Foundation Certificate in Cyber Security (FCCS)
The course is part of this learning path
This course introduces the basic ideas of computing, networking, communications, security, and virtualization, and will provide you with an important foundation for the rest of the course.
The objectives of this course are to provide you with an understanding of:
- Computer system components, operating systems (Windows, Linux and Mac), different types of storage, file systems (FAT and NTFS), memory management. The core concepts and definitions used in information security
- Switched networks, packet switching vs circuit switching, packet routing delivery, routing, internetworking standards, OSI model, and 7 layers. The benefits of information security
- TCP/IP protocol suite, types of addresses, physical address, logical address, IPv4, IPv6, port address, specific address, network access control, and how an organisation can make information security an integral part of its business
- Network fundamentals, network types (advantages and disadvantages), WAN vs LAN, DHCP
- How data travels across the internet. End to end examples for web browsing, sending emails, using applications - explaining internet architecture, routing, DNS
- Secure planning, policies, and mechanisms, Active Directory structure, introducing Group Policy (containers, templates, GPO), security and network layers, IPSEC, SSL / TLS (flaws and comparisons), SSH, Firewalls (packet filtering, state full inspection), application gateways, ACL's
- VoIP, wireless LAN, Network Analysis and Sniffing, Wireshark
- Virtualization definitions, virtualization models, terminologies, virtual models, virtual platforms, what is cloud computing, cloud essentials, cloud service models, security amd privacy in the cloud, multi-tenancy issues, infrastructure vs data security, privacy concerns
This course is ideal for members of cybersecurity management teams, IT managers, security and systems managers, information asset owners, and employees with legal compliance responsibilities. This course acts as a foundation for more advanced managerial or technical qualifications.
There are no specific pre-requisites to study this course, however, a basic knowledge of IT, an understanding of the general principles of information technology security, and awareness of the issues involved with security control activity would be advantageous.
We welcome all feedback and suggestions - please contact us at firstname.lastname@example.org if you are unsure about where to start or if would like help getting started.
Welcome to this video on the basics of the Internet.
You’ll learn about some of the fundamental concepts involved with the Internet and discuss how and why it works.
While we use the terms World Wide Web and Internet interchangeably, they are not the same thing.
The Internet is the global network of networks – the infrastructure, on which the Web runs. The World Wide Web itself refers to the websites we visit.
You can find the main points of the history of the web documented in the appendix.
In short, it began life in the early 1990’s, with the work of Sir Tim Berners-Lee, but very rapidly expanded from those small beginnings.
One of the main drivers behind its exponential growth was the adult entertainment industry, whether that be gambling or adult media content.
The Web appeared to offer a way in which they could promote their products, whilst offering anonymity for their customers.
The huge growth of the Web lead to the so called dot-com bubble of the late 90’s, where many web start-ups were launched using venture capital, only to fail spectacularly.
Two of the webs biggest names were launched in the 90’s, and are still going from strength to strength today. Many people may find it hard to believe that Amazon actually started life before Google, given the all-pervasive nature of the search engine giant. We even use the term Google as a verb!
This simple diagram shows how the Internet can be described as a network of networks, with the many transit points that a web request has to negotiate before it reaches its destination. The response to that request then has to negotiate the return path to the user’s computer. And all of this happens at incredible speed.
The Domain Name System/Server (DNS) underpins the Web. It works by using domain names. A domain name is the familiar ‘www.somedomainname.com’
A domain name alone isn’t very useful as it needs to be expanded to identify where the domain resides in the global Internet. To keep track of all the domains in existence, a system called DNS is used.
DNS is a globally distributed database of all registered domains on the Internet and follows a rigid hierarchy, as you can see on screen.
Whilst machines communicate via numerical IP addresses, humans will generally prefer text. As such, a Domain name is a textual representation of a network IP address.
The use of Domain names is managed by ICANN – The Internet Corporation for Assigned Names and Numbers – ICANN maintain the global database of registered names which is known as DNS (Domain Name System).
When a request to register a Domain is received, the registrar will query the Domain Name System to ensure that it is available and, if it is, will allow the registration to take place.
DNS is a hierarchical system. Everything stems from the Root of the system – the root name servers. Below the root name servers we find the generic Top Level Domains, or gTLD's, for example .com, .net and .org, along with the country code Top Level Domains or ccTLD's. There are currently 253 accepted ccTLDs, but this value changes over time as country boundaries alter.
Over the past decade, ICANN have been busy with a program to expand the range of gTLDs under the root.
Many of these have been related to specific business areas or industries, with one of the most notorious being the .xxx domain, for adult websites.
They have also added in the capability to have gTLDs that are not just using the Latin character-set, allowing for the use of non-Latin languages.
The diagram shows the hierarchical nature of the DNS, and how a DNS request works its way down through the DNS structure to be able to find the website that was requested.
The Second Level Domain is the one immediately below the Top Level Domain and commonly refers to the organization that registered the domain name with a domain name registrar; as such they are also known as private domains.
For example, microsoft.com – where Microsoft is the SLD. Some domain name registries introduce a second-level hierarchy to a TLD that indicates the type of organization that intended to register an SLD under it.
For example, in the .uk namespace, a college or other academic institution would register under the .ac.uk namespace, while companies would register under .co.uk. For example, microsoft.co.uk – where Microsoft is again the SLD, .co is the second-level hierarchy and .uk is the ccTLD
Once DNS has drilled-down to the Private Domain controller for the required domain it will obtain the details for the service required within that domain such as the www site, maps site, or news servers IP address.
Although the basic operation of a DNS query works, this method of working can be somewhat inefficient – if we have to go all the way to the root to begin our query on every occasion, this could create a lot of unnecessary traffic, and cause delays in getting our answers.
To avoid this, the DNS allows for a system known as DNS caching. Most often, when a host machine embarks on a DNS lookup request, it will look for an answer from a DNS caching service.
DNS caches hold the domain or IP mappings for thousands of domains and as such can return an answer in a short time. If the caching service cannot provide an answer, it will perform the lookup and return the answer once it receives it. This answer will be added to the cache for any future requests.
Most Internet Service Providers, or ISPs, run a DNS cache service, but there are also a number of publicly available DNS caches, such as: Google's DNS – 18.104.22.168 or 22.214.171.124, or OpenDNS – 126.96.36.199 or 188.8.131.52.
Whilst this is obviously a great convenience, there can be problems. DNS spoofing or poisoning can happen if incorrect data is introduced into the DNS cache. The router that is poisoned will divert traffic to the incorrect IP address which could be a hacker’s computer.
If the router that is poisoned is substantially influential within the structure of the Internet, it can pass the incorrect IP address to many other routers around it increasing the poisoning, or even creating a worldwide shutdown of a website.
This happened to YouTube with Pakistan Telecoms in 2008. Here you can see the major features of DNS. The top feature is the basic translation of domain names to IP addresses, and vice versa.
One question you might be asking is ‘why do we need to bother with the distributed nature of DNS? Surely that just makes more work for everybody, and it’s possible to tamper with DNS caches, and cause problems.’
These are both valid points, but weighed against the problems that could occur if we used just one single DNS source for everybody on the World Wide web you can immediately see that a centralised DNS would in fact be far more trouble.
At the heart of the DNS system are DNS records. A DNS record is a database record used to map a URL to an IP address. DNS records are stored in DNS servers and work to help users connect their websites to the outside world.
When a URL is entered and searched in the browser, that URL is forwarded to the DNS servers and then directed to the specific Web server. This Web server then serves the queried website outlined in the URL or directs the user to an email server that manages the incoming mail.
The most common record types are A (address); CNAME (canonical name); MX (mail exchange); NS (name server); PTR (pointer), SOA (start of authority); and TXT (text record).
Different types of DNS records are as follows:The Name Server (NS) Record Describes a name server for the domain that permits DNS lookups within several zones. Every primary as well as secondary name server must be reported via this record.
The Mail Exchange (MX) Record Permits mail to be sent to the right mail servers located in the domain. Other than IP addresses, MX records include fully-qualified domain names.
The Address (A) Record is Used to map a host name to an IP address. Generally, records are IP addresses. If a computer consists of multiple IP addresses, adapter cards, or both, it must possess multiple address records.
The Canonical Name (CNAME) Record can be used to set an alias for the host name.
Text (TXT) Record: Permits the insertion of arbitrary text into a DNS record. These records add Sender Policy Framework records into a DNS record, showing which hosts are allowed to send e-mail traffic.
Time-to-Live (TTL) Record: Sets the period of data, which is ideal when a recursive DNS server queries the domain name information.
Start of Authority (SOA) Record: Declares the most authoritative host for the zone. Every zone file should include an SOA record, which is generated automatically when the user adds a zone.
Pointer (PTR) Record: Creates a pointer, which maps an IP address to the host name in order to do reverse lookups.
When examining DNS it can become quite confusing as to who performs exactly what function.
It is helpful to list the main functions of DNS using the ‘Three R’s of DNS’, namely; Registry, Registrar & Registrant. For ease, we will use the analogy of the DNS system as an internet phonebook.
The Registry is the group at the top of the pile who operate the gTLDs such as .com, .co.uk and .info under the remit of ICANN (The Internet Corporation for Assigned Names and Numbers). These can be thought of as the operator of the ‘phonebook’.
For example, Nominet is the registry for the .uk TLD.
Registrars are the companies that sell the domain names and are supposed to check the WHOIS and domain details are correct.
These companies are also regulated through ICANN and are the companies that sell the domains to the Registrants.
They can be thought of as the entity that edits the ‘phonebook’. GoDaddy is one of the largest registrars.
The Registrant is the legal owner of the domain name, bought from the registrar and is usually the person who enters the details into the WHOIS database, though as discussed later, they may ‘opt out’. This can be thought of as an entry within the ‘phonebook’.
That brings us to the end of this video.
Paul began his career in digital forensics in 2001, joining the Kent Police Computer Crime Unit. In his time with the unit, he dealt with investigations covering the full range of criminality, from fraud to murder, preparing hundreds of expert witness reports and presenting his evidence at Magistrates, Family and Crown Courts. During his time with Kent, Paul gained an MSc in Forensic Computing and CyberCrime Investigation from University College Dublin.
On leaving Kent Police, Paul worked in the private sector, carrying on his digital forensics work but also expanding into eDiscovery work. He also worked for a company that developed forensic software, carrying out Research and Development work as well as training other forensic practitioners in web-browser forensics. Prior to joining QA, Paul worked at the Bank of England as a forensic investigator. Whilst with the Bank, Paul was trained in malware analysis, ethical hacking and incident response, and earned qualifications as a Certified Malware Investigator, Certified Security Testing Associate - Ethical Hacker and GIAC Certified Incident Handler. To assist with the teams malware analysis work, Paul learnt how to program in VB.Net and created a number of utilities to assist with the de-obfuscation and decoding of malware code.