Discovering Cybersecurity: A Technical Introduction for the Absolute Beginner

This book introduces major technologies used in the cybersecurity landscape and the fundamental principles and philosophies behind them, aimed at beginners, including non-technical professionals. It covers authentication, access control, cryptography, host security, network security, web security, and email and social media security threats.

Format: Paperback / softback
Length: 443 pages
Publication date: 09 December 2023
Publisher: APress

The modern IT landscape is a complex and ever-evolving landscape, with a multitude of technologies available to organizations seeking to enhance their cybersecurity posture. While these technologies offer significant potential benefits, it is important to understand their strengths and limitations, as well as how to effectively implement and manage them. In this book, we will explore some of the key technologies employed in today's cybersecurity landscape, including authentication, access control, cryptography, host security, network security, web security, and email and social media security.

Authentication technologies play a crucial role in securing user access to systems and data. These technologies include secure password storage, multi-factor authentication, and biometric authentication, such as fingerprint scanning or facial recognition. Secure password storage is essential to prevent password leaks and unauthorized access. Multi-factor authentication adds an extra layer of security by requiring users to provide multiple forms of identification, such as a password and a biometric scan. Biometric authentication is particularly effective in preventing unauthorized access, as it cannot be easily spoofed or stolen.

Access control technologies are used to manage and restrict access to systems and data. These technologies include role-based access control (RBAC), attribute-based access control (ABAC), and boundary-based access control (BAC). RBAC allows organizations to assign roles to users and then restrict their access to specific resources based on those roles. ABAC, on the other hand, allows organizations to control access based on attributes such as user identity, location, and device type. BAC is a more granular approach that allows organizations to control access based on specific network segments or devices.

Core cryptography technologies are used to encrypt and authenticate data. These technologies include Advanced Encryption Standard (AES), Secure Hash Algorithm (SHA), and Transport Layer Security (TLS). AES is a widely used encryption algorithm that provides strong encryption and decryption capabilities. SHA is a hash function that is used to verify the integrity of data and ensure its authenticity. TLS is a protocol that provides secure communication between web servers and browsers, ensuring that sensitive data is transmitted securely over the internet.

Host security technologies are used to protect against malware, viruses, and other threats that can compromise the security of systems and data. These technologies include antivirus software, intrusion detection systems (IDS), and intrusion prevention systems (IPS). Antivirus software is used to detect and remove malware from systems and data. IDS and IPS are used to monitor network traffic and detect potential security threats.

Network security technologies are used to protect against unauthorized access, data theft, and other network-based threats. These technologies include firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS). Firewalls are used to block unauthorized access to network resources, while IDS and IPS are used to monitor network traffic and detect potential security threats.

Web security technologies are used to protect against vulnerabilities and attacks that can compromise the security of web applications and websites. These technologies include secure coding practices, web application firewalls (WAFs), and encryption. Secure coding practices are used to prevent vulnerabilities in web applications and websites from being exploited. WAFs are used to block malicious traffic and protect web applications from attacks. Encryption is used to protect sensitive data from being intercepted and read by unauthorized parties.

Email and social media security threats are becoming increasingly prevalent as more organizations rely on email and social media for communication and collaboration. These threats include spam, phishing, social engineering, and other forms of cyber-attack. Spam is a form of email spam that is sent in large quantities and contains malicious links or attachments. Phishing is a form of social engineering that involves sending fraudulent emails or messages that appear to be from legitimate sources, in order to trick users into revealing sensitive information. Social engineering is a form of attack that involves manipulating individuals to gain access to sensitive information or systems.

In conclusion, the modern IT landscape is a complex and ever-evolving landscape, with a multitude of technologies available to organizations seeking to enhance their cybersecurity posture. While these technologies offer significant potential benefits, it is important to understand their strengths and limitations, as well as how to effectively implement and manage them. By exploring some of the key technologies employed in today's cybersecurity landscape, including authentication, access control, cryptography, host security, network security, web security, and email and social media security, organizations can better protect their systems and data from emerging threats.

Weight: 700g
Dimension: 235 x 155 (mm)
ISBN-13: 9781484295595
Edition number: 1st ed.