Cybersecurity overview

Secrecy: Also called confidentiality. Only authorized people should be access sensitive data. Eg: data breach revealing credit card info.

Integrity: Only authorized people should be able to modify data. Eg: Hackers who have your password & impersonate as you in sending emails.

Availability: Authorized people should always have access to their systems & data. Eg: DoS, DDoS.

Defense:

Threat Model: Expected attack vector: Capabilities, goals & means of attack of the expected attacker. Defend against specific threats rather than an amorphous generic security that is not defined.

Who are you? Authentication. What you know (eg: password, PIN, secret; defense: making is more complex to avoid brute force), what you have (requiring a physical key) or what you are (fingerprint/iris scanner). Two-factor or multi-factor authentication reduces risk.

What can you access? Authorization. Access Control Lists (ACL) can determine access. Eg: US DoD's Bell-Lapuda model: No read-up, No write-down (Secret access can't access Top Secret; Top Secret can't update Secret files), Chinese Wall model, Biba model..

Past access for auditing: Accounting

This is called AAA.

Cryptography:secret writing.

Encryption/Decryption.

Substitution Ciphers. Eg: Caesar Cipher: shift every letter by 3. Simple ciphers can be decrypted by Cryptanalysts. In 1587, Mary, the Queen of Scots' assassination plot of Queen Elizabeth cipher was cracked, leading to her execution.

Permutation Ciphers. Eg: Columnar Transposition Cipher: Ordering direction & grid size is the key. The famous German Enigma Cipher was cracked by Alan Turing's machine during WW-II.

Software Encryption.

Data Encryption Standard (DES): Developed by IBM & NSA in 1977. 56 bits. But able to be cracked by increase in computing power.

Advanced Encryption Standard (AES): Published in 2001. 128, 192 or 256 bits. Chops data into 16 bit chunks & applies substitution & permutation on them based off a key for 10 or more times (not more for performance reasons).

Mathematical one-way functions for symmetric key exchanges. Eg: Caeser Cipher, Enigma, AES, Diffie Hellman Key Exchange using modular exponentiation. (b^y mod m)^x = (b^x mod m)^y = b^xy mod m. 

Asymmetric key exchanges with a public/private key. Invented by RSA (Rivest, Shamir, Adleman).

Data can be in-use, at rest or in-motion. Data loss prevention (DLP) monitors, detects & blocks sensitive data at any of these points.

Networking layers summary

OSI: Open Systems Interconnection created by ISO

Acronyms:
All People Seem To Need Data Processing (7 to 1)

Please Do Not Touch Samy's Pet Alligator (1 to 7)

Layers:

1. Physical (Binary):  Cable, Radio frequency, voltages, pins, electric signals
2. Data (Frame): MAC (Media Access Control) to id device, Logical Link Control (LLC). Eg: PPP, HDLC, ATM, Frame Relay, SLIP and Ethernet. Ethernet with exponential backoff (exponential time + random time to retry if network congestion). Switches operate at this layer to group computers & reduce congestion.
3. Network (Packet): IP at this layer. An IP Packet has the IP header & payload. Packet forwarding, routing (to decide the best path), routers with ICMP (Internet Control Message Protocol), BGP (Border Gateway Protocol). Network hops counted. High hops indicate issues. Hop limits set. traceroute can help figure out the route.
4. Transport (Segment): TCP, UDP, SPX on top of IP. UDP: User Datagram Protocol: simple header with port & checksum, no mechanism to retry. TCP: sequence number of packets in headers with ACKs (that doubles the network traffic) to ensure receipt.
5. Session (Data): Session, timeouts. Eg: NFS, SQL, RDBMS, ASP, SIP.
6. Presentation (Data): Eg: jpg, gif, ascii, ansi, utf8.
7. Application (Data): Eg: http, https, smtp, snmp, ftp, dns, browsers, Skype, Outlook. DNS: Tree structure with Top Level Domains (eg: .com), Second Level Domains (eg: google.com) & Sub-Domain of Parent (eg: drive.google.com), distributed across many trusted servers.