Reconnaissance is the phase in which an attacker gathers information of the target to be attacked. The target can be a person or a system or an infrastructure. The following are the sub phases of Reconnaissance:
OSI Layers
The Open Systems Interconnection (OSI) model is a reference model that was developed by International Organization for Standardization (ISO) providing standardization of communication between systems connected over a network. The model has seven layers which are application, presentation, session, transport, network, data link and physical. Splitting a logically into seven layers brings flexibility and adaptability…
Network Mapper (NMAP)
NMAP (Network Mapper) is a free and open source utility for network discovery and security auditing. It is used to scan network to live systems and ports/services on the systems which helps network admins, system admins to get inventory and build infrastructure (Network, Systems, Services) topology. Nmap can do the following scans: IP Sweep Scan – Scans…
Integrity
Integrity is making sure, that the data is intact without any changes. This can be achieved by hashing the data. When data is being received or processed, the hashes can be validated against the original hash to make sure, the data has not been compromised.
Confidentiality
Confidentiality is process of making sure that only authorized subject (person or entity) can access the data. This can be achieved by encrypting data, providing access to only authorized using authentication, privilege levels.
CIA Triad
CIA stands for Confidentiality, Integrity and Availability. Confidentiality is process of making sure that only authorized subject (person or entity) can access the data. This can be achieved by encrypting data, providing access to only authorized using authentication, privilege levels. Integrity is making sure, that the data is intact without any changes. This can be…
VPN
Virtual Private Network (VPN) is process of creating a virtual tunnel over a shared network that can be accessed by anyone. The virtual tunnel provides protection for the data being sent over the shared network. The data should be protected for it’s confidentiality and integrity. A virtual tunnel can provide protection of confidentiality or integrity…
Adversary
The attacker who is performing the cyber attack on the target with a motive.
Threat Intelligence
Threat intelligence is practice of collecting, analyzing, and sharing information about cyber threats and sharing to protect organizations from Cyber Threats Types of Threat Intelligence Strategic Strategic Threat Intelligence provides high level threat trends to organisation. They are non technical which are used by leaders and executives to take strategic decisions with respect to Cyber…
Cyber Security
Cyber Security is the means to protect computer systems, network and data from un-authorized access ensuring confidentiality, integrity and availability.