Cyber Security Protocols Overview

Definition: Method to secure data by converting it into a coded format.
Types:
- Symmetric Encryption: Same key for encryption and decryption (e.g., AES, DES).
- Asymmetric Encryption: Uses a pair of keys (public and private) (e.g., RSA, ECC).
Key Length: Longer keys provide better security (e.g., AES-256 is more secure than AES-128).
Use Cases: Protecting data in transit (SSL/TLS), data at rest (disk encryption).

Definition: Techniques to verify the identity of a user or device.
Types:
- Password-Based: Common but vulnerable to attacks.
- Multi-Factor Authentication (MFA): Combines two or more verification methods (e.g., password + SMS code).
- Biometric Authentication: Uses physical characteristics (e.g., fingerprint, facial recognition).
- Token-Based Authentication: Utilizes a hardware or software token for access (e.g., OAuth, JWT).

Definition: Security systems that monitor and control incoming and outgoing network traffic.
Types:
- Packet-Filtering Firewalls: Inspect packets and allow or block them based on pre-established rules.
- Stateful Inspection Firewalls: Track the state of active connections and make decisions based on the context.
- Proxy Firewalls: Intercept and manage requests by acting as an intermediary between users and services.
- Next-Generation Firewalls (NGFW): Integrate traditional firewall capabilities with additional features like intrusion prevention and application awareness.

Definition: Tools for monitoring network or system activities for malicious activities or policy violations.
Types:
- Network-Based IDS (NIDS): Monitors network traffic for suspicious activity.
- Host-Based IDS (HIDS): Monitors a single host for unusual activity.
Detection Methods:
- Signature-Based Detection: Matches traffic against known attack signatures.
- Anomaly-Based Detection: Establishes a baseline of normal activity and flags deviations.

Purpose: Laws and standards governing the handling of sensitive data to protect individuals' privacy.
Key Regulations:
- General Data Protection Regulation (GDPR): EU regulation for data protection and privacy.
- Health Insurance Portability and Accountability Act (HIPAA): U.S. law that mandates data privacy for medical information.
- California Consumer Privacy Act (CCPA): California law enhancing privacy rights for residents.
Key Principles:
- Data minimization: Collect only what is necessary.
- Consent: Obtain explicit permission to process personal data.
- Right to access: Individuals can request their data from organizations.

Encryption is a technique that secures data by converting it into a coded format, ensuring confidentiality.
Symmetric Encryption uses the same key for both encryption and decryption, with common algorithms like AES (Advanced Encryption Standard) and DES (Data Encryption Standard).
Asymmetric Encryption employs a pair of keys: a public key for encryption and a private key for decryption, featuring algorithms such as RSA (Rivest-Shamir-Adleman) and ECC (Elliptic Curve Cryptography).
Key Length plays a crucial role in security; for example, AES-256 is significantly more secure than AES-128 due to its longer key length.
Use Cases for encryption include protecting data during transmission (e.g., SSL/TLS protocols) and securing data at rest (e.g., disk encryption).

Authentication verifies the identity of users or devices, essential for protecting access to systems.
Password-Based Authentication is common but poses vulnerabilities to various attacks, including phishing and brute force.
Multi-Factor Authentication (MFA) enhances security by requiring two or more verification methods, combining something you know (password) with something you have (SMS code).
Biometric Authentication leverages unique physical traits, such as fingerprints or facial recognition, to confirm identity.
Token-Based Authentication utilizes a secure token, which can be hardware-based or software-based, to authenticate users (e.g., OAuth, JWT).

Firewalls are crucial security systems that monitor and control network traffic, acting as barriers against unauthorized access.
Packet-Filtering Firewalls evaluate incoming and outgoing packets against predefined rules, allowing or blocking traffic as necessary.
Stateful Inspection Firewalls maintain records of ongoing connections and make filtering decisions based on the context of the traffic flow.
Proxy Firewalls operate as intermediaries, managing requests from users to services while improving security and anonymity.
Next-Generation Firewalls (NGFW) combine traditional firewall features with advanced capabilities like intrusion prevention and application awareness, enhancing overall security posture.

Intrusion Detection Systems (IDS) monitor network or system activities, identifying potentially malicious activities or violations of policies.
Network-Based IDS (NIDS) assesses traffic across the network to detect suspicious behavior.
Host-Based IDS (HIDS) focuses on monitoring individual host devices, analyzing system logs and activities for any anomalies.
Detection Methods vary within IDS:
- Signature-Based Detection compares traffic against a database of known attack patterns, identifying established threats.
- Anomaly-Based Detection establishes a normal activity baseline and flags deviations, capturing unknown or new threats.

Data Protection Regulations are legal frameworks designed to safeguard sensitive information, promoting individuals’ privacy rights.
General Data Protection Regulation (GDPR) is a comprehensive EU law centered on data protection and privacy, establishing strict compliance requirements.
Health Insurance Portability and Accountability Act (HIPAA) mandates the protection of personal medical information in the United States, ensuring confidentiality and security of healthcare data.
California Consumer Privacy Act (CCPA) enhances privacy regulations for California residents, providing them greater control over their personal information.
Key Principles of data protection include data minimization (only collecting necessary data), obtaining consent for data processing, and providing individuals the right to request access to their data.