OSI model was introduced by the International Organization for Standardization for different computer systems to communicate with each other using standard protocols.

Below are the various layers of the OSI model:

• Physical layer: This layer allows the transmission of raw data bits over a physical medium.
• Datalink layer: This layer determines the format of the data in the network.
• Network layer: It tells which path the data will take.
• Transport layer: This layer allows the transmission of data using TCP/UDP protocols.
• Session layer: It controls sessions and ports to maintain the connections in the network.
• Presentation layer: Data encryptions happen in this layer, and it ensures that the data is in a usable/presentable format.
• Application layer: This is where the user interacts with the application.

VPN stands for virtual private network. It is a private network that gives you online anonymity and privacy from a public Internet connection. VPN helps you protect your online activities, such as sending an email, paying bills, or shopping online. 

How does a VPN work :

1. When you make a VPN connection, your device routes the Internet connection to the VPN’s private server, instead of your Internet Service Provider (ISP). 
2. During this transmission, your data is encrypted and sent through another point on the Internet.
3. When it reaches the server, the data is decrypted.
4. The response from the server reaches the VPN where it is encrypted, and it will be decrypted by another point in the VPN.
5. At last, the data, which is decrypted, reaches you.

• Threat:A cyber security threat can cause potential harm to an organization’s assets by exploiting a vulnerability. It can be intentional or accidental.
• Vulnerability:A vulnerability is a weakness or a gap in the security system that can be taken advantage of by a malicious hacker.
• Risk: A risk happens when the threat exploits a vulnerability. It results in loss, destruction, or damage to the asset.

To prevent identity theft, you can take the following measures:

1. Protect your personal records.
2. Avoid online sharing of confidential information.
3. Protect your Social Security Number.
4. Use strong passwords, and change them at regular intervals.
5. Do not provide your bank information on untrustworthy websites.
6. Protect your system with advanced firewall and spyware tools.
7. Keep your browsers, system, and software updated.

Black Hat Hackers
A Black Hat Hacker uses his/her hacking skills to breach confidential data without permission. With the obtained data, the individual performs malicious activities such as injecting malware, viruses, and worms.

White Hat Hackers
A White Hat Hacker uses his/her hacking skills to break into a system but with the permission of the respective organizations. They are professionals known as Ethical Hackers. They hack the system to identify its vulnerability and to fix it before a hacker takes advantage of it.

Grey Hat Hackers
A Grey Hat Hacker has the characteristics of both a Black Hat Hacker and a White Hat Hacker. Here, the system is violated with no bad intention, but they do not have the essential permission to surf the system, so it might become a potential threat at any time.

Patch management has to be done immediately once the updates to the software is released. All the network devices in the organization should get patch management in less than a month.

BIOS being hardware, setting it up with a password locks the operating system. There are three ways to reset the BIOS password:

1. you need to unplug the PC and remove the CMOS battery in the cabinet for 15–30 minutes. Then, you can put it back.
2. You can use third-party software such as CmosPwd and Kiosk.
3. You can run the below commands from the MS-DOS prompt with the help of the debug tool. For this method to work, you need to have access to the OS installed.

Debug
o 70 2E
o 71 FF
quit

This will reset all BIOS configurations, and you need to re-enter the settings for it.

In the Man-in-the-Middle attack, the hacker eavesdrops on the communication between two parties. The individual then impersonates another person and makes the data transmission look normal for the other parties. The intent is to alter the data, steal personal information, or get login credentials for sabotaging communication.

These are a few ways to prevent a MITM attack:

1. Public key pair based authentication
2. Virtual private network
3. Strong router login credentials
4. Implement a well-built Intrusion Detection Systems (IDS) like firewalls. 
5. Strong WEP/WPA encryption on access points.

Distributed denial-of-service attack overwhelms the target website, system, or network with huge traffic, more than the server’s capacity. The aim is to make the server/website inaccessible to its intended users. DDoS happens in the below two ways:

Flooding attacks: This is the most commonly occurring type of DDoS attack. Flooding attacks stop the system when the server is accumulated with massive amounts of traffic that it cannot handle. The attacker sends packets continuously with the help of automated software.

Crash attacks: This is the least common DDoS attack where the attacker exploits a bug in the targeted system to cause a system crash. It prevents legitimate users from accessing email, websites, banking accounts, and gaming sites. 

To prevent a DDoS attack, you have to:

1. Configure firewalls and routers
2. Recognize the spike in traffic
3. Consider front-end hardware 
4. Empower the server with scalability and load balancing
5. Use anti-DDoS software

Cross-site scripting also known as XSS attack allows the attacker to pretend as a victim user to carry out the actions that the user can perform, in turn, stealing any of the user’s data. If the attacker can masquerade as a privileged victim user, one can gain full control over all the application’s data and functionality. Here, the attacker injects malicious client-side code into web services to steal information, run destructive code, take control of a user’s session, and perform a phishing scam.

Here are the ways to prevent an XSS attack:

1. Cross-check user’s input
2. Sanitize HTML 
3. Employ anti-XSS tools
4. Use encoding 
5. Check for regular updates of the software

Address Resolution Protocol is a communication protocol of the network layer in the OSI model. Its function is to find the MAC address for the given IP address of the system. It converts the IPv4 address, which is 32-bit, into a 48-bit MAC address.

How ARP works:

1. It sends an ARP request that broadcasts frames to the entire network.
2. All nodes on the network receive the ARP request.
3. The nodes check whether the request matches with the ARP table to find the target’s MAC address.
4. If it does not match, then the nodes silently discard the packet.
5. If it matches, the target will send an ARP response back to the original sender via unicast.

It refers to restricting users from accessing a set of services within the local area network. The main aim is to stop the source from providing access to destination nodes via ports. Since all applications run on the ports, it is necessary to block the ports to restrict unauthorized access, which might violate the security vulnerability in the network infrastructure.

Polymorphic viruses are sophisticated file infectors that may build changed versions of themselves in order to avoid detection while maintaining the same fundamental behaviors after each infection. Polymorphic viruses encrypt their programming and employ various encryption keys each time to alter their physical file makeup throughout each infection.
Mutation engines are used by polymorphic viruses to change their decryption routines every time they infect a machine. Because typical security solutions do not use a static, unchanging code, traditional security solutions may miss them. They are considerably more difficult to detect because they use complicated mutation engines that generate billions of decryption routines.

A virus is a piece of harmful executable code that is attached to another executable file and can modify or erase data. When a virus-infected computer application executes, it takes action such as removing a file from the computer system. Viruses can’t be managed from afar.
Worms are comparable to viruses in that they do not alter the program. It continues to multiply itself, causing the computer system to slow down. Worms can be manipulated with remote control. Worms’ primary goal is to consume system resources.

Spear phishing is a type of phishing assault that targets a small number of high-value targets, usually just one. Phishing usually entails sending a bulk email or message to a big group of people. It implies that spear-phishing will be much more personalized and perhaps more well-researched (for the individual), whereas phishing will be more like a real fishing trip where whoever eats the hook is caught.

In general, system hardening refers to a set of tools and procedures for managing vulnerabilities in an organization’s systems, applications, firmware, and other components.
The goal of system hardening is to lower security risks by lowering potential attacks and compressing the system’s attack surface.
The many types of system hardening are as follows:

• Hardening of databases
• Hardening of the operating system
• Hardening of the application
• Hardening the server
• Hardening the network