MOITT Advanced Cybersecurity lecture 1

Difference Between Information security and Cybersecurity?

Information security:

securing information whether it is stored or in transit.

To protect information whether it is electronic or non-electronic is called information security.

Information Security Includes:

Cryptography:
Converting Plain text into cypher text.

Physical security:
Physical security is also called infrastructure security.

This means what measures are taken in order to secure assets physically.

For Example:

• Fencing
• CCTV Cameras
• Boundary Walls
• concrete walls
• sandboxes

etc

Network and Telecom Security:

For Network and Telecom security we use:

• Access Control List
• Port Security
• IPS/IDS
• Firewalls
• VPNs

Software Development Security:

To secure the software during the development lifecycle of a software

data security:

Data security contains the following

• Security Goveranance
• Risk Management

Security Governance:

Risk management:

Risk Management is a crucial thing to secure anything

Risk Assessment:

Risk Mitigation:

If you want to secure anything, to secure anything how much resource is required and the cost is required to secure it?

Risk Management:

secure anything according to the budget and requirement

For Example to secure a room we apply:

• Guards
• fire alarm

WAF:

WAF stands for Web Application Firewall

It is a 3rd Generation Firewall

it is the latest generation firewall
It contains IDS and IPS

it can cost thousands of dollars

PCI DSS:

Payment Card Industry Data Security Standards

It has different layers

Consumer Data:

PCI DSS Compliance:

Those companies that follow PCI DSS guidelines, a PCI DSS guidelines auditor will audit a particular site after the audit they approve as PCI DSS. After their approval, the Company is called PCI DSS compliance.

Security Governance:

Cybersecurity:

cybersecurity is the branch of information security.

Cybersecurity Tracks

There are main three tracks in cyber security

• Pentesting
• Forensics
• Defensive/Countermeasure

Pentesting:

CEH Certified Ethical Hacker 125 MCQs.
CPENT Certified Pentenetration Tester 12 hrs exam and there are 20 exam
LPT Licenced Penetration Tester 18 hrs exam and 6 hours each task

LPT have their licenced to hack anyone but are bound to certain terms and conditions.

Every certification has 3 years of licence

There is no annual fee for CEH

120 point

You can extend your certification up to 1 year while getting 120 points

How to earn CEH credits?

CEH credits can be earned by following these tips:

• You can get 1 point while attending any certified person webinar
• Passing any international cybersecurity related certification you can get 40 points
• while publishing any security research paper, they can give you 40 credit hours.

You can claim your credits in EC Council dashboard

CHFI: Computer Hacking Forensic Investigator

It is the most world renown worldwide accepted certification in the world.