Summary of "فيديو- أسس الأمن السيبراني"

This video provides a comprehensive overview of foundational cybersecurity concepts, focusing on practical security measures in organizational environments. The speaker explains key terms, hardware and software security mechanisms, common cyber attacks, and protection strategies. The discussion includes both theoretical concepts and real-world applications, with references to specific technologies and best practices.

Main Ideas and Concepts

1. Authentication vs Authorization

Authentication (Action): Verifying the identity of a user (e.g., login with username and password).
Authorization: Determining what an authenticated user is allowed to do within the system (permissions and access control).
Importance of limiting permissions to prevent unauthorized actions or accidental disruptions.

2. Physical Security

Protecting hardware components like racks, switches, routers, and fiber optic cables physically by:
- Using locked racks with keys or biometric access (fingerprint, face recognition).
- Ensuring only authorized personnel (engineers, technical staff) have access.
- Using multi-factor physical access controls, especially in sensitive data centers (e.g., banks, hospitals).
Example: Double-sided locked racks, fingerprint and face recognition for data center access.

3. Windows Security Features

Dynamic Lock: Locks the PC automatically when the paired Bluetooth device (e.g., phone) moves out of range (~10 meters), preventing unauthorized access if the user leaves the device unattended.
Windows Defender Firewall: Software firewall that controls inbound and outbound traffic using rules based on ports and protocols (e.g., blocking HTTP port 80 or HTTPS port 443).
Importance of enabling and properly configuring firewalls to prevent unauthorized network access.

4. Hardware Firewalls

Expensive but essential for enterprise security; examples include:
Firewalls provide packet inspection, intrusion prevention, traffic monitoring, and can merge multiple internet lines.
No firewall or security system is 100% secure, but these devices significantly reduce risk.
Firewalls are crucial for protecting critical infrastructures like banks and oil companies from attacks such as DDoS (Distributed Denial of Service).

5. Cyber Attacks and Protection

DDoS Attack: Overwhelming a server with large volumes of traffic or large files to deny legitimate service.
Ransomware: Malware that encrypts or locks data, demanding payment for restoration.
Protection includes:
- Using firewalls and monitoring system resources (e.g., RAM usage).
- Employing antivirus and threat protection software.
- Downloading software only from trusted sources.
MAC Flooding Attack: Overloading a switch’s MAC address table to disrupt network operations.
DHCP Spoofing Attack: An attacker sets up a fake DHCP server to assign malicious IP addresses and intercept traffic.
Protection against these attacks includes enabling port security on switches and configuring proper network controls.

6. Network Security Practices

Port Security: Restricting switch ports to allow only specific MAC addresses, preventing unauthorized devices from connecting.
Proxy Servers:
- Forward Proxy: Controls and filters employee internet access (e.g., blocking YouTube or limiting usage time).
- Reverse Proxy: Positioned near servers to distribute incoming traffic evenly (load balancing) and add a layer of protection.

7. Storage Security

Use of NAS (Network Attached Storage) devices like QNAP for centralized data storage.
Importance of RAID configurations (e.g., RAID 5, RAID 6) for redundancy and data protection:
- RAID allows data to be preserved even if one hard drive fails.
- RAID 5 uses one drive’s capacity for parity; RAID 6 uses two.
Continuous monitoring of storage health to replace failing drives without data loss.

8. Passwords and Access Control

Importance of strong (hard) passwords:
- Combination of uppercase, lowercase, numbers, and symbols.
- Avoid simple or sequential characters.
Strong passwords reduce the risk of brute force or guessing attacks.

9. Penetration Testing

Testing security by simulating attacks to find vulnerabilities.
Mentioned briefly as a method to verify system security and identify loopholes.

Detailed Methodologies / Instructions

Authentication and Authorization:
- Always verify user identity before granting access.
- Assign permissions carefully to limit user capabilities.
Physical Security Implementation:
- Use locked racks with keys or biometric access.
- Restrict access to authorized personnel only.
- Use multi-factor physical access control in sensitive areas.
Configuring Windows Dynamic Lock:
- Pair laptop with mobile phone via Bluetooth.
- Enable Dynamic Lock in Windows Security settings.
- Device locks automatically when phone moves out of range.
Firewall Rule Configuration (Windows Defender Firewall)