> SYSTEM STATUS: ONLINE
> ACCESSING ARCHIVES...
1. Networking
To secure data communications, you need to understand the network types, the devices that move or filter traffic, and the addressing methods that let devices...
2. Networking at a Glance
A Small Business Network: ![[small business.png]]
3. Wi-Fi
Wi-Fi is wireless networking used to connect home and corporate systems without cables. It is popular because it is easy to deploy, flexible, and usually low...
4. Microsegmentation
Microsegmentation is a security approach that divides an IT environment into smaller, tightly controlled segments. It uses detailed logical rules to limit wh...
5. Tools to Identify and Prevent Threats
Cybersecurity notes by NotAlive.
6. Intrusion Detection System (IDS)
An IDS monitors logs and real-time events to detect suspicious activity, intrusion attempts, and some system failures.
7. Microsegmentation Characteristics
Microsegmentation applies very detailed logical access rules inside an IT environment. Rules can be set for individual machines or users and can control whic...
8. Preventing Threats
Basic Threat Reduction Steps There is no single control that stops every threat, so security is built by combining several basic protections.
9. Example of Redundancy
Power redundancy means having backup power systems so operations continue during outages.
10. Redundancy
Redundancy means designing systems with duplicate components so that if one component fails, another can continue supporting operations.
11. Network Segmentation Demilitarized Zone (DMZ)
Network segmentation means dividing a network into smaller parts to improve security. This helps stop a problem in one part of the network from easily spread...
12. Virtual Private Network (VPN)
A VPN is a point-to-point connection between two hosts that allows them to communicate.
13. Deep Dive of On-Premises Data Centers
A data center must control heat and fire risks to keep systems running safely.
14. DMZ (Demilitarized Zone) Deeper Dive
A web front-end server is often placed in the DMZ because it must be reachable from outside the network. It may still need to communicate with an internal da...
15. Virtual Local Area Network (VLAN)
VLANs let administrators create separate logical network segments using switches. This means devices can be grouped into different network sections without n...
16. On-Premises Data Centers
Organizations can either outsource data center services or operate their own on-site data center. If they run their own, they must provide the building, infr...
17. Security of the Network
Networks must be protected because protocols like TCP/IP have many vulnerabilities.
18. SYN, SYN-ACK, ACK Handshake
The TCP three-way handshake is the process used to establish a TCP connection between a client and a server.
19. Ports and Protocols
There are two types of ports: physical ports and logical ports.
20. Cloud Redundancy
Cloud-Based Operations Many organizations use cloud-based facilities instead of maintaining their own server rooms because cloud services offer flexibility a...
21. Service Models
Cloud security responsibilities depend on the service model. In some cases, the cloud provider handles more of the system, while in others, the customer is r...
22. Managed Service Provider (MSP)
An MSP is a company that manages IT services or technology assets for another organization.
23. Cloud Characteristics
Cloud-based assets Cloud-based assets are resources an organization uses through cloud computing. Cloud computing provides on-demand access to computing reso...
24. Cloud Computing
Cloud computing is the delivery of computing resources over the internet, usually as a service from a cloud service provider (CSP).
25. Service-Level Agreement (SLA)
A cloud SLA is a formal agreement between the cloud provider and the customer that defines the quality and terms of the cloud services being delivered.
26. MOU and MOA
Memorandum of Understanding (MOU) and Memorandum of Agreement (MOA)
27. Network Design
Network Design The goal of network design is to meet communication requirements and maintain efficient overall performance.
28. Network Access Control (NAC) Deeper Dive
NAC is used to stop unwanted devices from connecting to a network.
29. Virtual Local Area Network (VLAN) Segmentation
VLANs are logical separations inside a switch. Their main use is to reduce broadcast traffic, but they are also used to separate network segments.
30. Networking Models
Networking models are standardized frameworks that explain how different hardware and software systems communicate so they can share information and work tog...
31. TCP IP
TCP/IP is the most widely used network protocol suite. It is not one single protocol, but a group of protocols used for communication across networks.
32. Segmentation for Embedded Systems and IoT Deeper Dive
Embedded systems are efficient, but that same design creates security risk. They often control physical equipment and use limited, hard-coded firmware, so th...
33. Identifying Threats
Cybersecurity notes by NotAlive.
34. Segmentation for Embedded Systems and IoT
An embedded system is a computer built into a larger system to perform a limited set of specific functions. It is designed for a particular purpose rather th...
35. Open Systems Interconnection (OSI) Model
The OSI model is a conceptual framework used to describe how communication occurs between computer systems on a network. It standardizes how networking funct...
36. Network Access Control (NAC)
NAC is used to identify and control who or what is trying to connect to a network. Its purpose is to make sure only approved and compliant users and devices...
37. Deployment Models
There are four main cloud deployment models: public, private, hybrid, and community. The deployment model affects how resources are shared and who is respons...
38. Zero Trust
Zero trust is a security model that assumes no user, device, or system should be trusted automatically, even if it is already inside the network.
39. Types of Threats
Spoofing Spoofing is pretending to be a trusted identity to gain access. It can involve fake IP addresses, MAC addresses, usernames, email addresses, or othe...
40. Defense in Depth
Defense in depth is a layered security approach. Instead of relying on one control, it uses multiple types of controls to protect the organization.
41. Internet Protocol (IPv4 and IPv6)
IP is used to give devices logical addresses (addresses used by the network to identify devices) so they can communicate across networks. The two main versio...
42. Secure Ports
Some protocols send data in clear text (plain, unencrypted form). That means usernames, passwords, messages, and files can be read by network sniffing (captu...