Uncategorized

Network threats and Security controls: As the computer are advanced day by day so the Network threats are also increasing with the updates, as the systems are targeted more by hackers so we need to protect it overal Advance Network Threats and Security Controls. These are few threats/attacks which is performed by hackers most commonly. If we want to protect our systems from attackers we need to implement these security controls to stay safe. security controls Its a day 5 learnings but still have part 2 and you can read part 1 (https://munazajameel.site/basics-of-networking-in-cybersecurity-part-1/ ) for better understanding of network threats and security controls, because i want to dedicate one separate post for Threat Modeling Mechanisms in Cyber security. So see yaaaaa!!!

NETWORKING (PART 1) Networking means the process of connecting or interacting with others to exchange information between two or more devices (like computers, phones, servers) so they can share data. Basics Networking is so important to understand because hackers use networks to steal data, spread viruses or attack other computers. So that complete and better understanding is mandatory Basics of Networking & Terms You MUST Know Term Simple Meaning Real-Life Example IP Address Its like a specific home address for your device Every system has its own unique IP, like 192.168.1.1 Router Directs traffic between devices and the internet Like a postman sending letters to the correct house Server A powerful computer that gives data to other computers Like a restaurant kitchen sending food (data) to tables (users) Client A device asking for data Your phone opening Instagram is a client Firewall A security guard that blocks unwanted data Like a bouncer at a club, only letting in who’s allowed LAN (Local Area Network) Small network in one area Home Wi-Fi is a LAN WAN (Wide Area Network) Big network, spread far The Internet is a WAN DNS (Domain Name System) Converts website names into IP addresses Like a phone book turning “google.com” into numbers Packet Small piece of data sent over a network Like sending a book page-by-page in envelopes The above image shows how networking works, and give better basics of networking. How hackers try to attack, and how networking helps to stop them? Hacker Attack What It Means How Networking Knowledge Helps Man-in-the-middle Hacker listens to your private chats Learn to use encrypted networks DDoS Hacker overloads a server with traffic Use firewalls and load balancers Phishing Fake (links)websites to steal info Know how DNS (domain name system) works to spot fake domains Port Scanning Hacker looks for open “ports” (server that is used to send and receive data over a network) in your system Use firewall, close unneeded ports, monitor traffic, port scanner tool (like Nmap) are used to check which ports are open. E.g, HTTP, HTTPS (secure port) A router sends data between devices and connects your home network to the internet. It decides where data goes, like a traffic director or postman. IP address is a unique number that identifies a device on a network Types of Networking (Local Area Network): Small, limited area (home, school, office). (Wide Area Network): Covers a large distance, the internet is the biggest WAN. A firewall is like a security guard of the system, a security system that controls the traffic of outgoing and incoming in system. When we send any kind of data like image, document, video etc, that will be broken into small pieces, it is called as packets. These packets travel through the internet and are reassembled at the destination through TCP/IP A server is a large/big powerful computer that stores all kind of data and provide data or services to other systems is called as Server. Actually that was it for today, and next part of Networking will be shared in next blog. Learning & basic understanding of networking is compulsory so stay tuned for next part and do read the previous day for better learnings. https://munazajameel.site/cybersecurity-tools-for-beginners-day-3/ I’ll see you in the next one! for the next part of basics of Networking.

Main Cybersecurity Tools & Protection System All Security tools used in Cyber Security! Cyber security Tools: Its like the IDS is a security camera which can see and detect the threat while the IPS is like a automatic door that’s shut when danger is seen. For example in real world, these cyber security tools Used in company networks to detect and stop hackers before they can steal data. There are basically two types of encryption, In Symmetric only one key is used to lock and unlock data while in Asymmetric one key is used to lock (public key) while the other key is used to unlock data (private key). For example, WhatsApp uses encryption so your chats can’t be read by anyone, even WhatsApp. Also Websites use encryption (you see https/ in the address bar). Cyber security Basic Tools – Summary Table Cybersecurity Tools What It does? Simple Meanings Use in real world Firewall Protect from bad internet traffic and blocks it. its kind of security guard at main gate. Built into routers, protects networks IDS/IPS IDS detects, IPS blocks attacks. Its kind of a CCTV camera (IDS) and auto lock is door (IPS) Used in company networks Antivirus Scans and removes malware Like cleaning software for your PC Windows Defender, Avast, etc. Encryption Converts data into secret code Like locking info in a safe box WhatsApp, HTTPS websites Symmetric One key to lock/unlock You and friend share same key Faster, used for local data Asymmetric Two keys: public & private Lock with public, unlock with private Used in emails, websites MFA Adds extra login step Like fingerprint + password Used in Gmail, Facebook login VPN Hides your IP and activity Like wearing a mask online Bypass bans, use public Wi-Fi safely Network Security & Secure Protocols This is the foundation of how data travels safely across the internet. Networking is very vast topic but learning of cybersecurity tools will defiantly helps you in better understanding.  Network Basics 192.168.1.1 – Your router’s IP142.250.74.78 – Google.com’s IP (These are common not mine) everyone has lil bit different but in same pattern IPs. ·  TCP (Transmission Control Protocol) Breaks data into small packets/pieces (A Packet is a small piece of data that is part of a bigger message) and ensures it reaches correctly. It’s a communication rule (protocol) used when devices want to send data reliably over the internet. ·  IP (Internet protocol) Sends the packets to the correct destination. For example, you’re sending a message from your phone to your friend’s laptop.TCP breaks it up → IP sends each piece → Friend’s laptop reassembles it. – Ports, is like a doors for each room in house, so every service (email, website, video) on internet use separate port, Examples of Ports: Network Security Example:A company uses a firewall to block outside hackers from accessing internal servers. Even though they all use the same Wi-Fi, their data is kept separate. Usually its fir high end Wi-Fi routers. Its very necessary to understand all the basic cybersecurity tools and familiarize yoursel with terms. Common Secure Protocols Wi-Fi Security Summary Table: Network Security & Secure Protocols  Topic  What It Means  Real-Life Example IP Address Internet address of a device Like your home address online TCP/IP Sends data in small parts & reassembles it Sending a WhatsApp message Ports Doors for different services Port 443 = secure web browsing Perimeter Security Protects network edge Firewalls stop hackers at the door VLANs Separate networks inside one School: students vs. admin access HTTPS Secure websites Gmail, bank sites SSH Remote secure login Admin accessing server SSL/TLS Encrypts internet traffic Used in HTTPS WEP Old Wi-Fi security (unsafe) Don’t use it! WPA2/WPA3 Strong Wi-Fi protection Used in modern routers Security Policies, Compliance & Careers Famous Compliance Frameworks: Law Used For Example GDPR Protects personal data of EU (European union)  citizens A website must ask permission to collect cookies. HIPAA Secures health data in the U.S. A hospital can’t leak your medical report PCI-DSS Protects card payment info Online stores must encrypt credit card details Careers in Cyber security There are many roles in cyber security. Here are the main ones: Role What They Do Type  Blue Team Defend systems (like security guards) Defensive  Red Team Hack ethically to find weaknesses Offensive  GRC (Governance, Risk, Compliance) Make sure the company follows rules & stays secure Policy/Management  Real-Life Career Examples: “As theoretical parts almost comes to an end, but defiantly we learn daily new terms new techniques because leanings never stops and in cyber security its mandatory We cover all the basics of Cyber security in 3 days for day 2 visit https://munazajameel.site/basics-of-cyber-security-and-terms/ because after that we will start with practical learning. Follow for more updates. See yaaa!!!

Basics of Cyber security and all common terms explained for beginners! Actually its my second day of learning all the basic of cyber security in my diploma. First step to start is to understand all the theoretical part & basics terms. Introduction & Key Concepts  What is Cyber security? Cyber security is protecting computers, mobile phones, networks, and data from being stolen, damaged or misused. In simple security of digital world is called as cyber security. For example if you are living in a house (your computer), you have doors and windows (internet and apps). You lock them to stop thieves from entering, Cyber security is that lock but for digital house. Importance of Cyber security (Why it matters) CIA Triad: CIA stands for Confidentiality, Integrity & Availability Confidential mean private, to keep data safe and private, mean only the right people can see it. For example your whatsapp chats only you and receiver can see it. Integrity means to keep the data correct and unchanged. Keep it in real form. Like no one can change your data without your permission. For example a hacker must not change your bank balance from 1000 to 0. Availability means keep the systems online & working. A user should be able to access his data when needed. For example a website or app should not do down during cyber-attacks. Types of Cyber security There are different areas of cyber security depending on what you are protecting: Cyber security Terminologies The few commonly used terminologies as basics of cyber security are, Concept Meaning in Simple Words Confidentiality Keep things private Integrity Don’t let things be changed Availability Keep things working Threat The danger (like hacker) Vulnerability Weak point (like bad password) Exploit How the hacker attacks your weak point Risk Chance of something bad happening Types of Cyber Threats & Attack Malware                   Is a malicious software that is harmful software used to steal data or disrupt systems. Types of Malware: Phishing & Social Engineering Threat Type How It Works Example Virus Infects files & spreads when executed Infected USB with virus Worm Spreads automatically over networks Through Wi-Fi, networks Trojan Fake software act as legit Pirated game with spyware Ransomware Encrypts/lock files or data for ransom, ask for payment to unlock data WannaCry, LockBit Spyware Secretly monitors activity Keylogger stealing passwords Phishing Fake emails/sites stealing data “To Update your PayPal account click on link” Social Engineering Manipulating people to reveal info Fake CEO email asking for money. Or Friend id asking for money Insider Threat Employee leaking data Worker selling data for money DDoS Attack Overloads server with fake traffic Botnet attacking a website Brute Force Guessing passwords repeatedly Hacking weak passwords Zero-Day Exploit Attacks unknown software flaws before fix release. Hackers exploiting unpatched Operating systems. Actually its all are my notes which I prepared during my class and now am sharing here as blog for people who is learning or just starting with Cyber Security, it might helps someone, i explained all the basics of cyber security, basic terms hope everyone can understands. Please share your Valuable comments if you like it. Thank you, see yaaa!!!! READ DAY 1 Blog for better understanding!https://munazajameel.site/career-switch-to-cyber-security-day-1/