Cybersecurity Notes PDF

Summary

These notes describe basics of computer hardware and cybersecurity, covering topics like computer components, functions of hardware components, and types of memory. The document also discusses different types of cyber attacks and their impact.

Full Transcript

‭CyberSecurity‬
‭Notes‬

‭ asics of Computer and Computer Science‬
B
‭terms‬

‭ ‬‭What is a Computer?‬

‭It is an Electronic Device that accepts data as input‬
‭processes it with a set of instructions and produce‬
‭meaningful results as output. It has the ability to store,‬
‭retrieve, and process data. Computer Uses a combination of‬
‭hardware and software.‬
‭ omputer Hardware‬‭refers to a system's physical‬
C
‭components, including the processor (CPU-Central‬
‭Processing Unit), memory, storage, input/output, and other‬
‭peripherals. Or Computer hardware refers to the physical‬
‭components that make up a computer system.‬

‭ H provides a platform for running software applications‬
C
‭that allow users to perform various tasks efficiently.‬

‭ H includes various mechanical, electrical, and electronic‬
C
‭components used to build computer systems.‬

‭ omputer Hardware Components can be of two types:‬
C
‭external and internal.‬
‭ ome of the Computer hardware components are placed‬
S
‭inside a computer case/Cabinet are the motherboard,‬
‭power supply unit, memory hard disk etc‬

‭⭐Functions of hardware components :‬

‭ ) Computer Case /Computer Cabinet:‬‭A Computer Case‬‭is‬
a
‭a type of metal enclosure used to assemble various internal‬
‭hardware components of computer systems. Its function is‬
‭to provide a protected environment(or enclosure) to‬
‭organize and assemble the internal hardware components.‬

‭ ) Motherboard:‬‭A motherboard is typically the largest‬
b
‭printed circuit board in a machine's chassis(‬‭load-bearing‬
‭outer framework‬‭).‬
‭‬ ‭It acts as the hub that connects all the other pieces of‬
‭computer hardware, facilitating communication‬
‭between the central processing unit (CPU), random‬
‭access memory (RAM), and any other component of‬
‭the computer's hardware.‬

‭‬ I‭ t also serves as the heart of the computer system to‬
‭allocate and coordinate power across all other‬
‭components.‬

‭‬ ‭It also distributes power and manages data flow.‬

‭‬ ‭The‬‭motherboard‬‭is often referred to as the‬‭heart‬
‭because it provides the infrastructure to connect and‬
 ‭ ower all the components, enabling communication‬
p
‭and functionality.‬

‭‬ ‭The motherboard connects and distributes power (like‬
‭the heart).‬

‭‬ ‭Loose definition for only understanding in one go:‬‭{ A‬
‭motherboard is the main circuit board in a computer‬
‭system. It connects all internal components, like the‬
‭memory, processor, graphics card and other hardware.‬
‭It also provides power to each component and allows‬
‭them to communicate with each other.}‬

‭ )CPU/Processor/Central Processing Unit:‬‭CPU is‬
c
‭responsible for guiding the computer as it processes data‬
‭,much like a brain guides a body.It interprets and executes‬
‭most of the computers commands.‬

F‭ act - The speed at which is does this is known as ‘clock speed’, and is‬
‭measured in gigahertz (GHz).‬

‭ he CPU’s architecture defines how it processes data and‬
T
‭interacts with memory, I/O devices, and other components.‬
‭Here are key components of a CPU:‬

‭1.‬ ‭Arithmetic Logic Unit (ALU):‬
‭○‬ ‭Performs arithmetic (addition, subtraction) and‬
‭logical (AND, OR) operations.‬
‭2.‬‭Control Unit (CU):‬
 ‭○‬ ‭Directs operations of the CPU and manages data‬
‭flow between the CPU, memory, and I/O devices.‬
‭3.‬‭Registers:‬
‭○‬ ‭Small, fast memory inside the CPU for temporary‬
‭storage of data and instructions.‬
‭4.‬‭Cache:‬
‭○‬ ‭High-speed memory within or close to the CPU to‬
‭store frequently used data and reduce access‬
‭times.‬
‭5.‬‭Clock:‬
‭○‬ ‭Synchronizes the operations of the CPU by‬
‭generating a steady pulse (measured in GHz).‬
‭6.‬‭Buses:‬
‭○‬ ‭Data Bus: Transfers data between CPU and‬
‭memory/I/O.‬
‭○‬ ‭Address Bus: Specifies memory locations for data.‬
‭○‬ ‭Control Bus: Sends control signals between‬
‭components.‬

‭ )Power Supply Unit , SMPS( Switch Mode Power Supply)‬
d
‭:‬ ‭provide stable electrical power supply to various‬
‭hardware components, A power supply unit (PSU) is a‬
‭hardware device that converts AC electricity into DC‬
‭electricity and then distributes it to the rest of the computer.‬
‭On a standard desktop computer, the PSU is where the‬
‭power cord plugs into and usually has an I/O power switch‬
‭on it.‬

‭e) MEMORY UNIT‬
‭ memory unit is a computer component that stores data,‬
A
‭instructions and information. It's also called primary‬
‭memory. The size of a computer’s memory unit has an‬
‭impact on its speed, power and capabilities.‬

‭ here are several types of computer memory, including‬
T
‭random access memory (RAM), read-only memory (ROM),‬
‭cache memory, virtual memory, and various types of‬
‭secondary storage devices like hard disk drives (HDDs) and‬
‭solid state drives (SSDs).‬

‭ AM/Random Acess Memory‬‭: RAM stands for random‬
R
‭access memory, and it’s one of the most fundamental‬
‭elements of computing.‬‭RAM is a temporary memory bank‬
‭where the computer stores data it needs to retrieve quickly.‬
‭RAM keeps data easily accessible so your processor can‬
‭quickly find it without having to go into long-term storage‬
‭to complete immediate processing tasks.‬
‭RAM is used for immediate data storage and retrieval.‬
‭RAM is a form of temporary storage that gets wiped when‬
‭you turn your computer off.‬

‭RAM‬

‭ AM plays a crucial role in computer performance because‬
R
‭it determines how many programs and processes we can‬
‭run simultaneously without slowing down the system. More‬
‭RAM allows you to multitask efficiently and reduces the‬
‭need for the computer to rely on slower storage devices.‬

‭Types of RAM‬
‭Static random access memory (SRAM) and dynamic‬
‭access memory (DRAM) are two classifications of‬
‭memory.‬

‭With SRAM, data is stored using a‬‭six-transistor memory‬‭cell‬‭.‬
‭SRAM is frequently used as cache memory for the processor‬
‭(CPU) and is not typically user-replaceable. DRAM stores‬
‭data using‬‭a transistor and capacitor pair‬‭, which‬‭make up a‬
‭single DRAM cell. DRAM is less expensive to produce, but is‬
‭slightly slower than SRAM. Most user-replaceable memory‬
‭modules are DRAM.‬

‭A capacitor is‬‭a two-terminal electrical device that‬‭can store energy in the form of an electric charge‬‭.‬

‭What is read-only memory (ROM)?‬

‭ OM is a type of non-volatile memory that contains‬
R
‭firmware or software instructions that are permanently‬
‭stored and cannot be modified by normal computer‬
‭operations. ROM retains its data even when the power is‬
‭turned off.‬

‭What is the purpose of read only memory (ROM)?‬

‭ OM is used to store critical instructions required during the‬
R
‭booting‬‭(‬‭Bootstrapping/Booting refers to the sequence‬‭of operations‬
‭that a computer performs when it is powered on to initialize hardware‬
‭and load{start,open} the operating system into memory‬‭)‬‭process of‬
‭the computer.‬
‭It contains firmware‬‭(Firmware is special software stored on‬
‭hardware devices, usually in non-volatile memory like ROM or flash‬
‭memory.It acts as a bridge between the computer's hardware and‬
‭software‬‭.)‬‭such as the basic input/output system (BIOS)‬‭or‬
‭ nified extensible firmware interface (UEFI), which initialize‬
u
‭the hardware and prepare the computer for the operating‬
‭system to start.‬

‭("Loading into memory ,or loading" means copying data or instructions‬
‭from a storage device (like a hard drive or ROM) into RAM (Random‬
‭Access Memory) so that the CPU can access and use it.The CPU cannot‬
‭directly use data stored on slower devices like ROM or hard drives‬

‭The Operating System (OS) is the main software that manages all‬
‭hardware and software on computer (like Windows, macOS, or Linux).‬

‭‬ ‭It needs to be started (or "loaded") for the computer to become‬
‭usable.‬
‭‬ ‭When the computer starts, the firmware (BIOS/UEFI) checks‬
‭storage devices (like the hard drive or SSD) to find where the‬
‭operating system is stored.‬
‭‬ ‭This is like a teacher looking through files to find the lesson plan‬
‭(the OS).‬
‭‬ ‭Once the firmware finds the OS, it loads key parts of the OS from‬
‭the storage device into RAM so the CPU can execute it.‬

‭Types of ROM‬
‭ here are several different types of ROM that are commonly‬
T
‭used in computers today. These include:‬

‭‬ ‭ ROM (Programmable Read-Only Memory): PROM‬
P
‭chips can be written to once but not erased or rewritten‬
‭after that. They are typically used to store small‬
‭amounts of code or data such as basic input/output‬
‭system (BIOS) settings.‬

‭‬ ‭ PROM (Erasable Programmable Read-Only Memory):‬
E
‭EPROM chips can be rewritten multiple times using‬
‭ultraviolet light exposure through an eraser window on‬
‭the chip package. This type of chip is often used to‬
‭store BIOS settings in PC motherboards or game‬
‭consoles.‬

‭‬ ‭ EPROM (Electrically Erasable Programmable‬
E
‭Read-Only Memory): EEPROM chips can also be‬
‭rewritten multiple times but with an electric charge‬
‭rather than ultraviolet light exposure. This type of chip‬
‭is often found in mobile phones and flash drives where‬
‭frequent updates may be necessary.‬

‭‬ ‭ lash Memory: Flash memory contains both program‬
F
‭code and user data and can be written multiple times‬
‭without needing to be erased first as PROM or EPROM‬
‭chips do. Flash memory is commonly found in USB‬
 ‭ rives and digital cameras because it does not require‬
d
‭any special tools for writing or erasing its contents.‬

f‭ ) Secondary Memory/HDD/Hard Disk or Disk Memory‬
‭and SSD:‬‭Secondary Storage devices refer to non-volatile‬
‭storage devices that store data and programs even when‬
‭the power is turned off. Examples include HDD and SSD‬

‭ he HDD is your long-term storage device for all your digital‬
T
‭content. It stores your data and the computer’s operating‬
‭system and applications. Its other uses include Data‬
‭Transfer, Data Backup, and speed increases.‬

‭ SD is the newer long-termp storage. It works like the HDD,‬
S
‭but the data is stored in interconnected flash-memory‬
‭chips. It’s considered to be faster and more reliable‬

‭ )Graphics Card,Video Card,GPU:‬‭A video card(a.k.a‬‭display‬
g
‭adaptor, graphics card, video adaptor, video board, or video‬
‭controller.) processes images and videos. In other words, it‬
‭creates the images you see on your monitor‬

‭ orts‬‭: Ports are Connection Points that we can connect‬
P
‭devices to extend the functionality of our computer.‬

‭Computer Software‬‭provides a set of instructions that‬
‭directs the computer to perform a specific task. Or software‬
 i‭s a computer program used to communicate with‬
‭computers.‬

{‭ It can be thought of as the variable part of a computer,‬
‭while the hardware is the invariable part.}Software operates‬
‭by communicating with a computer's hardware, giving it‬
‭instructions on how to function.‬

‭Key Characteristics of software:‬
‭‬ ‭Intangible = Exists as code or data but not as a physical‬
‭object.‬
‭‬ ‭Easy to Duplicate = Can be copied or moved across‬
‭devices.‬
‭‬ ‭Prone to bugs =often contains errors that requires‬
‭regular updates.‬
‭‬ ‭Customizable= can be modified to meet user or system‬
‭needs.‬
‭‬ ‭Evolving = Regularly updated to improve‬
‭functionality,security,or compatibility.‬

‭ he two main categories of software are Application‬
T
‭software and System Software.‬
‭Application software is a type of software that fulfills a‬
‭specific need or performs tasks.Whereas System Software is‬
‭designed to run a computer’s hardware and provides a‬
‭platform for applications to run on top of it.‬

‭Type‬ ‭Function Summary‬ ‭Used In‬
‭System Software‬ ‭Manages core functions of a computer‬ ‭Operating systems, utilities‬
‭Application Software‬ ‭Allows users to complete specific tasks‬ ‭Word processors, games‬
 ‭Driver Software‬ ‭Manages communication with peripherals‬‭Device drivers for printers, RAM,‬‭USBs,‬‭GPUs‬
‭Middleware‬ ‭Bridges communication between systems‬ ‭Data integration platforms‬
‭Programming Software‬ ‭Aids in creating and debugging code‬ ‭IDEs, compilers‬

‭Application Software‬
‭ pplication Software is a type of computer program that‬
A
‭performs as a specific personal,educational,and business‬
‭function‬‭.They allow users to perform targeted activities‬‭like‬
‭creating documents browsing the web,and editing images.‬

‭System Software‬
‭ ystem software is a type of software that is designed to‬
S
‭provide a platform for other software.‬‭It is essential‬‭for‬
‭managing the core functions of a computer, tablet, mobile‬
‭phone, or other devices. In other words, this includes‬
‭operating systems‬‭(such as Windows, macOS, or Linux)‬‭that‬
‭manage hardware resources and‬‭utility programs‬‭that‬
‭perform maintenance and optimization tasks.‬
‭TCP/IP‬‭is part of all major operating systems and‬‭it allows‬
‭computers to communicate over networks.‬

‭Types of System Software‬
‭ tility Software‬‭is the type of system software that‬‭helps in‬
U
‭maintenance by optimizing performance, managing disk‬
‭space, and resolving errors.‬

‭ here are several types of utility software available, each‬
T
‭serving a specific purpose. Some common examples‬
‭include:‬

‭‬ ‭Antivirus software:‬‭Protects the system from malware,‬
‭viruses, and other online threats.‬
‭‬ ‭Disk cleanup tools:‬‭Helps to free up disk space by‬
‭removing unnecessary files and temporary data.‬
‭‬ ‭System optimizers:‬‭Enhances system performance by‬
‭optimizing settings, improving startup times, and‬
‭managing resources efficiently.‬
 ‭‬ ‭Backup and recovery tools:‬‭Allows you to create‬
‭backups of important files and recover them in case of‬
‭data loss.‬
‭‬ ‭Uninstallers:‬‭Removes unwanted programs and files‬
‭from your system cleanly and thoroughly.‬

‭ evice drivers‬‭are specialized software that allow‬‭an‬
D
‭operating system (OS) to communicate with hardware‬
‭devices.‬‭Without drivers, the OS wouldn't know how‬‭to‬
‭interact with or control the hardware components‬
‭connected to the computer. They act as a bridge between‬
‭the OS and the hardware.‬

‭ or example, a printer driver tells the printer in which format‬
F
‭to print after getting instruction from OS, similarly, A sound‬
‭card driver is there due to which 1’s and 0’s data of the MP3‬
‭file is converted to audio signals and you enjoy the music.‬

‭ irmware,‬‭also known as ‘‘software for hardware,’’‬‭is‬
F
‭program code embedded in hardware devices that enables‬
‭them and their features to function properly‬‭. Firmware‬
‭helps devices perform their intended functions in several‬
‭important ways, including delivering the instructions for‬
‭how the device should start up, how it should interact with‬
‭other devices—such as Internet routers or remote‬
‭controls—and how it should perform critical‬
‭input/output(I/O) tasks.‬
‭ IOS‬ ‭=‬‭BIOS (basic input/output system) is the program a‬
B
‭computer's microprocessor uses to start the‬‭computer‬
‭system‬‭after it is powered on.‬‭It also manages data‬‭flow‬
‭between the computer's operating system (OS) and‬
‭attached devices, such as the hard disk, video adapter,‬
‭keyboard, mouse and printer.‬
‭The main use of BIOS is to act as a middleman between‬
‭OS’s and the hardware they run on. BIOS is theoretically‬
‭always the intermediary between the microprocessor and‬
‭I/O device control information and data flow.‬

‭ EFI‬‭=‭U
U ‬ nified Extensible Firmware Interface (UEFI)‬‭is‬
‭defined as a modern firmware interface that replaces the‬
‭traditional BIOS (Basic Input/Output System) on personal‬
‭computers‬‭.It serves as an essential link between the‬
‭operating system and the hardware components of a‬
‭computer, facilitating the initialization process and‬
‭providing a standardized way for the operating system to‬
‭interact with the system firmware.‬
 ‭Operating System‬
‭ n‬ ‭Operating‬ ‭System‬ ‭can‬ ‭be‬ ‭defined‬ ‭as‬ ‭an‬ ‭interface‬
A
‭between‬ ‭user‬ ‭and‬ ‭hardware.‬ ‭It‬ ‭is‬ ‭responsible‬ ‭for‬ ‭providing‬
‭an‬ ‭environment‬ ‭in‬ ‭which‬ ‭a‬ ‭user‬ ‭can‬ ‭execute‬ ‭programs‬
‭conveniently‬‭and‬‭efficiently‬‭and‬‭also‬‭for‬‭the‬‭execution‬‭of‬‭all‬
‭the‬ ‭processes,‬ ‭Resource‬ ‭Allocation,‬‭CPU‬‭management,‬‭File‬
‭Management, and many other tasks.‬

‭Objectives of Operating Systems‬
‭ onvenient‬ ‭to‬ ‭use‬‭:‬ ‭One‬ ‭of‬ ‭the‬ ‭objectives‬ ‭is‬ ‭to‬ ‭make‬ ‭the‬
C
‭computer‬ ‭system‬ ‭more‬ ‭convenient‬ ‭to‬ ‭use‬ ‭in‬ ‭an‬ ‭efficient‬
‭manner.‬
‭ ser‬ ‭Friendly‬‭:‬ ‭To‬ ‭make‬ ‭the‬ ‭computer‬ ‭system‬ ‭more‬
U
‭interactive with a more convenient interface for the users.‬

‭ asy‬ ‭Access‬‭:‬ ‭To‬ ‭provide‬ e
E ‭ asy‬ ‭access‬ ‭to‬ ‭users‬ ‭for‬ ‭using‬
‭resources‬ ‭by‬ ‭acting‬ ‭as‬ ‭an‬ ‭intermediary‬ ‭between‬ ‭the‬
‭hardware and its users.‬

‭ anagement‬‭of‬‭Resources:‬‭For‬‭managing‬‭the‬‭resources‬‭of‬
M
‭a computer in a better and faster way.‬

‭ ontrols‬‭and‬‭Monitoring‬‭:‬‭By‬‭keeping‬‭track‬‭of‬‭who‬‭is‬‭using‬
C
‭which‬ ‭resource,‬‭granting‬‭resource‬‭requests,‬‭and‬‭mediating‬
‭conflicting requests from different programs and users.‬

‭ air‬ ‭Sharing‬ ‭of‬ ‭Resources‬‭:‬ ‭Providing‬ ‭efficient‬ ‭and‬ ‭fair‬
F
‭sharing of resources between the users and programs.‬

‭Process,Program‬

‭ rogram‬‭: A program in an operating system is a set‬‭of‬
P
‭instructions that a computer executes to perform a specific‬
‭task(it is a passive, static entity)‬

‭ rocess‬‭: A process is a program in execution. A process‬‭is an‬
P
‭active entity.‬

‭ hread‬‭:‬ ‭A‬‭thread‬‭is a single sequential flow of‬‭control‬
T
‭within a program. Or‬
 ‭ Thread is like a sub-task that runs‬
A
‭simultaneously with other threads to help complete the‬
‭overall task or program.‬
‭To clarify:‬

‭‬ T
‭ he‬‭whole program‬‭is the big task.‬
‭‬ ‭Threads‬‭are smaller parts (sub-tasks) of that program,‬‭and each‬
‭one handles a specific job.‬
‭‬ ‭Multiple threads can work at the same time (in parallel) to speed up‬
‭the process or make the program more efficient.‬

‭Goals of OS‬‭:‬
1‭. Maximum CPU Utilisation‬
‭2. No Process starvation‬
‭3.High priority task execution‬

‭Types of Operating System‬
‭ ingle-processor‬‭= A single-processor operating system‬‭is‬
S
‭designed to manage a computer system with a single CPU‬
‭(central processing unit). E.g. MS DOS.(Microsoft Disk‬
‭Operating System)‬
‭Batch Operating System‬‭= A Batch Operating System‬
‭processes groups of similar jobs (batches) sequentially‬
‭without user interaction during execution. Widely used in‬
‭early mainframe systems, it efficiently automated job‬
‭execution but lacked real-time processing capabilities.‬
‭e.g.IBM’s z/OS.‬
{‭ Some computer processes are very lengthy and time-consuming. To‬
‭speed the same process, a job with a similar type of needs are‬
‭batched together and run as a group. The user of a batch operating‬
‭system never directly interacts with the computer. In this type of OS,‬
‭every user prepares there job on an offline device like a punch card‬
‭and submits it to the‬
‭computer operator.}‬

‭ ultiprogramming Operating System‬‭=An operating‬
M
‭system that is capable of running multiple programs on a‬
‭single processor is known as a multiprogramming operating‬
‭system.‬‭If a program has to wait for an I/O operation,‬
‭other programs utilize the CPU in the meantime.‬‭These‬
‭operating systems form an important and popular class of‬
‭operating systems. Some examples are Linux distributions,‬
‭Windows, IOS, etc.‬

‭ ulti-Tasking/Time Sharing OS‬‭=‬‭The Time-Sharing‬
M
‭Operating System is a type of operating system in which the‬
‭user can perform more than one task and each task gets‬
‭the same amount of time to execute.‬‭It is also called‬‭a‬
‭multitasking operating system.‬
‭{ In a multiprogramming operating system, the main‬
‭objective is to maximize the use of the CPU. But in‬
‭Time-sharing OS, the main aim is to minimize the response‬
‭time of the CPU.}‬
‭ he‬‭response time of the CPU‬‭refers to the time it takes for‬
T
‭the CPU to respond to a specific input or request from a‬
‭process or user. It measures how quickly the CPU can‬
‭process and return the desired output. This term is often‬
‭associated with real-time systems, where response time is‬
‭critical.‬

‭ ultiprocessing Operating system‬‭=‭A
M ‬ multiprocessing‬
‭operating system is defined as a type of operating system‬
‭that makes use of more than one CPU to improve‬
‭performance.‬‭Multiple processors work parallelly in‬
‭multi-processing os to perform the given task.‬

‭ or example, UNIX,‬‭LINUX‬‭, and Solaris are the most‬‭widely‬
F
‭used multi-processing operating system.‬

‭1.‬ F ‭ ailure of one processor does not affect the functioning‬
‭of other processors.‬
‭2.‬ ‭It divides all the workload equally to the available‬
‭processors.‬
‭3.‬ ‭Makes use of available resources efficiently.‬

‭ istributed OS‬‭= A distributed‬‭operating system‬‭is‬‭one‬
D
‭in which multiple computer systems(multiple memory,‬
‭multiple CPUs, multiple storage space) are connected‬
‭through a single communication channel.‬
 ‭❖‬‭These systems also have separate processors and‬
‭memory, communicating over high-speed buses or‬
‭telephone lines.‬
‭❖‬ ‭With distributed operating systems, all the jobs that‬
‭need to be processed are distributed among multiple‬
‭processors. Every system or node in the distributed‬
‭operating system has its own memory and processor.‬
‭❖‬ ‭A Distributed operating system is an operating system‬
‭that runs on multiple interconnected computers and‬
‭coordinates their resources to provide users with a‬
‭single, integrated computing environment.‬

‭For example: OSF/1 ,Micros, DYNIX , Locus,etc‬

‭Real-World Applications:‬

‭‬ C
‭ loud computing platforms‬
‭‬ ‭Distributed databases‬
‭‬ ‭Internet services like Google Search, Netflix, and Amazon Web Services (AWS)‬

‭ eal-Time OS‬‭=A real-time operating system processes‬‭data‬
R
‭and executes tasks within strict time constraints and with a‬
‭high degree of reliability and precision.‬

I‭ t ensures that critical operations are completed in a‬
‭predictable and timely manner, making it ideal for systems‬
‭where timing is crucial.‬

‭ xamples: Air Traffic Control (ATC), and Defense Systems‬
E
‭(RADAR).‬
‭Components Of OS‬

‭ omponents of Operating System is typically divided into‬
C
‭two categories :‬
‭Kernel Space and User‬‭Space‬
‭Kernel Space‬‭is a protected area of memory where the‬‭“‬
‭kernel”‬‭operates and the core components of the operating‬
‭system reside. It provides an environment for managing‬
‭system hardware and resources, ensuring efficient and‬
‭Secure operation of the fCyber Attoperating system.‬

‭What is Kernel?‬
‭ ernel is a systems software and a core component of an‬
K
‭operating system that always has complete control over‬
‭everything in the system starting with scheduling‬
‭processes, managing memory, and handling interrupts.‬

I‭ t is also responsible for preventing and mitigating conflicts‬
‭between different processes.‬

‭Functions of Kernel‬‭:‬

1‭.‬‭Process Management‬‭= In process management what‬
‭kernel actually do :‬
‭- Creation, scheduling(of thread also),&termination of‬
‭processes‬
‭- Process synchronization and communication‬
‭- Prioritization and context switching‬
‭.‬‭Memory Management‬
2
‭- Allocating/deallocating memory‬
‭- Maintaining memory allocation tables (keeps track of free‬
‭space)‬
‭- Implementing virtual memory and paging‬
‭- Preventing memory leaks and protecting memory access‬

‭.‬‭File Management**‬
3
‭- Managing file operations (create& delete files)‬
‭- Handling file system structures (directory Management)‬
‭- Providing access control‬

‭.‬‭I/O Management**‬
4
‭- Managing input/output devices‬
‭- Providing device drivers‬
‭- Facilitating communication between processes and‬
‭devices‬
‭- Device Management‬

‭.‬‭Security and Protection‬‭=‬
5
‭- Preventing unauthorized access‬
‭- Implementing access control policies‬
‭- Isolating processes and protecting the kernel‬

‭.‬‭Networking‬‭=‬
6
‭- Providing communication protocols‬
‭- Managing network connections and routing‬
‭.‬‭System Resource Management‬‭=‬
7
‭- Tracking and allocating system resources (CPU,‬
‭Memory,I/O devices)‬
‭- Ensuring fair resource distribution‬

‭.‬‭System Calls and Interrupt Handling‬‭=‬
8
‭- Providing an interface for applications‬
‭- Managing interrupts‬

‭User Space‬‭also known as userland, is a memory space‬
‭ here all user-facing applications and processes execute in‬
w
‭an operating system.‬
‭This includes applications such as web browsers (e.g.,‬
‭Chrome), text editors, command-line utilities, and web‬
‭servers.‬

‭ serspace applications cannot directly access the system’s‬
U
‭hardware resources. They must make system calls to the‬
‭kernel to request access to these resources.‬

‭User vs Kernel Mode‬
‭ odern operating systems operate in two distinct modes:‬
M
‭User Mode and Kernel Mode.‬‭These modes are essential‬‭for‬
‭system security, stability, and efficient resource‬
‭management. The separation of userspace and kernel space‬
‭is a fundamental design principle in operating systems. This‬
‭separation provides a number of benefits, including:‬
1‭.‬‭Security‬‭: It prevents userspace applications from‬
‭accidentally or maliciously corrupting the kernel or other‬
‭system resources.‬

‭.‬‭Stability‬‭: It makes the operating system more stable‬‭by‬
2
‭isolating the kernel from potential failures in userspace‬
‭applications.‬

‭.‬‭Performance‬‭: By isolating the kernel in a protected‬
3
‭environment, the operating system can‬‭optimize resource‬
‭usage‬‭,‬‭manage processes‬‭more effectively, and‬‭reduce‬
‭overhead‬‭caused by potential conflicts or errors from‬
‭userspace applications.‬

‭ witching Between user mode and Kernel mode is possible‬
S
‭only by Interrupts in the Operating System.‬

‭. What is Interrupts?‬
Q
‭Interrupt‬‭: An interrupt is a signal sent to the processor‬‭by‬
‭hardware or software to indicate that an event needs‬
‭immediate attention. It temporarily halts the current task so‬
‭the processor can address the urgent event, ensuring‬
‭efficient and responsive operation.‬
‭Interrupt Service Routine (ISR)‬‭:An Interrupt Service‬
‭Routine (ISR) is a special function or code block that is‬
‭executed in response to an interrupt. It defines the actions‬
‭the system should take to handle the interrupt and resolve‬
‭the event.‬

‭Types Of Kernel :‬
 ‭1.‬ M
‭ onolithic Kernel‬‭= Monolithic kernels are the simplest‬
‭and most common type of kernel, incorporating core‬
‭OS functionality and device support in a single memory‬
‭space. This design increases kernel and OS size but‬
‭enables faster process execution due to the absence of‬
‭separate memory spaces for user and kernel services.‬
‭( user space : nothing, Kernel space : Process, file,‬
‭Memory, and I/O Management)‬
‭Ex: Linux Kernel,WindowsNT,UnixKernel{ FreeBSD}‬

‭2.‬ ‭Micro-Kernel‬‭=Microkernels are less common than‬
‭monolithic kernels, containing only essential services‬
‭for system functionality. By separating user and kernel‬
‭services into distinct memory spaces, they reduce‬
‭kernel and OS size, improving efficiency and‬
‭minimizing resource usage.‬
‭( user space : I/O, file, Kernel space : Memory‬
‭Management , Process Management)‬
‭Ex : L4 Linux,Symbian OS‬

‭3.‬ ‭Hybrid Kernel‬ ‭= Hybrid kernels combine monolithic‬
‭and microkernels. They include more services than‬
‭microkernels but less than monolithic kernels. This‬
‭allows them to offer some of the benefits of both‬
‭kernels. It borrows speed from the monolithic kernels‬
‭and modularity from microkernels.‬
‭( user space : File Management , Kernel space : Process‬
‭, Memory, I/O Management)‬
‭Ex: Mac OS , Window NT 7++‬
‭ hat is the medium of conversion between user mode‬
W
‭and Kernel mode?‬

I‭ PC: Interprocess Communication‬
‭—> Through shared memory‬
‭or‬
‭—>Message Passing (logical pipe, channel)‬

‭ shell, also known as a command interpreter, is the part of‬
A
‭the operating system that receives commands from users‬
‭and executes them.‬

‭Q. What is System Calls?‬

‭ ns‬‭A‬‭system call‬‭is a mechanism that allows user-space‬
A
‭programs to request services or resources from the‬
‭operating system's kernel. It serves as a controlled interface‬
‭between applications running in‬‭user mode‬‭and the‬‭kernel‬
‭running in‬‭kernel mode‬‭.‬

‭ ser-mode applications cannot directly access hardware‬
U
‭resources (e.g., disk, memory, or network) due to security‬
‭and stability concerns. Instead, they rely on system calls to‬
‭communicate with the kernel, which has privileged access‬
‭to hardware and critical system functions.‬

‭ orking of System Calls‬
W
‭: —‬
‭. User Request:‬‭When an application needs to perform‬‭a‬
1
‭privileged operation or any task (e.g., file I/O, process‬
‭management ),it issues a system call.‬
‭2. SCI(System Call Interface) :‬‭The request is now‬‭presented to‬
‭SCI, which is a gateway between user programs and OS’s‬
‭kernel.The SCI converts the request into a format the kernel‬
‭understands.‬
‭3.Service Related to the request :‬‭Now SCI will assign‬‭a unique‬
‭system call number to identify the task and triggers a‬
‭software interrupt(or trap) to switch from user mode to‬
‭kernel mode‬‭.(and there will be an implementation‬
corresponding
‭ to the service in kernel space)‬
‭.Kernel Mode Execution‬‭: In kernel mode, the OS receives the‬
4
‭request,looks up the system call in a table using call number‬
‭,and execute the corresponding kernel function.‬
‭5. You have more switch=once the task is complete the‬
‭kernel returns the results (e.g. file data or error code) to the‬
‭program and switches back to user mode.‬

‭What is the System Call Interface?‬

‭The‬‭system call interface‬‭acts like a receptionist.‬

‭‬ ‭When a program makes a system call (e.g., to read a‬
‭file), the interface takes the request and forwards it to‬
‭the right department in the kernel[‬‭like the memory‬
‭department, or file management department‬‭].‬
‭‬ ‭It ensures the program follows proper procedures‬
‭before accessing Kernel Space.‬

‭Linux‬
‭What is Linux ?‬

‭Types of System Call :‬ OS_Full_Notes ‭has in it,read for‬
‭later(RFI)‬

‭Moving on to Commands CLI,‬

‭ ‬‭Command Line Interface (CLI)‬‭is a text-based user‬
A
‭interface used to interact with a computer's operating‬
‭system or software by typing commands into a console or‬
‭terminal. Unlike graphical user interfaces (GUIs), which use‬
‭windows, icons, and mouse interactions, CLIs rely on text‬
‭input and output and are favored for their speed and‬
‭flexibility, especially by developers and system‬
‭administrators.‬

‭ LIs are integral to various tasks such as file management,‬
C
‭software installation, and system configuration. They allow‬
‭for automation through scripting and can execute complex‬
s‭ equences of commands quickly, making them powerful‬
‭tools for experienced users.‬

‭Why use CLI when we have GUI?‬

‭ here are many reasons and some of them are mentioned‬
T
‭below:‬

‭1.Greater Control‬

‭2.Speed and efficiency‬

‭3. Access remote Servers‬

‭4.Command Line Tools‬

‭Terminal‬‭- Tool that we use to type and execute‬
‭commands.Used to be hardware (‬‭its called a terminal‬‭because it was‬
‭located where the wires from the computer ended or terminated‬‭) and now we‬
‭use “terminal emulator” software.‬

‭The Shell‬‭- The Program that the terminal runs.‬‭the “OS”‬
‭of the terminal.(user interface )‬

‭ ist of‬‭Basic commands‬‭to navigate in the window and‬
L
‭perform basic functions :‬

‭ ir = Displays a list of files and subdirectories in a‬
d
‭directory.‬
‭cd = Displays the name of or changes the current‬
‭directory.‬
‭mkdir = Creates a new directory‬

‭Commands to Avoid Unless Necessary:‬

‭ el, rd, format: Deletes files, directories, or formats drives.‬
d
‭diskpart: Alters disk partitions (can erase data).‬
‭shutdown: Can abruptly restart or turn off your PC.‬
‭reg: Modifies the registry, which can destabilize your‬
‭system.‬
 ‭Introduction to Cybersecurity‬

‭ yber security is the practice of protecting networks,‬
C
‭applications, (computing) devices, confidential or sensitive‬
‭data, and users from cyber attacks.‬

‭ yber attacks are malicious attempts by individuals or‬
C
‭groups to gain unauthorized access to computer systems,‬
‭networks, and devices in order to steal information, disrupt‬
‭operations, or launch larger attacks.‬

‭ ommon types of cyber attacks include but are not limited‬
C
‭to, phishing, malware (including ransomware), social‬
‭engineering attacks, and denial-of-service (DoS) and‬
‭distributed denial-of-service DDoS attacks.‬

‭ omputer virus is a malicious code written to interfere‬
C
‭computer operations and cause damage to data and‬
‭software.‬

‭Who wants our personal data?‬
1‭.‬‭Our Internet Service provider(ISP)‬‭: our ISP Tracks our‬
‭online activity and in some countries, they can sell this data‬
‭to advertisers for a profit. In certain circumstances, ISPs‬
‭may be legally required to share your information with‬
‭government surveillance agencies or authorities.‬
‭2. Advertisers‬‭: Targeted advertising is part of the‬‭Internet‬
‭experience. Advertisers monitor and track your online‬
‭activities such as shopping habits and personal preferences‬
‭and send targeted ads your way.‬
‭3. Search Engines and social media platforms‬‭: These‬
‭platforms gather information about your gender,‬
‭geolocation, phone number, and political and religious‬
‭ideologies based on your search histories and online‬
‭identity. This information is then sold to advertisers for a‬
‭profit.‬
‭4.Websites you visit‬‭: Websites use cookies to track‬‭your‬
‭activities in order to provide a more personalized‬
‭experience. But this leaves a data trail that is linked to your‬
‭online identity that can often end up in the hands of‬
‭advertisers!‬

‭Types of Organisational Data susceptible to cybercrime‬

‭1.‬ ‭Transactional Data:‬
‭○‬ ‭This is everyday business info.‬
‭○‬ ‭Examples: records of things bought or sold,‬
‭ anufacturing details, or basic info used for‬
m
‭decisions like hiring someone.‬
‭ ‬ ‭Think of it as the paperwork that keeps the‬
○
‭company running smoothly.‬
 ‭2.‬ ‭Intellectual Property:‬
‭○‬ ‭This is a company's "special ideas" or secrets.‬
‭○‬ ‭Examples: inventions, brand names, or future‬
‭ roduct plans.‬
p
‭ ‬ ‭It’s what makes a company unique and successful,‬
○
‭and losing this could hurt the company badly.‬
‭3.‬ ‭Financial Data:‬
‭○‬ ‭This is the money side of the company.‬
‭○‬ ‭Examples: reports that show how much money is‬
‭ oming in, what’s being spent, and how much is‬
c
‭left.‬
‭ ‬ ‭It helps everyone see how healthy or strong the‬
○
‭company is financially.‬

‭How does the internet work?‬

‭ ell ! when we write or ask a question on the browser, the‬
W
‭browser send the message to ISP (Internet Service‬
‭Provider),the ISP will relay this message to something called‬
‭DNS(Domain Name System)Server‬‭{its just like a phone‬
‭book containing number s}‬‭and what happens next is‬‭when‬
‭we make that request through our browser , the DNS server‬
‭will look up in its database to find the exact IP address of‬
‭that website that we are trying to access.‬
‭ he Domain Name System (DNS) is the component of the‬
T
‭Internet standard protocol responsible for converting‬
‭human-friendly domain names into the internet protocol‬
‭(IP) addresses computers use to identify each other on the‬
‭network.‬
‭Often called the “phonebook for the internet,”‬

‭ he‬‭McCumber Cube‬‭, developed by John McCumber in‬
T
‭1991, is a comprehensive framework used to establish and‬
‭evaluate information security programs.‬‭This‬
‭three-dimensional model provides a structured approach to‬
‭understanding and addressing the complexities of‬
‭information security. ( loosely translated as cyber security)‬

‭Dimension 1‬‭: Foundational Principles (CIA Triad)‬‭{‬‭The‬
f‭ oundational principles for protecting information systems‬
‭or Information Security Properties‬‭}‬‭:‬
‭ he first dimension of the McCumber Cube represents the‬
T
‭fundamental objectives of information security, commonly‬
‭referred to as the‬‭CIA Triad.‬

‭Confidentiality:‬ ‭Prevents the disclosure of sensitive‬
i‭nformation from unauthorized people, resources, and‬
‭processes. Etc Methods to ensure confidentiality include‬
‭ ata encryption‬‭,‬‭identity proofing,‬‭and‬‭two-factor‬
d
‭authentication‬‭.‬
‭Integrity:‬‭protects system information or processes from‬
i‭ntentional or accidental modification. etc One way to‬
‭ensure integrity is to use a‬‭hash function or checksum‬‭.‬

‭Availability‬‭:‬‭Assures that only authorized users can‬‭access‬
s‭ ystems and data when and where needed and limits those‬
‭that do not meet established conditions.etc This can be‬
‭achieved by‬‭maintaining equipment, performing hardware‬
r‭ epairs, keeping operating systems and software up to date,‬
‭and creating backups.‬

‭Dimension 2‬‭: Information States {‬‭The Protection of‬
i‭nformation in each of its possible states‬ ‭} :‬ ‭The‬‭second‬
‭dimension of the cube focuses on protecting data in each of‬
‭its possible states. AND the three states are listed below =‬

‭Processing State:‬‭Refers to data that is being used‬‭to‬
‭perform an operation such as updating a database record‬
‭(data in process).‬

‭Storage State :‬‭Refers to data stored in memory or‬‭on‬
‭permanent storage device, or USB.‬‭(data at rest)‬

‭Transmission State :‬‭refers to data travelling between‬
‭information systems‬‭(data in transit).‬

‭Dimension 3‬‭: Security Measures {‬‭The security‬
‭measures used to protect data.‬ ‭}:‬‭The Third Dimension‬‭of‬
t‭ he cube defines the skills and disciplines a cybersecurity‬
‭professional uses to protect data.‬

‭Awareness,training and Education :‬‭Are the measures‬‭to‬
‭ nsure that the users of information systems are‬
e
‭knowledgeable about potential threat and aware of how to‬
‭protect information systems.‬
‭Technology :‬‭It refers to the software and hardware‬‭based‬
‭solutions designed to protect information systems such as‬
‭“Firewalls” which continuously monitor your network in‬
‭search of possible malicious incident , vpn ids etc.‬

‭Policy and Procedure:‬‭refers to administrative control‬‭that‬
‭ rovide a foundation for how an organization implement‬
p
‭information assurance and include establishing policies‬
‭procedures and guidelines to follow good practices.‬

‭ x:- such as incident response plans and best practice‬
E
‭guidelines‬

‭Common cybersecurity terminology‬
‭ ybersecurity‬‭(also known as security) is the practice‬‭of‬
C
‭ensuring confidentiality, integrity, and availability of‬
‭information by protecting networks, devices, people, and‬
‭data from unauthorized access or criminal exploitation.‬
‭ basic definition would be: Defending Computer Systems,‬
A
‭Networks, and data from malicious attacks and‬
‭unauthorized access is known as Cyber Security‬

‭ hree Levels of protection are required: Personal,‬
T
‭organizational, and Government Levels.‬

‭Key cybersecurity terms and concepts‬

‭Benefits of Cyber Security :‬

‭(i) Protects against external and internal threats.‬

‭ yber Threat‬‭: A cyber Threat is a potential danger‬‭or‬
C
‭risk that can exploit a vulnerability in a system, causing‬
‭harm or unauthorized access.‬

‭ xternal‬‭: An external threat is someone outside the‬
E
‭organization trying to gain access to private‬
‭information, networks, or devices.‬
‭Internal Threat‬‭: An internal threat comes from current‬
‭or former employees, external vendors, or trusted‬
‭partners. (often accidental)‬

(‭ ii) Meet regulatory compliance(or laws and guidelines -‬
‭which requires )‬
‭(iii) Maintains and improves business productivity‬
(‭ iv) Reduce Expenses‬
‭(v) Maintains Brand trust‬

‭Types of Cyber attacks‬
‭1. Denial of Service Attack (DOS)‬‭= A denial of service‬
‭ ttack is a type of cyber attack in which the attacker‬
a
‭intentionally attempts to paralyze a computer or computer‬
‭network by flooding it with large amounts of requests or‬
‭data, which overload the target and make it incapable of‬
‭responding to legitimate requests.‬

I‭ n many cases, the requests sent by the attacker are each‬
‭on their own legitimate for example a normal request to‬
‭load a web page.‬

I‭ n other cases, the request is in normal request instead they‬
‭leverage the knowledge of various protocols to send‬
‭requests that optimize or even magnify the effect of the‬
‭attack.‬

‭A.‬‭Distributed Denial of Service (DDOS)‬‭= A‬
‭distributed DOS attack is a type of DOS attack in‬
‭which many individual computers or other‬
‭connected devices across diverse regions‬
‭simultaneously flood the target with requests.‬
‭ ote: –‬ ‭In a distributed DOS attack the connected‬‭device physically or virtually‬
N
‭from various regions, even from legitimate service requests from the genuine‬
‭user can be a part of this computer army called a botnet. Bot = devices, or these‬
‭computers and Botnet = collection of these computers.‬

‭ ow dos attack can impact individuals in three significant ways first‬
N
‭a dose attack on a local network can significantly slow down all‬
‭Internet access from that network second a dos attack can render‬
‭inaccessible aside that a person plans on using third a dosed attack‬
‭can lead users to obtain information from one side instead of‬
‭another.‬

‭B.‬‭Botnet and Zombbies‬‭=‬‭Botnets are collections of‬
‭compromised computers that belong to other‬
‭parties or hosts, but that a hacker remotely‬
‭controls and uses to perform tasks without the‬
‭legitimate owners' knowledge.‬
‭Zombies is a computer that has been infected with‬
‭malware and is under the control of an attacker.‬
‭C.‬‭Data destruction attacks =‬‭A criminal may seek to‬
‭destory a users data through a data destruction‬
‭attack - for ex:- if the user refues to pay a‬
‭ransomware ransom that the crook demands‬
‭(then they might send some corrupted file and‬
‭destroy the data in devices).‬
‭D.‬‭Wiper attacks =‬‭They are advanced data‬
‭destruction attacks in which a criminal uses‬
‭malware to wipe the data on a victims hard drive‬
‭or SSD,in such a fashion that the data is difficult or‬
‭impossible to recover.‬
‭2.‬‭Impersonation‬
‭A.‬‭Phishing =‬‭Phishing is the act of pretending to be‬
s‭ omeone/something to get information, in most cases,‬
‭this is usually a password. Attackers may send links or‬
‭attachments designed to infect the recipient's system‬
‭with malicious software or lure them into providing‬
‭financial information, system credentials, or other‬
‭sensitive data.‬

‭ hishing attacks are the practice of sending fraudulent communications that‬
P
‭appear to come from a reputable source. It is usually done through email. The‬
‭goal is to steal sensitive data like credit card and login information or to install‬
‭malware‬‭on the victim’s machine. Phishing is a common‬‭type of‬‭cyber attack‬
‭that everyone should learn about in order to protect themselves.‬

‭B.‬‭Spear Phishing‬‭:‬ ‭Spearfishing refers to fishing attacks‬
‭that are designed and sent to target a specific person,‬
‭business or organization.‬
‭C.‬‭CEO Fraud or Whaling‬‭:‬‭CEO Fraud, also known as‬
‭"whaling" or "executive phishing", is a type of‬
‭cybercrime where a malicious actor impersonates a‬
‭company's CEO or high-ranking executive through‬
‭email or other communication channels to trick‬
‭employees into sending unauthorized wire transfers,‬
‭disclosing sensitive information, or performing other‬
‭fraudulent actions, often by creating a sense of urgency‬
‭in their requests.‬
‭D.‬‭Smishing and Vishing‬‭:‬ ‭Smishing‬‭refers to cases of‬
‭phishing in which the attackers deliver their messages‬
 ‭ ia text messages rather than email.
v Add‬‭Vishing‬‭or‬
‭voice-based phishing is phishing via‬‭POTS‬‭which‬
‭stands for plain old telephone service yes criminals use‬
‭old-time-tested methods for scamming people.‬
‭E.‬‭Tampering‬‭:‬‭Data tampering‬‭is the act of deliberately‬
‭modifying (destroying manipulating or editing) data‬
‭through unauthorized channels. Data exists in two‬
‭states in transit or at rest in both instances data could‬
‭be disrupted and tampered with.‬
‭or‬
‭When an attacker seeks to disrupt normal activities in‬
‭an organization or exploit data for financial gain is‬
‭known as‬‭tampering‬‭. What they basically do is‬
‭manipulate data in transit or as it resides in the system‬
‭of their targets.‬

‭.‬‭Interception:‬ ‭Interception occurs when attackers‬‭capture‬
3
‭information in transit between computers if data is‬
‭improperly encrypted the attacker might misuse it.‬

‭Man in the Middle Attack‬‭=‬‭Man in the middle attack‬‭is a‬
‭ yber threat where an attacker secretly intercepts and‬
c
‭manipulates communication between two parties who‬
‭believe they are directly connected. This allows the attacker‬
‭to eavesdrops,steal data ,or alter messages without the‬
‭parties knowing.‬

‭There are other types of attacks to know‬
‭Malware‬
‭ alware, short for malicious software, is any software‬
M
‭intentionally designed to harm, exploit, or otherwise‬
‭compromise devices, networks, or data. Cybercriminals use‬
‭malware to steal sensitive information, disrupt operations,‬
‭gain unauthorized access, or demand ransoms from‬
‭individuals or organizations.‬

‭Virus‬
‭ computer virus is a type of malicious software,‬‭or‬
A
‭malware, that spreads between computers and causes‬
‭damage to data and software.‬

‭ omputer viruses aim to disrupt systems, cause major‬
C
‭operational issues, and result in data loss and leakage. A key‬
‭thing to know about computer viruses is that they are‬
‭designed to spread across programs and systems.‬

‭ omputer viruses typically attach to an executable host file,‬
C
‭which results in their viral codes executing when a file is‬
‭opened. The code then spreads from the document or‬
‭software it is attached to via networks, drives, file-sharing‬
‭programs, or infected email attachments.‬‭Key points:‬

‭‬ ‭Spreads through infected files, emails, downloads, or‬
‭removable devices.‬
 ‭‬ ‭Requires human action (e.g., opening an infected file)‬
‭to activate.‬
‭‬ ‭Can cause data loss, system crashes, and security‬
‭breaches.‬

‭ ommon types include file infectors, boot sector viruses,‬
C
‭and macro viruses. Preventive measures include using‬
‭antivirus software, keeping systems updated, and avoiding‬
‭suspicious links or downloads.‬

‭Worm‬

‭Cyb sec : Udemy Course‬
‭Cybersecurity can take form in many ways, it can be a process, a‬
‭strategy, a service, a product or technology, skills, a program, and‬
‭more…depending on how we interpret, and define the word cyber‬
‭security.‬
‭1.‬‭A process‬‭: Implemented management systems, governance‬
‭frameworks, best practices, policies, and procedures to reduce cyber‬
‭risk.‬
‭{An implemented management system is like a set of organized rules and plans a company follows to‬
‭keep things safe and running smoothly.For cybersecurity, it’s a guide that helps companies:‬

‭‬ ‭Decide what to protect (like important data).‬
‭‬ ‭Plan how to protect it (using tools and methods).‬
‭‬ ‭Check regularly to make sure everything is secure.‬

‭It’s like having a checklist to stay safe and prepared for problems.}‬

‭2.‬‭Strategy‬‭: Specific policies,procedures,systems,services,‬‭and‬
‭personnel(‬‭a noun describing a group of people who‬‭follow orders, usually at a company‬‭) are‬
‭allocated to mitigate risks.‬

‭3.‬‭Service‬‭: Company providing a set of services(security‬‭consulting:‬
‭auditing type process),designing,hardening,or recovery.‬

‭4.‬‭Product‬‭: Anti-virus programs,firewall,Vulnerability‬
‭Scanners,SIEMs,etc.‬

‭5.‬‭Skill‬‭: Develop and maintain a secure computer network,‬‭dealing‬
‭with security alerts, hardening a system, and managing a team of‬
‭security professionals.‬

‭6.‬‭Program‬‭: Specific tasks,security controls,personnel,products,and‬
‭services working together to protect against security threats.‬

‭Six Cyber Security Domains‬
‭a).‬‭Security Architecture‬‭=‬‭Security architecture is the‬
s‭ trategic design of systems, policies and technologies to protect‬
‭IT and business assets from cyberthreats. A well-designed‬
‭security architecture aligns cybersecurity with the unique‬
‭business goals and risk management profile of the organization.‬

‭b).‬‭Risk Assessment‬‭=‬‭Cyber risk assessments are a‬
‭ ombined effort that looks at all of the risks the company is‬
c
‭likely to face and how well it addresses these.‬

‭By using risk assessments an organization can identify potential‬
‭security gaps and other cybersecurity threats to an organization,‬
‭some assessments cover people, processes, and technology,‬
‭some are aimed at uncovering vulnerabilities in specific systems,‬
‭however when combined risk assessments should aim to help‬
‭organizations understand potential deficiencies in its security‬
‭program so that they can better prioritize security spending and‬
‭effort to maximize return on investment.‬

‭Without it, the organization is just guessing whether security‬
‭spending actually benefits the business.‬

‭Or‬ ‭Cyber risk assessments‬‭identify risks and evaluate‬‭how well the company‬
‭addresses them.‬

‭ hey help uncover‬‭security gaps‬‭and‬‭cyber threats‬‭in people, processes, and‬
T
‭technology.‬

‭ ssessments can target‬‭specific system vulnerabilities‬‭or overall security‬
A
‭programs.‬
‭ ombined assessments prioritize deficiencies, enabling better‬‭security spending‬
C
‭and ROI maximization.‬

‭ ithout assessments, organizations risk‬‭guessing‬‭the‬‭value of their security‬
W
‭investments.‬

‭c).‬‭Threat Intelligence‬‭= Threat intelligence is the‬‭analysis‬

‭of data using tools and techniques to generate meaningful‬
‭information about existing or emerging threats targeting‬
‭the organization that helps mitigate risks. Threat‬
‭Intelligence helps organizations make faster, more informed‬
‭security decisions and change their behavior from reactive‬
‭to proactive to combat the attacks.‬

‭What & why do we need it?‬

‭Cyber Intelligence is the knowledge that allows you to‬
‭prevent or mitigate cyber-attacks by studying the threat‬
‭data and provide information on adversaries(enemy or‬
‭opponent). It helps to identify, prepare, and prevent attacks‬
‭by providing information on attackers, their motive, and‬
‭capabilities.‬

‭d)‬‭Security Operations‬‭=Security operations (SecOps)‬

‭refers to an organization’s strategy to improve overall cyber‬
‭resiliency by integrating security measures and processes‬
‭with IT operations. This approach requires security and‬
‭operations teams to work together across functions—on a‬
‭SecOps team—to resolve security incidents much faster.‬

‭In addition to the team, SecOps includes the cyber security‬
‭tools and practices the team uses to detect, mitigate, and‬
‭respond to cyber threats within a‬‭Security Operations‬
‭Center‬‭(SOC). When SecOps tools are part of a‬‭unified‬
‭platform‬‭,security gaps are closed, complexity is removed,‬
‭and cyber resiliency improves.‬

‭e)‬‭GRC (Governace,Risk,Compliance)‬‭=What is GRC?‬

‭ overnance, Risk, and Compliance (GRC) is a structured way‬
G
‭to align IT with business goals while managing risks and‬
‭meeting all industry and government regulations. It‬
‭includes tools and processes to unify an organization's‬
‭governance and risk management with its technological‬
‭innovation and adoption. Companies use GRC to achieve‬
‭organizational goals reliably, remove uncertainty, and meet‬
‭compliance requirements.‬

‭What does GRC stand for?‬
‭ RC stands for governance, risk (management), and‬
G
‭compliance. Most businesses are familiar with these terms‬
‭but have practiced them separately in the past. GRC‬
‭combines governance, risk management, and compliance‬
‭in one coordinated model. This helps your company reduce‬
‭wastage, increase efficiency, reduce noncompliance risk,‬
‭and share information more effectively.‬

‭Governance‬

‭ overnance is the set of policies, rules, or frameworks that a‬
G
‭company uses to achieve its business goals. It defines the‬
‭responsibilities of key stakeholders, such as the board of‬
‭directors and senior management. For example, good‬
‭corporate governance supports your team in including the‬
‭company's social responsibility policy in their plans.‬

‭Good governance includes the following:‬

‭Ethics and accountability‬

‭Transparent information sharing‬

‭Conflict resolution policies‬

‭Resource management‬
‭Risk management‬

‭ usinesses face different types of risks, including financial,‬
B
‭legal, strategic, and security risks. Proper risk management‬
‭helps businesses identify these risks and find ways to‬
‭remediate any that are found. Companies use an enterprise‬
‭risk management program to predict potential problems‬
‭and minimize losses. For example, you can use risk‬
‭assessment to find security loopholes in your computer‬
‭system and apply a fix.‬

‭Compliance‬

‭ ompliance is the act of following rules, laws, and‬
C
‭regulations. It applies to legal and regulatory requirements‬
‭set by industrial bodies and also for internal corporate‬
‭policies. In GRC, compliance involves implementing‬
‭procedures to ensure that business activities comply with‬
‭the respective regulations. For example, healthcare‬
‭organizations must comply with laws like HIPAA that‬
‭protect patients' privacy.‬

f‭ ).‬‭Physical Security‬‭=Physical security aims to protect‬
‭people, property, and physical assets from any action or‬
‭event that could lead to loss or damage. Physical security is‬
‭crucial, and security teams must work together to ensure‬
‭the security of digital assets‬‭.‬
‭ hysical security has an important role to play in protecting‬
P
‭critical information and data. With work and collaboration‬
‭paradigm shifts, new cases of security threat arise.‬
‭The physical security structure consists of three main‬
‭components: access control, permanent active surveillance‬
‭and testing. The success of an organisation’s physical‬
‭security program can often be attributed to how each of‬
‭these components are implemented, improved, and‬
‭maintained.‬

‭Local Network Storage‬

-‭ Dedicated file storage which enables multiple users and‬
‭client to retrieve data from a centralized device.‬

-‭ Network-attached storage (NAS) : devices and file servers‬
‭are common devices used for local network storage.‬

‭Cloud Storage‬

-‭ Cloud storage is where data is stored on servers owned by‬
‭hosting companies.‬

-‭ Cloud storage enables us to access data whenever we have‬
‭an internet connection.‬

‭Computer Networking‬
‭ network or a computer network is a group of two or more‬
A
‭computer systems or computing devices linked together to‬
‭exchange data.‬

‭ ike transferring files, resources and enable communication‬
L
‭between distinct devices.‬

‭Extra thinks too know‬

‭Information Security and Cyber Security‬
 ‭ yber security is a subset of information security which‬
C
‭deals information and information systems that store and‬
‭process data in electronic form whereas information‬
‭security encompasses the security of all forms of data for‬
‭example securing a paper file and a filling cabinet.‬

‭What is cryptocurrency?‬

‭ cryptocurrency is a digital currency, which is an alternative‬
A
‭form of payment created using encryption algorithms. The‬
‭use of encryption technologies means that cryptocurrencies‬
‭function both as a currency and as a virtual accounting‬
‭system. To use cryptocurrencies, you need a cryptocurrency‬
‭wallet. These wallets can be software that is a cloud-based‬
‭service or is stored on your computer or on your mobile‬
‭device. The wallets are the tool through which you store‬
‭your encryption keys that confirm your identity and link to‬
‭your cryptocurrency.‬

‭Types of Attackers —>‬

‭Amateurs‬

‭ he term 'script kiddies' emerged in the 1990s and refers to‬
T
‭amateur or inexperienced hackers who use existing tools or‬
‭instructions found on the Internet to launch attacks. Some‬
‭script kiddies are just curious, others are trying to‬
‭demonstrate their skills and cause harm. While script‬
‭kiddies may use basic tools, their attacks can still have‬
‭devastating consequences.‬
‭Hackers‬

‭ his group of attackers break into computer systems or‬
T
‭networks to gain access. Depending on the intent of their‬
‭break in, they can be classified as white, gray or black hat‬
‭hackers.‬

‭‬ ‭White hat attackers‬‭break into networks or computer‬
‭systems to identify any weaknesses so that the security‬
‭of a system or network can be improved. These‬
‭break-ins are done with prior permission and any‬
‭results are reported back to the owner.‬
‭‬ ‭Gray hat attackers‬‭may set out to find vulnerabilities‬‭in‬
‭a system but they will only report their findings to the‬
‭owners of a system if doing so coincides with their‬
‭agenda. Or they might even publish details about the‬
‭vulnerability on the internet so that other attackers can‬
‭exploit it.‬
‭‬ ‭Black hat attackers‬‭take advantage of any vulnerability‬
‭for illegal personal, financial or political gain.‬

‭ S : White hat attackers aim to discover security‬
P
‭weaknesses so that they can be improved.‬

‭‬ ‭Black hat attackers take advantage of any‬
‭vulnerabilities for illegal personal, financial or political‬
‭gain.‬
‭‬ ‭Gray hat attackers are somewhere in between. While‬
‭they may not have malicious intentions, they want to‬
‭get something for their discovery.‬
‭Organized hackers‬

‭ hese attackers include organizations of cyber criminals,‬
T
‭hacktivists, terrorists and state-sponsored hackers. They are‬
‭usually highly sophisticated and organized, and may even‬
‭provide cybercrime as a service to other criminals.‬

‭ acktivists make political statements to create awareness‬
H
‭about issues that are important to them.‬

‭ tate-sponsored attackers gather intelligence or commit‬
S
‭sabotage on behalf of their government. They are usually‬
‭highly trained and well-funded and their attacks are focused‬
‭on specific goals that are beneficial to their government.‬

‭ yberwarfare,‬‭as its name suggests, is the use of‬
C
‭technology to penetrate and attack another nation’s‬
‭computer systems and networks in an effort to cause‬
‭damage or disrupt services, such as shutting down a power‬
‭grid.‬

‭ pyware =Designed to track and spy on you, spyware‬
S
‭monitors your online activity and can log every key you‬
‭press on your keyboard, as well as capture almost any of‬
‭your data, including sensitive personal information such as‬
‭your online banking details. Spyware does this by modifying‬
‭the security settings on your devices.‬
‭It often bundles itself with legitimate software or Trojan horses.‬

‭Social Engineering‬
‭Pretexting‬

‭Tailgating‬

‭Something for something (quid pro quo)‬

‭ his is when an attacker requests personal information from a person in exchange for‬
T
‭something, like a free gift.‬

‭ DoS attack results in some sort of interruption of network service to users, devices or‬
A
‭applications.‬

‭ Distributed DoS (DDoS) attack is similar to a DoS attack but originates from multiple,‬
A
‭coordinated sources. For example:‬

‭‬ A ‭ n attacker builds a network (botnet) of infected hosts called zombies, which are‬
‭controlled by handler systems.‬
‭‬ ‭The zombie computers will constantly scan and infect more hosts, creating more‬
‭and more zombies.‬
‭‬ ‭When ready, the hacker will instruct the handler systems to make the botnet of‬
‭zombies carry out a DDoS attack.‬

‭ bot computer is typically infected by visiting an unsafe website or opening an infected‬
A
‭email attachment or infected media file. A botnet is a group of bots, connected through‬
‭the Internet, that can be controlled by a malicious individual or group. It can have tens of‬
‭thousands, or even hundreds of thousands, of bots that are typically controlled through‬
‭a command and control server.‬

‭ hese bots can be activated to distribute malware, launch DDoS attacks, distribute‬
T
‭spam email, or execute brute-force password attacks. Cybercriminals will often rent out‬
‭botnets to third parties for nefarious purposes.‬

‭ any organizations. like Cisco, force network activities through botnet traffic filters to‬
M
‭identify any botnet locations.‬

‭Questions‬
‭Q1.Proactive measure vs reactive measure‬

‭ roactive measures might include things like implementing firewalls,‬
P
‭conducting training for employees, or regularly updating software.‬
‭Reactive measures could involve responding to a breach,‬
‭conducting an investigation, or notifying affected parties.‬

‭ ince it seems like you’re facing some challenges, would you like to‬
S
‭try a couple more questions to reinforce your understanding, or do‬
‭you feel ready to move on to the next item in the course?‬

‭Bios: Basic input output‬