IDS
Intrusion Detection System
It monitors and detects malicious activity in the network.
IPS
Intrusion Prevention System
It monitors, detects and blocks malicious activity in the n
OWASP TOP 10
OWASP
Open Web Application Security Project
It is oraganisation/fremework which conducts survey and releases to
It condcuted surveys in 2010, 2013, 2017, 2021
Eg of app layer attacks
Injection flaw attack, crossite scrip
TCP
Transmission Control Protocol
It is used to trasfer data between 2 endpoints
It is a connection oriented protocol
UDP
User Datagram Protocol
It is used to trasfer data between 2 endpoints
It is a connection less protocol
SMTP
Simple Mail Transfer Protocol
It is used for sending or receiving mails
It is also called as Unified Communication server, Exchang
HTTP
Hypertext Transfer Protocol
It is web browsing protocol
It is user to transfer data between web browser and the
DNS
Domain Name Server
It converts Domain Name into IP Address or Ip address in
IP Address
It is numerical label/number assigned to each and every c
It is a logical number. It is not a fixed one.
DHCP
Dynamic Host Configuration Protocol
It allocates IP Addresses automatically/dynamically to all
Agent
It is a kind of software which has to be installed on every
Eg: AV agent
Blocklist
It is done for the purpose of protecting an organisation fr
IP Address
URL
Domains
MAC Address
Firewall
Proxy/FW
DNS/FW
Switches/FW
MAC Address
It is physical address of the computer. The size of MAC ad
NIC Card
It is a hardware component without which a computer ca
Vulnerabilty
Weakness in the system
Eg: No security guard in front of the gate
Outdated AV Agent
Firewall rules misconfiguration
Threat
Anyone/anything that can exploit a vulnerability intentio
Risk
If vulnerabilty is exploited, it is called a Risk.
Vulnerabilty*threat
SLA
Service Level Agreement
It is a contractual between a service based company and
ARP
Address Resolution Protocol
It converts layer 3 IP address to layer 2 MAC address
RARP
Reverse Resolution Protocol
It converts layer2 MAC address to layer 3 IP Address
ithin a building or home with internet or without internet
cross the globe with internet or public network
cross the country/city with internet or public network
are connected together via physical cables.
ed
to something. Who are you?
information related to company's employees and computers
. It responds to authentication requests of the employees and authorizes their identity
eveloping malicious code and is sent to endpoints, networks, servers and databases.
oor, logicbomb etc.
ks in the endpoint/network. It is the first defense tool for malware category of attacks
y the attacker
l who wants to gain unauthorized access by compromising the system to steal the data.
ork
in the policy
Alert
Forensic investigation
false positive
fake alert
True positive
confirmed incident
og processing, log analysis and log monitoring tool
monitors alerts 24*7 and do appropriate incident investigation
ransit or at rest. Only the authorized person can modify the data
organization are readily available to its users without any outage issues.
f an organisation is called Inbound traffic
an organisation is called outbound traffic
Netflow Traffic
d traffic. Based on rules configured, it will either allow or block the traffic.
on from application layer attacks.
HIDS
NIDS
Host- Endpoint
Network
etwork
p 10 application layer attacks and its mitigation steps as well.
ting attack, crosssite request forgery etc
e server, Email server
web server.
to domain name
omputer, server, databases etc
the endpoint machines in an organisation for a specific period of time by the process called DORA
enduser machine. It will be provided by vendors
om cyber attacks.
dress is 48 bit. It is a combination of characters and numbers.
nnot be connected over a network. It converts electrical signals into data signals.
nally/accidentally is a Threat.
the customer/client.
mal- malicious
ware- software
Related documents
Vision
Vision
LESSON7-ASSINMENT-22
LESSON7-ASSINMENT-22
Comptia 501 Sec+ Study Guide
Comptia 501 Sec+ Study Guide
Download
advertisement