Cyber security fundamentals & ethical hacking

ervaijnathgoler 17 views 33 slides Mar 02, 2025

Slide 1 of 33

About This Presentation

Cybersecurity fundamentals and ethical hacking are intertwined disciplines focused on protecting digital assets. Here's a breakdown:
Cybersecurity Fundamentals:
Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These attacks are often aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes. Key fundamental concepts include:
* Confidentiality: Ensuring that information is accessible only to authorized individuals. This is achieved through encryption, access controls, and data masking.
* Integrity: Maintaining the accuracy and completeness of data. This involves preventing unauthorized modifications through hashing, digital signatures, and version control.
* Availability: Guaranteeing that authorized users have reliable access to information and systems when needed. This is supported by redundancy, failover systems, and disaster recovery plans.
* Risk Management: Identifying, assessing, and mitigating potential threats and vulnerabilities. This involves risk assessments, vulnerability scanning, and security audits.
* Network Security: Protecting computer networks from unauthorized access and attacks. This includes firewalls, intrusion detection systems, and virtual private networks (VPNs).
* Endpoint Security: Securing individual devices, such as laptops, smartphones, and servers, from malware and other threats. This involves antivirus software, endpoint detection and response (EDR) tools, and device encryption.
* Security Awareness: Educating users about cybersecurity best practices and potential threats. This is crucial for preventing social engineering attacks and other human errors.
* Cryptography: The practice and study of techniques for secure communication in the presence of third parties called adversaries. This includes encryption, decryption, hashing, and digital signatures.
* Access Control: Mechanisms that determine who is allowed to access what resources. This includes authentication, authorization, and accounting (AAA).
Ethical Hacking:
Ethical hacking, also known as penetration testing, is the practice of using hacking techniques to identify vulnerabilities in systems and networks with the permission of the owner. Ethical hackers simulate real-world attacks to uncover weaknesses before malicious actors can exploit them. Key aspects include:
* Permission: Ethical hacking is conducted with the explicit consent of the system owner. This distinguishes it from illegal hacking.
* Scope: The scope of the ethical hacking engagement is clearly defined, outlining the systems and networks to be tested.
* Reporting: Ethical hackers provide detailed reports of their findings, including vulnerabilities, potential impact, and remediation recommendations.
* Methodologies: Ethical hackers use a variety of tools and techniques, including:
* Vulnerability scanning: Automated tools to identify known vulnerabili

Size: 2.84 MB

Language: en

Added: Mar 02, 2025

Slides: 33 pages

Slide Content

How to Secure Your Future Exploring Cybersecurity Fundamentals, Career Paths, and Ethical Hacking Demos Dr. Varun M Deshpande

Background

Why is Cyber Security Important? Protect your digital resources Protect from Hackers Protect your Business Protect Customer Data Secure from Vulnerabilities Secure your Digital Identity Protect against Data Theft Regulatory Compliance requirements Protect Customers Trust

CIA Triad Confidentiality – Prevent intentional or unintentional or unauthorized disclosure of contents. (Protect against Data Theft) Integrity – Guarantees that message delivered has not been altered intentionally or unintentionally from the original data received. (Ensure correctness of the messages exchanged) Availability – Assurance that the system would be stable, resilient and accessible always. (Protect against Denial of Service) CONFIDENTIALITY AVAILABILITY INTEGRITY AAA Security Framework : Authentication Authorization Accounting

Common Terminologies MALWARE – Malicious Software MALWARE has 2 components Propagation Mechanism - The way in which malware spread Payload – Malicious action performed by malware Viruses Worms Trojan Horses Propagation Human Action Self Spreading Tricking users as a legitimate SW Payload Any payload Any payload Any payload Example The Concept virus Stuxnet worm Free Software+ Spy ware

Anatomy of a Cyber Attack

Security Design Principles Defense in Depth Error & Exception handling Fail Safe Treat all inputs as unsafe Principle of Least Privilege

Challenges

Cyber Security threats to Watch out for

OWASP Top 10 security Risks

Advancements

Career

Cybersecurity Career Path https://niccs.cisa.gov/workforce-development/cyber-career-pathways-tool https://www.cyberseek.org/pathway.html

Cybersecurity Certification Path https://www.isc2.org/certifications/cc https://www.comptia.org/certifications/security https://pauljerimy.com/security-certification-roadmap/

Career Path Work on Research Projects Develop Online Profile Internships Associate Full Time Job Develop Yourself with Experience & Certification/ Higher Study Choose area to Expertise and spend extra effort Excel as Professional & Share Knowledge Attend Workshops Work under Professors Experiment with Technology Present in Conferences Share knowledge with peers Catalog Projects in Github etc. File for Patents when applicable Reach out & build Network Work for a startup company Don’t hesitate to learn new tech Understand the needs of Market Get as much industry exposure as possible Learn how to work in Corporate Environment Take up ownership of certain tasks Build Trust and Professional Relationships Put extra effort in first few years of your career Decide if you want to pursue higher studies and in which subject Explore opportunities to prove your capabilities Select a domain in which you would want to be Subject Matter Expert Explore, learn and gain experience in the subject Make yourself ready for higher responsibilities Don’t forget your career path and the journey that you took Stay connected with your teachers and all who helped you along the way Take time to refresh your knowledge and stay updated with latest changes

Conclusion

Cyber Security Defense Starts With You! Use complex password and don’t share with anyone Enable multi factor authentication wherever available Be mindful of Phishing Attacks – If its too good to be true, it usually isn’t! Be mindful of the systems that you use and ensure session is closed Always apply security patches to your system Don’t open / forward any messages that seem suspicious or tempting offers Follow security design principles in what ever activity you do Take ownership of your career and prepare to excel!

Thank You https://www.linkedin.com/in/dr-varun-m-deshpande-33826512/

References https://www3.weforum.org/docs/WEF_The_Global_Risks_Report_2022.pdf https://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/ https://www.hindustantimes.com/india-news/report-breach-within-six-hours-govt-frames-cybersecurity-norms-101651171521206.html https://www.wilmerhale.com/en/insights/blogs/WilmerHale-Privacy-and-Cybersecurity-Law/20220330-sri-lanka-becomes-the-first-south-asian-country-to-pass-comprehensive-privacy-legislation https://economictimes.indiatimes.com/tech/technology/fresh-legislation-may-replace-data-protection-bill/articleshow/89624369.cms https://informationisbeautiful.net/visualizations/ransomware-attacks/ https://www.sentinelone.com/cybersecurity-101/zero-trust-architecture/ https://2cloud.eu/ddos https://www.leapit.co.uk/why-is-cyber-security-important/ https://www.onelogin.com/learn/ddos-attack https://www.cloudflare.com/learning/access-management/phishing-attack/ https://www.wallarm.com/what/what-is-a-supply-chain-attack https://www.belfercenter.org/publication/AttackingAI https://www.toolbox.com/it-security/identity-access-management/articles/what-is-privileged-access-management/ https://www.toolbox.com/it-security/vulnerability-management/articles/what-is-vulnerability-management/ https://www.pamten.com/blog/security-frameworks/ https://www.fortinet.com/blog/business-and-technology/fortiweb-release-6-0--ai-based-machine-learning-for-advanced-thr.html https://www.uvu.edu/spam/phishing.html

How to Protect our digital assets from Threats? Adopt a Proactive Approach Find and fix the Vulnerabilities before hackers exploit it Incorporate Security Design Principles Set Proper Security Configurations Disable ports which are not required, disable ICMP response Error pages/messages should be generic Encrypt data which is sensitive. Even if its lost, it will not be useful to attackers Adopt Secure Development Lifecycle Train the team, and provide them enough resources to implement secure practices Monitor your systems for any anomalies Setup Google Alerts against GHDB exploits Spikes in usage need to be monitored – DDOS protection services Security breaches are inevitable – Move Quickly to resolve the issues Have a robust Security Incident Response Team Have a Business Continuity Plan CONFIDENTIALITY AVAILABILITY INTEGRITY

Cyber security fundamentals & ethical hacking

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Cyber security fundamentals &amp; ethical hacking

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

8-top-ai-courses-for-customer-support-representatives-in-2025.pptx

7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx

25-essential-ai-courses-for-user-support-specialists-in-2025.pptx

8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx

Know for Certain

PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx

Cyber security fundamentals & ethical hacking