This notebook contains notes that I have for the week 1 of my cybersecurity training.

**Focus**:

- CIA Triad (Confidentiality, Integrity, Availability)
- OSI Model (7-layer network model)
- Common attacks (phishing, brute force)

**Activity**:

- TryHackMe room: [Intro to Cybersecurity](https://tryhackme.com/room/introductiontocybersecurity)
- Special read up on this - https://www.fortinet.com/resources/cyberglossary/what-is-cybersecurity

--- 

Good references for rinsing the brain at times:
- https://www.fortinet.com/resources/cyberglossary/artificial-intelligence-in-cybersecurity
- https://www.fortinet.com/resources/cyberglossary/cyber-threat-intelligence

---

# CIA Triad


Also knows as the AIC Triad by some to avoid confusion with the CIA.
Based on multiple resources: 
 - https://www.fortinet.com/resources/cyberglossary/cia-triad (Good indepth reference for CIA triad)
 - https://www.techtarget.com/whatis/definition/Confidentiality-integrity-and-availability-CIA - (Good bg for benefits of CIA triad)
 - https://www.nccoe.nist.gov/publication/1800-26/VolA/index.html (Good reference for data integrity :D)


It is unclear who created the specific term “CIA triad,” but its principles have been used by war generals like Julius Caesar to safeguard critical information.

CIA triad is a model in information security that outlines three key principles. These principles serve as a guide for developing security systems and policies to ensure that the data and systems are protected from threats. These pillars of information security also represent the foundational principle in cybersecurity.

For a more indepth background, refer to the first link above:

*C = Confidentiality*
- This refers to protecting information from unauthorized access. It also ensures that sensitive data is only accessible by those who are authorized to see it.
- A key component of this principle is making sure that people without proper authorization or access are prevented from accessing assets important to your system. Conversely, this also ensures that those who need access have the necessary privileges in place.
- Data encryption, authentication (2FA), and requiring certain routing numbers or information before proceeding with transactions are covered here.
- Biometrics verification, security tokens, key fobs, and soft tokens are also ways that help with confidentiality.
- To protect the integrity of your data, you can use hashing, encryption, digital certificates, or digital signatures. For websites, you can employ trustworthy certificate authorities (CAs) that verify the authenticity of your website so visitors know they are getting the site they intended to visit. 

*I = Integrity* 
- Focuses on maintaining the accuracy and completeness of the data, ensuring that the information is not altered or modified without authorization. This also means guarding the data from improper modification or destruction.
- Highlights that data should be trustworthy and no risk of tampering, alterations, or modifications will happen to the data.
- Ensures non-repudiation and authenticity of the data.
- This principles covers the data in storage, during processing, and while in transit.
- Destructive malware, ransomware, malicious insider activity and even honest mistakes can affect integrity.
- Backups, checksums, and metadata for evidence are included here to ensure that there are no mistakes made and we are able to pinpoint who made these changes.

*A = Availabilty*
- Ensures that authorized users have timely and reliable access to information and resources when they need them.
- This means that there are certain systems or safe guards in place that makes the data available in consideration of unpredictable events (such as interruptions, natural disasters, accidents, and even tech issues).




---

# OSI Model

OSI or Open Systems Interconnection is a model that represents an easy way to standardize the different parts required to communicate across networks.

Reference: https://www.w3schools.com/cybersecurity/cybersecurity_networking.php

In [None]:
"""
Overview of all levels:
        Layer	                        What it does
- 7 - Application	              Where humans process data and information
- 6 - Presentation	              Ensures data is in a usable format
- 5 - Session	                  Capable of maintaining connections
- 4 - Transport	                  Data is forwarded to a service capable of handling requests
- 3 - Network Layer	              Responsible for which path packets should travel on a network
- 2 - Data Link	                  Responsible for which physical devices packets should go to
- 1 - Physical	                  The physical infrastructure to transport data
"""

##### The Top 3 Layers

In [None]:
"""
The top 3 layers are typically implemented in software within the Operating System:
within devices on the network, e.g. Switches, Routers and Firewalls:
- 7 - Application	              Where humans process data and information
- 6 - Presentation	              Ensures data is in a usable format
- 5 - Session	                  Capable of maintaining connections
"""

*Layer 7 - Application Layer*

The business logic and functionality of the application lies here. This is what the users use to interact with services across a network. Most developers create applications on the Application Layer.

Most of the applications you use are on the Application Layer, with the complexity of the other layers hidden.

Examples of Layer 7 Applications:

- HTTP ("Hypertext Transfer Protocol") - Enables us to access web applications
- FTP ("File Transfer Protocol") - Allows users to transfer files
- SNMP ("Simple Network Management Protocol") - Protocol to read and update network device configurations
-There are many applications which uses these protocols like Google Chrome, Microsoft Skype and FileZilla.
- Current class in w3shools also in Layer 7 as noted by 'You are accessing this class via Layer 7!'


*Layer 6 - Presentation Layer*

Typically an unseen layer, but is responsible of adapting, transforming and translating data. This is to ensure the application and layers beneath can understand one another.

- Encoding Schemes used to represent text and data, for example ASCII(American Standard Code for Information Interchange) and UTF(Unicode Transformation Format).
- Encryption for services, for example SSL ("Secure Sockets Layer") and TLS ("Transport Security Layer")
- Compression, for example GZip in use in many implementations of HTTP.

*Layer 5 - Session Layer*

This layer's responsibility is handling connections between the application and the layers below. It involves establishing, maintaining and terminating connections, otherwise referred to as sessions.

Common protocols which represent the Session Layer well are:

- SOCKS - A protocol for sending packets through a proxy server.
- NetBIOS - An older Windows protocol for establishing sessions and resolving names.
- SIP ("Session Initiation Protocol") - For engaging in VOIP ("Voice Over IP") communications

#### The Transport Layer

In [None]:
"""
Layer 4, the Transport layer, connects the software with the hardware layers.
- 4 - Transport	                  Data is forwarded to a service capable of handling requests

SDN ("Software Defined Networking") is technology which allows more layers 
of the hardware to be implemented via software.
"""

The layer which allows applications to be represented on the network.

Some well known applications on this layer:

- TCP ("Transmission Control Protocol") - Used for many applications, ensuring stability, control of how much data can be sent at any given time, reliability and more.
- UDP ("User Datagram Protocol") - Lightweight and quick protocol use for many services.
- QUIC ("Quick UDP Internet Connections") - A protocol designed for faster connections and goes hand-in-hand with the version 2 of the HTTP protocol.

#### The Bottom 3 Layers

In [None]:
"""
The bottom 3 layers are typically implemented in hardware 
within devices on the network, e.g. Switches, Routers and Firewalls:
- 3 - Network Layer	              Responsible for which path packets should travel on a network
- 2 - Data Link	                  Responsible for which physical devices packets should go to
- 1 - Physical	                  The physical infrastructure to transport data
"""

*Layer 3 - Network*
A layer responsible of routing packets between networks via routers.

On this layer, the following protocols reside:

- IP ("Internet Protocol") - Used everyday when accessing the Internet. Comes in two versions, IP version 4 and 6.
- ICMP ("Internet Control Message Protocol") - Used by network devices and network operators, to diagnose network connections or for devices to send and respond to error conditions and more.
- IPSec ("Internet Protocol Security") - Allows encrypted and secure connections between two network devices.

*Layer 2 - Link*

Link networks, as the name implies, consist of protocols designed to send packets through the actual links (physical connections) that network nodes are connected to. A simpler way of thinking of it is that the Link Layer is responsible for moving data from physical over to logical (to the network layer).

Protocols on this layer include:

- Ethernet - An essential protocol used by most operating systems when connecting to networks using a physical cable.
- Wi-Fi ("Wireless Fidelity") - For accessing networks via radio signals. It uses a family of protocols called IEEE 802.11.xx
= NDP ("Neighbor Discovery Protocol") - IP version 6(IPv6) uses this protocol on the Link Layer to gather information required to communicate via IPv6

*Layer 1 - Physical*

Physical layer represents the signaling which allows bits and bytes to transfer between a physical medium. It can be transferred via radio or signals over a cable, using electrical signals or light, for example fiber.

Examples of the Physical Layer protocols includes:

- CAN Bus ("Controller Area Network") - Used in microcontrollers and other devices to communicate to other similar devices, not involving a computer. Often used in ICS ("Industrial Control Systems").
- Ethernet Physical Layer - Used by Ethernet on the physical layer to send signals with speeds up to many gigabits of traffic per second.
- Bluetooth Physical Layer - Bluetooth also has its own specifications on how radio signals should be sent and received.


---
Common attacks: https://www.fortinet.com/resources/cyberglossary/types-of-cyber-attacks


*TryHackMe Intro Room — Completed on 2025-08-14*

Currently taking the presecurity path
https://tryhackme.com/path/outline/presecurity
I've finished section 1 today. The section covered the intro to cybersecurity, offensive security, defensive security and careers in the field.

I've also read on the firsts section here in w3schools which is the introductory course for cybersecurity. OSI is also in the Networking part here as well as some of the attacks but I didn't get to read everything yet, might be best to combine the reading here and the link for the type of attacks earlier.


---

2025-08-14
Reflection:

I think cybersecurity can be distilled into three core truths: prevention, protection, and improvement. These principles, for me, encompass everything I’ve learned so far in this introduction. Whether we talk about red, blue, white, grey, or black hats, the same truths apply except, of course, in the case of black hats, where intent changes the equation.

My interest in the field is growing, but I also realize there’s much to consider, especially the foundational knowledge of each principle and the specific areas they cover. While the intro was a great starting point, I plan to revisit certain topics to ensure my understanding is correct.

Coming from a data science background with interests in machine learning and AI, I haven’t yet seen exactly how my existing skills will apply here. Still, I’m eager to master the fundamentals first, as I suspect my expectations will be surpassed once I see how the two fields connect.

I’ve added several links to this notebook so I can revisit items I didn’t log here, particularly the many types of cyber attacks. My goal is to develop at least a general understanding of each one to avoid any knowledge gaps moving into next week.

---