Lecture Notes on Cyber Security

Jul 2, 2024

Lecture Notes: Cyber Security and Related Topics

Importance of Cyber Security

  • Facebook removed 2.29 billion pieces of content due to hacked accounts.
  • Cyber crimes predicted to cost $10.5 trillion by 2050, up from $3.5 trillion in 2015.
  • High demand for professionals trained in cyber security.

Course Content: Cyber Security for 2023

  1. Introduction to Cyber Security
  2. Career Scope: Cyber Security
    • Job roles available.
  3. Cyber Security Skills
    • Ethical hacking and network masking (VPN, proxies).
  4. Various Attacks
    • DDoS attacks, SQL Injection, Cross-site scripting.
    • Live demonstrations included for practice.
  5. Cryptography
    • Encryption, algorithms (RSA, AES), hashing (SHA-256).
  6. Linux-Based Systems for Ethical Hacking
    • Kali Linux, Parrot Security OS.
  7. Cyber Security Tools
  8. Certifications and Interview Preparation

Cyber Attack Example: Anne's Story

  • Received a phishing email from a fake source, resulting in financial loss.
  • Types of Cyber Attacks:
    • Malware: Trojans, adware, spyware.
    • Phishing: Fraudulent claims from legitimate sources to steal data.
    • Man-in-the-Middle: Unauthorized access to the communication path.
    • Password Attacks: Common passwords or combinations.
  • Countermeasures: Firewalls, honeypots, strong passwords, antivirus software.

Cyber Attack Example: Organizational Impact

  • Various attacks on organizations:
    • Advanced Persistent Threat (APT): Prolonged network access for information gathering.
    • Denial of Service (DoS): Overflow of traffic leaving legitimate service requests unattended.
    • SQL Injection: Manipulation of SQL queries to view/edit/delete data.
  • Importance of cyber security professionals in identifying cyber threats and securing networks.

Roles in Cyber Security

  1. Ethical Hacker: Explores vulnerabilities like a hacker but legally.
  2. Security Architect: Designs robust security structures.
  3. Chief Information Security Officer (CISO): Ensures enterprise security.

Top Reasons to Learn Cyber Security

  1. Basic Requirements: No fancy degree needed; certifications are highly valued.
  2. No Math Requirement: Aptitude in coding and networking is more important.
  3. Societal Impact: Protects data and works for greater good.
  4. Travel Opportunities: High demand allows travel for skilled professionals.
  5. Work with High-Profile Agencies: Opportunities at prestigious companies and government agencies.
  6. Late Career Start: No age restrictions for learning and starting in cyber security.
  7. Evergreen Industry: Growing digital transformation demands security experts.
  8. Plenty of Job Opportunities: High employment growth projected by the US Bureau of Labor Statistics.
  9. Good Salary Packages: Firms willing to pay high salaries for security experts.
  10. Challenging Work: Constant evolution ensuring no stagnation.

Cyber Security Career Paths

  • Entry-Level to Executive Management Roles
    • Network Engineer: Construct/administer computer networks.
    • Information Security Analyst: Protect sensitive information.
    • Ethical Hacker: Identify and exploit system vulnerabilities.
    • Security Architect: Research and plan security structures.
    • CISO: Oversee organization security.

Skills Required for Cyber Security

  1. Networking/System Administration: Understand data transmission fundamentals.
  2. Operating Systems and VMs: Familiarity with Linux, Mac OS, Windows.
  3. Network Security Control: Firewalls, intrusion detection systems, VPNs.
  4. Coding: Proficiency in multiple programming languages (C++, Python, JavaScript, etc.).
  5. Cloud Security: Secure cloud-based systems and data.
  • Additional Skills: Risk analysis, information security, incident handling, security audit, compliance.

Ethical Hacking Tools

  1. Nmap: Network discovery and security auditing.
  2. Metasploit: Probes systematic vulnerabilities.
  3. Acunetix: Application security testing tool.
  4. Airgeddon: Multi-use bash script for wireless networks.
  5. John the Ripper: Password security auditing and recovery tool.

Cyber Security Practices and Tools

  1. Firewall: Filters incoming and outgoing traffic to/from your device.
  2. VPN: Creates a secure tunnel between device and internet.
  3. Proxy: Acts as an intermediary server between user and destination website.
  4. Tor Browser: Maintains anonymity while browsing using Tor Network.
  5. Security Audit: Internally reviews adherence to regulatory guidelines.

Key Terms and Definitions

  • SQL Injection: Injecting malicious SQL queries to manipulate the database.
  • Brute Force Attack: Cracking a system using trial and error for all possible combinations.
  • Botnet: Network of hijacked devices controlled remotely.

Summary

  • Cyber security is critical in today's digital world with diverse roles and high demand for skilled professionals.
  • Various attacks and robust countermeasures highlight the importance of continual learning and adoption of new technologies.
  • Certifications and a structured approach to learning can significantly boost career prospects in this field.