CYBER SECURITY

FOR BEGINNERS:
A COMPREHENSIVE AND ESSENTIAL GUIDE
FOR EVERY NOVICE TO UNDERSTAND
AND MASTER CYBERSECURITY

LIAM SMITH
 Copyright 2022 by Liam Smith- All rights reserved.
The content contained within this book may not be reproduced, duplicated or transmitted without direct written permission from
the author or the publisher.
Under no circumstances will any blame or legal responsibility be held against the publisher, or author, for any damages,
reparation, or monetary loss due to the information contained within this book. Either directly or indirectly.
Legal Notice:
This book is copyright protected. This book is only for personal use. You cannot amend, distribute, sell, use, quote or paraphrase
any part, or the content within this book, without the consent of the author or publisher.
Disclaimer Notice:
Please note the information contained within this document is for educational and entertainment purposes only. All effort has
been executed to present accurate, up to date, and reliable, complete information. No warranties of any kind are declared or
implied. Readers acknowledge that the author is not engaging in the rendering of legal, financial, medical or professional advice.
The content within this book has been derived from various sources. Please consult a licensed professional before attempting any
techniques outlined in this book.
By reading this document, the reader agrees that under no circumstances is the author responsible for any losses, direct or
indirect, which are incurred as a result of the use of information contained within this document, including, but not limited to, —
errors, omissions, or inaccuracies.
ISBN:
 Table of Contents

Introduction to Computer Security

Chapter 1: Networks and the Internet
Internet
DNS
Internet Infrastructure
World Wide Web
Aspects of Cybersecurity
Need for Cybersecurity
Chapter 2: Cyber Stalking, Fraud, and Abuse
Types of Cybercrime
Identity Theft and Invasion of Privacy
Internet Fraud
ATM Fraud
Piracy and File Sharing
Cyber-Attacks
Chapter 3: Denial of Serce Attacks Malware
Types of Malwares
Ransomware
Adware
Bots
Rootkits
Spyware
Remote Access Tool (RAT)
Viruses
Worms
Preventing Malware Attacks
Network Security
Use Reputable A/V Software
Perform Routine Security Inspections
Create Routine Backups
Types of Attacks
Phishing
Spear Phishing Attacks
Unauthorized Disclosure
Whaling
Malware Attacks and Infections
Chapter 4: Techniques Used by Hackers
Hydra
Nmap
NMAP Scripts
Wireshark
Man in the Middle
 ARP Poisoning
RIPv1 (RIP)
Cactus
DNS Cache Poisoning
Session Hijacking
Chapter 5: Industrial Espionage in Cyberspace
Top Spying Tactics
A Look at Cyber-Espionage Affairs
An Overview of Some Latest Cyber-Espionage Attacks
Chapter 6: Encryption
Full Disk Encryption
Containers
Mobile
Essentials
Chapter 7: Computer Security Technology
EtherPeek
QualysGuard
SuperScan
WebInspect
LC4
NMAP
Metasploit
Burp Suite
Angry IP Scanner
Cain & Abel
Chapter 8: CompTIA, the Best Cyber Security Certifications to Boost Your Career
Reasons Why Choose CompTIA Certifications
Where to Get the Best CompTIA Cyber Security Certifications
How Long Do You Have to Study for a CompTIA Cyber Security Certification?
How Much Does It Cost?
Conclusion
 Introduction to
Computer Security

Regardless of the present danger of viruses and malware since the beginning of the PC age,
information network security has been lagging up until the point gradual technological advances
allowed for contextual analysis of infiltrations. These analyses revealed that more and more
computing devices were being exposed to attacks. Many exposed machines utilizing the web
allowed hackers to propel their abilities in infiltration techniques; therefore, taking information
and even shutting down sites.
Considering the number of global users at present is at an expected 3.4 billion clients, there is
enormous potential for cybercrime. Combatting the issue is currently a multi-disciplinary issue
which brings together equipment and programming through strategy and individuals. All of this
has been aimed at the prevention of cybercrime happening in the first place or minimizing its
effects when it does. This is the practice that has now come to be known as Cybersecurity. There
is no “cure all” solution. However, Cybersecurity is continually developing as per the dangers it
is attempting to anticipate.
The main area of concern would be the client accounts and their names and passwords. Usually,
it would be the potential profit or governmental control that drives the cyber black market in a
manner of speaking. As individuals keep on integrating innovation into their lives, the
opportunities for abuse will also grow. Accordingly, the resistances that are utilized to stop them
through instruction and practices of cybersecurity will likewise keep on growing.
Physical Security
This is one of the major elements when it comes to the overall security policy within an
organization. Physical security entails such things as proxy access, building security and the
relevant security measures. When it comes to proxy access, security comprises different
subcomponents which include the key, proxy card control, and access. In the same way as
passwords, the proxy cards and keys have differing levels of access, and they have to be issued
as needed. At the same time, regularly scheduled audits need to be conducted, so as to prevent
access which is not authorized. Then there is building security, which physically prevents people
from accessing the premises’ systems without authorization. This is part of the Intelligent
Building Management System and the networks and devices which make it. Without it, it would
be very easy for outsiders to go around the methods of protection and infiltrate the networks to
their gain. It is crucial that workers are aware of these systems and hence abide by the physical
security policies. Several elements have to be considered when developing policies related to
physical security. Similarly, a full assessment of security and infrastructure is needed before
writing the policy. Security measures for physical security include things like security cameras
with a recording device that gives an external layer of security to the facility. Physical security
should also consider lighting which is essential for safety. The gates, walls, and electrified
fencing add to the reduction of risk of unauthorized personnel of vehicles from entering and
damaging the assets of the building. The employee security training class is essential to the
success of the firm and would be advisable to report on security violations.
Removable media such as hard drives and USB drives should only be utilized with particular
authorization from the agency. Workers cannot be allowed to utilize personal removable media
within the work environment. The employees also have to be forbidden from plugging laptops or
other electronic devices into the equipment of the firm.

The World Without Cybersecurity

It is relevant to call to attention that people are essentially the weakest connection as they are
unpredictable and multi-faceted with their plans, flaws, and convictions. Indeed, even the most
solidified framework can be broken through a demonstration of social engineering. There is no
measure of secure networks and firewalls which can counter a client clicking on fishy emails or
being persuaded into giving their own private passwords over the phone to individuals claiming
to be from the client relations branch of an organization serving them. The reliance on
automation also focuses on single points of failure, which would have a dramatic effect if
coordinated at communication and transportation networks. Drawing from rising advances of
driverless cars getting more known, the following shows a case study of what could happen if
automated items keep on being made without taking cybersecurity into account.
In the future, the society will probably be run on an automated transportation system including
cars, trains, and buses while drones monitor from the skies to check on crime and framework
glitches. The advantage to be considered would be that this advance in technology will allow for
a greater efficiency, as traffic jams will be a thing of the past. There will be lower instances of
pollution, as cars will be running on EV systems and the transportation cost will be much
cheaper or altogether nonexistent. In the worst-case scenario, a cyberattack can compromise the
entire system. The systems which coordinate the entire transportation network could be shut
down, and that would bring the entire city to a standstill as the workers would not be able to get
to and from work, which means the productivity comes to a halt. People on life support systems
will definitely suffer, as would those who require daily services to maintain lifestyle conditions.
Without essential services, chaos would soon ensue as people would struggle to make ends meet
and panic would happen. The city would be held hostage by foreign influence without the
exertion of physical force, which is quite scary because it is quite easy to execute. This is an
interesting dystopian theory, but it represents which society people are heading into, and the
reason why cybersecurity needs to be prioritized above everything else.
Consider the fact that the internet has enabled new business models which have already shaped
the way the world works. Even though search engines, social media, and ordering platforms are
some of the most profitable companies that conduct business over the internet, cybercrime beats
all of them. That shows just how lucrative fraud is because it operates and benefits on the
ignorance of the majority of the 3.4 billion users in the world today.
The Nature of Threats
Cybercrime arrives in a scope of structures—from denial-of-service attacks on websites,
blackmail, framework invasion, and destruction. It can incorporate ransomware, malware,
spyware, and modifications of the physical gadgets. It's not surprising the extent of attacks are
very vast and are intensified by the attack surface, which is the measure of the weakness as
introduced by both equipment and programming. If a hacking theme works on Apple devices and
everybody in the organization has a gadget from the same company—whether it is an iPad,
iPhone, or Mac Book, by definition, the attack surface may be a few people, or it could be even
thousands, depending upon the span of the firm. In another way, if anybody that has an Apple
gadget is vulnerable in a global context, the attack surface would be several millions of people.
This is exaggerated by the way both programming and equipment can give numerous vectors to
attacks, as that an iPhone can have distinctive vulnerabilities and each one of them has the
potential for being misused. Some of the time, various approaches can be utilized to gain access
to a computing gadget. Legal consideration demonstrates this through the manner in which they
hack the phones of criminals. They do this on the justification of the greater good which is the
safety of the majority of citizens
It is now possible to perceive how much harm hacking can cause with regards to integrated
frameworks, for example, power and transportation. For this situation, the attacks are more
focused, and they are specific to the specific industries; and the repercussions are considerably
more hazardous. Shutting down the electrical grid, for one, may have life-threatening
consequences.
It isn't possible to see it, as it is inside the fiber-optic networks and switches that saturate the
web; however, attacks are going on all around—even right now. The modem in your home that
gives you access to the web is always fighting off queries to check whether the IP address has
open ports. These allude to the virtual addresses that enable the correspondence of programming
to and from the network and the PCs.
According to the overviews done by network security and the administration firm Fortinet,
around 500,000 attacks occur against its servers constantly. That is just one of the specialist
organizations. The primary concern is that nearly anything controllable by innovation will likely
have a weak spot, and this is consistently being tried by groups that want to abuse these spots
with a specific goal to facilitate their interests. To appreciate the extent of difficulties, the
significance of cyber-security and that of the corresponding legal issues, you would have to
consider all angles of attack.
 Chapter 1:
Networks and the Internet

Internet
One of the most significant inventions of the 21st century is the internet, which has affected our
lives to a great extent. Nowadays, the internet has crossed every obstruction and has altered the
means we used to chat, work, play games, shop, listen to music, make friends, see movies, pay
our bills, order food, greet our friend on their anniversaries or birthdays, etc. Applications have
been developed to carry out most of the everyday tasks which has facilitated our life to a great
deal by making it comfortable.
Contrary to the past, where one had to stand in a long queue for paying electricity and telephone
bills; now, we can do that online through internet with a click of a button from our office or
home. The technology has stretched to a level that we do not even need a computer for using the
internet. We have smartphones equipped with internet, iPads, and palmtops, etc. using which we
can keep in touch with our family, friends, and office throughout the day. Hence, the internet has
not just simplified our life, but it has also provided a cost-effective solution to numerous
problems.
Just a few years back, we used to make International Subscriber Dialing (ISD) calls or even a
Subscriber trunk dialing (STD) calls, which were quite expensive. Both these methods were
employed to deliver just critical messages, and the rest of the mundane communication was
carried out through letters as it was a comparatively cheap mode of communication (Poe 2010).
Today, we not only have the facility of making audio calls through internet but can also make
video conference calls through various popular applications such as Skype, Viber, etc. at a very
cheap expense to an extent where a 1-hour video call through internet is less costly than the rate
of sending a 1-page document from New Jersey to California through a courier service. Not just
this, the internet has also altered the way we used the typical devices. Now, besides watching our
regular shows and movies on TV, we can use it for making calls, video chats with families and
friends through the internet. Likewise, we can use our smartphones not just to make calls but also
to watch any movie. Irrespective of our location, it is possible for us to keep in touch with the
rest of the world. Working parents can keep an eye on their kids at home from the vicinity of
their offices and can assist them in their homework. A businessman can easily keep an eye on his
office, shop, workforce, etc. with a mere click of a button. It is safe to say that the internet has
facilitated our life in numerous ways. Have you ever reflected on where this internet came from?
Let us have a look at the brief history of the internet and learn how the internet was devised and
how with time, it evolved to a level that it is now impossible for us to think of our lives without
it.
DNS
While browsing any website on the internet, we type something similar to www.uou.ac.in that is,
we do not deal with IP addresses such as 104.28.2.92. However, the truth is that even if we type
http: \\ 106.25.2.82 in the URL, we will be landed on the same webpage. We are quite
accustomed to and comfortable in using and memorizing the names of the websites instead of a
number. Besides, with time, these IP address changes and few of the sites contain more than one
IP address. Furthermore, we can only transfer data over the internet by using IP addresses since
the routing of the packet of data that is sent through the internet, is carried out using the IP
address. There is a server known as Domain Name System (DNS). This server is responsible for
taking care of this translation job to make this process simple and to save us from the trouble of
memorizing these changing IP address numbers. Every time we type an address such as
http:\\www.uou.ac.in, a background procedure known as DNS name resolution is initiated. Our
computers keep the footpath of lately visited websites and locally preserves a database in the
cache of DNS. If the IP address of the website we have requested is not found in the DNS cache
of our local computer, then the subsequent possible place to find it is in the DNS server of our
Internet Service Provider (ISP). These DNS servers of our Internet Service Provider also
maintain the cache of the lately visited webpages. In case the information is not available even in
the DNS server of ISP, it then forwards the query to the root name servers, which publish the
root zone file to both other DNS servers as well as clients on the Internet. The root zone file
designates the location of the authoritative servers for the DNS top-level domains (abbreviated as
TLD). Presently, there are 13 root name servers which are listed below:

VeriSign Global Registry Services

University of Southern California - Information Sciences Institute
Cogent Communications
University of Maryland
NASA Ames Research Center
Internet Systems Consortium, Inc.
U.S. DOD Network Information Center
U.S. Army Research Lab
Autonomica/NORDUnet
VeriSign Global Registry Services
RIPE NCC (Réseaux IP Européens Network Coordination Centre)
ICANN (Internet Corporation for Assigned Names and Numbers)
WIDE Project
These root name servers guide the request to the suitable Top-Level Domain name servers by
way of first reading the latter part of the URL. We have quoted the example of
http:\\www.uou.ac.in. The last part of this URL is.in. Few other examples of TLD name servers
include .org, .com, .biz, .in, .us, etc. These Top-Level Domain name servers play the role of a
switchboard and guide our request to the suitable authoritative name server retained by each
domain. Such an authoritative name server also maintains other beneficial information along
with maintaining DNS records. The record of address is reverted back to the host computer
requesting it through TLD name servers, ISP’s DNS server, and name servers. Such an
intermediate server maintains the record of this IP address in the cache of their DNS so that they
don’t have to go through the trouble of this process once again in case if they receive the same
request. In case if the same URL is demanded over again, the DNS cache of that localhost PC
will return the IP address of the requested URL.
Internet Infrastructure
As apparent by its name, Internet, is a collection of various small, medium as well as large
networks. This undoubtedly points out one fact, which is that no single body is the owner of the
internet, thereby making it a major proven example of collaborative success. It is indeed amazing
that how such a huge network extended across the continents is running successfully without any
problem. Naturally, we indeed need an international body for monitoring such a huge network,
which can set the rules, guidelines, and protocols to join and expand this network. Hence, in
1992, an international organization, famous as “The Internet Society,” was created to take care of
the above-stated concerns.
Let’s take a brief look at the working of the internet. Consider a scenario. We send an email to
our friend who receives it on his/her computer located in another country or even another
continent. While we are working on our computer without connecting it to the internet, our
computer at that instant is a standalone system (Stoica et al. 2002). However, when we connect
our computer to the internet using a modem, we become a part of the network. The Internet
Service Provider (ISP) is the link amid the internet backbone, by the help of which the routing of
data to the user takes place. The ISP is responsible for connecting us to the internet backbone at
Network Access Points (NAP). Various large telecommunication companies provide these
Network Access Points in several regions (DiGiorgio and Bender 2002). Such large
telecommunication companies are in charge of connecting the countries and the continents
through building as well as maintaining the huge support/ backbone infrastructure to route data
from one NAP to another NAP. ISPs are linked to this backbone infrastructure at NAP and have
the responsibility of building and managing networks locally. Therefore, when we connect our
computer to the internet by dialing through modem, we primarily become part of the local ISP,
which further connects us to the internet backbone via NAP. Through this backbone, our
requested data is routed and delivered to the desired destination NAP, where the ISP of our
friend’s network is sited. The moment when our friend connects his computer to the internet by
dialing through the modem, that data is delivered to his computer.
World Wide Web
We often interchangeably use the terms World Wide Web and internet, or sometimes we simply
use the word ‘web.’ In reality, the web is just one of the numerous services provided by the
internet. Few popular services other than the web provided by the internet include Usenet, e-
mail, FTP, messaging service, etc. To establish communication over the internet and exchanging
information, the web makes use of HTTP protocol. The web was developed in 1989 at CERN
(European de Researchers Nucleaires), by an English scientist named Tim Berners-Lee. The web
is composed of all the public web sites as well as all the devices which access the content of the
web. As a matter of fact, WWW is an information-sharing model and has been developed for
exchanging information over the internet. Innumerable public websites consisting of a collection
of web pages, are accessible through the internet. These websites hold abundant information in
the form of audios, videos, texts, and picture format. We access these web pages through an
application software known as a web browser. A few examples of the well-known web browser
include Chrome, Firefox, Safari, Internet Explorer, etc.
Aspects of Cybersecurity
As the cyber world (internet) is extremely vulnerable to attacks by cybercriminals and hackers, it
is essential to equip our systems with cybersecurity protocols. So, while deliberating
cybersecurity, one might think that who are we trying to protect ourselves from?” The answer is
that there are three significant aspects we are trying to control, which include:
 Unauthorized Access
Unauthorized Modification
Unauthorized Deletion
The terms mentioned above are synonymous with the very popular CIA triad, which is a model
developed to guide policies for the security of information in any organization. CIA stands for
Confidentiality, Integrity, and Availability. We also commonly refer to the CIA triad as three
pillars of security, and the majority of the security policies of any organization are founded on
these three principles.
Need for Cybersecurity
It is an established fact that people in today’s world spend most of their time on the internet.
Most of the internet users are practically unaware of the mechanisms of the online data transfers,
and this is a golden situation for the hackers. With numerous access points, constant traffic,
public IPs, and availability of enormous data to exploit, it is quite convenient for the black hat
hackers to exploit the vulnerabilities by making malicious software. Presently, cyber-attacks are
growing rapidly with every passing day. Hackers have become cleverer and more innovative
with their cyber-attacks and how they dodge firewalls and virus scans still amazes a lot of
people.
Considering all the threats and vulnerabilities, all internet users need to possess countermeasure
systems to protect them against the plethora of cyber-attacks. In this way, we will be able to
protect our data from falling into the wrong hands. Therefore, cybersecurity is essential to
safeguard our systems in the vulnerable world of the internet.
 Chapter 2:
Cyber Stalking, Fraud,
and Abuse
Illegal activities that are carried out with the use of computers are known as cyber-crime or
computer-crime. Cyber-crime includes the committing of fraud, trafficking of intellectual
property, and illegal types of pornography such as child pornography, violating privacy, and
identity theft. The popularity of the internet, wide use of computers, and advancements in
computer technology have contributed to the increasing complexity and probability of cyber-
crime over the last few decades.
It is safe to say that the earliest victims of computer-crime were Americans due to the early
adoption of computer technology and the internet compared to other nations. However, by the
time the 21st century dawned, most individuals across the world were vulnerable against cyber-
crime in some form or another.
Computer technology has rapidly evolved over time, opening up more opportunities for cyber-
criminals. They have come up with inventive methods to carry out computer-crime with new
technologies, while users of those technologies have been slow to adopt cybersecurity measures
to protect themselves.
Most cyber-crime is aimed at gaining information belonging to individuals, businesses, and
governments. These attacks take place in a virtual environment under a personal or corporate
setting. As a result, individuals and organizations have found it difficult to understand the true
threat that computer-crime poses on them.
In the digital age, each individual or organization that uses the internet, computers, and smart
mobile devices possess their unique digital identity. These digital identities can be narrowed
down to a collection of numbers that act as unique identifiers. That data is stored in databases
owned by various individuals, organizations, and governments.
One of the most distinctive characters of cyber-crime that makes it different from conventional
crime is the fact that it can occur in geographies separated by thousands of miles. A cyber-
criminal does not need to get physically closer to an individual or an organization to launch a
successful attack. The fact that jurisdictions and laws change between such vast distances makes
computer-crime difficult to fight.
However, in most cases, cyber-criminals use traces that can be tracked by law enforcement
authorities to identify their locations and identities. Some cyber-criminals have mastered the art
of covering their tracks during their criminal activities. However, most cyber-criminals do not
possess the required skills to cover up all their traces.
Law enforcement authorities require special powers to follow traces left behind by cyber-
criminals across national boundaries that surfaced the need for international cyber-crime treaties.
The Council of Europe, along with government representatives from many countries such as the
United States, Japan, and Canada, drafted a computer-crime international treaty in 1996. Many
civil rights groups protested against the treaty.
However, more than 30 countries signed the international treat in 2001, with the convention
coming into effect in 2004. Various protocols were proposed and added to the convention, later
addressing racist, terrorist, and xenophobic crimes. Furthermore, the USA Patriot Act of 2001
has given law enforcement the authority to monitor and protect computer systems and networks.
Types of Cybercrime
A range of criminal activities can be categorized as cyber-crime, from breaches of persona
privacy to the blackmailing of individuals and businesses. Transaction-based crimes, including
digital piracy, trafficking of child pornography, fraud, and money laundering, also fall under the
spectrum of cyber-crime.
Different types of cyber-crime or computer-crime have specific victims. Cyber-criminals usually
hide in anonymity that the internet provides. Activities carried out by individuals funded by
government organizations to steal and alter data for political objectives and profit also fall under
cyber-crime.
Some activities under computer-crime are aimed towards disrupting the functioning of the
internet and access to it. These activities include hacking, denial of service attacks, and spam.
Cyber-terrorism, on the other hand, includes activities that are aimed towards causing public
disturbances and chaos that can, at times, even result in human casualties. Similar cyber-attacks
are used to damage a country's technological and economic infrastructure.

Identity Theft and Invasion of Privacy

These criminal activities that fall under computer-crime not only affect one's virtual body but
physical self as well to varying degrees. Individuals are provided with Social Security Numbers
in the United States instead of official identity cards. Social Security Numbers have been used to
identify individuals for a range of purposes, including tax collection and the tracking of students,
employees, and patients.
A cyber-criminal who has access to an individual's Social Security Number can gain access to a
wealth of information regarding that individual paving the way to identity theft. Furthermore,
stolen credit card details have also been used for identity theft. Cyber-criminals who gain access
to an individual's Social Security Number and credit card details can easily acquire a passport or
a driver's license under the name of that individual with a fake photo. They can then request a
new Social Security Card with the documents they have in possession that paves the way for
them to open bank accounts and loans under the stolen identity.
The actual individual is unaware of the developments until a financial institution or a law
enforcement authority contacts them. By this time, many crimes may have been committed using
his or her identity, and a significant debt may be piled up under their name. Although identity
theft has become a more familiar term in the modern world, law enforcement is still struggling
with the lack of information and stats to fight it.
Internet Fraud
The internet is full of various schemes that intend to defraud users. Fraud existed long before the
emergence of the internet. However, some scams were given a new life on the internet. Identity
theft is carried out without the knowledge of the victim. However, fraud occurs with the
knowledge of the victim, although in guise.
A fraud attempt can easily be suspected or identified when the criminal and the victim interact
face-to-face. However, a highly realistic email or a web page gives the victim a false sense of
security, resulting in the victim falling prey to the attempt. Many individuals, especially those
who are unaware of fraud on the internet, have lost thousands of dollars.
There has been vast awareness and education regarding internet fraud. However, internet fraud
remains strong in the modern age, with criminals coming up with more realistic and innovative
methods to trick people. Internet fraud is recorded in high levels in countries and regions that the
internet is highly used, including the United States, Europe, South Korea, and Japan.
ATM Fraud
The advancements in computer technology have aided various more mundane types of fraud,
such as automated teller machine (ATM) fraud. Cyber-criminals have developed devices that can
breach the magnetic strips of credit or debit cards and use personal identification numbers
(PINs). The stolen information is then used by the criminals to produce fake cards that are later
used to withdraw funds from the accounts of the victims.
Criminals use free-standing ATMs that are located in crowded places instead of banks. They
install skimming machines that are difficult to identify on such ATMs. The user enters their card,
followed by the PIN, at which point the device records those details. The ATM does not dispense
cash and states that it is out of order causing the unsuspecting user to leave. The criminals later
return to retrieve the skimming device after successfully breaching numerous cards.
Piracy and File Sharing
The duplication of various types of copyright materials has posed a huge problem for many
industries, including music and film. The internet made illegal duplication of such material
highly popular and simple. A compact disk (CD) could be easily copied, and its content could be
shared with thousands of users located all over the globe within minutes using high-speed
internet.
The recording industry in the United States has been severely affected by file sharing over the
internet. It saw the sales of CDs fall from 800 million to less than 150 million within 14 years
between 2000 and 2014. The revenue in the music industry was halved during the time.
The motion picture industry also faced a similar problem during the time. DVDs containing films
were copied and shared across the internet among millions of users resulting in huge drops in
DVD sales. File sharing websites such as The Pirate Bay facilitated the sharing of such large
files. However, legal action has been taken against many file-sharing websites in recent times,
although piracy still remains all over the internet to this day.
Cyber-Attacks
Hackers launch cyber-attacks on computer systems, networks, mobile, and IoT devices. These
attacks have various motives, such as the theft of information belonging to individuals,
organizations, and governments, gaining illegal access to computer networks, interrupting
services provided by businesses and organizations, committing sabotage, and causing public
chaos.
These cyber-crimes often go unnoticed as victims opt not to report them. Only the larger
breaches gain attention and publicity. However, hacking and other cyber-attacks cost billions of
dollars for the world economy every year.
 Chapter 3:
Denial of Serce Attacks
Malware
Let's imagine a scenario where a client presents a file, and they are unsure if it's malware and
what capabilities it has.
Where does this malware fit in the kill chain?
Is it the initial patient zero machine that will go online and download more malware code? What
is this malware's specimen capability?
Understanding what the malware is capable of is one of the main purposes of malware analysis
or reverse engineering. You also have to ask: What is the attacker's intention?
If it's malware specifically for ransom, they are trying to encrypt for files and ask for money. If
its purpose is to install other stolen PI data, then its intention is larger than just quick financial
gain. Knowing the intention of the attacker helps you understand where else this malware is
infecting your environment.
Types of Malwares
Malware is a very general category, and there are few subtypes within it:
Ransomware
This malware is designed to freeze files and, as the name suggests, demand ransom from its
victims in exchange for releasing the data; successful attackers realized that they could take it a
step further by demanding money but not releasing the data. Instead, attackers demand another
payment, and the cycle continues.
Paying up might seem like the only solution to dealing with ransomware, but the fact is, once
you pay, the attackers will keep asking for more.

Adware
This is software that downloads, gathers, and presents unwanted ads or data while redirecting
searches to certain websites.

Bots
Bots are automatic scripts that take command of your system. Your computer is used as a
"zombie" to carry out attacks online. Most of the time, you are not aware that your computer is
carrying out these attacks.

Rootkits
When a system is compromised, rootkits are designed to hide the fact that you have malware.
Rootkits enable malware to operate in the open by imitating normal files.
Spyware
Spyware transmits data from the hard drive without the target knowing about the information
theft.

Remote Access Tool (RAT)

After your system is compromised, RAT helps attackers remain in your systems and networks.
RAT helps criminals to obtain your keystrokes, take photos with your camera, and/or expand to
other machines. One of the most dominant features of this type permits the malware to transfer
all of this information from the victim to the attacker in a protected way, so you are not even
conscious you are being spied on.

Viruses
A virus pushes a copy of itself into a device and becomes a part of another computer program. It
can spread between computers, leaving infections as it travels.

Worms
Similar to viruses, worms self-replicate, but they don't need a host program or human to
propagate. Worms utilize a vulnerability in the target system or make use of social engineering to
fool users into executing the program.
Preventing Malware Attacks
In order to avoid malware, you should:

Train yourself and other users on practices for avoiding malware.

Don't download and run unknown software and don't blindly insert "found media"
into your computer.
Learn how to identify potential malware like phishing emails.
Having unannounced exercises, such as intentional phishing campaigns, can help
keep users aware and observant. Learn more about security awareness training.

Network Security
Controlled access to systems on your organization's network and proven technology and
methodology use like using a firewall, IPS, IDS, and remote access only through a VPN
minimize the surface attack you are exposing your organization to. Physical system separation is
usually deemed the last measure for most organizations and is still vulnerable to some attack
vectors.
Use Reputable A/V Software
When installed, a suitable A/V software detects any existing malware on a system and then
removes it. An A/V solution monitors and mitigates potential malware activity and installation. It
is very important to be up-to-date with the vendor's latest definitions and/or signatures.
Perform Routine Security Inspections
Scanning your organization's websites periodically for vulnerabilities such as software with
known bugs and server/service/application misconfigurations will save your organization from
potential malware attacks, protect the data of your users, and protect clients and visitors who use
public-facing sites.

Create Routine Backups

A regular backup system in place is the difference between easily recovering from a harmful
virus or ransomware attack and stressful, desperate scrambling with costly downtime/data loss.
The solution here is to have regular backups that are verified and happen on a regular basis. Old,
outdated backups don't restore correctly and are of no use.
Types of Attacks
Malware has many different forms and attacks in various ways. However, with some careful
preparation and process developments, as well as ongoing user education, your organization can
gain and maintain a solid security stance against malware attacks.
Criminal operations operating from the internet that are looking to gain financial or intellectual
property are also known as cyber-attacks. Sometimes the objective of a cyber-attack is simply to
disrupt the operations of a certain company. Sometimes a cyber-attack goes as far as state-
sponsored attacks when governments of countries get involved in cyber-attacks to learn
information on a geopolitical opponent or solely to convey a message.
By 2021, cybercrime damages are set to exceed $6 trillion! The annual Google profit is $90
billion. One trillion is one thousand times one billion, that’s quite a bit of damage right there!

Phishing
A malicious hacker attempts to trick the victim into believing the hacker is a nice and
trustworthy person in order for the victim to do a particular action. Perhaps the famous phishing
scam is the "Nigerian Prince" where the hacker claims to be a wealthy Nigerian prince who
needs your help in transferring funds to his account. In return, he offers you a promise of wealth
once he gets back the access to his accounts. Just in the United States, these scams make over
$700,000 a year! Unfortunately, as long as people keep sending money, hackers will use
phishing scams.

Spear Phishing Attacks

Spear phishing involves personalizing the phishing email. So, while the "Nigerian prince" will
send the same email to multiple addresses, the spear-phishing email will have a customized
message making it look even more trustworthy.
Common examples of spear-phishing emails are those that look like they came from a bank (or a
trusted source) where they ask you to enter login information because of a technical issue and
clean up your account. Another example is a fake email from a supervisor, business owner, or
CEO mentioning important company files. The spear-phishing email in this case contains a
malware-infected Excel or Word file that, once opened, unleashes an attack. The hacker is
interested in the company's data.
Unauthorized Disclosure
Whenever a company or an organization discloses information about you without asking for your
permission, you have become a victim of an unauthorized disclosure. A medical provider leaking
your health information is also an unauthorized disclosure.
Whaling
This is refined form of phishing because the hacker targets a high-value person like a CEO or a
celebrity. The hacker gathers all the possible information about the target. They gather details
about hobbies, passions, occupations, schedules, friends, family, and so on. They gather all this
information so the victim truly believes the email is sent by someone trustworthy and thus clicks
the link or opens an attachment.
Companies lose billions of dollars a year because of whaling.
Malware Attacks and Infections
Malware attacks are sent as malicious attachments or through downloads on suspicious website.
The moment you open the attachment, the process of infection begins. Sometimes, it's possible
for the malware to end up on your computer without your approval, although these cases are rare.
They called these rare cases drive-by downloads.
 Chapter 4:
Techniques Used
by Hackers
Techniques used by hackers are many. They are mainly categorized by their success rate, kind of
computer systems they can affect, how much effort is needed to perform the attack, and what
type of data they can extract. The following will cover some of the most common techniques.
Hydra
This is a tool for detecting weak passwords by trying millions of combinations and observing the
system's reaction. Hydra works by sniffing out the computer being attacked, usually across a
network, and then guessing its password. Hydra can conduct brute force attacks on remote
computers that run services such as SSH or FTP. This is done by trying to log in using every
possible combination of username and password (allowing a maximum of 8 characters of each),
until it finds the right combination or exhausts all possibilities. An attempt takes seconds, so it is
quite easy to launch thousands of them at once and track the successful ones.
Nmap
Nmap is mainly used for port scanning. A port scan is like a handshake between a hacker and a
computer. During this handshake the hacker will send a packet that asks the computer to open up
its ports. The computer then has to respond if it is open, or not. If something is open, the hacker
can potentially access it and use it for his purpose, such as stealing credit card numbers. Nmap
will scan all ports between 1 and 65535. It will also tell you how many computers are listening
on each port, which can help you decide which ones to attack first.
NMAP Scripts
NMAP scripts are a collection of scripts that can be run from the command-line. These scripts
will perform many actions, such as enumerating target hosts, performing port scans, and running
other commands on a remote machine. You should use them when you attack a computer. They
can be used to attack the target machine or make it run customized commands on it or sniff its
traffic with Wireshark.
Wireshark
Wireshark is a protocol analyzer that can analyze all types of traffic on a computer. With it you
can see all the information that is sent between a client and the server via the network. All
packets are color-coded, so you know what type of packet it is and how important it may be to
your overall plan. Wireshark can be used from your desktop or from within NMAP scripts, such
as when performing a port scan on vulnerable systems.
Man in the Middle
One of the easiest attacks of all is to compromise a user's computer and then place it between
them and the target. This will allow you to see all traffic and force your victims to use your
computer as their gateway to the Internet. The only thing you will have to do after this is launch
an attack on their computers.
ARP Poisoning
ARP poisoning, or ARP spoofing, allows an attacker on a local network to change what IP
address computers on that network think belongs to whom. This can be used for many purposes,
such as redirecting internet traffic and tricking someone into thinking you are their router. Using
ARP poisoning is usually done with a router. It will fill your network's routing table with wrong
IP addresses for every device on your network, making it look as if everything belongs to the
attacker.
RIPv1 (RIP)
The Routing Information Protocol version 1 is an outdated method of routing that uses broadcast
packets and relies on the hop count and distance between routers to determine how to route
messages. While using this type of protocol, the attacker can easily see who is connected to his
computer at any given point in time by calculating their hop count and distance from himself.
RIPv1 can also be abused to send fake information back to the victim's router.
Cactus
Cactus is a tool that makes it easy for attackers to spoof IP addresses and redirect traffic on an
entire network. It uses a variety of spoofing techniques, such as ARP poisoning, ARP poisoning,
and HTTP man-in the-middle attacks. Cactus can also allow the attacker to modify the
applications on a computer or block websites that he doesn't like with DNS cache poisoning.
DNS Cache Poisoning
DNS cache poisoning is a great way of stopping bad guys from being able to use internet
resources from your computer. To do this, you need to set up a special computer that will answer
DNS requests and then replace the IP address of a bad website with the attacker's IP address.
This means that even if the bad guy tries to go to his favorite spam site, he will be taken to your
computer instead. Since all traffic is forced through your computer, you now have full control
over what he can see on the Internet.
Session Hijacking
Session hijacking is when an attacker tricks someone's information from them and then uses it
for their advantage. This information can include usernames and passwords, credit card numbers,
or anything else that can be used online in order for someone to gain access to certain parts of a
website or service. Session hijacking requires a hacker to intercept all of the data packets that are
sent between two computers in order to get all the information that is being sent without being
detected. This requires a powerful computer, but it can be done in just seconds. If you're going to
try this, I suggest using aircrack-ng because it will take up less of your computer's processing
power.
 Chapter 5:
Industrial Espionage
in Cyberspace
Cyber-espionage is an act of getting engaged in an attack that allows an authorized user to view
classified material. Cyber-espionage attacks, in general, are quite subtle and may comprise of a
single piece of code that goes unnoticed in most public sector offices. It can be a process that has
the power to run in the background of a workstation or a computer in an office. Usually, the
target is a corporate or a public office. The major goal of a cyber-espionage attack is to grab hold
of some intellectual property or classified secrets from the government. The attackers have
several motivations for planning and executing an attack. They can do it in return for hard cash
or gold or some other benefits such as freedom of their companions from prisons. The last
motivation works when a government is trying to spy on the government of another country. Its
consequences can be bad such as loss of strategic advantage if the cyber-espionage is being
executed by a government and loss of competitive advantage if a corporation is executing the
cyber-espionage against a corporation.
This will explain what cyber-espionage is and how devastating it can be for the people of
different countries and corporations around the world. It will also explain the geopolitical and
geostrategic repercussions of a cyber-espionage attack against a government or a strategic
industry. Generally, espionage is defined as a practice of using spies to get information about the
activities and plans of a government and corporations.
For cyber-espionage, the spies are generally an army of nefarious hackers that are recruited from
different countries of the world. These cyber-spies or malicious hackers are experts in political,
economic, and military domains. These high-level cybercriminals are equipped with the latest
tech knowledge for shutting down key government structures such as banks and other such
utilities. They have the power to influence elections and disrupting international events such as
summits and formal meetups.
Top Spying Tactics
For a good number of years, there have been attempts to seek benefits by illegally knowing what
the competitors are doing. Naturally, a company needs reconnaissance of its competitor just as a
country needs information on the other country’s activities. One of the most common tactics to
run a viable espionage campaign is to hire people to send in as faux employees who would
attempt to access key pieces of information on specific projects. The faux employee will gain
access to a certain project that is being developed with the help of the latest technology.
Faux employee technique is quite useful but it is a bit risky because the other company’s security
team may detect an aberration in the behavior of the employee or catch him doing any other
suspicious activity. For the past few years, another tactic has replaced it. Now companies’
lookout for an unsecured workspace and then hire someone who can go in as a guest and
casually stick in a USB drive on one of the computers or the main server to upload a worm or a
malware. The virus will be transferred in a matter of seconds. The main purpose of this tactic is
to flip open a secure portal and then exploit it so that you can target it later on from a remote
location. The virus in the USB drive will give you enough control over the computer network
from a remote site that you can get into the system and inflict whatever damage you want on the
system.
Certain business websites offer some kind of opening portal that can be later on exploited by an
experienced hacker. Many business websites are not secured up to a standardized level. Hackers
can use it to enter the server of the business and steal whatever data he requires. Moreover, there
is usually a list of email IDs of the employees of a company. Hackers can use these email IDs to
shoot emails to the employees with a line of code or a link inside to lure the employees into
clicking a suspicious link that would not do any harm apparently but is lethal enough to enable
the perpetrator of the attack to plan a lethal attack later on. This is what we called spear
phishing.
A Look at Cyber-Espionage Affairs
Espionage is usually conducted among nations of the world, and it is not a new phenomenon. It
is in place since the medieval period and it has only been upgraded from time to time and so are
the spies. Cyber-espionage among nations is a new phenomenon and a lethal one. Countries use
cyber-espionage to gain military, political and economic advantages over their competitors.
Countries recruit highly-skilled individuals for the preparation of a customized espionage plan
that could inflict some serious damage on their enemy. At extreme levels, a cyber-espionage
attack can shut down a public sector infrastructure or a military infrastructure of the victim
country. At a slightly lower level, it would target the financial institutions of the country and
disrupt the process of state banks, certain financial transactions and stuff like that. In short,
cyber-espionage has the capacity to bring down the systems of all the countries of the world that
are connected to the internet. There will be complete chaos if no country tries to resist it. The
worst thing about cyber-espionage that also is the best thing about is its tendency to give
foolproof cover to the perpetrator of the attack. Hackers behind these attacks have the power to
rub their footsteps. This threat is now extending its arms to multiple domains such as education,
production and public offices.
An Overview of Some Latest Cyber-Espionage Attacks
On top of all, the cyber-espionage attacks that happened in 2019 is the Chinese and Iranian
hackers’ attack on the US agencies. The news has recently surfaced that Iranian and Chinese
hackers attacked businesses and certain public offices in the United States. Experts believe that
these attacks happened after Donald Trump announced withdrawal from the nuclear deal of Iran
and the initiation of the biggest trade war with China that affected billions of dollars of trade.
The US intelligence chief reported that these countries deployed hackers to steal information
from the United States and to influence the opinion of the public in the United States and also to
derange strategic infrastructure in the country. According to the assessments of the intelligence
officials, the major objective of the hackers was to gain a foothold in the networks to position
themselves to carry out future attacks.
Another significant incident of the year happened in Pakistan when the country’s website of the
Ministry of External Affairs was hacked and its access to different countries got restricted.
People in Pakistan could see and visit the website but citizens of Britain, Holland, and the
Kingdom of Saudi Arabia faced serious issues with respect to accessing the website. Finally, a
detailed investigative report revealed that the source of the attack was in India. The incident
happened right after the Pulwama attack in India.
Kaspersky Lab exposed Slingshot in 2018. Most of the victims of the attack were in the Middle
East and Africa. The primary objective of the Slingshot attack was to take screenshots of the
computer screens of the victim, collect keyboard data, passwords, and network data. Later on,
the US intelligence men accepted that slingshot was developed and loaded by the US military as
part of an official program to track down terrorists and retrieve important data from them.
Countries can defend themselves against any kind of cyber-espionage attempt by partnering with
security experts. In this way, they can fully understand the extent of the threat and can also
counter it effectively. The public or corporate officials can point out the assets that need
foolproof protection. You should also indicate what the vulnerabilities are in your system. It is
also better to run a security risk assessment test to pinpoint the weak areas in your official or
corporate sector systems. Once you know what the vulnerabilities are, you can go on to fix them
right away. This data will give you an insight into how to develop an in-depth strategy.
 Chapter 6:
Encryption
Encryption and the broader subject of cryptography have been around since ancient Egypt. They
evolved with civilization and have been used to protect civil and military secrets for centuries.
In its simplest form, encryption has the purpose of converting information from an intelligible
representation (plaintext) to an alternative representation that looks like random data (ciphertext).
Its sister process, decryption, performs the reverse process, i.e., retrieves plaintext from the
ciphertext.
Both processes work by using some type of keys that must be provided.
Information in its encrypted form can be stored or transmitted between parties and cannot be
converted into plaintext without the possession of the proper key. If you do not have the key, you
cannot read the information.
The simplest analogy is with a physical lock and a physical key. You use the same key to open
and close the lock.
Let’s see the practical and immediate applications of these concepts: if you properly use
commercially available products, you can consider encryption unbreakable for all practical
purposes. If you are a high-interest individual this may not apply, but that’s another story.
Full Disk Encryption
Take your desktop computer. In general, your data is not encrypted by default. You must activate
a specific function to have your hard disk(s) encrypted.
What does it mean?
Without encryption, data can be read even if you have set up an account with a password at the
logon. It is not immediate but can be done with minimal effort. Having to type a password
somewhere, in fact, does not imply encryption.
When encryption is properly implemented, if you turn off your computer, there is no way
information can be decoded once it comes up, without the right decryption key.
Considering all the above, the riskiest scenario is not with desktops but laptops, which can be
more easily stolen or forgotten somewhere. They are especially required to be protected.
The two native and most common solutions to set up the easiest form of encryption (the so-called
Full Disk Encryption) are Bitlocker for Windows and FileVault 2 for Mac. With them, you
protect the entire storage without many differences. The same software can be used to encrypt
(and decrypt) external drives that get attached to your machine.
At most, you will be asked for an extra code at the computer startup: a little hassle for a
significant benefit.
Containers
If you have an older operating system where the two programs above are not available or you do
not need to encrypt all your hard disks (why?), you could follow a slightly different approach,
requiring a bit more of setup.
Inside a non-encrypted hard disk, you can create encrypted containers: you can see them as big
boxes which can be encrypted and decrypted and can contain other files. From the outside, they
appear just as big files (can be several GB) and you access them by “mounting” these files as
drives. From the user’s perspective, they seem like an external hard disk just plugged into the
computer.
The most famous program to manage containers is Veracrypt (https://bit.ly/cyba-veracrypt),
available for Windows, Mac, and Linux.
It can create containers and access them. During the setup phase, you choose the
password/passphrase that will be used to encrypt and then to decrypt the container during the
access phase.
Mobile
Modern operating systems on mobile devices enable encryption by default as soon as an access
PIN is set up. This applies to Android 6.0 or later and iOS 8 or later.
You can substitute the unlock PIN with biometric alternatives (face/fingerprint read) or patterns
to draw on the screen.
Some caveats before switching from PIN to alternatives: patterns have been demonstrated to be
less secure since shapes are not entirely random (we tend to use known shapes, start always on
some corner, etc.). Moreover, the finger will leave a trace while we draw, that prying eyes can
see.
Regarding face recognition, consider that it doesn't work well in every device.
So, for maximum security, stick to a PIN (a finger or the face can be “physically forced” on a
phone, a PIN cannot be extracted from your brain…).
Anyway, for more relaxed security and convenience, you can use non-PIN alternatives which are
better than no PIN at all.
To render the mobile encryption even more effective, remember to set a short automatic lock
time.
Essentials
Encrypt entirely your computer (Bitlocker of FileVault 2).
Apply a PIN to your smartphone and tablet.
 Chapter 7:
Computer Security
Technology
Hackers often use the tools mentioned earlier in the book to perform various hacks on the
network or system. You can use these tools to help you assess the system and network, and also
identify any vulnerability. All these tools are used to analyze the system capabilities and to find
out the bugs in the developed system during its testing phase. Hackers are considered as the more
intelligent from the general IT specialists. Because exploiting a private computer and network
system is more difficult than developing it. The term “Hacking” refers to gain unauthorized
access to someone’s system to steal sensitive information and to harm the computer systems or
networks. Hackers also know the working, development, and architecture designs of the systems.
This information will help them break the system security easily to get the required information.
Hacking also refers to the perform fraudulent acts like, privacy invasion, celling company’s data,
doing online scams and frauds, etc. This sheds light on different tools you can use to help you
learn more about the vulnerabilities in the network and system.
EtherPeek
It is a powerful and small size software used to analyze an MHNE (Multiprotocol Heterogeneous
Network Environment). It works by sniffing traffic packets on the targeted network. It only
supports network protocols such as IP, IP ARP (IP Address Resolution Protocol), AppleTalk,
TCP, NetWare, UDP, NBT Packets, and NetBEUI.
QualysGuard
It is a software suite of integrated tools used to modify the network security processes and in
decreasing the cost of consent. It consists of multiple modules that work together to execute the
complete testing process from its initial phase of mapping and analysis of attack surfaces to find
the security loopholes. It is a network security supervision tool to control, detect, and insulate the
global networks. It also provides critical security intelligence and automates the process of
auditing, concession, and the protection of network systems and web applications.
SuperScan
A powerful tool used by the network administrators to scan and analyze the TCP ports and
project the hostnames. SuperScan is easy to understand since it has a user-friendly interface.
Operations performed by SuperScan are:

Scan the port range from the given built-in list or any user-defined range.
Review and analyze the responses of connected hosts to the network.
Scan ping and network ports using different IP range.
Meld the list of ports to generate a new one.
Connect to any available or open port.
Update the port descriptions in the port list.
WebInspect
It is a web-based security assessment application that allows developers to detect the known and
unknown loopholes present in the web application layer. It consists of multiple modules that
work together to execute the complete testing process from its initial phase of mapping and
analysis of attack surfaces to find the security loopholes. It is also used to analyze whether the
webserver of a system is properly configured or not by attempting parameters injection, directory
traversal, and cross-site scripting.
LC4
It is a password recovery application used in computer networks. It was also known as
“L0phtCrack” and mostly used for checking the password strength and recovering the Microsoft
Windows passwords by using different directories, hybrid attacks, and brute-force. It consists of
multiple modules that work together to execute the complete testing process from its initial phase
of mapping and analysis of attack surfaces to find the security loopholes.
NMAP
It is known as “Network Mapper” a powerful open-source tool used to discover and audit the
networks. It was mainly developed to scan enterprise networks, maintaining network inventory,
monitoring the network hosts, and upgrading the network service schedules. It is used to induce:

What type of hosts are available?

What type of services they offer?
On which operating system those hosts are running.
What type of firewalls are used by those hosts and other important characteristics?

Metasploit
Metasploit is known as one of the most powerful tools used for exploitation. It is available in
different versions depending upon its features. It can be used with command prompt and Web
user-interface to perform such type of tasks:

Penetration testing of small businesses.

Discover, scan, and import network data.
Browse the exploit modules and test all exploits on network hosts.

Burp Suite
Burp Suite is the most popular tool used to perform security tests on web-based applications. It
consists of multiple modules that work together to execute the complete testing process from its
initial phase of mapping and analysis of attack surfaces to find the security loopholes. It has a
user-friendly interface and allows the administrators to apply manual techniques to conduct a
system test.
Angry IP Scanner
It is a cross-platform IP address detector and port scanner used to scan a huge range of IP
addresses. It is easily available on the internet. Administrators use the multithreaded technique
by combining multiple scanners to scan a huge range of Ip addresses. It pings individual IP
addresses to validate it is alive or not? It then analyzes the problem and resolves it by using the
hostname, MAC address, scan ports, etc. All the data scanned and gathered can be stored in
different formats such as TCT, CVS, XML, and IP-Port files.
Cain & Abel
It is an efficient password recovery software used to recover the lost passwords of Microsoft
Operating Systems. It is easy and simple to use, and it offers different types of passwords
recovering services along with the Microsoft Operating Systems. It is most widely used by
security consultants, system penetration testers, and other hackers. Cain & Abel use different
techniques to recover the passwords those techniques are:

Network sniffing.
Cracking of the system encrypted passwords using Brute-Force, Dictionary, and
Cryptanalysis.
VoIP communication reporting.
Decoding of shuffled passwords.
Wireless network keys recovery.
Analyzing routing protocols and uncovering of the cached passwords.
 Chapter 8:
CompTIA, the Best Cyber Security Certifications to Boost Your
Career
The cyber security industry is exploding. According to a recent report from Cybersecurity
Ventures, “the job market in cyber security is expected to reach 3.5 million unfilled positions by
2021.” These unfilled positions will likely be due to a significant gap between education and
skills the market needs in the future.
Reasons Why Choose CompTIA Certifications
Here are four reasons why cyber security certifications from CompTIA are great ways to get
ahead of this trend:
• Cyber Security Certifications Can Be Used to Show Off Your Current Skills (and Impress a
Potential Employer!)
If you already have a few years of experience in the cyber security field, having a cyber security
certification shows that you are staying up-to-date with the latest trends. This can be invaluable
in a competitive hiring market when an employer has plenty of candidates to choose from.
Additionally, if you are just starting out in cyber security, having one or more certifications can
show that you have an established foundation on which to build a career.
• They Can Boost Your Salary
A 2015 report by the Cybersecurity Ventures found that salaries for people in the cyber security
field jumped an average of 28% between 2014 and 2015. This is definitely a trend worth
jumping on, but to get ahead of this trend, you need a way to stand out from the crowd. If you
have a CompTIA certification, you can show that you know state-of-the-art skills and are getting
ahead at a faster pace than the industry average.
• They Can Help You Get Hired Faster
In addition to showing employers how skilled you are, cyber security certifications can help
employers see your potential for future growth. This could be the difference between being hired
and passing over in an interview, or being hired and becoming an invaluable asset to the
company.
• They Build Your Professional Reputation
When you have a professional reputation, it is easier to land jobs and contracts. Having a
CompTIA certification shows that you have taken the time to explore the latest trends in
technology and security. Furthermore, when you have many of these certifications, they help
your employer learn more about who you are as a person. This is important because it shows
them that in addition to being a talented technician, you are a person of integrity.
Where to Get the Best CompTIA Cyber Security Certifications
Every year, over 1 million people apply for CompTIA’s certifications. That can be a lot for
employers to evaluate, so we have rounded up the best CompTIA cyber security certification
programs:
CompTIA A+ Certification - This program is for IT technicians and will help you gain hands-on
experience with installing and repairing any PC hardware or software. This certification will
also better prepare you for finding work in IT support roles. It is the most popular CompTIA
certification, and the best CompTIA cyber security certification for beginners. It will help you
gain the skills you need to become an IT professional in any industry.

Sub-Certifications:
CompTIA Network+ Exam - This exam focuses on networking technologies including Ethernet,
Wireless networking, and network cabling. Since this certification is an introduction to
networking, it is a great stepping stone between the CompTIA A+ certification and more
advanced certifications that focus on networking like the CompTIA Cloud Essentials cert or
Network+.
How Long Do You Have to Study for a CompTIA Cyber Security
Certification?
The duration of a cyber security exam varies based on the certification level. All CompTIA
certifications require you to study and pass an exam, but the amount of time you have to study is
contingent on the certification level. That being said, since the CompTIA A+ is the most popular
cyber security certification, it’s a good foundation for beginning your studies and will also
require less time than other exams.

How Much Time Will You Need to Study?

The amount of time you’ll need to study is affected by how much experience you already have.
If you already have networking or computer repair experience, then it will take less time to
prepare for your exam than someone who has no experience at all. If you are just starting out,
you will want to study a few hours a week for six weeks to get ready for the exam.
How Much Does It Cost?
The cost of the CompTIA A+ certification varies significantly and is dependent on your
situation. If you already have the IT experience needed and are only taking the exam to refresh
your skills, then it will cost less than if you are getting into IT for the first time. As with all
things in life, it is always important to do your research before spending money on a quality
certification program.
 Conclusion

Being online has become very common with children, but it can be dangerous if you do not take
certain precautions. The preventative measures taken to protect computer systems against
unauthorized access or attack is cybersecurity.
Cybersecurity aims to safeguard the lives, property, and images of citizens.
It is essential to be cautious when visiting new websites and downloading content on your
devices. Take the time to read the privacy policies of websites along with asking parents or other
trusted adults about them. Here are some rules to follow so that you are safe while online.
• Keep your personal information private.
Do not share personal information online. Avoid sharing your name, school name, parent name,
address, phone number, social security number, birthdate, passwords, etc. This information can
provide cybercriminals access to your location, home, or school.
Do not enter private information on untrusted websites. All trusted websites should start with
https://. If this is not visible, look for a closed padlock symbol near the left or right of the web
address (URL). If you click on the padlock, a message should display the company name and
something similar to “The connection to the server is encrypted.” If the lock is open, it is an
untrusted website. Other things to check for are counterfeit versions of sites that you often visit.
For example, check for logos that are lighter in color and make sure that the link contains the
correct domain name (e.g., www.disney.com or www.facebook.com). Check the URL of each
website that you visit to make sure that you are on the right site. Fake sites will steal your private
information and email the contents to the cybercriminal. Some counterfeit sites may have extra
characters in the URL (e.g., www.disney1.com). The 1 is not needed.
• Create strong passwords.
Most websites require you to create strong passwords using complex combinations of numbers,
letters, and symbols. You should create passwords with a combination of upper and lowercase
letters, numbers, symbols, and at least eight characters.
Do not use passwords that are easy to guess like your name, pet name, or date of birth, unless
combining it with a complex use of other numbers, letters, or symbols. Do not use all letters or
all numbers, Use a combination of both. Use a password manager if you have trouble
remembering all of your passwords. Do not save passwords using your web browser unless you
have anti-virus software.
• Think twice before you post anything online. Once information is on the internet it is out
there forever.
Only post positive things on your social media pages. A post can reach thousands or even
millions of people. Do not talk about others or share content that talks about others. Do not post
nude photos of you or others. Do not post private information about yourself or others.
Do not post anything illegal. Deleting a post does not mean it cannot resurface. Do not post
anything that you will regret; it may come back to haunt you.
• Speak up.
If you see anything unsuitable, report it to the website and tell an adult that you trust. Most sites
have a report/spam button. Use this every time you see inappropriate content. Once you report
something on a website, the security team will take care of it. Do not stand for bullying or any
other improper activities online or offline.
• Avoid joining clubs or entering contests on unfamiliar sites.
These types of pages usually ask for too much personal information. If you want to double-check
the link to a website, place the cursor over the link (blue underlined words). DO NOT CLICK
IT! It will display the domain name of the site (e.g., www.kidzbop.com/parents would be
legitimate). If it has too many special characters without a familiar domain name or it is a
different URL when you go to the site, it is fake (e.g., www.kid%zbo%p.cOm/~paren!ts).
• Some emails and links are fake.
Some emails and links will pretend to offer you something free or appear to be from a legitimate
source. Do not click on them. It is usually an attempt to get your personal information, such as
social security numbers or credit card information. This fraudulent act is phishing. They look
official, sometimes mimicking a site that you have an account with or one that you have formerly
visited. Legitimate companies will never email you for personal information. They will either
call you or email you to contact them.
We live in a maddening world. Things seem to be going faster and faster, with apparently no
option to keep anything under our control. We’re forced to abandon old ideas, principles and
habits as we’re engulfed by cyberspace. More and more, we’re living online, where large
companies reign and have no intention of relinquishing the throne. In fact, they’re increasingly
seizing what used to be public domain and this goes unnoticed, without mainstream media
fanfare or even a constructive mention in the news.
Smart machines and digital brains decide on whether our behavior is kosher and punish us within
an instant. Any appeal is a formality and protests are memory-holed. Weak and powerless, you
can keep shouting at the void, filled with resentment or you can learn to adapt. The sad truth is
that there’s simply no defeating the tech giants, so we have to wait for them to die a natural
death.
Big companies collude with one another to keep a tight grip on the market and emerging
technologies. As small startups rise to fight them, they too get absorbed and have their potential
added to the conglomerate. Individuals have no say in the matter, as CEOs are insular, detached
from reality and stubbornly dedicated to increasing company revenue. No amount of protesting,
yelling or punishment will make them pay attention to the needs of the little guy. But there is a
ray of light in all of it, a glimmer of hope as that same stubbornness makes them blind to small,
consistent ethical hacking efforts by individuals.
Technology is here to stay but it shouldn’t be adored or glorified it’s just a tool and should be
accepted based on its merits rather than on our emotional vulnerability induced by marketers. By
thinking like an engineer, you’ll see the world around you as a set of constraints that can be bent
just a little bit to extract maximum utility from whatever you happen to be using. It won’t be
pretty, but it will work and, oh, will be it satisfying.
Thanks for your support!