Cybercrime Lawyer India

Unit 1: Network Security

  • The CIA Triad
  • DAD – Internet Key Exchange (IKE)
  • Internet Protocol Security (IPSec)
  • AH and ESP Header
  • Security Associations
  • Transport Layer Security (TLS)
  • Secure Electronic Transaction (SET)
  • Extensible Authentication Protocol (EAP)
  • Protected Extensible Authentication Protocol (PEAP)
  • Lightweight Extensible Authentication Protocol (LEAP)
  • Secure Multipurpose Internet Mail Extensions (S/MIME)
  • Pretty Good Privacy (PGP)
  • The CIA Triad:
    • Confidentiality: Ensuring data is only accessible to authorized entities.
    • Integrity: Safeguarding the accuracy and consistency of data.
    • Availability: Ensuring data and resources are available when needed.
  • DAD – Internet Key Exchange (IKE):
    • DAD (Distributed Authentication Dial-In User Service): Authentication protocol for network access.
    • IKE (Internet Key Exchange): Protocol for the secure exchange of cryptographic keys in a VPN.
  • Internet Protocol Security (IPSec):
    • Definition: A suite of protocols for securing Internet Protocol (IP) communications.
    • Components: AH (Authentication Header) and ESP (Encapsulating Security Payload).
  • AH and ESP Header:
    • AH (Authentication Header): Provides connectionless integrity and data origin authentication.
    • ESP (Encapsulating Security Payload): Provides confidentiality, integrity, and authentication.
  • Security Associations:
    • Definition: Pairing of communication security attributes, such as keys and algorithms.
    • Establishment: Negotiated during the initial phase of communication.
  • Transport Layer Security (TLS):
    • Purpose: Providing secure communication over a computer network.
    • Usage: Securing web browsers, email, file transfers.
  • Secure Electronic Transaction (SET):
    • Definition: Protocol for securing credit card transactions over the internet.
    • Components: Cardholder authentication, transaction integrity.
  • Extensible Authentication Protocol (EAP):
    • Definition: Framework for various authentication protocols.
    • Usage: Commonly used in wireless networks.
  • Protected Extensible Authentication Protocol (PEAP):
    • Definition: EAP protocol encapsulated in a secure TLS tunnel.
    • Purpose: Enhances security in wireless networks.
  • Lightweight Extensible Authentication Protocol (LEAP):
    • Definition: Proprietary EAP method developed by Cisco.
    • Usage: Authentication in wireless networks.
  • Secure Multipurpose Internet Mail Extensions (S/MIME):
    • Purpose: Securing email communication.
    • Features: Digital signatures, encryption.
  • Pretty Good Privacy (PGP):
    • Definition: Data encryption and decryption program.
    • Usage: Email encryption, file encryption, and digital signatures.

Unit 2: Point-to-Point Protocol (PPP)

  • Challenge Handshake Authentication Protocol (CHAP)
  • Password Authentication Protocol (PAP)
  • High-Level Data link Control (HDLC)
  • Remote Authentication Dial-In User Service (RADIUS)
  • Terminal Access Controller Access-Control System (TACACS+)
  • Tunneling Protocols in the Data Link Layer
  • Layer 2 Forwarding (L2F)
  • Layer 2 Tunneling Protocol (L2TP)
  • Point-to-Point Tunneling Protocol (PPTP)
  • Challenge Handshake Authentication Protocol (CHAP):
    • Purpose: Authentication protocol for Point-to-Point connections.
    • Mechanism: Challenge-response mechanism for secure authentication.
  • Password Authentication Protocol (PAP):
    • Purpose: Authentication protocol for Point-to-Point connections.
    • Mechanism: Transmits passwords in clear text, considered less secure than CHAP.
  • High-Level Data Link Control (HDLC):
    • Definition: Bit-oriented protocol for communication over point-to-point and multipoint links.
    • Usage: Often used in WAN environments.
  • Remote Authentication Dial-In User Service (RADIUS):
    • Purpose: Authentication, authorization, and accounting for network access.
    • Usage: Commonly used for remote user authentication.
  • Terminal Access Controller Access-Control System (TACACS+):
    • Definition: Authentication, authorization, and accounting protocol.
    • Enhancements: Extends RADIUS capabilities, especially for command authorization.
  • Tunneling Protocols in the Data Link Layer:
    • Purpose: Creating secure communication tunnels over less secure networks.
    • Benefits: Protects data by encapsulating it within a secure tunnel.
  • Layer 2 Forwarding (L2F):
    • Definition: Cisco-developed protocol for creating virtual private networks (VPNs).
    • Usage: Establishing secure connections over the internet.
  • Layer 2 Tunneling Protocol (L2TP):
    • Purpose: Creating VPNs or secure connections.
    • Features: Combines the best features of PPTP and L2F.
  • Point-to-Point Tunneling Protocol (PPTP):
    • Definition: Protocol for implementing VPNs.
    • Features: Provides secure communication over a TCP-based connection.

Unit 3: Security Threats and Vulnerabilities

  • Virus
  • Trojan
  • Rootkits
  • Backdoors
  • Botnets
  • Man-in-the-middle attack
  • DoS and DDoS
  • Replay attack
  • Spoofing
  • Spam
  • Phishing
  • Privilege escalation
  • DNS poisoning
  • Brute force
  • Dictionary attack
  • Cross-site scripting
  • SQL injection
  • Zero-day attack
  • Session hijacking
  • Vulnerability scanning vs Port Scanning
  • Honeypots
  • Banner grabbing
  • Social Engineering
  • Virus:
    • Definition: Malicious software that replicates itself by attaching to other programs.
    • Objective: Spread and cause damage to files, software, and systems.
  • Trojan:
    • Definition: Malicious software disguised as legitimate to deceive users.
    • Objective: Gain unauthorized access or cause harm without the user’s knowledge.
  • Rootkits:
    • Definition: Conceals malicious software by altering system functionality.
    • Objective: Provides persistent access while avoiding detection.
  • Backdoors:
    • Definition: Unauthorized access points left in software for later use.
    • Objective: Allows easy re-entry for attackers after an initial compromise.
  • Botnets:
    • Definition: Networks of compromised computers controlled by a central server.
    • Objective: Perform coordinated attacks, often used for DDoS attacks.
  • Man-in-the-middle attack:
    • Definition: Interceptor secretly relays and possibly alters communication.
    • Objective: Eavesdrop, tamper, or impersonate parties in a communication.
  • DoS and DDoS:
    • DoS (Denial of Service): Overwhelms a system, making it unavailable.
    • DDoS (Distributed Denial of Service): Uses multiple systems to launch a DoS attack.
  • Replay attack:
    • Definition: Replays previously captured data to gain unauthorized access.
    • Objective: Exploits weaknesses in authentication protocols.
  • Spoofing:
    • Definition: Faking one’s identity to gain unauthorized access.
    • Objective: Deceive systems into thinking the attacker is a legitimate user.
  • Spam:
    • Definition: Unsolicited and often irrelevant or inappropriate messages.
    • Objective: Floods email or messaging systems, causing inconvenience.
  • Phishing:
    • Definition: Deceptive attempts to acquire sensitive information.
    • Objective: Trick users into revealing passwords, credit card numbers, etc.
  • Privilege escalation:
    • Definition: Elevating user privileges to gain unauthorized access.
    • Objective: Obtain greater access than originally granted.
  • DNS poisoning:
    • Definition: Manipulating the Domain Name System to redirect traffic.
    • Objective: Mislead users or redirect them to malicious sites.
  • Brute force:
    • Definition: Repeatedly trying all possible combinations to guess a password.
    • Objective: Gain unauthorized access through trial and error.
  • Dictionary attack:
    • Definition: Using pre-compiled lists of common passwords for attacks.
    • Objective: Exploit weak passwords to gain access.
  • Cross-site scripting:
    • Definition: Injecting malicious scripts into web pages viewed by other users.
    • Objective: Steal information or perform actions on behalf of the victim.
  • SQL injection:
    • Definition: Exploiting vulnerabilities in SQL queries to manipulate databases.
    • Objective: Unauthorized access, data manipulation, or information disclosure.
  • Zero-day attack:
    • Definition: Exploiting software vulnerabilities unknown to the vendor.
    • Objective: Take advantage before a patch is available.
  • Session hijacking:
    • Definition: Unauthorized takeover of an established user session.
    • Objective: Gain access to sensitive information or perform actions on behalf of the user.
  • Vulnerability Scanning vs. Port Scanning:
    • Vulnerability Scanning: Identifying weaknesses in a system’s defences.
    • Port Scanning: Detecting open ports on a networked device.
  • Honeypots:
    • Definition: Security mechanism to detect, deflect, or counteract attacks.
    • Objective: Attract attackers, allowing monitoring and analysis.
  • Banner grabbing:
    • Definition: Collecting information from network banners to identify system details.
    • Objective: Gather intelligence for potential exploits.
  • Social Engineering:
    • Definition: Manipulating individuals to disclose sensitive information.
    • Objective: Exploit human psychology to gain access or information.

Unit 4: Cryptology

  • Cryptosystems
  • Symmetric vs asymmetric cryptosystem
  • Goals of Cryptography – Confidentiality, Integrity, and Non-repudiation
  • Ciphers (Block ciphers and stream ciphers)
  • Transposition Ciphers
  • Substitution Ciphers
  • One-Time Pads
  • Codes vs. Ciphers
  • Cryptographic keys
  • Hashing Algorithms
  • IPSec – AH and ESP – Security Associations – ISAKMP
  • Wireless Network Security, WEP, WPA, WPA2, TKIP – CCMP
  • Cryptosystems:
    • Definition: Frameworks implementing cryptographic techniques.
    • Components: Algorithms, keys, protocols, and hardware.
  • Symmetric vs. Asymmetric Cryptosystem:
    • Symmetric: Uses the same key for both encryption and decryption.
    • Asymmetric: Uses a pair of public and private keys for encryption and decryption.
  • Goals of Cryptography – Confidentiality, Integrity, and Non-repudiation:
    • Confidentiality: Ensures only authorized parties can access information.
    • Integrity: Guarantees data is not altered or tampered with.
    • Non-repudiation: Prevents parties from denying their involvement in a communication.
  • Ciphers (Block Ciphers and Stream Ciphers):
    • Block Ciphers: Encrypt fixed-size blocks of data.
    • Stream Ciphers: Encrypt data one bit or byte at a time.
  • Transposition Ciphers:
    • Definition: Rearranges the order of characters in a message.
    • Objective: Obscure the original message structure.
  • Substitution Ciphers:
    • Definition: Replaces plaintext characters with ciphertext characters.
    • Objective: Conceal the content of the original message.
  • One-Time Pads:
    • Definition: Unbreakable encryption using a random key only used once.
    • Objective: Provides perfect secrecy if used correctly.
  • Codes vs. Ciphers:
    • Codes: Substitute entire words or phrases with symbols or numbers.
    • Ciphers: Substitute individual letters or blocks of letters with other letters or symbols.
  • Cryptographic Keys:
    • Definition: Secret values used in encryption and decryption processes.
    • Key Length: Longer keys generally provide stronger security.
  • Hashing Algorithms:
    • Definition: Converts data into a fixed-size string of characters.
    • Purpose: Verify data integrity and create digital signatures.
  • IPSec – AH and ESP – Security Associations – ISAKMP:
    • IPSec (Internet Protocol Security): Secures communication over an IP network.
    • AH (Authentication Header): Provides data integrity and authentication.
    • ESP (Encapsulating Security Payload): Provides confidentiality and authentication.
    • Security Associations: Defines the parameters for secure communication.
    • ISAKMP (Internet Security Association and Key Management Protocol): Establishes security associations.
  • Wireless Network Security, WEP, WPA, WPA2, TKIP – CCMP:
    • WEP (Wired Equivalent Privacy): Original wireless encryption protocol.
    • WPA (Wi-Fi Protected Access): Improved security over WEP.
    • WPA2: Stronger encryption and security features.
    • TKIP (Temporal Key Integrity Protocol): WPA’s encryption protocol.
    • CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol): Encryption protocol in WPA2.

Unit 5: Symmetric Key Algorithms

  • Data Encryption Standard (DES)
  • DES Keys – DES Algorithm
  • Electronic Codebook Mode
  • Cipher Block Chaining Mode
  • Cipher Feedback Mode
  • Output Feedback Mode
  • Counter Mode
  • Triple DES (3DES) – DES Variants
  • DES-EEE3 – DES-EDE3 – DES-EEE2 – DES-EDE2
  • International Data Encryption Algorithm (IDEA)
  • Blowfish – Skipjack – Advanced Encryption Standard (AES)
  • CAST – Password hashes and Salting
  • Asymmetric Key Algorithms – RSA – Diffie-Hellman – Private key and Public key
  • Digital Signature – Public Key Infrastructure (PKI)
  • Certificate Authorities – Certification Revocation List (CRL)
  • Digital Signature
  • Data Encryption Standard (DES):
    • Definition: Block cipher algorithm used for encryption and decryption.
    • Key Size: 56 bits (64 bits with 8 parity bits).
  • DES Keys – DES Algorithm:
    • Key Generation: Created from a user-supplied key through a series of transformations.
    • Algorithm: Substitution and permutation operations on data blocks.
  • Electronic Codebook Mode:
    • Definition: Each block of plaintext is independently encrypted.
  • Cipher Block Chaining Mode:
    • Definition: Each block is XORed with the previous ciphertext block before encryption.
  • Cipher Feedback Mode:
    • Definition: Each ciphertext block is fed back into the encryption algorithm.
  • Output Feedback Mode:
    • Definition: The previous ciphertext block is used to feed the encryption of the next block.
  • Counter Mode:
    • Definition: Encrypts a counter value, producing a stream of key bits.
  • Triple DES (3DES) – DES Variants:
    • Definition: Applies DES algorithm three times to each data block.
    • Variants: DES-EEE3, DES-EDE3, DES-EEE2, DES-EDE2.
  • International Data Encryption Algorithm (IDEA):
    • Definition: Symmetric key block cipher, widely used outside the U.S.
    • Key Size: 128 bits.
  • Blowfish:
    • Definition: Fast and efficient symmetric key block cipher.
    • Key Size: Variable (32 to 448 bits).
  • Skipjack:
    • Definition: Key escrowed block cipher developed by the NSA.
  • Advanced Encryption Standard (AES):
    • Definition: Symmetric key encryption standard.
    • Key Sizes: 128, 192, or 256 bits.
  • CAST:
    • Definition: Variable key length symmetric key block cipher.
  • Password Hashes and Salting:
    • Hashing: Converts passwords into fixed-length strings.
    • Salting: Adds random data to passwords before hashing.
  • Asymmetric Key Algorithms – RSA – Diffie-Hellman – Private Key and Public Key:
    • RSA (Rivest-Shamir-Adleman): Asymmetric key algorithm for secure data transmission.
    • Diffie-Hellman: Key exchange protocol for secure communication.
    • Private Key: Secret key used for decryption.
    • Public Key: Shared key used for encryption.
  • Digital Signature – Public Key Infrastructure (PKI):
    • Digital Signature: Ensures data integrity and authenticity.
    • PKI: Framework that manages digital keys and certificates.
  • Certificate Authorities – Certification Revocation List (CRL):
    • Certificate Authorities (CAs): Trusted entities issuing digital certificates.
    • CRL: List of certificates revoked by the issuing CA.

 

Site Admin

Prev Post
Next Post

Leave a Reply