1. Cybersecurity
1.1. Online Threats
1.1.1. Social Engineering
1.1.1.1. Phishing
1.1.1.1.1. A deceptive practice involving spoof emails, messages, or attachments.
1.1.1.2. Man-in-the-Middle
1.1.1.2.1. An attack on the authentication protocol run in which the attacker position himself or herself between the Claimant and Verifier so that they can intercept and alter data traveling between them.
1.1.1.3. Spear Phishing
1.1.1.3.1. A personalized approach to gain personal information, perhaps suggesting the user click on a link sent by a "friend"
1.1.2. Malware
1.1.2.1. Virus
1.1.2.1.1. A computer program that can replicate itself, infect a computer without permission or knowledge of the user, and then spread or propagate to another computer.
1.1.2.2. Trojan Horse
1.1.2.2.1. A computer program that appears to have useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.
1.1.2.3. Spyware
1.1.2.3.1. Software that is secretly or surreptitiously into an information system without the knowledge of the system, user or owner.
1.1.2.4. Rootkit
1.1.2.4.1. A set of software tools with administrator-level access privileges installed on an information system and designed to hide the presence of the tools, maintain the access privileges, and conceal the activities conducted by the tools.
1.1.3. Hackers
1.1.3.1. White Hat Hackers
1.1.3.1.1. Ethical hackers who are hired by companies to find holes in their security framework.
1.1.3.2. Black Hat Hackers
1.1.3.2.1. Hackers who harm other people.
1.1.3.3. Attack Vector
1.1.3.3.1. A path by which an hacker can use to deliver malicious software to a computer or a server network.
1.2. CIA Triad
1.2.1. Confidentiality
1.2.1.1. States that information should not be disclosed to unauthorized parties.
1.2.2. Integrity
1.2.2.1. Requires that information is not modified (includes creating or deleting data) except by individuals with authority to do so.
1.2.3. Availability
1.2.3.1. Means that resources should be present and accessible when the user wants to access them.
1.3. Preserving Password Security
1.3.1. Private and Unique
1.3.1.1. Passwords must be kept confidential. Sharing or reusing passwords destroys the principle of confidentiality.
1.3.2. Password Manager
1.3.2.1. Use a password manager so you don't have to remember so many passwords.
1.3.3. Length and Complexity
1.3.3.1. These are computationally infeasible to hack; they avoid dictionary attacks.
1.3.4. No Personal Information
1.3.4.1. Avoid social engineering attacks.
1.3.5. CAPTCHA's
1.3.5.1. A program that protects websites against bots generating and grading tests that humans can pass but current computer programs cannot.
1.3.6. Multi-Factor-Authentication
1.3.6.1. This simultaneously uses multiple pieces of information to verify your identity.
2. Internet Basics
2.1. Naming
2.1.1. Domain Naming System
2.1.1.1. Naming convention from any computer/device connected to the internet
2.1.2. Domain Name
2.1.2.1. A label that identifies a network of computers under centralized control
2.1.2.2. Example of Domain Name Registrar
2.1.2.2.1. GoDaddy
2.1.2.3. Subdomain
2.1.2.3.1. Domain that exists as part of a larger domain
2.1.2.3.2. Example of Subdomain
2.1.3. IP Address
2.1.3.1. Unique string of numbers separated by periods that identify computers
2.1.3.2. IP Address Example
2.1.3.2.1. 192.168.1.104
2.1.4. DNS Server
2.1.4.1. Returns associated IP address from database
2.2. ISP
2.2.1. An organization that provides services to access the internet
2.3. Process
2.3.1. User
2.3.1.1. Inputs domain name in web browser
2.3.2. DNS Server
2.3.2.1. Returns Associated IP address from database
2.3.3. Web Browser
2.3.3.1. Routes access to requested site
2.3.4. Web Server
2.3.4.1. Delivers content of website
2.3.4.2. HTTP
2.3.4.2.1. Hypertext Transfer Protocol. Used by web servers and web clients to share web pages and related content on the web