Looks like no one added any tags here yet for you.
CIA Triad
Confidentiality, Integrity, Availability
“Confidentiality” in the CIA Triad
The protection of information from people who are not authorized to view it
“Integrity” in the CIA Triad
Ensuring that information is protected from an unauthorized or unintentional alteration (information stays accurate)
“Availability” in the CIA Triad
Systems and data are accessible by users whenever and wherever they are needed
OSINT
A method of gathering information from public or other open sources
Does the Constitution guarantee a right to privacy?
No; instead, the right of privacy exists in the “penumbras” (zones) created by the Constitution
Griswold v. Connecticut
Court case that addressed the existence of the right to privacy through penumbras
Family Educational Rights and Privacy Act (FERPA)
Students have the right to have control over the disclosure of personally identifiable information from records
System
Information resources of any size or complexity, organized expressly for the collection, processing, use, sharing, dissemination, maintenance, or disposition of data or information
Information (in technical terms)
Facts, ideas, or knowledge as various forms of data that can be communicated between system entities
Information Security
The protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction
Social Engineering
Any act that influences a person to take an action that may or may not be in his or her best interests
What is a common example of social engineering?
TV commercials
Hacktivism
The use of computer-based techniques such as hacking as a form of civil disobedience to promote a political agenda or social change
Guerilla Open Access Manifesto
Written by Aaron Swartz to protest limited access to archives —> suggested the idea of making copies of information and sharing them with others
DNS
Domain Name Server
DNS Resolver
Phonebook of the Internet
IP or IP address
An identifier for a device on a network
How does DNS work?
When you enter a website into your browser, the computer searches its cache memory for the IP address.
If it can’t find it, it sends the request to the DNS, who looks for the IP address in its cache memory.
If the DNS can’t find it, it sends the request to the root server.
If the root server can’t find it, it sends the request to the TLD server.
If the TLD server can’t find it, it sends the request to the authoritative name server.
If the IP address is found, it is sent back to the DNS, which sends it to the computer.
Encryption
The process of making information unreadable
Decryption
The process of making information readable (usually with a key)
Data at rest
Information that is stored somewhere
Full-disk encryption
Encrypts all the information stored on a device and protects it with a passphrase or another authentication method
File encryption
Encrypts only specific, individual files on a device
Drive encryption
Encrypts all the data on a specific storage area on a device
Data in transit
Information that is moving over a network from one place to another
Transport-layer encryption / Transport layer security (TLS)
Protects messages as they travel from your device to the app's servers and from the app's servers to the recipient's device, but the messaging service provider can see unencrypted copies of your messages
End-to-end encryption
Protects messages in transit all the way from sender to receiver; the message is encrypted by the original sender and can only be decoded by its final recipient
Examples of data in transit
Sending messages on messaging apps
Message moves from your device to recipient's device
Web browsing
Data from webpage travels to website's servers to your browser
Examples of TLS
HTTPS
Website servers can see the data you enter while on the site
This information is unreadable to eavesdroppers on the network
VPN
Traffics still travels over ISP's connection, but is encrypted between you and your VPN provider
Caesar Cipher
An old (but nowadays weak) encryption method that involves the shifting of characters a certain number of times
Plaintext
Readable text that is not encrypted
Ciphertext
Unreadable text that is encrypted
Symmetric key encryption
Uses one key for both encrypting and decrypting messages
Asymmetric key encryption / public key encryption
Uses two keys: a public key for encryption and a private key for decryption
Anyone can encrypt the message with the public key
But only the person with the private key can decrypt messages