Nidhi's blog
Basic terms in Cybersecurity

Photo by GuerrillaBuzz on Unsplash

Basic terms in Cybersecurity

Polkam Srinidhi's photo
Polkam Srinidhi
·

2 min read

Table of contents

  1. Router

  2. Firewall

    a firewall is designed to control or filter which communications are allowed in and which are allowed out of a device or network.

    -> Network layer Firewall

    -> Transport Layer Firewall

    -> Application layer Firewall

    -> Context aware layer firewall
    -> Proxy server
    -> Reverse proxy server
    -> Network Address translation (NAT) firewall
    -> Host-based Firewall

  3. Intrusive Prevention System (IPS)

  4. Virtual Private Network (VPN)

  5. Antimalware or Antivirus

    Cisco Integrated Services Router (ISR) 4000 - routers

    Cisco’s Firepower 4100 Series - firewall

    Cisco’s AnyConnect Secure Mobility Client - VPN

    Cisco’s Advanced Malware Protection (AMP) - Antimalware

Port Scanning:

An ‘open’ state response means that the service running on the network can be accessed by other networks and if the service does contain a vulnerability, it could be exploited by an attacker who could potentially gain access to computers on the network.

IDS IPS

Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) are security measures deployed on a network to detect and prevent malicious activities.

Penetration Testing

  1. Planning

  2. Scanning

  3. Gaining Access

  4. Maintaining Access

  5. Analysis and Reporting

Computer Security Incident Response Team (CSIRT) : To help ensure organization, system and data preservation by performing investigations into computer security incidents
Security Information and Event Management (SIEM) : system collects and analyzes security alerts, logs and other real-time and historical data from security devices on the network.
Data Loss Prevention (DLP) : System is designed to stop sensitive data from being stolen from or escaping a network.
Intrusion detection systems (IDS) : scans data against a database of rules or attack signatures, looking for malicious traffic.
Intrusion prevention systems (IPS) : can block or deny traffic based on a positive rule or signature match.

Nmap: tools can be used to provide a list of open ports on network devices

IDS: tool can identify malicious traffic by comparing packet contents to known attack signatures

What protocol is used to collect information about traffic traversing a network? - Netflow