1. Types of Security Attack
1.1. Reconnaissance Attack
1.1.1. This attack occurs when an adversary (enemy) tries to learn information about your network - Unauthorized information gathering on network system and network services.
1.2. Access Attack
1.2.1. An access attack occurs when someone tries to gain unauthorized access to a component, tries to gain unauthorized access to information on a component, or increases their privileges on a network component.
1.3. Denial Of Service Attack (DoS)
1.3.1. Disables the network by flooding useless network traffic
1.4. Distributed Denial Of Service Attack (DDoS)
1.4.1. DDoS attack utilises many computers and many connections.
1.5. Malicious code attack
1.5.1. It is program that inserted onto a host to damage a system, corrupt a system, replicate itself or deny services or access to networks systems or services.
1.6. Identify common types of Social Engineering
1.6.1. A social engineer is a person who is able to gain access to equipment or a network by tricking people into providing the necessary access information.
2. Various tools in information security
2.1. Network Mapper (Nmap)
2.1.1. Nmap, short for Network Mapper, is a free, open-source tool for vulnerability scanning and network discovery.
2.2. Netstat
2.2.1. Netstat is a common command line TCP/IP networking utility available in most versions of Windows, Linux, UNIX and other operating systems.
2.3. NetScan
2.3.1. It is a network monitoring utility that scans your network testing for the presence of your network devices (i.e. routers, servers, switches....).
3. Describe Access to Data and Equipment
3.1. Data Wiping
3.1.1. Deleting files from a hard drive does not remove them completely from the computer.
3.2. Hard Drive Destruction
3.2.1. Companies with sensitive data should always establish clear policies for hard drive disposal.
3.3. Hard Drive Recycling
3.3.1. The drive can be reformatted, and a new operating system can be installed.
4. UNDERSTANDING SECURITY
4.1. Information Security
4.1.1. used to describe the tasks of securing information that is in a digital format.
4.2. Goals of Security
4.2.1. Confidentiality
4.2.1.1. Preserving authorized restrictions on access and disclosure
4.2.2. Integrity
4.2.2.1. Guarding against improper information modification or destruction, and includes ensuring information nonrepudiation and authenticity.
4.2.3. Availability
4.2.3.1. Ensuring timely and reliable access to and use of information.
4.3. Attackers Vs Hacker
4.3.1. Attackers
4.3.1.1. Any software or person that deliberately attempts to avoid security services and violate the security policy of the networked system is called attacker.
4.3.2. Hackers
4.3.2.1. A person who breaks into other people's computers with malicious intentions is called a Hacker.
5. Types of Security Threats
5.1. A threat, in the context of computer security, refers to anything that has the potential to cause serious harm to a computer system.
5.2. Unstructured threats
5.2.1. Unstructured threats consist of mostly inexperienced individuals using easily available hacking tools such as shell scripts and password crackers.
5.3. Structured threats
5.3.1. Structured threats come from hackers that are more highly motivated and technically competent .
5.4. External threats
5.4.1. External threats can arise from individuals or organizations working outside of a company.
5.5. Internal threats
5.5.1. Internal threats occur when someone has authorized access to the network with either an account on a server or physical access to the network.