Please enable JavaScript.
Coggle requires JavaScript to display documents.
EXploring Security Threats (Introduction to an Attack (Spoofing attacks…
EXploring Security Threats
CIA TRIAD: Security
Confidentiality
Data on network should be protected usually by encrypting it
Integrity
Data should be available to authorized users only.
Availability
Available to its authorized users
Important terms in network Security
Threats
Malware, Denial of Service (DoS) and Phishing
Risk: Taking Advantage of vulnerability
Counter Measure: Can be a combo of a process and a device work together to protect from attack.
Vulneribility
Weakness of the system, policy, protocol, data or application
Analyzing Vulneribility
Blue Team is a group of individuals who's responsibilities are to perform security analysis on the information systems of an organization
Automated dynamic Scanning
VUlerability and Penetration Test (VAPT)
Introduction to an Attack
Passive Attack
Sniffing
Port Scanning
Active Attack
Denial of Service (DOS)
Botnet: Command and Control (CnC) server
Spoofing attacks
pretend to be authorized users
changing source IP & MAC
How is an IP datagram spoofed
Address Resolution Protocol spoofing
DNS Spoofing
IP spoofing
Scanning
probes to find TCP/UDP open port. type of OS& version, system, and vulnerability
Hijacking an online Session
capture cookie to get victim account detail
using sniffing or man in the middle(MITM) attacks
Flooding
Internet protocol (IP)- the heart of internet communication
User Datagram Protocol(UDP)
TransmissionControl Protocol (TCP)