CS 462

Cybersecurity Fundamentals

This is the first course in the Graduate Certificate Program in Cybersecurity. This course will introduce the networking and cybersecurity background that you’ll need to succeed in the other courses in the certificate program.

Cybersecurity emphasizes prevention of attacks that are perpetrated using the Internet. It includes application security, information security, and network security. Because the foundations of cybersecurity rely so heavily on knowledge of networking, this course will cover networking background before discussing details of cybersecurity.

The course objectives are:

  • Explain the general architecture of the Internet, including the main functions of end systems and routers.
  • Describe the basic client-server architecture and how typical network applications (web, email) fit into the architecture.
  • Explain how web pages are requested and delivered using HTTP.
  • Explain in general how DNS enables our use of the Internet and, in particular, how hosts determine the IP address of network servers.
  • Explain how MAC addresses are used and assigned to a packet as it traverses a network.
  • Differentiate between wireless LANs and wired LANs.
  • Explain how IP CIDR addressing is performed and how an IP address is assigned from a group of available addresses.
  • Explain the core functions of TCP including details of connection setup.
  • Analyze and differentiate among types of malware and attacks.
  • Analyze and differentiate among types of wireless attacks and application attacks.
  • Identify vulnerabilities potentially present in DNS, databases, and web applications.
  • Summarize general cryptography concepts.
  • Describe how certificates can be used for authentication and encryption.
  • Explain how firewalls and VPNs can be used to protect a network.

Course Material

In the section titled “Measures and Metrics: Example Coverity”, there is a list of 13 vulnerabilities we covered in the course. For this assignment, we were to choose 5 vulnerabilities and describe what they are, as well as how they can be fixed/removed from a system.

vulnerabilities

For this assignment we were to briefly discuss the formation and the seven steps of the cyber kill chain. The cyber kill chain is a cybersecurity model created by Lockheed Martin that is able to trace the stages of a cyber-attack, identify vulnerabilities, and help security teams to stop the attacks at every stage of the chain. We then were to describe in detail and propose a step that would make the cyber kill chain even more comprehensive.

module-11-rootkit

In the assignment below, we were to choose an organization that had recently suffered a ransomware attack and to discuss the 6 distinct phases of the cyber incident response plan, and how we can combat ransomware attacks.

module-13

This assignment is a continuation of the previous one, where we had to elaborate more on the cyberattack the organization experienced. I chose to discuss more in depth what ransomware is, who attacked the organization, the effects the ransomware attack had on the organization including what devices and information were affected by the attack, how it affected society and the consumers, and how to further combat ransomware attacks.

Blog-post-CS462