Cryptography aids to secure information from third parties who are called adversaries. It allows only the sender and the recipient to access the data securely.

Traceroute is a network diagnostic tool. It helps track the route taken by a packet that is sent across the IP network. It shows the IP addresses of all the routers it pinged between the source and the destination.

Uses: 

• It shows the time taken by the packet for each hop during the transmission. 
• When the packet is lost during the transmission, the traceroute will identify where the point of failure is.

A firewall is a network security device/system, which blocks malicious traffic such as hackers, worms, malware, and viruses to maintain data privacy.

Uses: 

• It monitors the incoming and outgoing network traffic. It permits or allows only data packets that agree to the set of security rules.
• It acts as a barrier between the internal network and the incoming traffic from external sources like the Internet.

It is a process that happens in a TCP/IP network when you make a connection between a local host and the server. It is a three-step process to negotiate acknowledgment and synchronization of packets before communication starts. 

Step 1: The client makes a connection with the server with SYN.

Step 2: The server responds to the client request with SYN+ACK.

Step 3: The client acknowledges the server’s response with ACK, and the actual data transmission begins.

HTTP response codes indicate a server’s response when a client makes a request to the server. It shows whether an HTTP request is completed or not. 

1xx: Informational

The request is received, and the process is continuing. Some example codes are:

• 100 (continue)
• 101 (switching protocol)
• 102 (processing)
• 103 (early hints)

2xx: Success 

The action is received, understood, and accepted successfully. A few example codes for this are:

• 200 (OK)
• 202 (accepted)
• 205 (reset content)
• 208 (already reported)

3xx: Redirection 

To complete the request, further action is required to take place. Example codes:

• 300 (multiple choice)
• 302 (found)
• 308 (permanent redirect)

4xx: Client Error 

The request has incorrect syntax, or it is not fulfilled. Here are the example codes for this:

• 400 (bad request)
• 403 (forbidden)
• 404 (not found)

5xx: Server Error 

The server fails to complete a valid request. Example codes for this are:

• 500 (internal server error)
• 502 (bad gateway)
• 511 (network authentication required)

CIA Triad is a security model to ensure IT security. CIA stands for confidentiality, integrity, and availability.

• Confidentiality:To protect sensitive information from unauthorized access.
• Integrity:To protect data from deletion or modification by an unintended person.
• Availability:To confirm the availability of the data whenever needed.

Here is a list of common cyberattacks aimed at inflicting damage to a system. 

1. Man in the Middle attack: The attacker puts himself in the communication between the sender and the receiver. This is done to eavesdrop and impersonate to steal data. 
2. Phishing: Here, the attacker will act as a trusted entity to perform malicious activities such as getting usernames, passwords, and credit card numbers.
3. Rogue Software:It is a fraudulent attack where the attacker fakes a virus on the target device and offers an anti-virus tool to remove the malware. This is done to install malicious software into the system. 
4. Malware:Malware is software that is designed to attack the target system. The software can be a virus, worm, ransomware, spyware, and so on.
5. Drive-by Downloads:The hacker takes advantage of the lack of updates on the OS, app, or browser, which automatically downloads malicious code to the system.
6. DDoS:This is done to overwhelm the target network with massive traffic, making it impossible for the website or the service to be operable.
7. Malvertising:Malvertising refers to the injections of maleficent code to legitimate advertising networks, which redirect users to unintended websites.
8. Password Attacks: As the name suggests, here, the cyber hacker cracks credentials like passwords.

Data leakage means the unauthorized transmission of data from an organization to an external recipient. The mode of transmission can be electronic, physical, web, email, mobile data, and storage devices, such as USB keys, laptops, and optical media. 

Types of data leakage:

• Accidental leakage: The authorized entity sends data to an unauthorized entity accidentally.
• Malicious insiders: The authorized entity intentionally sends data to an unauthorized entity.
• Electronic communication:Hackers make use of hacking tools to intrude the system.

A port scan helps you determine the ports that are open, listening, or closed on a network. Administrators use this to test network security and the system’s firewall strength. For hackers, it is a popular reconnaissance tool to identify the weak point to break into a system.

Some of the common basic port scanning techniques are:

1. UDP
2. Ping scan
3. TCP connect
4. TCP half-open
5. Stealth scanning

A brute force attack is a hack where the attacker tries to guess the target password by trial and error. It is mostly implemented with the help of automated software used to login with credentials.

Here are some ways to prevent a brute force attack:

1. Set a lengthy password
2. Set a high-complexity password
3. Set a limit for login failures

Following are the steps you have to follow to set up a firewall:

1. Username/password:Alter the default password of a firewall device.
2. Remote Administration: Always disable the Remote Administration feature.
3. Port Forward: For the web server, FTP, and other applications to work properly, configure appropriate ports.
4. DHCP Server:Disable the DHCP server when you install a firewall to avoid conflicts.
5. Logging: Enable logs to view the firewall troubleshoots and to view logs.
6. Policies:Configure strong security policies with the firewall.

Secure Socket Layer is a security protocol that is used for the purpose of encryption. It ensures privacy, data integrity, and authentication in the network like online transactions.

The following are the steps for setting up an SSL encryption: 

1. A browser connects to an SSL-secured web server.
2. The browser requests the server’s public key in exchange for its own private key.
3. If it is trustworthy, the browser requests to establish an encrypted connection with the web server.
4. The web server sends the acknowledgement to start an SSL encrypted connection.
5. SSL communication starts to take place between the browser and the web server.

A server that is secured uses the Secure Socket Layer (SSL) protocol to encrypt and decrypt data to protect it from unauthorized access.

Below are the four steps to secure a server:

Step 1: Secure the root and administrator users with a password

Step 2: Create new users who will manage the system

Step 3: Do not give remote access to administrator/default root accounts

Step 4: Configure firewall rules for remote access

Sniffing is a technique for evaluating data packets delivered across a network. This can be accomplished through the use of specialized software or hardware. Sniffing can be used for a variety of purposes, including:

• Capture confidential information, such as a password.
• Listen in on chat messaging
• Over a network, keep an eye on a data package.

Information protection protects data from unauthorized access by utilizing encryption, security software, and other methods.
Information Assurance ensures the data’s integrity by maintaining its availability, authentication, and secrecy, among other things.

Two-factor authentication (2FA), often known as two-step verification or dual-factor authentication, is a security method in which users validate their identity using two independent authentication factors. This procedure is carried out in order to better protect the user’s credentials as well as the resources that the user has access to. Single-factor authentication (SFA), in which the user gives only one factor — generally a password or passcode — provides a lower level of security than two-factor authentication (TFA). Since possessing the defendant’s password alone is not enough to accomplish the authentication check, two-factor authentication adds an extra layer of security to the authentication process, making it more difficult for attackers to get access to a person’s devices or online accounts.

Shoulder surfing is a form of physical assault that entails physically peering at people’s screens while they type information in a semi-public space.

A null session occurs when a user is not authorized using either a username or a password. It can provide a security concern for apps because it implies that the person making the request is unknown.

Honeypots are attack targets that are set up to see how different attackers attempt exploits. Private firms and governments can utilize the same concept to evaluate their vulnerabilities, which is widely used in academic settings.

The following are some of the advantages of putting cybersecurity in place and keeping it up to date:

• Businesses are protected from cyberattacks and data breaches.
• Both data and network security are safeguarded.
• Unauthorized user access is kept to a minimum.
• There is a quicker recovery time after a breach.
• Protection for end-users and endpoint devices.
• Regulatory compliance.
• Operational consistency.
• Developers, partners, consumers, stakeholders, and employees have a higher level of trust in the company’s reputation.

A tracking cookie, instead of a session cookie, would be used in a spyware attack because it would last through multiple sessions rather than just one.