Cyber Security: Network Security Concepts

Definition: Protection of networks and their services from unauthorized access, misuse, or destruction.
Key Components:
- Firewalls: Control incoming and outgoing network traffic.
- Intrusion Detection Systems (IDS): Monitor network activities for suspicious behavior.
- Virtual Private Networks (VPNs): Secure remote access to networks.
- Segmentation: Dividing networks into segments to limit access.

Purpose: Protect data confidentiality and integrity by converting information into a coded format.
Types:
- Symmetric Encryption: Same key for encryption and decryption (e.g., AES, DES).
- Asymmetric Encryption: Uses a pair of keys (public and private) for encryption and decryption (e.g., RSA, ECC).
- Hash Functions: Convert data into a fixed-length string of characters (e.g., SHA-256, MD5) for integrity verification.

Definition: The approach taken to handle a cybersecurity breach or attack.
Phases:
1. Preparation: Establishing an incident response plan and training.
2. Identification: Detecting and confirming incidents.
3. Containment: Limiting the damage of the incident.
4. Eradication: Removing the cause of the incident.
5. Recovery: Restoring affected systems and processes.
6. Lessons Learned: Analyzing the incident to improve future response.

Types of Malware:
- Viruses: Self-replicating programs that attach to files.
- Worms: Standalone malware that replicates across networks.
- Trojans: Malicious software disguised as legitimate applications.
- Ransomware: Locks files and demands payment for access.
Protection Strategies:
- Use of antivirus and antimalware software.
- Regular software updates and patches.
- User education on phishing and suspicious links.
- Backup data regularly.

Definition: Set of rules ensuring secure data transmission across networks.
Common Protocols:
- SSL/TLS: Secure communication over the internet (e.g., HTTPS).
- IPSec: Secure IP communication by encrypting IP packets.
- SSH: Secure shell protocol for secure remote logins.
- S/MIME: Secure email through encryption and digital signatures.
Importance: Ensures privacy, integrity, and authentication in communications.

Protection against unauthorized access, misuse, or destruction of networks and services.
Firewalls: Enforce rules to control incoming and outgoing network traffic.
Intrusion Detection Systems (IDS): Monitor network traffic for abnormal behavior indicative of security breaches.
Virtual Private Networks (VPNs): Provide secure remote access to networks by encrypting data over the internet.
Segmentation: Enhances security by breaking networks into smaller segments to limit user access.

Converts data into a coded format to ensure confidentiality and integrity.
Symmetric Encryption: Utilizes the same key for both encryption and decryption; examples include AES and DES.
Asymmetric Encryption: Employs a pair of keys, one public and one private, for secure data exchange; notable examples are RSA and ECC.
Hash Functions: Create fixed-length character strings from data to verify integrity; common algorithms include SHA-256 and MD5.

Structured approach to manage cybersecurity breaches or attacks.
Preparation: Involves developing an incident response plan and providing training.
Identification: Process of detecting and confirming cybersecurity incidents.
Containment: Actions taken to limit the impact of an incident.
Eradication: Steps taken to remove the root cause of the incident.
Recovery: Restoration of affected systems and services to normal operation.
Lessons Learned: Critical analysis post-incident to improve future incident handling.

Types of Malware:
- Viruses: Infect files and replicate when executed.
- Worms: Independent programs that replicate across networks without user intervention.
- Trojans: Malicious software disguised as beneficial applications.
- Ransomware: Encrypts files and demands payment for access.
Protection Strategies:
- Implement antivirus and antimalware software to detect and prevent threats.
- Regular software updates and security patches to fix vulnerabilities.
- User education focused on recognizing phishing attempts and avoiding suspicious links.
- Frequent data backups to ensure recovery in case of an attack.

Set of regulations designed to ensure secure data transmission across networks.
SSL/TLS: Provides secure communication over the internet, commonly seen in HTTPS.
IPSec: Secures IP communications through encryption of IP packets.
SSH: Offers a secure method for remote logins to systems and devices.
S/MIME: Encrypts emails and provides digital signatures ensuring email authenticity.
Importance lies in maintaining privacy, data integrity, and user authentication during communications.