Unit Topic: Network Security Fundamentals

2 - 3 important details
Term Definition about the term

CIA Triad The CIA triad refers to The model is sometimes

confidentiality, integrity and referred to as the AIC triad
availability, describing a which stands for
model designed to guide availability, integrity and
policies for information confidentiality. To avoid
security (infosec) within an confusion with the Central
organization. Intelligence Agency.

Encryption The codes created in algorithms, and the

cryptographic research process of applying those
are called cryptographic algorithms to data is called
algorithms, or encryption encryption. Decryption
describes the process of
applying algorithms to
return the encrypted data,
or ciphertext, to readable
form, or plaintext.

Symmetric Encryption Symmetric encryption is one of 2 main methods of

works by creating a single encryption alongside
shared key to encrypt and asymmetric encryption.
decrypt sensitive data. Symmetric encryption works
by creating a single shared
key to encrypt and decrypt
sensitive data.

Asymmetric Encryption Asymmetric encryption, also The pair of keys includes a

known as public-key public key, which can be
cryptography, is a type of shared with anyone, and a
encryption that uses a pair of private key, which is kept
keys to encrypt and decrypt secret by the owner. In
data. asymmetric encryption, the
sender uses the recipient’s
public key to encrypt the data.

Hashing Hashing is the practice of is a one-way process that

transforming a given key or turns data into a fixed-length
string of characters into hash value using a hash
another value for the purpose function. The primary goal of
of security. hashing is to ensure data
integrity and validate the
 original data.

Common Vulnerabilities & A security vulnerability —an a list of publicly disclosed

Exposures (CVE) error in software code that computer security flaws. When
provides threat actors with someone refers to a CVE, they
mean a security flaw that's
direct access to a network been assigned a new data
or system. chart.

Zero Day Vulnerabilities The unknown or unaddressed is a vulnerability in software or

vulnerability is referred to as a hardware that is typically
zero-day vulnerability or unknown.The vendor and for
zero-day threat. which no patch or other fix is
available.

Threat Assessment Threat assessment is the is separate to the more

practice of determining the established practice of violence-
credibility and seriousness of risk assessment. Which
a potential threat, as well as attempts to predict an
individual's general capacity and
the probability that the threat
tendency to react to situations
will become a reality. violently.

Vulnerability Assessment A vulnerability assessment is Vulnerability assessments

the process of classifying and provide organizations with the
prioritizing vulnerabilities in necessary knowledge,
computer systems, awareness and risk
backgrounds to understand and
applications and network
react to threats to their
infrastructures. environment.

Penetration Test aka pen testing or ethical A penetration test, colloquially

hacking, attempts to breach a known as a pentest, is an
system's security for the purpose authorized simulated cyberattack
of vulnerability identification. on a computer system, performed
to evaluate the security of the
system

Posture Assessment is an evaluation of the It’s used to determine your

resilience of your technical business's vulnerability to
infrastructure and security threats like phishing, denial
protocols. of service, malware, and
ransomware.

Process Assessment is a systematic evaluation It involves assessing the

of an organization's effectiveness, efficiency,
processes to identify and maturity of processes.
strengths, weaknesses, To ensure they align with
and areas for organizational goals and
improvement. industry best practices.
Vendor Assessment is an evaluation and approval Vendor assessment is a
process that businesses can use systematic process of evaluating
to determine if prospective and analyzing potential suppliers.
vendors and suppliers can meet
their organizational standards Or partners to determine their
and obligations once under suitability for a specific project or
contract. business need.

Data Locality Data locality enhances refers to the practice of

performance in cloud storing data close to the
computing environments by computational resources that
reducing the time it takes for need to process it.
applications to access and Reducing the distance data
process data. must travel.

PCI DSS is a set of standards (PCI DSS) is a widely accepted

preventing credit card fraud set of policies and procedures
and protecting credit card intended to optimize the
holders from personal data security of credit, debit and
theft. cash card transactions.
Protects cardholders against
misuse of their personal
information.

GDPR The General Data Protection aims to protect the privacy of

Regulation (GDPR) is the EU citizens.
European Union's (EU) personal Enacted in May 2018, it
data protection law that aims imposes a unified set of rules
to protect the privacy of EU on all organizations that
citizens. process personal data.

Device Hardening refers to the process of Implementing Device

enhancing the security of a Hardening in a comprehensive,
device by reducing the coordinated manner
vulnerable points that throughout the enterprise
hackers may use. makes it more difficult for an
attacker to leverage resources.
Anti-hacker essentially.

Access Control Hardware Access Control System a is crucial to identity and access
security mechanism organized management strategies, helping
through which access to organizations navigate modern
different parts of a facility or cybersecurity challenges. Robust
access controls secure a network.
network will be negotiated.

Honeypot A honeypot is software virtual traps for threat actors.

that serves as bait to lure They’re decoys designed to
in hackers. In simpler mimic targets for attackers
and can be used as bait.
terms, envision a hacker
instead of a bear.
Honeynet is a network set up with is a network set up to catch a
hacker's attention. It's
intentional vulnerabilities
designed to look, feel, and act
hosted on a decoy server just like a network packed tight
to attract hackers. with valuable resources. But it
also contains plenty of
monitoring.