4. Define core terminology used in cyber security (AC 2.1)

Malicious Software Is a broad term for all software, designed to steal, damage or compromise data. Very well known ones are: Trojans, worms and ransomware(ransomware happened to me, thankfully he did get anything important so I could delete everything and carry on) Cloud Computing Almost everything online is now is cloud based. Organisations of every size use it for purposes such as storing data, taking backups, disaster recovery and Business Continuity Operations. It's rise to popularity is thanks to scalability, simplicity, cost effectiveness and enhanced automation. All services are pay-as-you-go pricing model. The following 3 cloud computing models are most common: Infrastructure as a Service (IaaS) Platform as a Service (PasS) Software as a Service (SaaS) In IaaS infrastructure is provided by the cloud providers. They maintain and provide all the hardware necessary. The customer has control over OS, services and application. In PaaS it's very similar to IaaS, with the addition of cloud providers providing the OS. The customer can has control over software, that suits their needs. SaaS includes all the services provided by IaaS and PaaS. The cloud providers manage everything, the infrastructure, OS and the software. This model is most suited to customers who don't want to worry about the underlying architecture. Software Software is the brains of a computer. It's what makes everything in technological world possible. It's the apps you interact with, it's the Operating System that you device runs on. It's what makes computers alive. Without software, it'd just be hardware, and that wouldn't accomplish much on its own. Few notable examples of software: Whatsapp, VLC, Microsoft Office suite. Examples of Operating system: Windows, Mac OS, Linux, Android. Domain A domain is a group of computers, printers and devices connected to a network that can all be managed from the domain controller. It's ideal is a small business of about 10 computers. The advantage of having a Domain is you can manage and share resources, assign privileges and enforce appropriate windows settings centrally. Exploit Exploit is term used to describe a piece of software, script or method that takes an advantage of a vulnerability, flaw in the system or a bug. Notable website https://www.exploit-db.com/ Speaking of vulnerabilities here's top 15 most exploited of 2023 Breach Breach is a successful entry into a system using an exploit. In 2013 Yahoo was breached and over 3 billion accounts were leaked. In 2021 Facebook was breached and half a billion records were lost. All this information was posted onto a hacking forum including full names, phone numbers, user locations, biographical info and their emails. source:https://termly.io/resources/articles/biggest-data-breaches/ Firewall Firewall's job is to filter all stream of data as it enters or leaves your computer or network. It checks for malicious code or viruses and if it deems the traffic unsafe, it discards it. Thanks to firewall protecting your network and devices, it prevents number of risks: backdoors, macros, remote logins, spam and viruses. A firewall can be either software or a hardware. Most computers are protected by both. The software firewall is usually installed/provided by your OS. The hardware firewall is usually supplied by your ISP in the form of your router. Firewall monitors and regulate network traffic through few methods such as: Packet filtering: This checks all packets for known threats with a group of filters. It's quick and not very thorough Proxy service: This is a more in-depth look at the flow of internet traffic. It acts as the middleman, and prevents direct connection, unless it's deemed safe. Stateful inspection: This method is smarter than packet filtering as it understands ongoing activity and not just individual packets. It checks against a database of trusted information Encryption Encryption is the process of converting information/data into a code. It's done in a way where (ideally) only the intended recipient or owner of the information/data can translate it back to readable text. An example might be: Caesar cipher, where every letter is exchanged by another letter. A=F, B=G, C=H... and so on. Bring Your Own Device (BYOD) A policy that allows employees to use their own devices for work purposes. It's got many advantages and many disadvantages. The positives are: Employees can work from anywhere on the device. Employees can use the device of their choice. Companies save money by not buying equipment. The negatives are: Employees might not update software when necessary. Another risk is the device being lost or stolen. A company where BYOD is allowed, managing devices and data might be difficult as it would be across many different kinds of devices and OS. Denial of Service (DoS) attack A DoS attack is when a threat actor tries to overload a server/service by sending thousands of requests and thus taking up all the resources causing the server/service to halt down to a complete stop or just barely usable. This would be done from a single machine. Distributed Denial of Service (DDoS) DDoS is just like DoS but attack is carried from many machines. DDoS are generally more damaging. Because the traffic comes from many sources, it's harder to distinguish an attacker from a legitimate traffic. Penetration Testing (pentesting) Pentester's job role is to test the defence of a system. A company might hire a pentester to see if there'a a way "in" into their system. The pentester will check all the possible "doors" and then will compile a report detailing the findings. SOC (Security Operations Centre) Is the centre within an organisation that monitors cyber security in real time. People working in SOC are like security guards. They will respond and mitigate any threats, suspicious or malicious activity. OWASP top 10 vulnerabilities (Open Worldwide Application Security Project) Are the 10 most critical security risks to web applications. It's often used as guidelines and best practices that help developers and security teams to build a secure app Hashing Hashing is a process that takes data you supply it (password or a file) and turns it into a fixed length string of numbers and letters. This string is called a hash. Unlike encryption, this is a one way process. It's mainly used for storing sensitive info like credentials or for verifying integrity of a file.