index

Cybersecurity (or security)#

Key terms and concepts#

• Compliance is the process of adhering to internal standards and external regulations and enables organizations to avoid fines and security breaches.
• Security frameworks are guidelines used for building plans to help mitigate risks and threats to data and privacy. ^696cbb
• Security controls are safeguards designed to reduce specific security risks. They are used with security frameworks to establish a strong security posture.
• Security posture is an organization’s ability to manage its defense of critical assets and data and react to change. A strong security posture leads to lower risk for the organization.
• A threat actor, or malicious attacker, is any person or group who presents a security risk. This risk can relate to computers, applications, networks, and data.
• An internal threat can be a current or former employee, an external vendor, or a trusted partner who poses a security risk. At times, an internal threat is accidental. For example, an employee who accidentally clicks on a malicious email link would be considered an accidental threat. Other times, the internal threat actor intentionally engages in risky activities, such as unauthorized data access.
• Network security is the practice of keeping an organization’s network infrastructure secure from unauthorized access. This includes data, services, systems, and devices that are stored in an organization’s network.
• Cloud security is the process of ensuring that assets stored in the cloud are properly configured, or set up correctly, and access to those assets is limited to authorized users. The cloud is a network made up of a collection of servers or computers that store resources and data in remote physical locations known as data centers that can be accessed via the internet. Cloud security is a growing subfield of cybersecurity that specifically focuses on the protection of data, applications, and infrastructure in the cloud.
• Personally identifiable information (PII): Any information used to infer an individual’s identity
• Sensitive personally identifiable information (SPII): A specific type of PII that falls under stricter handling guidelines.

Core skills for cybersecurity professionals#

• Transferable skills: Communication, Problem-solving, Time management, Growth mindset, Diverse perspectives
• Technical skills: Programming languages, Security information and event management (SIEM) tools, Intrusion detection systems (IDSs), Threat landscape knowledge, Incident response, Malware prevention

Security Risks#

Security Frameworks#

Threats#

[[CyberSec/05 Vulns & Attacks/index]]#

CISSP Domains#

A hacker is any person who uses computers to gain access to computer systems, networks, or data.

Ethics in cybersecurity#

Security ethics are guidelines for making appropriate decisions as a security professional.

Cybersecurity tools#

• SIEM Tools
• Network Protocol Analyzer / Packet sniffer: a tool designed to capture and analyze data traffic within a network. Common network protocol analyzers include tcpdump and Wireshark.
• SQL stands for Structured Query Language. SQL is a programming language used to create, interact with, and request information from a database.
• An intrusion detection system (IDS) is an application that monitors system activity and alerts on possible intrusions.

• Encryption is the process of converting data from a readable format to a cryptographically encoded format. Cryptographic encoding means converting plaintext into secure ciphertext. Plaintext is unencrypted information and secure ciphertext is the result of encryption.