Introduction
Welcome to the CyberSecurity Fundamentals module! This lesson dives into the key components of secure communication and identity management, including protocols, processes, and controls. These topics will help you understand how organizations protect their systems and data from threats.
Module Philosophy
Security protocols, processes, and controls create a framework for implementing safety in the digital world. By using these tools in a consistent and predictable way, organizations can safeguard their data and systems. This module focuses on understanding the role of secure communication, user authentication, and identity management in cybersecurity.
Protocols: The Language of Digital Communication
In the digital world, devices and systems need to talk to each other to exchange information. Protocols are like languages that ensure this communication happens smoothly and securely. Some protocols focus on speed and efficiency, while others prioritize security. As cybersecurity experts, we need to understand how these protocols work and when to use them.
DNS and DNSSEC
The Domain Name System (DNS) is like the internet’s phone book. It translates web addresses like ‘www.example.com’ into numerical IP addresses so computers can find each other. DNSSEC adds a security layer by ensuring the responses come from the correct source, preventing certain types of attacks.
SSH
Secure Shell (SSH) is used to safely connect to remote computers, like accessing a school server from home. It encrypts your connection so no one can see what you’re doing, unlike the older Telnet protocol, which was not secure.
S/MIME
Secure/Multipurpose Internet Mail Extensions (S/MIME) is used to send emails with attachments securely. It ensures that only the intended recipient can read the email and verifies that the email hasn’t been tampered with.
SRTP
The Secure Real-time Transport Protocol (SRTP) is used for online voice and video calls. It scrambles the data to keep it private and checks for tampering to ensure the conversation stays secure.
LDAPS
The Lightweight Directory Access Protocol Secure (LDAPS) is used to securely share and access directories of information, like a digital phone book for an organization. It uses encryption to protect data during transfer.
FTPS
File Transfer Protocol Secure (FTPS) is used to send files over the internet securely. Unlike the older FTP, FTPS encrypts the data to keep it safe from hackers.
SFTP
Secure File Transfer Protocol (SFTP) is another way to send files securely. It works by creating a protected tunnel using SSH, ensuring data cannot be intercepted.
SNMPv3
The Simple Network Management Protocol Version 3 (SNMPv3) helps IT administrators monitor and manage devices on a network, such as routers and printers, while keeping the communication secure.
HTTPS
HyperText Transfer Protocol Secure (HTTPS) is what makes browsing websites safe. It encrypts your connection to prevent anyone from snooping on your data, like login details or credit card numbers.
IPSec
Internet Protocol Security (IPSec) is used to protect data as it travels across networks. It works at a low level, safeguarding all types of data transmissions between devices.
POP3 and IMAP4
These protocols allow you to access your email. Secure versions ensure your emails are encrypted while being transferred from the server to your device.
NTP
The Network Time Protocol (NTP) keeps clocks on devices synced. While not inherently secure, it can be combined with encryption for safer use.
Processes: Authentication & Authorization (A&A)
Authentication is the process of confirming someone is who they say they are, like checking your ID at a movie theater. Authorization decides what you’re allowed to do, like letting you into the movie if you’re the right age. These processes ensure only the right people have access to systems and data.
Identity & Account Management Controls (IDAM)
Managing user identities and accounts is key to a secure system. It ensures each person has their own account with appropriate access levels and that accounts are monitored and updated as needed.
Account Policies
Good account policies protect systems from unauthorized access. For example, requiring strong passwords, using multi-factor authentication, and limiting access to certain times or locations can all help reduce risks.
Additional Material
Check out this video on password fundamentals: https://youtu.be/hNhak8IilrA
Questions
If you have any questions, post them on the course discussion board or contact your instructor directly.
