Cybersecurity Study Library.

Social engineering: phishing, spear-phishing, whaling, vishing, smishing, pretexting, intimidation, urgency tactics · Open-source intelligence (OSINT) as a reconnaissance tool · Password attacks: brute force, credential stuffing, dictionary attacks, password spraying · Wireless threats: evil twin access points, rogue hotspots, public Wi-Fi interception, Wi-Fi jamming · AI-driven attacks: voice cloning, deepfake-based social engineering, AI-powered phishing generation · AI-based defenses: anomaly detection, behavioral analytics using machine learning

CIA Triad: Confidentiality, Integrity, Availability — the foundational security framework · Risk assessment: Likelihood × Impact matrix, asset identification, threat modeling · Defense in depth: layered security controls across physical, logical, and administrative domains · Physical access controls: badge/keycard systems, biometrics, mantrap/airlock, surveillance cameras · Insider threats: threat indicators, classification of adversaries (malicious vs. negligent) · Cyberattack phases (kill-chain model): Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command and Control, Exfiltration, Evasion · Security control types: preventative, detective, corrective, compensating controls · Environmental threats: HVAC, fire suppression, power redundancy, physical disaster recovery

Network fundamentals: TCP/IP model, network topology (star, mesh, hybrid), subnetting basics · Network attacks: ARP poisoning, MAC flooding, DNS poisoning/spoofing, DDoS, man-in-the-middle (MitM) · Firewalls and ACLs: stateful vs. stateless firewalls; reading and writing ACL rules (first-match-wins logic) · Network segmentation: VLANs, DMZ architecture, microsegmentation · Intrusion detection and prevention: NIDS, NIPS, HIDS; signature-based vs. anomaly-based detection · SIEM: log aggregation, correlation rules, alert triage · Network hardening: port security, disabling unused services, secure protocols (SSH vs. Telnet, HTTPS vs. HTTP) · Packet capture: reading pcap data; identifying suspicious traffic patterns

Malware taxonomy: virus (self-replicating, requires host file), worm (self-propagating, no host required), trojan, ransomware, spyware, adware, rootkit, keylogger, botnet · Authentication factors: something you know / have / are; multi-factor authentication (MFA) design and implementation · Principle of least privilege and role-based access control (RBAC) · Patch management: vulnerability lifecycle, zero-day vs. known CVEs, patch prioritization · IoT vulnerabilities: default credentials, firmware update challenges, limited compute for encryption · Mobile Device Management (MDM): policies, remote wipe, containerization · Cryptographic hashing: MD5, SHA-1, SHA-256; one-way functions; salting vs. rainbow tables · Device hardening: disabling unnecessary services, secure configuration baselines · Digital forensics: evidence collection, chain of custody, log analysis

Symmetric encryption: AES; shared-key model; key distribution problem · Asymmetric encryption: RSA; public/private key pairs; uses for key exchange and digital signatures · Hashing for integrity: data integrity verification; file hash comparison · Digital signatures: non-repudiation; signing with private key, verifying with public key · PKI and Certificate Authorities: X.509 certificates, CA hierarchy, certificate chains, revocation (CRL/OCSP) · HTTPS and TLS: TLS handshake mechanics; certificate validation; HSTS · Application vulnerabilities: SQL injection, cross-site scripting (XSS), buffer overflow, insecure direct object references · Secure coding practices: input validation, parameterized queries, error handling · Data protection: encryption at rest vs. in transit; data classification; DLP concepts