Scanning is part of the Reconnaissance phase where the attacker gathers information about a target. It is type of active reconnaissance during which the network and systems are scanned. In the scanning, the live systems (IP addresses) are found and then the active ports on a system are identified. Post which, OS type (Windows, Unix,…
Author: kingsanit.pvt.ltd@gmail.com
Reconnaissance
Reconnaissance is the phase in which an attacker gathers information of the target to be attacked. The target can be a person or a system or an infrastructure. The following are the sub phases of Reconnaissance:
OSI Layers
The Open Systems Interconnection (OSI) model is a reference model that was developed by International Organization for Standardization (ISO) providing standardisation of communication between systems connected over a network. The model has seven layers which are application, presentation, session, transport, network, data link and physical. Splitting a logically into seven layers brings flexibility and adaptability…
Network Mapper (NMAP)
NMAP (Network Mapper) is a free and open source utility for network discovery and security auditing. It is used to scan network to live systems and ports/services on the systems which helps network admins, system admins to get inventory and build infrastructure (Network, Systems, Services) topology. Nmap can do the following scans: IP Sweep Scan – Scans…
Integrity
Integrity is making sure, that the data is intact without any changes. This can be achieved by hashing the data. When data is being received or processed, the hashes can be validated against the original hash to make sure, the data has not been compromised.
Confidentiality
Confidentiality is process of making sure that only authorized subject (person or entity) can access the data. This can be achieved by encrypting data, providing access to only authorized using authentication, privilege levels.
CIA Triad
CIA stands for Confidentiality, Integrity and Availability. Confidentiality is process of making sure that only authorized subject (person or entity) can access the data. This can be achieved by encrypting data, providing access to only authorized using authentication, privilege levels. Integrity is making sure, that the data is intact without any changes. This can be…
VPN
Virtual Private Network (VPN) is process of creating a virtual tunnel over a shared network that can be accessed by anyone. The virtual tunnel provides protection for the data being sent over the shared network. The data should be protected for it’s confidentiality and integrity. A virtual tunnel can provide protection of confidentiality or integrity…
Adversary
The attacker who is performing the cyber attack on the target with a motive.
Threat Intelligence
Threat intelligence is practice of collecting, analyzing, and sharing information about cyber threats and sharing to protect organizations from Cyber Threats Types of Threat Intelligence Strategic Strategic Threat Intelligence provides high level threat trends to organisation. They are non technical which are used by leaders and executives to take strategic decisions with respect to Cyber…