Cygenta Cyber Security Foundations Challenge
There has been a lot of talk in recent years about the skills gap in cyber security and it is a concern that the UK curriculum could do more to equip students with the technical foundations of cyber security. This small challenge hopes to bridge a little of that. And I say the technical foundations because this challenge is focused on that. There are more human and physical dimensions to cyber security, which this challenge is less relevant to, but if you're interested in a career in the technical side of security, this challenge is for you.
Why are we doing it this way rather than just giving you the answers and expecting you to remember them? With cyber security changing as rapidly as it does, one of the most important things to learn is how to learn new things rapidly to not only keep pace but to do your best work. And, there is more satisfaction in finding an answer for yourself rather than just being told what the answer is!
We're using the term foundations, not basics, for a reason. Foundations are not always easy and to call them basics would undermine the effort required to learn them. From the foundations you will learn in this short challenge you will be able to build and understand how more complex things work. Obviously, this challenge doesn't cover everything that you need to know, but completing the exercises will hopefully at least start you on a journey.
If you want to learn, don't mind a bit of hard work and want to give yourself the best start at a career in the technical side of cyber security, then this challenge is for you. Answers will be posted sometime in the new year, but there is no grading. This, like many things in life, will be for yourself and only you can truly judge how hard you worked at figuring out the answers.
An open mind and a thirst for knowledge.
The ability to use a search engine of your choice.
Name the seven layers of the OSI model.
What is an IP address?
What is a MAC address?
How does an IP address relate to a MAC address?
Give an example of a valid IPV4 address.
What is RFC 1918 and why is it important to IPV4?
What is a subnet of an IPV4 address?
What is a CIDR notation for IPV4 addresses?
How many hosts are in each of these subnets?
Explain a key difference between UDP and TCP ports.
Give an example of a system that might use UDP for its data.
What is the lowest and highest number for TCP & UDP ports?
Identify what services are LIKELY to be running on the following ports (TCP):
Using the Nmap tool, write the command you would use to perform a generic scan on the IP 192.168.0.1
Write the command that will scan only ports 22, 80 and 3389 for 192.168.0.1
Write a command that will scan every port in the TCP range on the following subnet 192.168.0.1/24 That's it! Check back in 2021 (or subscribe to our blog) for the answers to the above questions, but hopefully you will be able to find out the answers to every single one of them on your own.