Topics under Ethical Hacking & Cyber Security

1) Cyber Security & Ethical Hacking 5) Identity & Access Management (IdAM)
Need of cyber security Authentication
Ethical hacking Authorization
Types of hackers IdAM
Penetration Testing Password protection
Foot printing Identity threats
Foot printing techniques
2) Cryptography 6) Vulnerability Analysis (VA) & System Hacking
Types of Cryptography VA Types
Symmetric / Asymmetric VA Lifecycle
Digital Signatures VA Tools
Hash functions Vulnerability scoring system
VA Report
System Hacking
Password cracking
Privilege escalation, hiding files, clearing logs
3) Computer Networks & Security 7) Sniffing & SQL Injection
Computer Network Architecture; Layered Architecture Malware & its types
OSI Model Sniffing attacks & its types
TCP / IP Model SQL injection & its types
Common Network Threats
4) Application & Web Security 8) Denial of Service (DoS) & Session Hijacking
Web server architecture & attacks DoS attacks & symptoms
Web client architecture & attacks DoS detection
Counter measures & patch management System Hijacking
Session / Application-level hijacking
Intrusion Detection Systems (IDS) & types
Firewalls & Types 
Honeypots
Evading IDS

Cyber Space
Cyberspace is "the environment in which communication over computer networks occurs”.

Cyber Crime / Computer Crime

Computer crime, or cybercrime, is any crime that involves a computer and a network. The computer may have been
used in the commission of a crime, or it may be the target.

Cyber Security
Cyber Security is the protection of Internet Connected System including Hardware, Software and Program or Data from
Cyber Attack.
Cyber = It is related to the Technology which contains Systems (Including Software and Hardware), Network, Programs
or Data.
Security = Security is the process of maintaining an acceptable level of perceived risk. It is related to System Security,
Network Security, Application Security, Data Security, Cloud Security and Mobile Security.
Cyber security, also referred to as information technology security, focuses on protecting computers, networks,
programs and data from unintended or unauthorized access, change or destruction.
(University of Maryland University College)
Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management
approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber
environment and organization and user’s assets.
Cyber Security Goal – CIA Triad
C = Confidentiality (Only authorized parties can access the information)
I = Integrity (Only authorized parties can alter the information)
A = Availability (Information must be available on demand)

Cyber Threats
1. Malware
2. Phishing
3. Password Attacks
4. Distribution Denial of Service (DDoS)
5. Man in the Middle
6. Drive-by Downloads
7. Mal-advertising
8. Rogue Software

Information Systems
Information System is an integrated set of components for collecting, storing, and processing data and for providing
information, knowledge, and digital products.
Information = It means structured information.
Security = It means combination of hardware and software to produce structured data.

Components of Information System

System Resource System Activity
People Input
Hardware Storage
Software Processes
Data Output
Network Control and Maintenance

Types of Information Systems

Executive information systems are similar to a DSS but are primarily used
by executive leaders, Board and owners to optimize decision-making.
It comprises of tools and techniques used for reporting organization-
wide data to top executives.
Executi Decision Support System comprises tools and techniques to help in
ve gathering relevant information from a wide range of sources (both
Informa internal and external) and analyze the options and alternatives.
tion DSS decisions are drawn by generating statistical projections from the
System already analyzed data produced by Management Information System.
(Executi Management Information System is designed to take relatively raw data
ve
Level) available through a Transaction Processing System and convert them into
Decision Support System a summarized and aggregated form for the Middle Level Managers,
(Senior Level) usually in a report format, for they day-to-day decision making.
Transaction Processing Systems are the systems that are directly
Management Information System
operated by Low Level Workers. These are the first system to capture the
(Middle Level) basic information that is later used by Higher Management to make
better decisions.
Transaction Processing System It supports the monitoring, collection, storage, processing, and
(Staff Level) dissemination of the organization’s business transactions.
Development of Information Systems:
Development of information systems is similar to Application Development Process. There are different approaches for
the development of Information Systems:
 Classical Waterfall Model
 Iterative Waterfall Model
 Prototyping Model
 Spiral Model
 Incremental Model

Classical Waterfall Model

In this model, each step is a separate part of the process. When one step is completed only then another step can begin.

1. Preliminary Analysis
In this phase, a review is done of the request.
Is creating a solution possible?
What alternatives exist?
What is currently being done about it?
Is this project a good fit for our organization? 
A key part of this step is a feasibility analysis, which includes an analysis of the technical feasibility (is it possible to create
this?), the economic feasibility (can we afford to do this?), and the legal feasibility (are we allowed to do this?). This step is
important in determining if the project should even get started.
2. System Analysis
In this phase, one or more system analysts work with different stakeholder groups to determine the specific requirements
for the new system.
No programming is done in this step. Instead, procedures are documented, key players are interviewed, and data
requirements are developed in order to get an overall picture of exactly what the system is supposed to do. The result of
this phase is a system-requirements document.
3. System Design
In this phase, a designer takes the system-requirements document created in the previous phase and develops the specific
technical details required for the system. In this phase that the business requirements are translated into specific technical
requirements. The design for the user interface, database, data inputs and outputs, and reporting are developed here.
The result of this phase is a system-design document. This document will have everything a programmer will need to
actually create the system.
4. Programming
The code finally gets written in the programming phase. Using the system-design document as a guide, a programmer (or
team of programmers) develops the program.
The result of this phase is an initial working program that meets the requirements laid out in the system-analysis phase and
the design developed in the system-design phase.
5. Testing
In the testing phase, the software program developed in the previous phase is put through a series of structured
tests.
The first is a unit test, which tests individual parts of the code for errors or bugs.
Next is a system test, where the different components of the system are tested to ensure that they work
together properly.
Finally, the user-acceptance test allows those that will be using the software to test the system to ensure that it
meets their standards.
Any bugs, errors, or problems found during testing are addressed and then tested again.
6. Implementation
Once the new system is developed and tested, it has to be implemented in the organization. This phase includes
training the users, providing documentation, and conversion from any previous system to the new system.
 Implementation can take many forms, depending on the type of system, the number and type of users, and how
urgent it is that the system become operational.
7. Maintenance
This final phase takes place once the implementation phase is complete. In this phase, the system has a
structured support process in place: reported bugs are fixed and requests for new features are evaluated and
implemented; system updates and backups are performed on a regular basis.

Iterative Waterfall Model

It is almost the same as the classical waterfall model except the iterative waterfall model provides feedback paths from
every phase to its preceding phases.

Preliminay Analysis

System Analysis
Feed Back Path
System Design
Feed Back Path
Programming
Feed Back Path
Testing
Feed Back Path
Implementation
Feed Back Path
Maintenance

Proto-typing Model
This model is used when the customers do not know the exact project requirements beforehand. In this model, a
prototype of the end product is first developed, tested and refined as per customer feedback repeatedly till a final
acceptable prototype is achieved which forms the basis for developing the final product. 

Types of Proto-typing
Preliminary Analysis
1. Rapid Throwaway Prototyping
System Analysis In this method, a developed prototype need not necessarily be a part of the
ultimately accepted prototype.
System Design Customer feedback helps in preventing unnecessary design faults and hence, the
final prototype developed is of better quality. 
Build a Prototype 2. Evolutionary Prototyping
System Re-design In this method, the prototype developed initially is incrementally refined on the
basis of customer feedback till it finally gets accepted.
Programming 3. Incremental Prototyping
In this type of incremental Prototyping, the final expected product is broken into
Testing different small pieces of prototypes and being developed individually.
In the end, when all individual pieces are properly developed, then the different
Implementation
prototypes are collectively merged into a single final product in their predefined
Maintenance order.
Spiral Model
The spiral model combines the idea of iterative development with the systematic, controlled aspects of the waterfall
model. This Spiral model is a combination of iterative development process model and sequential linear development
model i.e., the waterfall model with a very high emphasis on risk analysis.
It allows incremental releases of the product or incremental refinement through each iteration around the spiral.
The Radius of the spiral at any point represents the expenses(cost) of the project so far, and the angular dimension
represents the progress made so far in the current phase.

Incremental Model
The incremental process model is also known as the Successive version model.
In this model requirements are broken down into multiple standalone modules of software development cycle.
Incremental development is done in steps from analysis design, implementation, testing/verification, maintenance.
Each iteration passes through the requirements, design, coding and testing phases. And each subsequent release of the
system adds function to the previous release until all designed functionality has been implemented. 

Threat:
A threat can be anything that can take advantage of a vulnerability to breach security and
negatively alter, erase, harm information.

Types of Threats
1. Accidental Threat:
 Accidental threats are considered to be human error, environmental hazards, and computer failures.
2. Intentional Threat:
Intentional threats refer to purposeful actions resulting in the theft or damage of computer resources, equipment,
and data.

2.1 Attack:
An attack is an information security threat that involves an attempt to obtain, alter, destroy, remove, implant or
reveal information without authorized access or permission. It happens to both individuals and organizations. 
Types of Attacks
2.1.1 Passive Attack:
A Passive attack attempts to learn or make use of information from the system but does not affect
system resources. Passive Attacks are in the nature of eavesdropping on or monitoring transmission. The
goal of the opponent is to obtain information that is being transmitted.
Types of Passive Attacks:
 Release of message content
Telephonic conversation, an electronic mail message, or a transferred file may contain sensitive or
confidential information. We would like to prevent an opponent from learning the contents of these
transmissions

 Traffic analysis
Suppose that we had a way of masking (encryption) information, so that the attacker even if
captured the message could not extract any information from the message.
The opponent could determine the location and identity of communicating host and could observe
the frequency and length of messages being exchanged. This information might be useful in
guessing the nature of the communication that was taking place. 

2.1.2 Active Attack:

An Active attack attempts to alter system resources or affect their operations. Active attacks involve
some modification of the data stream or the creation of false statements.
Types of Passive Attacks:
 Masquerade
A masquerade attack takes place when one entity pretends to be a different entity. Masquerade assaults
may be performed using the stolen passwords and logins, with the aid of using finding gaps in programs,
or with the aid of using locating a manner across the authentication process.

 Modification of Messages
It means that some portion of a message is altered or that message is delayed or reordered to produce
an unauthorized effect. Modification is an attack on the integrity of the original data. 

 Repudiation
A repudiation is an attack against the accountability of the information. In repudiation either a user can
simply deny having knowledge of the transaction / communication or later claim that such transaction /
communication never took place.
This attack occurs when the network is not completely secured or the login control has been tampered
with.
 Replay
Replay Attack is a type of security attack to the data sent over a network. In this attack, the hacker or
any person with unauthorized access, captures the traffic and sends communication to its original
destination, acting as the original sender. The receiver feels that it is an authenticated message but it is
actually the message sent by the attacker.
The main feature of the Replay Attack is that the receiver would receive the message twice, hence the
name, Replay Attack.
 Denial-of-Service (DoS)
A DoS attack is an attack meant to shut down a machine or network, making it inaccessible to its
intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information
that triggers a crash.
Software attacks 

It means attack by Viruses, Worms, Trojan Horses etc. 

Malware 
Malware is a combination of 2 terms- Malicious and Software. So, Malware basically means malicious software that can
be an intrusive program code or anything that is designed to perform malicious operations on system.

Note: A Threat is a potential violation of security. When a threat is actually executed, it becomes attack.