Skip to main content

SEC 110 - Cybersecurity Fundamentals

Glossary

  • apt - Advanced Persistent Threat
  • CIA Triad
    • Confidentiality: Only those who have access do
    • Integrity: Ensure data has not been changed
    • Availability: Data is accessible when needed.
  • "Hand Model"
    • Confidentiality
    • Integrity
    • Availability
    • Think like an Adversary
    • Defense in Depth
  • Threat - Anything that can exploit a vulnerability, intentionally or accidentally.
  • Attack - Occurs when threats exploit vulnerabilities
  • Cyber-Physical System - connects hardware, software, and network.
  • Smart Grid - An electrical grid with centralized monitoring and control, and connection to smart components.
  • ICS - Standardized systems for controlling industrial grade equipment.
  • SCADA - Control system usually with GUI for interacting with ICS.
  • PLCs - Programmable logic controllers, perform pre-determined actions, and can typically be reprogrammed without any security measures.
  • IoT - Internet of things, referring to devices with a network connection to enable “smart” features
  • Wireshark notes are in my page for NET150 here
    • Various commands we've seen in class are also documented on the networking page.
  • PKI - public key infrastructure

Resources for OSINT

  • Google (duh)
  • shodan.io
  • GitHub (search for CobaltStrike, for example)

Hash Resources

  • crackstation
  • dcode.fr