Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
7 views14 pages

Session #1 Introduction

Uploaded by

maradona1234567876543234567
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
7 views14 pages

Session #1 Introduction

Uploaded by

maradona1234567876543234567
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 14

Introducti

Session
#1 on
To beat a
hacker,

you must think like


Table of Contents

● What is information security?


● Terminologies
● Information Security Overview
● Threats and Attack Vectors
● Hacking Concepts, Attack Phases
● Career paths
Data and information

● Data: a collection of individual facts or


statistics.
● Information: Processed data in a way that
is meaningful to us.
Information security

● Information security is a
state of well-being of
information and
infrastructure in which the
possibility of theft,
tampering, and disruption
of information and
services is kept low.
Terminologies
1. Hack value - is the notion among hackers that something is worth doing or is
interesting.
2. Vulnerability - is the existence of a weakness (design or implementation
error) that can lead to an unexpected event compromising the security of the
system.
3. Exploit - is a breach of an IT system security through vulnerabilities. (CVE)
4. Payload - is the part of an exploit code that performs an intended malicious
action. (CVE)
5. Zero-Day attack - is an attack that exploits the computer vulnerability before
software engineer releases a patch.
6. Daisy chaining - it involves gaining access to a network and /or computer and
then using the same information to gain access to multiple networks and
computers that contains desirable information.
7. Doxing - Publishing personally identifiable information about an individual or
organization.
8. Bot - is a software application that can be controlled remotely to execute or
Cyberkill-chain
Threats and attack vectors
● Cloud computing: is an on-demand delivery of IT capabilities, and stores data.

Must be secure

● Advanced Persistent Threats: APT focus on stealing info from victim machine

w/o user aware

● Viruses and Worms: Capable of infecting a network within seconds

● Mobile Threats: Many attackers see mobile phones as a way to gain access

● Botnet: huge network of compromised systems

● Insider Attack: an attack performed on a corporate network by an entrusted

person w/ access
Careers

Defensive Security Offensive Security


(Blue team) (Red team)

You might also like