GCPC Course 1 - Foundations of Cybersecurity
Modul 1+2
Cybersecurity
The practice of ensuring confidentiality, integrity and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation.
Threat Actor
Any person or group who presents a security risk.
SIEM tools
Security Information and Event Management tools used to monitor and analyze application or organisation security.
CISSP Security domains
Security and risk management:
- Defines security goals and objectives, risk mitigation, compliance, business continuity and the law
Asset security:
- Secures digital and physical assets. It’s also related to the storage, maintenance, retention and destruction of data.
Security architecture and engineering:
- Optimizes data security by ensuring effective tools, systems and processes are in place.
Communication and network security:
- Manage and secure physical networks and wireless communication.
Identity and access management:
- Keeps data secure, by ensuring users follow established policies to control and manage physical assets, like office spaces and logical assets, such as networks and applications.
Security assessment and testing:
- Conducting security control testing, collecting and analyzing data, and conducting security audits to monitor for risks, threats and vulnerabilities.
Security operations:
- Conducting investigations and implementing preventative measures.
Software development security:
- Uses secure coding practices, which are a set of recommended guidelines that are used to create secure applications and services.
Modul 3
Security Frameworks
Guidelines used for building plans to help mitigate risk and threats to data and privacy. Purpose:
- Protecting PII (Personally identifiable information)
- Securing financial information
- Identifying security weakness
- Managing organizational risks
- Aligning security with business goals
Core components of security frameworks:
- Identifying and documenting security goals
- Setting guidelines to achieve security goals
- Implementing security processes
- Monitoring and communicating results
Security lifecycle
Constantly evolving set of policies and standards.
Security controls
Safeguards designes to reduce specific security risks
CIA Triad
A foundational model that helps inform how organizations consider risk when setting up systems and security policies.
C - Confidentiality
Only authorized users can access specific assets or data. I - Integrity
Data is correct, authentic and reliable A - Availability
Data is accessible to those who are authorized to access it
Asset
An item percieved as having value to an organization
NIST Cybersecurity Framework (CSF)
A voluntary framework that consists of standards, guidelines and best practices to manage cybersecurity risk.
Security ethics
Guidelines for making appropriate decisions as a security professional
Ethical principles in security
- Confidentiality
- Privacy protections
- Laws
Modul 4
Log
A record of events that occur within an organizations systems
Security Information and Event Management (SIEM) tool
An application that collects and analyzes log data to monitor critical activities in an organization Examples of commonly used tools: Splunk, Chronicle
Playbook
A manual that provides details about any operational action
Network Protocal Analyzer (packet sniffer)
A tool designed to capture and analyze data traffic within a network Examples: tcpdump, Wireshark
Structured Query Language (SQL)
A programming language used to create, interact with, and request information from a database
Python
Used to perform tasks that are repetitive and time-consuming, and that require a high level of detail and accuracy