Basis of Comparison Symmetric Encryption Asymmetric Encryption
Encryption key Same key for encryption & decryption Different keys for encryption & decryption
Performance Encryption is fast but more vulnerable Encryption is slow due to high computation
Algorithms DES, 3DES, AES and RC4 Diffie-Hellman, RSA
Purpose Used for bulk data transmission Often used for securely exchanging secret keys

Cybersecurity is the combination of best processes and practices to ensure the security of networks, computers, programs, data and information from attack, damage or unauthorized access.

A home network is a testing environment for experimentation. You can have an Active Directory Domain Controller, a dedicated firewall appliance, and net-attached toaster. This is the least that you can have on your computer.

Encryption is a process of converting data into an unreadable form to prevent unauthorized access and thus ensuring data protection.

CIA provides a standard for evaluating and implementing information security – irrespective of the system and/or organization in question.

Threat: Someone with the potential to harm a system or an organization

Risk needs to be assessed before it can actually be reported. There are two ways to analyze risk: it can either be qualitative or quantitative. This approach goes well for both technical and business people. The business guys would check for the probable loss in numbers while the technical people will monitor and assess the impact and frequency. Depending on the audience, the risk can be reported.

IDS just detect the intrusion and leaves the rest to the administrator for assessment and evaluation. Whereas, IPS detects the intrusion and takes necessary action to further prevent intrusion.

Also, there is a difference in the positioning of these devices in the network. Although they work on the same concept, the placement is different.

Frameworks are voluntary guidance, based on existing guidelines and practices for organizations to better manage and reduce cybersecurity risk.

Information security policy is considered to be weak if it does not meet the criteria of an effective one. The criteria include distribution, review, comprehension, compliance, and uniform.

Information security is weak if:

  • The policy has not been made readily available for review by every employee within the organization
  • The organization is unable to demonstrate that employees can review the policy document
  • The organization is unable to demonstrate that employees understand the content of the policy document

Following are the steps to set up a firewall

  1. Username/password: modify the default password for a firewall device
  2. Remote administration: Disable the feature of the remote administration
  3. Port forwarding: Configure appropriate port forwarding for certain applications to work properly, such as web server or FTP server
  4. DHCP server: Installing a firewall on a network with an existing DHCP server will cause conflict unless the firewall’s DHCP is disabled
  5. Logging: To troubleshoot firewall issues or potential attacks, ensure that logging is enabled and understand how to view logs
  6. Policies: You should have solid security policies in place and make sure that the firewall is configured to enforce those policies.

SSL (Secure Socket Layer) enables safe conversation between two or more parties. It is designed to identify and verify the person you are talking to on the other end.

HTTP combined with SSL provides you with a safer browsing experience with encryption. So, you can say it is a tricky question, but SSL wins in terms of security.

SSL is meant to verify the sender’s identity but it doesn’t search for anything more than that. SSL can help you track the person you are talking to but that can also be tricked at times.

TLS is also an identification tool just like SSL, but it offers better security features. It provides additional protection to the data and hence SSL and TLS are often used together for better protection.

Salt is a random data. When a properly protected password system receives a new password, it creates a hash value of that password, a random salt value, and then the combined value is stored in its database. This helps to defend against dictionary attacks and known hash attacks.

Example: If someone uses the same password on two different systems and they are being used using the same hashing algorithm, the hash value would be same, however, if even one of the system uses salt with the hashes, the value will be different.

Vulnerability Assessment Penetration Testing
Focusses on uncovering as many security weaknesses as possible (It takes breadth over depth approach) Focuses on the functionality of the software and not the security aspect. It checks if the network security defenses are strong (depth over breadth approach)
Vulnerability assessment is usually automated which allows better vulnerability coverage Penetration testing is a combination of automated and manual techniques, which allows digging deeper into the weakness

Let me first tell you what is an OSI model. An OSI model is a reference model for how applications communicate over a network. The purpose of an OSI reference is to guide vendors and developers so the digital communication products and software programs can interoperate.

Since BIOS is a pre-boot system it has its own storage mechanism for settings and preferences. A simple way to reset is by popping out the CMOS battery so that the memory storing the settings lose its power supply and as a result, it will lose its setting.

The simplest way is to use the password ‘password’, this will work for the BIOS that has come from the factory.

Cross-Site Scripting (or XSS) refers to client-side code injection attack wherein an attacker can execute malicious into a legitimate website or web application.

XSS is amongst the most rampant of web application vulnerabilities and occurs when a web application makes use of unvalidated or unencoded user input within the output it generates.

Data Protection in transit Data protection at rest
When data is going from server to client When data just exists in its database or on its hard drive
Effective Data protection measures for in-transit data are critical as data is less secure when in motion Data at rest is sometimes considered to be less vulnerable than data in transit
Cybersecurity Network Security
Describes that the policies and procedures implemented by a network administrator to avoid and keep track of unauthorized access, exploitation, modification, or denial of the network and network resources designed to protect networks, computers, programs and data from attack, damage or unauthorized access. In a computing context, security includes both cybersecurity and physical security.

Data leakage is when data gets out of the organization in an unauthorized way.

Data can get leaked through various ways – emails, prints, laptops getting lost, unauthorized upload of data to public portals, removable drives, photographs etc.

A few controls can be restricting upload on internet websites, following an internal encryption solution, restricting the emails to the internal network, restriction on printing confidential data etc.

Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network.

Now let me tell you how it works.

When an incoming packet destined for a host machine on a particular local area network arrives at a gateway, the gateway asks the ARP program to find a physical host or MAC address that matches the IP address.

The ARP program looks in the ARP cache and, if it finds the address, provides it so that the packet can be converted to the right packet length and format and sent to the machine.

If no entry is found for the IP address, ARP broadcasts a request packet in a special format to all the machines on the LAN to see if one machine knows that it has that IP address associated with it.

An extra layer of security that is known as “multi-factor authentication“.

Requires not only a password and username but also something that only, and only, that user has on them, i.e. a piece of information only they should know or have immediately to hand – such as a physical token.

For Brute force login, the attacker tries to determine the password for a target (service/system/device) through a permutation or fuzzing process

As it is a lengthy task, attackers usually employ a software such as fuzzer, to automate the process of creating numerous passwords to be tested against a target.

In order to avoid such attacks – password best practices should be followed, mainly on critical resources like servers, routers, exposed services and so on.

Cognitive Cybersecurity is an application of AI technologies patterned on human thought processes to detect threats and protect physical and digital systems.

Self-learning security systems use data mining, pattern recognition, and natural language processing to simulate the human brain, albeit in a high-powered computer model

Restricting the users from accessing a set of services within the local area network is called port blocking.

Stopping the source to not to access the destination node via ports. As the application works on the ports, so ports are blocked to restricts the access filling up the security holes in the network infrastructure.

VPN VLAN
Helps to group workstations that are not within the same locations into the same broadcast domain Related to remote access to the network of a company
Means to logically segregate networks without physically segregating them with various switches Used to connect two points in a secured and encrypted tunnel
Saves the data from prying eyes while in transit and no one on the net can capture the packets and read the data Does not involve any encryption technique but it is only used to slice up your logical network into different sections for the purpose of management and security
 TCP/IP  TCP/IP Protocol Examples
 Application  NFS, NIS+, DNS, telnet, ftp, rlogin, rsh, rcp, RIP, RDISC, SNMP and others
 Transport  TCP, UDP
 Internet  IP, ARP, ICMP
 Data Link  PPP, IEEE 802.2
 Physical Network  Ethernet (IEEE 802.3) Token ring, RS-232, others

Start the change

Register to become an Instructor

Please login to fill in this form.

  • Your name
  • Your email
  • Your phone number
  • Your message

I’m a Copywriter in a Digital Agency, I was searching for courses that’ll help me broaden my skill set. Before signing up for Rob’s.