Essential Cybersecurity Concepts and Network Fundamentals

1. The CIA Triad

Confidentiality: Protects data from unauthorized access or viewing, ensuring only authorized individuals see sensitive information.
Integrity: Ensures data is accurate and complete, preventing unauthorized changes or corruption.
Availability: Guarantees that authorized users can access data and systems whenever needed.

Malware: Malicious software that disrupts systems, steals data, or blocks access. Protection includes antivirus software and user education.
Phishing: Deceptive messages, often via email, used to steal sensitive information like passwords. Two-factor authentication helps prevent this.
Social Media Attacks: Threats originating from fake accounts, malicious links, or harmful downloads.
Advanced Persistent Threats (APT): Long-term, complex attacks that are difficult to detect, often utilizing phishing or malware.
Software Vulnerabilities: Security weaknesses in software that attackers exploit. Regular updates and patches reduce this risk.

IAM is a framework that controls user access to IT resources, ensuring each user has the appropriate level of access to perform tasks safely.

Incident Response refers to the procedures followed after a security breach is detected, helping organizations react quickly to minimize damage.

SIEM systems collect and analyze security logs from various sources to detect threats in real time and improve monitoring.

An MSSP is an external company that manages cybersecurity for other organizations, including system monitoring and threat detection.

A SOC is a dedicated team or department responsible for monitoring, detecting, and responding to cybersecurity threats.

A CASB is a security system that monitors and controls access to cloud services using encryption, authentication, and alerts.

UEBA analyzes user behavior to detect unusual or suspicious activity that may indicate a security threat.

IOCs are forensic signs that a system has been compromised, such as unusual login locations, strange network traffic, or abnormal activity.

A DDoS attack floods a system or website with massive traffic from multiple sources, rendering it slow or completely unavailable.

Bits: The smallest unit of digital information (0 or 1).
Network: A group of connected computers that exchange data.
Packets: Small pieces of data divided for transmission over a network.
Network Congestion: A situation where excessive data slows down the network.
Bandwidth: The maximum data transmission capacity of a connection.
Hubs and Nodes: Connection points or devices where data passes through.
Queues: Lines of data waiting to be transmitted during busy periods.
Source and Destination Address: Labels identifying the origin and target of data.
Reassembled: The process of putting data packets back together in order.
Network Coding: A method that mathematically mixes packets for efficiency.
Traffic Shaping: Controlling traffic to distribute bandwidth efficiently.
Load Balancing: Distributing traffic across multiple servers to avoid overload.
Content Delivery Network (CDN): Distributed servers that deliver content from the closest location.
IPv4 / IPv6: Internet protocols for device addressing; IPv6 offers greater capacity.
Latency: The time required for data to travel between two points.
AI-based Traffic Management: Using artificial intelligence to optimize and reroute traffic in real time.