Cybersecurity Basics Notes

The CIA Triad

Common Threats

Malware Types

Network Attacks

• Man-in-the-Middle (MitM) — Intercepting communication between two parties
• DDoS — Overwhelming a server with traffic to take it offline
• DNS Spoofing — Redirecting domain names to malicious IPs
• ARP Poisoning — Linking attacker's MAC to legitimate IP on LAN
• Packet Sniffing — Capturing network traffic to steal data

Social Engineering

• Phishing — Fake emails that trick users into clicking malicious links
• Spear Phishing — Targeted phishing with personalized content
• Vishing — Voice phishing (fake phone calls)
• Smishing — SMS phishing
• Pretexting — Fabricating a scenario to extract information
• Baiting — Leaving infected USB drives in public places

Authentication & Passwords

Strong Password Requirements

Minimum 12 characters
Mix of: uppercase, lowercase, numbers, symbols
No dictionary words or personal info
Unique for each account

Good: Tr!p1e@Sec#ure2024!
Better: Use a password manager
Best: Passkey (biometric authentication)

Multi-Factor Authentication (MFA)

Always enable MFA on: email, banking, cloud accounts, social media

Access Control Models

• RBAC (Role-Based) — Permissions based on job role
• ABAC (Attribute-Based) — Permissions based on user/resource attributes
• Least Privilege — Give users only the minimum access they need

Encryption

Types

Symmetric Encryption (same key for encrypt/decrypt):
- AES-256 — current gold standard for data at rest
- Used for: file encryption, disk encryption, databases

Asymmetric Encryption (public/private key pair):
- RSA-2048, RSA-4096, Ed25519
- Used for: HTTPS, email signing, SSH, key exchange

Hashing (one-way, fixed length):
- SHA-256, SHA-3 — for data integrity checks
- bcrypt, Argon2 — for password storage (slow by design)

AVOID (outdated/broken):
- MD5, SHA-1, DES, RC4

TLS/HTTPS

HTTP  — plaintext, visible to anyone on network
HTTPS — encrypted with TLS (Transport Layer Security)

How to check:
- Look for lock icon in browser
- URL starts with https://
- Certificate shows correct domain

OWASP Top 10 Web Vulnerabilities

SQL Injection Prevention

-- VULNERABLE (never do this)
query = "SELECT * FROM users WHERE name = '" + input + "'"

-- SAFE: Use parameterized queries
SELECT * FROM users WHERE name = ?
-- Pass input as separate parameter, not concatenated

XSS Prevention

// VULNERABLE — injects HTML/JS
element.innerHTML = userInput;

// SAFE — treats as plain text
element.textContent = userInput;
// Or sanitize: DOMPurify.sanitize(userInput)

Network Security

Firewall Types

• Packet Filter — Checks source/destination IP and port
• Stateful — Tracks connection state
• Application Layer (WAF) — Inspects HTTP traffic
• Next-Gen (NGFW) — Includes IDS/IPS, deep packet inspection

VPN

A VPN encrypts your internet traffic and hides your IP address.

• Recommended protocols: WireGuard, OpenVPN
• Privacy-focused providers: Mullvad, ProtonVPN
• Use on: public WiFi (coffee shops, hotels, airports)

Basic Network Scanning (authorized use only)

# Nmap — discover hosts and open ports
nmap -sV 192.168.1.0/24      # scan local network
nmap -A target.com            # aggressive scan (authorized only!)

# IMPORTANT: Always get written permission before scanning networks

Incident Response Steps

1. IDENTIFY  — Detect and confirm the security incident
2. CONTAIN   — Isolate affected systems to prevent spread
3. ERADICATE — Remove malware, close attack vectors
4. RECOVER   — Restore systems from clean backups
5. LESSONS   — Document what happened and how to prevent recurrence

Personal Security Checklist

• Use a password manager (Bitwarden — free, open source)
• Enable MFA on all critical accounts
• Keep all software and OS updated (patches fix vulnerabilities)
• Use HTTPS everywhere (browser extension available)
• Don't click suspicious links or open unknown attachments
• Use a VPN on public WiFi
• Follow 3-2-1 backup rule: 3 copies, 2 different media, 1 offsite
• Check if your data was breached: haveibeenpwned.com
• Use Signal for encrypted messaging
• Review app permissions regularly

Cybersecurity Career Paths