IP ADDRESS ALLOCATION TYPES

1. Static – manual configuration of IP address on a device.

2. Dynamic/Automatic – uses DHCP server to allocate IP addresses automatically.

DHCP

DHCP – Dynamic Host Configuration Protocol

DHCP Server – stores and allocates IP addresses.

DCHP Client – requests for IP addresses.

GEOLOCATION-refers to the identification of the geographic location of a computing

device using IP addresses or internal GPS chips.

- ipgeolocation.io

VPN –Virtual Private Network. It is a service that encrypts your internet traffic and

protects your online identity.

NETWORK TROUBLESHOOTING METHODS

1. TOP DOWN

Troubleshooting will start at the top of the OSI model and work the way further down to
the bottom.

This approach checks if the application layer and the layers below are also working.

2. BOTTOM UP

Start at the bottom of the OSI model, and work the way up. Start with the physical
layer, check the cables and connectors, and then move up the OSI model.

3. DIVIDE AND CONQUER

Divide and conquer means we start in the middle of the OSI model. You can use this
model if you are not sure if top-down or bottom-up is more effective. The idea is that
you’ll try to send a ping from one device to another.

BASIC DIAGNOSTIC COMMANDS

1. Ping - Packet Internet Groper allows a user to test and verify whether a given
destination IP address exists and can accept requests in computer network
administration. Ping is also used for diagnosis to confirm that the computer the user
tries to reach is operational.

2. Traceroute – (tracert) is a utility that traces a packet from your computer to the
host and will also show the number of steps (hops) required to reach there, along with
the

3. Pathping – is a combination of ping and tracert commands. It provides continuous

monitoring of the network path which allows network administrators to observe changes
in performance.me by each step.

4. Ipconfig - Internet Protocol Configuration. It displays all the current network

configurations. It also displays the IP address, subnet mask, and default gateway for all
adapters.

5. Netstat - shows all the currently active connections and the output displays the
protocol, source, and destination addresses along with the port numbers and the state
of the connection.
6. ARP – shows the IP address to MAC address mapping.

7. Systeminfo – stands for System information. It displays

all the basic information about the computer.

MONITORING DATA FLOW

Monitoring network traffic helps maintain network performance and speed while also
acting as a safeguard and early warning system for potential problems.

NETWORK MONITORING TOOL

WIRESHARK

One of the most widely used network monitoring and analysis tools. It detects network
issues quickly and lets system administrators troubleshoot network errors in real time.
Wireshark detects suspicious activity on the network and lets administrators drill down
into the traffic and find the root cause of the issue.

WHAT IS CYBERSECURITY?

• Cybersecurity is the practice of protecting computer networks, devices, and

information from damage, loss, or unauthorized access. It preserves the confidentiality,
integrity, & availability of information in cyberspace.

• Cybersecurity is more than the technology. It is also then correct actions and
behaviors of people that keep computer systems safe.

INFORMATION SECURITY

•Information security (InfoSec) is the practice of protecting information.

•InfoSec includes the tools and processes used for preventing, detecting, and
remediating attacks and threats to sensitive information, both digital and physical.

•InfoSec also includes documenting the processes, threats, and systems that affect the
security of information.

INFORMATION SYSTEMS SECURITY

•Information systems security is a part of InfoSec. It is defined as the protection of

information systems against unauthorized access, modification, destruction, or the
denial of access to authorized users.

•Information systems include the devices, computer networks, and physical locations
that store or transmit sensitive information. The form of the information can be digital
or physical.

FIRST LINE OF DEFENSE

• People and Education. Numerous studies have identified human error as the leading
cause of network and computer breaches.

• Prepare for disaster and plan for recovery. Do regular backups of your data and these
keep them safely offline. Therefore, you can restore your data with the least amount of
data loss and interruption.

PRINCIPLES OF INFORMATION SECURITY

CIA TRIAD

CIA Security Triad

The principles that constitute

the objectives of information

security.

1. Confidentiality - Private information must remain confidential. Know who is trying

to access the information and whether or not they are authorized to access it.

2. Integrity –The assurance that the information is authentic. The information must be
protected from unauthorized change, and if it is altered, you must be alerted to this
fact.

3. Availability -Authorized parties must have access to the information. Technologies,

policies, and processes must be in place

PRINCIPLES OF INFORMATION SECURITY DAD TRIAD

Infosec works to prevent the disclosure and alteration of information. In addition, it

strives to ensure that authorized parties are not denied information. to ensure reliable
availability.

1. Disclosure – Confidential data is exposed to unauthorized parties.

2. Alteration –The alteration of data, or the inability to test for alteration, makes the
data untrustworthy.

3. Denial of Information - Legitimate and authorized people are prevented from

accessing data Authentication, authorization, and accounting (AAA) constitute a security
framework that controls resources, enforces policies, and audits usage.

• The security framework plays a major role in network management and cybersecurity
by screening users and keeping track of their activities while they are connected.

Authentication – identifies and verifies a person or thing.

An AAA server compares a user’s credentials with its database of stored credentials by
checking if the username, password, and other authentication tools align with the user.

PRINCIPLES OF INFORMATION SECURITY

AAA SECURITY FRAMEWORK

•Authorization – the process of controlling access to resources. During authorization,

a user can be granted privileges to access certain areas of a network or system. The
areas and sets of permissions granted to a user are stored in a database along with the
user’s identity. The user’s privileges can be changed by an administrator.

CRYPTOGRAPHY

Cryptography is the process of concealing and disguising information. It uses an

encryption algorithm and a key to change data until they are unrecognizable.
Cryptography is not a new concept. It was used over 2000 years ago in the days of
Julius Caesar for military purposes

where he communicated with his troops using a shift cipher aka Caesar cipher or
substitution cipher. In a shift cipher, each plaintext letter is replaced with another
letter a certain number of places further down in the alphabet.

The number of places is called the key.

Caesar Cipher

Key = 3

A=D
The die is cast. = Wkh glh lv fdvw

Modern cryptography uses sophisticated mathematical

equations (algorithms) and secret keys to encrypt and decrypt

data.

Today, cryptography is used to provide secrecy and integrity to our data, and both
authentication and anonymity to our com Hashing is the process of transforming any
given key or a string of characters into another value. It is a one-way mathematical
function that turns data into a string of nondescript text that cannot be reversed or
decoded communications.

Steganography is the practice of concealing information within another message or

physical object to avoid detection.

Steganography can be used to hide virtually any type of digital content, including text,
image, video, or audio content.

STEGANOGRAPHY

1. Place your files in a common folder.

2. Place the files to be hidden in ZIP/RAR.

3. Open CMD (Command Prompt)

4. Change directory (cd) to the folder where the files are

located.

5. Command in CMD:

copy /b [the_image] + [rar_file_to_hide] [image_result_name]

copy /b [the_image] + [rar_file_to_hide] [image_result_name]

Ex. copy /b cat.jpg+Evidence.zip hidden.jpg

To access the hidden files, rename or change the file extension

to .rar.