On-Premises:

o On-premises solutions are physically located at an organization’s office site such as DC.
o On-premises solutions are physically hosting location of their choice such is Data Center.
o On-premises is software & technology that is located within the physical company's DC.
o By installing & running software on hardware located within the premises of the company.
o The IT staff has physical access to the data and can directly control the configuration.
o The IT staff has to management and security of the computing infrastructure and data.
o Uses own physical servers and IT infrastructure to install and host the solution locally.

Cloud:
o Cloud is hosted on servers which are maintained by a vendor the hosting company.
o Cloud is such as Microsoft Azure and accessed through an Internet connected device.
o Where third parties are responsible for managing & securing the infrastructure severs.
o The cloud Computing is the alternatives to On-Premises software and technologies.
o Cloud is frequently considered for their potential cost savings and reduced expenses.
o Cloud also considered to reduce the power consumption, maintenance and security.
o Security is one of the biggest reasons organizations not to use cloud network solutions.

1 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Malware:
o Malware is a term which is short for “Malicious Software” is a file or code or application.
o Malware (Malicious Software) is any program or file, that is harmful to a computer user.
o Malicious Software typically delivered over a network that infects, explores and steals.
o Malware (Malicious Software) can be conducts virtually any behavior an attacker wants.
o Malware (Malicious Software) is an inclusive term, for all types of malicious software.
o Malicious Software is terms for all as Viruses, Worms, Trojans, Rootkits, and Spyware.
o Malware is also terms for Adware, Scareware, Botnets, Logic Bombs, Key loggers etc.
o Many tools can identify Malware on the network such as Packet Captures to analyzing.
o In addition, tools Snort, NetFlow, IPS, Advanced Malware Protection, Cisco FirePOWER etc.

2 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Virus:
o Malicious code that attached to executable files that are often regular application.
o Viruses require some type of human or any other application interaction to activate.
o Entire category of viruses are designed to damage or destroy a system or the data.

Worm:
o Worms are malware that replicate themselves and spread to infect other systems.
o Think of worms as small programs that replicate themselves in a computer network.
o A worm can travel from system to system without human or application interaction.
o When worm executes, it can replicate again & infect even more systems or computer.
o Worms destroy the files and data on user’s computer or system or Computer network.
o Worms usually target the operating system (OS) files to make them empty & destroy.
o Worms typically cause harm to the computer network and consuming the bandwidth.

3 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Adware:
o Adware is computer term, which is stand for Advertising-Supported Malware.
o Adware works by executing advertisements to generate revenue for the hackers.
o Adware (Advertising-Supported Malware) is any type of advertising-supported software.
o Adware will play, display, or download advertisements automatically on a user's computer.
o Adware will play once the software has been installed or the application is in the use.

Ransomware:
o Its propagate like worm but is designed to encrypt personal files on victim’s hard drive.
o Ransomware works by encrypting the hard drive and all files on a system or Computer.
o Ransomware can encrypt specific files in your system or all your files or mast boot record.
o Ransomware then asks for a payment in exchange for giving the decryption key.
o Major Ransomware like Reveton, CryptoLocker, CryptoWall, Pyeta, Nyeta, Bad Rabbit.
o More recently Ransomware 2017 WannaCry attack was lunched which destroy many PCs.
o Ransomware caused no small amount of destruction, but it caused huge destruction .

4 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Trojan:
o Trojans are malicious programs that appear like regular applications or programs.
o Trojans are malicious programs that appear like media files or other computer files.
o Trojans contain a malicious payload; the payload can be anything malicious acts etc.
o Trojans payload provide backdoor that allows attackers unauthorized access to system.
o Trojans pretend to do one thing but, when loaded, actually perform another malicious.
o Few Trojan categories are command-shell Trojans, graphical user interface (GUI) Trojans.
o HTTP/HTTPS Trojans, document Trojans, defacement Trojans, botnet Trojans, VNC Trojans.
o Remote-Access Trojans, data-hiding Trojans, banking Trojans, DoS Trojans, FTP Trojans.
o Software-Disabling Trojans, and covert-channel Trojans are few examples of trojans.
o Remote-access Trojans (RATs) allow the attacker full control over the system or PC.
o Idea behind this type of Trojan is to hide user’s data sometimes known as ransomware.
o Security-software disablers Trojans are designed to attack and kill antivirus or firewalls.
o Denial of Service (DoS), These Trojans are designed to cause a DoS Denial of Service.
o They can be designed to knock out specific service or to bring an entire system offline.
o Trojans are dangerous, they represent a loss of confidentiality, integrity, and availability.
o Common targets of Trojans Credit card data & banking info have become huge targets.
o Passwords are always a big target of second common targets of trojans malware.

o P2P networks and file-sharing sites such as The Pirate Bay are generally unmonitored.
o And allow anyone to spread any programs they want, legitimate or not like trojans.
o Instant Messaging, Internet Relay Chat, Email attachments, and browser extension etc.

5 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Spyware:
o Spyware computer network term, which is common types of malware.
o Spyware monitors the activities performed by a computer user on the PC.
o The main intention of a spyware is to collect the private information of PC user.
o Spyware normally come from internet while user download freeware software.
o Spyware is another form of malicious code that is similar to a Trojan horse malware.

Rootkits:
o A rootkit is a collection of software specifically designed to permit malware.
o Rootkits gathers information, into your system, Computer, or computer network.
o These work in the background so that a user may not notice anything suspicious.
o Rootkits in the background permit several types of malware to get into the system.
o The term rootkit is derived from the combination of two words – "root" and "kit".
o Root refers to the administrator account in Unix and Linux operating systems etc.
o Kit refers to programs allow threat actor to obtain unauthorized root/admin access.

Keyloggers:
o Keylogger is network term which is Keystroke loggers software or Hardwar.
o Software, which records all the information that is typed using a keyboard.
o Keyloggers store the gathered information and send it to the attacker.
o Attacker extract sensitive information like password or credit card details.

6 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Scareware:
o Scareware is a type of malware, which is designed to trick victims.
o Scareware trick victims into purchasing and downloading useless software.
o Scareware trick victims into download potentially dangerous software.
o Scareware, which generates pop-ups that resemble Windows system messages.
o Scareware usually purports to be antivirus or antispyware software or malwares.
o Scareware also usually popup a firewall application or a registry cleaner.
o The messages typically say that a large number of problems such as infected files.
o The user is prompted to purchase software to fix Computer or system problems.
o In reality, no problems were detected, and the suggested software contain malware.

Logic Bomb:
o A Logic Bomb is malware that is triggered by a response to an event.
o Such as launching an application or when a specific date/time is reached.
o Attackers can use logic bombs in a variety of ways to destroy data or system.
o They can embed arbitrary code within a fake application, or Trojan horse.
o Logic Bomb will be executed whenever you launch the fraudulent software.
o Attackers can also use a combination of spyware and logic bombs to steal identity.

7 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Botnet:
o Basically, the word botnet is made up of two words: bot and net.
o So, Bot is short for robot and Net comes from the network, Robot Network.
o People who write and operate malware cannot manually log onto every computer.
o They have infected, instead they use botnets to manage a large number of systems.
o A botnet is a network of infected computers, used by the malware to spread.
o Cybercriminals use special Trojan viruses to breach the security of several users’ PCs.
o Cybercriminals take control of each computer & organize all of the infected PCs.
o Cybercriminals remotely manage and organize all infected computer bot.

DoS (Denial of Service) Attack:

o DoS Attack is a type of attack to network server with large number of service requests.
o DoS Attack can cause server to crash the server & legitimate users are denied the service.
o DDoS stand for (Distributed Denial of Service) an Attack, which is one type of DoS attack.
o DDoS originating from many attacking computers from different geographical regions.
o Zombies and Botnets are mainly used in DDoS (Distributed Denial of Service) attacks.
o Both type of attack DoS and DDoS can cause the services to become unavailable to users.
o Such as Ping of Death, Smurf Attack, TCP SYN , CDP Flood, Buffer Overflow, ICMP Flood.
o Cloud is more vulnerable to DoS attacks because it is shared by many users & organizations.
DOS Attack

Servers

DDOS Attack

8 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

SQL Injection:
o SQL injection is a code injection technique that might destroy your database.
o SQL injection is one of the most common web hacking techniques to gain access.
o SQL injection is placement of malicious code in SQL statements, via web page input.
o SQL Injection is injection attack makes possible to execute malicious SQL statements.
o Attackers can use SQL Injection vulnerabilities to bypass application security measures.
o SQL Injection (SQLi) also used to add, modify, and delete records in the database.
o SQL injection attack exploits vulnerable cloud-based applications allow pass SQL commands.

Cross Site Scripting:

o XSS is term, which stand for Cross-Site Scripting Errors, are a type of coding error.
o Where a malicious party can trigger execution of software from their browser.
o Cross-site scripting is a type of security vulnerability found in web applications.
o XSS enables attackers to inject client-side scripts into web pages viewed by other users.
o Common purpose of XSS attack is to collect cookie data such as session IDs or login info.
o XSS used to steal cookies exploited to gain access as authenticated user to a cloud-based.
o Three major categories are Reflected XSS, Stored(Persistent) XSS, and DOM-Based XSS.

9 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Phishing:
o Phishing is a type of social engineering attack often used to steal user data or info.
o Phishing is social engineering attack to steal login credentials & credit card numbers.
o Phishing is method of trying to gather personal info using deceptive e-mails & websites.
o Phishing is a cyber-attack that uses disguised email as a weapon to steal user data or info.

10 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Man-In-The-Middle:
o MITM (Man in The Middle) means man in the middle of your conversation.
o In a Man-in-The-Middle attack, attackers place themselves between two devices.
o MITM attack to intercept or modify communications between the two devices.
o MITM cyberattacks allow attackers to secretly intercept communications.
o MITM attack happens when hacker inserts themselves between a user & apps.
o Attackers have many different reasons and methods for using a MITM attack.
o MITM is used to steal something, like credit card numbers or user login credentials.
o MITM attacks involve interception of communication between two digital systems.

Data Breach:
o Data breach can involve data that was not supposed to be released to the public.
o Which includes financial information, personal health information & trade secrets.
o Which includes. Personally, identifiable information and other intellectual property.
o Value of the organization’s cloud-based data might be different for different people.
o Data Breach happen if organization lacks managing authentication & identity properly.
o The Businesses need to properly allocate access to data as per every user’s job role.
o One-time passwords & phone-based authentications are the two factor authentications.
o That help securing cloud services by making it tough for the attacks to steal the credentials.

11 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

Insecure APIs:
o API stand for Application Programming Interface are used by cloud service providers.
o To allow customers to interact, manage, and extract information from cloud services.
o APIs use to gather logs from an application, to provide integration with databases.
o APIs is sets of functions & variables enable software components to communicate.
o APIs is used to integration with storage components & to control specific cloud resources.
o APIs are also often the way that a mobile application can interact with the website.
o Or back end services, and can provide the ability to authenticate users, as well as query.
o In cloud technology, Application Programming Interface is important software components.
o Several cloud services use APIs is a feature beyond the trusted organizational boundary.
o When a cloud API is exploited, it gives the cyber attackers huge access to your cloud apps.
o Public front door is offered your applications with Cloud APIs and so, securing is important.
o Developers manage & interact with their service with APIs offered by most cloud services.
o When the APIs are weak, enterprises are at risks of being exposed to security vulnerabilities.
o Attacker take advantage of API misconfigurations to modify or delete data in applications.

12 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717

API (Application Programming Interface):
o To interact with applications or network devices, use an Application Programming Interface.
o API is software interface which allows other applications to communicate with application.
o Application Programming Interface are found almost everywhere such as Amazon Web.
o Home automation devices such as thermostats, refrigerators, and wireless lighting systems.
o Application Programming Interface are used for build programmable network automation.
o API is software that allows other applications to access its data or services smoothly.
o API is set of rules and regulation describing how one application can interact with another.
o Application Programming Interface API is the instructions to allow the interaction to occur.
o User sends API request to server asking for specific information & receives an API response.
o User receives an API response in return from the server along with requested information.
o The XML and the JSON are two of the most common data formats that are used with APIs.
o An Application Programming Interface (API) is similar to a waiter in a restaurant or hotels.
o A customer in a restaurant or in hotel would like to have some food delivered to the table.
o The food is in the restaurant or in hotel kitchen where it is cooked and prepared to serve.
o The waiter is the messenger, similar to an Application Programming Interface (API).
o Waiter (API) is the person who takes the customer’s order (the request) & tells kitchen.
o When food is read, the waiter will then deliver the food (the response) back to customer.
o In basic terms, APIs is just allow the applications to communicate with one another apps.
o API is a product middle person that enables two applications to converse with one another.
o It is a request between two connection i.e The Sender Request and The Receiver Response.
o An API brokers access to a different application to provide functionality or access to data.
o To interact with application or network devices, we use Application Programming Interface.
o A method and way of communicating with and configuring a network is the use of APIs.

13 | P a g e Created by Ahmad Ali E-Mail: ahmadalimsc@gmail.com , Mobile: 056 430 3717