Cyber Vocab Session 3

Study Session 📚

Here are the five terms you’ll need to master by next week!

1. Passkeys (Category: Application Security)

Passkeys are a new form of authentication that relies on biometric authentications (fingerprints, face scans) instead of passwords to validate users.

A user will first register a device using their biometric authentication, during which cryptographic key pairs are created. From then onwards, the service requests proof that the device has the private key, which is done automatically and seamlessly without the user needing to type in a password.

This approach enhances security as it reduces the risk of phishing, password theft, and other common attacks that exploit password vulnerabilities.

2. LDAP (Category: Networking)

LDAP, which stands for Lightweight Directory Access Protocol, is a protocol used to access and maintain distributed directory information services over an Internet Protocol (IP) network.

Without proper encryption, data transmitted between the LDAP client and server can be intercepted and read by unauthorized parties.

Hackers can also conduct LDAP injections, where they can inject harmful LDAP statements.

3. Port 20 (Category: Networking)

Port 20 is designated as the default data transfer port for File Transfer Protocol (FTP) when operating in active mode.

In this configuration, a client uses port 21 to send control commands to an FTP server, and the server then initiates the data connection back to the client from port 20 for the actual transfer of files.

FTP does not inherently encrypt data, which means that information transferred via port 20 can be intercepted and read by attackers.

4. Hashing (Category: Encryption)

Hashing refers to the process of converting data into a fixed-size string of characters, which is typically a digest that represents the original data.

This conversion is carried out using a mathematical algorithm known as a hash function.

Hashing is used for password storage and digital signatures.

5. Worms (Category: Common Vulnerabilities)

A "worm" is defined as a type of malware that has the ability to replicate itself and spread to other computers without the need for any human action.

Unlike a virus, which requires the spreading of an infected host file, a worm is a standalone program that can propagate across networks and take advantage of vulnerabilities or insufficient security practices.

To avoid worms, employ comprehensive antivirus and anti-malware solutions that can detect and quarantine worms before they can spread.

Are you up for the challenge? 😈

Every week, you will be quizzed on whether you remembered the words from last week’s session.

Score well on the weekly quizzes and get placed on the scoreboard!

MCQ Quiz Length: 90 Seconds

Scoreboard 🏆

1. adomcecil0240

2. cyberbored07

3. markwstar45

Today’s Special: Tips for passing the Sec+ Exam

I asked Christopher Moore II about his experience passing the CompTIA Security+ exam.

Chris gained his cybersecurity experience solely from certificates and is working as a cybersecurity intern at SAP.

Here are 3 pieces of advice that stood out from my discussion:

1. “Take the exam in person. I’ve heard so many horror stories of people looking around getting disqualified for the online exam.”

2. “Use Professor Messer’s YouTube videos and his monthly study sessions to prep for the exam for free.”

3. “Always look for the best answer for the MCQs. Be 100% with your answers.”

Wanna talk with me 1-1?

If you want to talk tech with me or have questions about SWE / Cybersecurity,

send an email to [email protected] 

My inbox is open 24/7.

Sponsors 🤝

This week’s session is sponsored by Corbado.

Corbado is the best service that helps developers / IT specialists easily implement passkeys into their applications.

Start using Corbado using this link.

What I’m Doing

What I’m studying

Currently working through UC Irvine’s Introduction to IoT course.

This course helped me learn how Arduinos work and I’ll start to work on IoT projects soon!

What I’m watching

Just saw an unbelievable video by DesignCourse about rendering 3D videos on the Web.

What I’m reading

I’m reading in depth about the recent MGM cyber attack where hackers used vishing and ransomware to cause a data breach.

That’s it for this week! I’ll see you again! 👋

PS: If you haven’t followed me on all my other socials, do so below ⬇️