Cybersecurity Threats

Malware: malicious software designed to harm or exploit computer systems
- Types: viruses, worms, trojans, spyware, ransomware, adware
Phishing: fraudulent attempts to obtain sensitive information through email, phone, or text
Ransomware: malware that encrypts data and demands payment in exchange for decryption
DDoS (Distributed Denial of Service): overwhelming a system with traffic to make it unavailable
Insider threats: authorized individuals misusing access to compromise security

Firewalls: network security systems that monitor and control incoming and outgoing traffic
Encryption: converting data into a code to protect it from unauthorized access
Access Control: restricting access to resources based on user identity, role, or permissions
Intrusion Detection and Prevention Systems (IDPS): monitoring networks for suspicious activity
Password Management: secure storage and generation of passwords

Detection and Analysis: identifying and understanding the nature of a security incident
Containment: isolating affected systems to prevent further damage
Eradication: removing the root cause of the incident
Recovery: restoring systems and data to a secure state
Post-Incident Activities: reviewing and improving incident response processes

Malware is a type of malicious software designed to harm or exploit computer systems, including viruses, worms, trojans, spyware, ransomware, and adware.
Phishing attacks involve fraudulent attempts to obtain sensitive information through email, phone, or text.
Ransomware is a type of malware that encrypts data and demands payment in exchange for decryption.
DDoS (Distributed Denial of Service) attacks overwhelm a system with traffic to make it unavailable.
Insider threats occur when authorized individuals misusing access to compromise security.

Firewalls are network security systems that monitor and control incoming and outgoing traffic to prevent unauthorized access.
Encryption is the process of converting data into a code to protect it from unauthorized access.
Access Control restricts access to resources based on user identity, role, or permissions to ensure only authorized individuals have access.
Intrusion Detection and Prevention Systems (IDPS) monitor networks for suspicious activity and alert administrators to potential threats.
Password Management involves secure storage and generation of passwords to prevent unauthorized access.

Regular software and operating system updates are essential to ensure vulnerabilities are patched and security is maintained.
Strong, unique passwords and two-factor authentication are critical for secure access to systems and data.
Caution with email attachments and links is necessary to prevent malware and phishing attacks.
Antivirus software and regular scans help detect and remove malware from systems.
Backup and disaster recovery plans ensure business continuity in the event of a security incident.

Detection and Analysis involve identifying and understanding the nature of a security incident to develop an effective response.
Containment is the process of isolating affected systems to prevent further damage and minimize the attack surface.
Eradication involves removing the root cause of the incident to prevent future occurrences.
Recovery is the process of restoring systems and data to a secure state after an incident.
Post-Incident Activities involve reviewing and improving incident response processes to enhance incident response capabilities.

Database management is the process of designing, implementing, and maintaining databases to store and retrieve data efficiently.

A database is a collection of organized data stored in a way that allows for efficient retrieval and manipulation.
A Database Management System (DBMS) is a software system that allows users to define, create, and manage databases.
Data modeling is the process of creating a conceptual representation of data structures and relationships.

Relational databases organize data into tables with well-defined relationships, e.g., MySQL, PostgreSQL.
NoSQL databases store data in a variety of formats for flexible schema design, e.g., MongoDB, Cassandra.
Object-Oriented databases store data in the form of objects, allowing for complex relationships and inheritance, e.g., Gemstone, Matisse.

Data definition involves defining the structure and relationships of data in a database.
Data manipulation involves performing operations (e.g., create, read, update, delete) on data in a database.
Query optimization improves the performance of database queries to retrieve data efficiently.
Data security involves protecting data from unauthorized access, modification, or deletion.
Data backup and recovery ensure data availability and integrity in case of failures or errors.

First Normal Form (1NF) ensures each table cell contains a single value.
Second Normal Form (2NF) ensures each non-key attribute depends on the entire primary key.
Third Normal Form (3NF) ensures that if a table is in 2NF, and a non-key attribute depends on another non-key attribute, then it should be moved to a separate table.

Separation of concerns involves dividing the database into logical sections to improve maintainability.
Data integrity ensures data consistency and accuracy through constraints and triggers.
Scalability involves designing the database to handle increasing data volumes and user traffic.
Data abstraction involves hiding complex data structures and relationships from users.