Cybersecurity Fundementals Notes

Not open for further replies.


Server Admin
Each week I will be posting my notes from the Cybersecurity Fundamentals course on This this thread can be used for quick reference for beginners. I recommend anyone interested in Cybersecurity to take the course themselves, and follow the Getting Started: Cybersecurity program.


Server Admin
Cybersecurity Fundamentals: Unit 1: Computing Security Concepts and Problems 1 Notes

  • The 3 core fundamentals of data assurance are: Confidentiality, Integrity, and Availability

  • Pentesters identify and exploit vulnerabilities to test a company's security

  • Insiders can do far more damage than outsiders

  • Security mindset involves thinking about how things can fail

  • Dyn DDOS attack was caused by Internet of Things (IOT)

  • Everyone is a target, even if you don't have personal or valuable information

  • MEECES motive: money, ego, entertainment, cause, entrance, status

  • Integrity attacks could cast doubt into what information is real or false

  • Ransomware is a type of malware that locks and encrypts file on a computer
Last edited:


Server Admin
Cybersecurity Fundamentals: Unit 2: Computing Security Concepts and Problems 2 Notes

  • CIA
    • Confidentiality
      • Who is authorized to see data?
      • Primarily accomplished by encryption
    • Integrity
      • Preservation of data in its original state
      • Primarily accomplished by hashing
    • Availability
      • Fault tolerance and load balancing of data
      • Protect against DOS attacks
  • AAA Model
    • Authentication
      • Proof of identity
      • Multi-factor authentication: Something you know, something you have, something you are
    • Authorization:
      • Permissions
      • Principle of least privilege: only enough permission required to do their function
        • Never use an admin or root account for daily activity. If malware is executed and the system is infected, malware is run with privilege of the user. Use standard account, escalate privilege when required.
    • Accounting
      • Keep tracking of users
      • Log activity
  • Security vs Convenience
    • See-saw effect, need to secure an environment, but not inhibit users from performing their job
  • Threat agent
    • Anything that can effect CIA (mother nature, hacker, internal employees)
    • Mitigate risk
      • Can't eliminate risk 100%
    • Transfer risk
      • Move data to the cloud, so providers handle CIA of data
    • Accept risk
      • Cost effective way of reducing risk in an environment
Last edited:


Server Admin
Cybersecurity Fundamentals: Unit 3: Cryptography Notes

  • Cryptography
    • The practice of secure communications
  • Crypt-analysis
    • Science of breaking cryptographic systems
  • Encryption
    • Protection of confidentiality of data in transit and rest
    • Plaintext + cipher + key = ciphertext
  • Security through obscurity
    • Illusions of improved security by making something a secret.
    • Private algorithms are an example.
    • Keys are more pratical to change, rather than the encryption algorithms.
  • Types of Encryption
    • Symmetric
      • One key, faster
      • Older algorithms: DES, 3DES
      • New algorithms: AES
    • Asymmetric
      • Two keys (public + private), slower
      • Used for ecnryptioning a shared secret, not the message
      • Example: RSA, used for SSL and TLS
  • Hashing
    • Verifies the integrity of data
    • Hashing is a one way function
    • Provides confidentiality by protecting passwords in database
      • For a website, passwords are hashed and stored in the database. On a login, the entered password is hashed and compared to that stored in the database. If they're the same, login occurs.
      • Hashes can be attacked with brute force attacks.
      • SHA2 or SHA3 hashes are calculated quickly. They're a poor choice for passwords, as they can be brute forced quickly.
      • Use bcrypt, ccrypt, or argon2 for password hashing
    • A hashing algorithm always output the same length of characters.
Last edited:


Server Admin
Cybersecurity Fundamentals: Unit 4: Networking 1 Notes

  • Routers
    • Connect different networks together
  • Switches
    • Connect different devices on the same network together
  • MAC Address
    • Physical address burned onto network interface cards (NICs)
    • 48 bits long, represented with twelve base16 (hexadecimal) characters
      • First six characters represent the manufacturer's ID (OUI)
      • Last six characters represent the unique device ID, given by the manufacturer.
  • IPv4
    • Logical address bound via software
    • 32 bits long, represented with four base10 numbers
      • First section is the network ID
      • Second section is the host ID
  • Subnet Mask
    • Identifies where the breakup between network and host occurs
      • "1"s are network bits. "0"s are host bits.
      • Host bits can't all be 0 or 1. These are reserved for network ID ( and broadcast domain (
      • Boolean AND operator is used with IP and subnet mask to determine network ID. If two operations match, they are on the same network..
  • Local Communications
    • After determining two IPs are in the same network, a device will use ARP request to resolve an IP address to a MAC address with a broadcast message.
    • Only the intended destination (IP) will send an ARP reply unicast message back to the source.
      • ARP request included the source MAC address, so the destination doesn't have to broadcast to find the source MAC address.
  • Remote Communications
    • Local communication is only possible between devices on the same network / subnet.
    • If a destination IP is not on the same network, a device will send an ARP request to find the MAC of the default gateway. The router then sends the packet to it's destination.
      • Routers don't forward broadcast traffic to other networks.
  • The Routing of a packet
    • Routers keep a routing table of different destination networks.
    • Use default route as a last resort if router doesn't know where to send packets.
    • Packets will be dropped if router doesn't have a default route.
      • Send an error back to the source using ICMP
    • Point-to-point serial interfaces use PPP and HDLC protocols, and don't need MAC address of directly connected routers.
    • ARP is used between routers with ethernet
      • Packets a re-enapsulated with frame containing the MAC address of the source and destination routers.
      • Routers inspects the destination MAC address. If it matches the router's MAC address, it opens the frame and checks the IP. If IP isn't on the network, the router sends a ARP request to the next hop and re-encapsulates the packet with a frame containing it's MAC address and the destination next hop MAC address.
      • If IP is on a router's network, router sends the packet to the device. If the the device IP and the packet IP source match, then the device strips the IP packet and read the data.
  • IP and MAC Used Together
    • IP packet send from original source device is always the same. The frame encapsulating the packet is changed for each hop. Frame containers the source and destination MAC of each hop.
Last edited:
Not open for further replies.