From 47bfa7724ea3afdad9827039bea41a7cf2c04c7d Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 21 Sep 2024 19:22:26 +0600 Subject: [PATCH] chore: update roadmap content json (#7188) Co-authored-by: kamranahmedse <4921183+kamranahmedse@users.noreply.github.com> --- public/roadmap-content/cyber-security.json | 1940 ++++++++++++++++---- public/roadmap-content/data-analyst.json | 2 +- public/roadmap-content/devops.json | 1434 ++++++++------- public/roadmap-content/frontend.json | 5 + public/roadmap-content/postgresql-dba.json | 2 +- public/roadmap-content/sql.json | 2 +- 6 files changed, 2386 insertions(+), 999 deletions(-) diff --git a/public/roadmap-content/cyber-security.json b/public/roadmap-content/cyber-security.json index cdee08fc3..218cd6c61 100644 --- a/public/roadmap-content/cyber-security.json +++ b/public/roadmap-content/cyber-security.json @@ -49,7 +49,7 @@ }, "pJUhQin--BGMuXHPwx3JJ": { "title": "OS-Independent Troubleshooting", - "description": "OS-independent troubleshooting techniques are essential for every cybersecurity professional since they allow you to effectively diagnose and resolve issues on any operating system (OS). By using these OS-agnostic skills, you can quickly resolve problems and minimize downtime.\n\nUnderstanding Common Symptoms\n-----------------------------\n\nIn order to troubleshoot effectively, it is important to recognize and understand the common symptoms encountered in IT systems. These can range from hardware-related issues, such as overheating or physical damage, to software-related problems, such as slow performance or unresponsiveness.\n\nBasic Troubleshooting Process\n-----------------------------\n\nFollowing a systematic troubleshooting process is critical, regardless of the operating system. Here are the basic steps you might follow:\n\n* **Identify the problem**: Gather information on the issue and its symptoms, and attempt to reproduce the problem, if possible. Take note of any error messages or unusual behaviors.\n* **Research and analyze**: Search for potential causes and remedies on relevant forums, web resources, or vendor documentation.\n* **Develop a plan**: Formulate a strategy to resolve the issue, considering the least disruptive approach first, where possible.\n* **Test and implement**: Execute the proposed solution(s) and verify if the problem is resolved. If not, repeat the troubleshooting process with a new plan until the issue is fixed.\n* **Document the process and findings**: Record the steps taken, solutions implemented, and results to foster learning and improve future troubleshooting efforts.\n\nIsolating the Problem\n---------------------\n\nTo pinpoint the root cause of an issue, it's important to isolate the problem. You can perform this by:\n\n* **Disabling or isolating hardware components**: Disconnect any peripherals or external devices, then reconnect and test them one by one to identify the defective component(s).\n* **Checking resource usage**: Utilize built-in or third-party tools to monitor resource usage (e.g., CPU, memory, and disk) to determine whether a bottleneck is causing the problem.\n* **Verifying software configurations**: Analyze the configuration files or settings for any software or applications that could be contributing to the problem.\n\nNetworking and Connectivity Issues\n----------------------------------\n\nEffective troubleshooting of network-related issues requires an understanding of various protocols, tools, and devices involved in networking. Here are some basic steps you can follow:\n\n* **Verify physical connectivity**: Inspect cables, connectors, and devices to ensure all components are securely connected and functioning correctly.\n* **Confirm IP configurations**: Check the system's IP address and related settings to ensure it has a valid IP configuration.\n* **Test network services**: Use command-line tools, such as `ping` and `traceroute` (or `tracert` in Windows), to test network connections and diagnose potential problems.\n\nLog Analysis\n------------\n\nLogs are records of system events, application behavior, and user activity, which can be invaluable when troubleshooting issues. To effectively analyze logs, you should:\n\n* **Identify relevant logs**: Determine which log files contain information related to the problem under investigation.\n* **Analyze log content**: Examine events, error messages, or patterns that might shed light on the root cause of the issue.\n* **Leverage log-analysis tools**: Utilize specialized tools or scripts to help parse, filter, and analyze large or complex log files.\n\nIn conclusion, developing OS-independent troubleshooting skills allows you to effectively diagnose and resolve issues on any system. By following a structured approach, understanding common symptoms, and utilizing the appropriate tools, you can minimize downtime and maintain the security and efficiency of your organization's IT systems.", + "description": "Understanding Common Symptoms\n-----------------------------\n\nIn order to troubleshoot effectively, it is important to recognize and understand the common symptoms encountered in IT systems. These can range from hardware-related issues, such as overheating or physical damage, to software-related problems, such as slow performance or unresponsiveness.\n\nBasic Troubleshooting Process\n-----------------------------\n\nFollowing a systematic troubleshooting process is critical, regardless of the operating system. Here are the basic steps you might follow:\n\n* **Identify the problem**: Gather information on the issue and its symptoms, and attempt to reproduce the problem, if possible. Take note of any error messages or unusual behaviors.\n* **Research and analyze**: Search for potential causes and remedies on relevant forums, web resources, or vendor documentation.\n* **Develop a plan**: Formulate a strategy to resolve the issue, considering the least disruptive approach first, where possible.\n* **Test and implement**: Execute the proposed solution(s) and verify if the problem is resolved. If not, repeat the troubleshooting process with a new plan until the issue is fixed.\n* **Document the process and findings**: Record the steps taken, solutions implemented, and results to foster learning and improve future troubleshooting efforts.\n\nIsolating the Problem\n---------------------\n\nTo pinpoint the root cause of an issue, it's important to isolate the problem. You can perform this by:\n\n* **Disabling or isolating hardware components**: Disconnect any peripherals or external devices, then reconnect and test them one by one to identify the defective component(s).\n* **Checking resource usage**: Utilize built-in or third-party tools to monitor resource usage (e.g., CPU, memory, and disk) to determine whether a bottleneck is causing the problem.\n* **Verifying software configurations**: Analyze the configuration files or settings for any software or applications that could be contributing to the problem.\n\nNetworking and Connectivity Issues\n----------------------------------\n\nEffective troubleshooting of network-related issues requires an understanding of various protocols, tools, and devices involved in networking. Here are some basic steps you can follow:\n\n* **Verify physical connectivity**: Inspect cables, connectors, and devices to ensure all components are securely connected and functioning correctly.\n* **Confirm IP configurations**: Check the system's IP address and related settings to ensure it has a valid IP configuration.\n* **Test network services**: Use command-line tools, such as `ping` and `traceroute` (or `tracert` in Windows), to test network connections and diagnose potential problems.\n\nLog Analysis\n------------\n\nLogs are records of system events, application behavior, and user activity, which can be invaluable when troubleshooting issues. To effectively analyze logs, you should:\n\n* **Identify relevant logs**: Determine which log files contain information related to the problem under investigation.\n* **Analyze log content**: Examine events, error messages, or patterns that might shed light on the root cause of the issue.\n* **Leverage log-analysis tools**: Utilize specialized tools or scripts to help parse, filter, and analyze large or complex log files.\n\nLearn more from the following resources:", "links": [ { "title": "How to identify 9 signs of Operating System.", @@ -65,12 +65,28 @@ }, "_7RjH4Goi0x6Noy6za0rP": { "title": "Understand Basics of Popular Suites", - "description": "Software suites are widely used in professional and personal environments and provide various tools to perform tasks such as word processing, data management, presentations, and communication. Familiarity with these suites will allow you to perform essential tasks while also maintaining cyber hygiene.\n\nMicrosoft Office\n----------------\n\nMicrosoft Office is the most widely used suite of applications, consisting of programs such as:\n\n* _Word_: A powerful word processor used for creating documents, reports, and letters.\n* _Excel_: A versatile spreadsheet application used for data analysis, calculations, and visualizations.\n* _PowerPoint_: A presentation software for designing and displaying slideshows.\n* _Outlook_: A comprehensive email and calendar management tool.\n* _OneNote_: A digital notebook for organizing and storing information.\n\nMicrosoft Office is available both as a standalone product and as part of the cloud-based Office 365 subscription, which includes additional features and collaboration options.\n\nGoogle Workspace (formerly G Suite)\n-----------------------------------\n\nGoogle Workspace is a cloud-based suite of productivity tools by Google, which includes widely known applications such as:\n\n* _Google Docs_: A collaborative word processor that seamlessly integrates with other Google services.\n* _Google Sheets_: A robust spreadsheet application with a wide array of functions and capabilities.\n* _Google Slides_: A user-friendly presentation tool that makes collaboration effortless.\n* _Google Drive_: A cloud storage service that allows for easy storage, sharing, and syncing of files.\n* _Gmail_: A popular email service with advanced filtering and search capabilities.\n* _Google Calendar_: A scheduling and event management application that integrates with other Google services.\n\nGoogle Workspace is particularly popular for its real-time collaboration capabilities and ease of access through web browsers.\n\nLibreOffice\n-----------\n\nLibreOffice is a free, open-source suite of applications that offers a solid alternative to proprietary productivity suites. It includes tools such as:\n\n* _Writer_: A word processor that supports various document formats.\n* _Calc_: A powerful spreadsheet application with extensive formula and function libraries.\n* _Impress_: A presentation software that supports customizable templates and animations.\n* _Base_: A database management tool for creating and managing relational databases.\n* _Draw_: A vector graphics editor for creating and editing images and diagrams.\n\nLibreOffice is compatible with various platforms, including Windows, macOS, and Linux, and provides excellent support for standard file formats.\n\nIn conclusion, being proficient in using these popular software suites will not only improve your basic IT skills but also help you maintain good cybersecurity practices. Familiarity with these suites will enable you to effectively manage and secure your digital assets while also identifying potential vulnerabilities that may arise during their use. Stay tuned for further topics on enhancing your cybersecurity knowledge.", - "links": [] + "description": "Microsoft Office\n----------------\n\nMicrosoft Office is a suite of productivity software applications developed by Microsoft. It includes popular programs like Word (word processing), Excel (spreadsheets), PowerPoint (presentations), Outlook (email and calendar), and OneNote (note-taking). The suite offers both desktop applications and cloud-based services through Office 365, enabling collaboration and remote work. Office integrates with Microsoft's cloud storage solution, OneDrive, for easy file sharing and syncing across devices. It's widely used in business, education, and personal settings for creating, editing, and managing various types of documents. Regular updates introduce new features and security improvements, maintaining Office's position as a standard tool in personal and professional computing environments.\n\nGoogle Workspace (formerly G Suite)\n-----------------------------------\n\nGoogle Workspace (formerly G Suite) is a cloud-based productivity and collaboration platform developed by Google. It includes applications like Gmail (email), Google Docs (word processing), Sheets (spreadsheets), Slides (presentations), Drive (cloud storage), Meet (video conferencing), and Calendar. These tools are designed for real-time collaboration, allowing multiple users to work on documents simultaneously. Google Workspace integrates seamlessly across devices, offers robust search capabilities, and provides advanced security features. It's popular among businesses, educational institutions, and individuals for its user-friendly interface, automatic saving, and extensive third-party app integrations. The platform emphasizes cloud-native work, promoting flexibility and remote collaboration in modern work environments.\n\nLibreOffice\n-----------\n\nLibreOffice is a free, open-source office productivity suite developed by The Document Foundation. It offers alternatives to Microsoft Office applications, including Writer (word processing), Calc (spreadsheets), Impress (presentations), Draw (graphics), Base (databases), and Math (formula editing). LibreOffice supports a wide range of file formats, including Microsoft Office formats, and emphasizes adherence to open standards. It's available for multiple operating systems, doesn't require a subscription, and allows users to customize or extend its functionality. While it may lack some advanced features of commercial alternatives, LibreOffice is popular in educational settings, government agencies, and among users seeking a cost-effective, privacy-focused office suite solution.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Microsoft Office", + "url": "https://www.office.com/", + "type": "article" + }, + { + "title": "Google Workspace", + "url": "https://workspace.google.com", + "type": "article" + }, + { + "title": "Libra Office", + "url": "https://www.libreoffice.org/", + "type": "article" + } + ] }, "T0aU8ZQGShmF9uXhWY4sD": { "title": "Basics of Computer Networking", - "description": "Computer networking involves connecting multiple computers and devices to share resources, such as data, applications, and internet connections. Networks can range from small local area networks (LANs) to large-scale wide area networks (WANs), such as the internet. The basic components of a network include devices (computers, servers, routers), transmission media (wired or wireless), and network protocols, which govern communication between devices.\n\nKey concepts in networking include:\n\n1. **IP Addressing**: Every device on a network has a unique Internet Protocol (IP) address, which allows it to be identified and communicate with other devices.\n2. **Subnetting**: This involves dividing a network into smaller, manageable sections to optimize performance and security.\n3. **Routing**: Routers are used to forward data between different networks, ensuring that information reaches the correct destination.\n4. **DNS**: The Domain Name System translates human-readable domain names into IP addresses, enabling easier navigation and communication on the internet.\n5. **TCP/IP Protocol**: The Transmission Control Protocol/Internet Protocol (TCP/IP) suite is the foundation of most networks, handling how data is broken into packets, transmitted, and reassembled.\n\nLearn more from the following resources:", + "description": "Computer networking is the practice of connecting computers and devices to share data and resources. It involves the use of protocols like TCP/IP for communication, hardware such as routers and switches for directing traffic, and various network topologies (e.g., star, mesh, bus) for organizing connections. Networks can be categorized by size and scope, from small local area networks (LANs) to wide area networks (WANs) that span large geographical areas. Key concepts include IP addressing, subnetting, DNS for name resolution, and network security measures. Understanding networking basics is crucial for managing data flow, troubleshooting connectivity issues, and ensuring efficient communication in modern computing environments.\n\nLearn more from the following resources:", "links": [ { "title": "Networking basics - What you need to know", @@ -91,7 +107,7 @@ }, "hwAUFLYpc_ftCfXq95dey": { "title": "NFC", - "description": "**Near Field Communication**, or **NFC**, is a short-range wireless communication technology that enables devices to interact with each other within a close proximity, typically within a few centimeters. It operates at a frequency of 13.56 MHz and can be used for various applications, such as contactless payment systems, secure access control, and data sharing between devices like smartphones, tablets, and other compatible gadgets.\n\nHow NFC works\n-------------\n\nWhen two NFC-enabled devices are brought close to each other, a connection is established, and they can exchange data with each other. This communication is enabled through _NFC Tags_ and _NFC Readers_. NFC Tags are small integrated circuits that store and transmit data, while NFC Readers are devices capable of reading the data stored in NFC Tags.\n\nNFC Modes\n---------\n\nNFC operates primarily in three modes:\n\n* **Reader/Writer Mode**: This mode enables the NFC device to read or write data from or to NFC Tags. For example, you can scan an NFC Tag on a poster to access more information about a product or service.\n* **Peer-to-Peer Mode**: This mode allows two NFC-enabled devices to exchange information directly. Examples include sharing data such as contact information, photos, or connecting devices for multiplayer gaming.\n* **Card Emulation Mode**: This mode allows an NFC device to act like a smart card or access card, enabling contactless payment and secure access control applications.\n\nSecurity Concerns\n-----------------\n\nWhile NFC brings convenience through its numerous applications, it also poses security risks, and it's essential to be aware of these. Some possible concerns include:\n\n* **Eavesdropping**: Attackers can potentially intercept data exchange between NFC devices if they manage to get into the communication range.\n* **Data manipulation**: Attackers might alter or manipulate the data exchanged between the devices.\n* **Unauthorized access**: An attacker can potentially exploit a vulnerability in your device, and gain unauthorized access to sensitive information.\n\nSecurity Best Practices\n-----------------------\n\nTo minimize the risks associated with NFC, follow these best practices:\n\n* Keep your device's firmware and applications updated to minimize known vulnerabilities.\n* Use strong and unique passwords for secure NFC applications and services.\n* Turn off NFC when not in use to prevent unauthorized access.\n* Be cautious when scanning unknown NFC Tags and interacting with unfamiliar devices.\n* Ensure you're using trusted and secure apps to handle your NFC transactions.\n\nIn conclusion, understanding the basics of NFC and adhering to security best practices will help ensure that you can safely and effectively use this innovative technology.", + "description": "**Near Field Communication (NFC)** is a short-range wireless technology that allows devices to communicate and exchange data over very short distances, typically up to 4 inches (10 cm). NFC is commonly used for applications such as contactless payments, electronic ticketing, and data transfer between devices. It operates at a frequency of 13.56 MHz and supports various modes, including peer-to-peer communication, card emulation, and reader/writer modes. NFC enables quick and secure interactions with minimal setup, making it convenient for mobile payments, access control, and sharing information.\n\nLearn more from the following resources:", "links": [ { "title": "The Beginner's Guide to NFCs", @@ -112,7 +128,7 @@ }, "fUBNKHNPXbemRYrnzH3VT": { "title": "WiFi", - "description": "**WiFi** stands for \"wireless fidelity\" and is a popular way to connect to the internet without the need for physical cables. It uses radio frequency (RF) technology to communicate between devices, such as routers, computers, tablets, smartphones, and other hardware.\n\nAdvantages of WiFi\n------------------\n\nWiFi has several advantages over wired connections, including:\n\n* **Convenience**: Users can access the internet from anywhere within the WiFi signal's range, providing flexibility and mobility.\n \n* **Easy Setup**: WiFi devices connect to the internet simply by entering a password once, without the need for any additional cables or adapters.\n \n* **Scalability**: WiFi networks can easily expand to accommodate additional devices without the need for significant infrastructure changes.\n \n\nSecurity Risks and WiFi Threats\n-------------------------------\n\nDespite its numerous benefits, WiFi also brings potential security risks. Some common threats include:\n\n* **Eavesdropping**: Hackers can intercept data transmitted over a WiFi connection, potentially accessing sensitive information such as personal or financial details.\n \n* **Rogue access points**: An unauthorized user could set up a fake WiFi network that appears legitimate, tricking users into connecting and providing access to their devices.\n \n* **Man-in-the-middle attacks**: An attacker intercepts data transmission between your device and the WiFi network, potentially altering data or injecting malware.\n \n\nBest Practices for Secure WiFi Connections\n------------------------------------------\n\nTo protect yourself and your devices, follow these best practices:\n\n* **Use strong encryption**: Ensure your WiFi network uses the latest available encryption standards, such as WPA3 or, at minimum, WPA2.\n \n* **Change default credentials**: Change the default username and password for your WiFi router to prevent unauthorized access and configuration.\n \n* **Keep your router firmware up to date**: Regularly check for and install any available firmware updates to prevent potential security vulnerabilities.\n \n* **Create a guest network**: If you have visitors or clients, set up a separate guest network for them to use. This ensures your primary network remains secure.\n \n* **Disable WiFi Protected Setup (WPS)**: Although WPS can simplify the connection process, it may also create security vulnerabilities. Disabling it forces users to connect via the more secure password method.\n \n* **Use a Virtual Private Network (VPN)**: Connect to the internet using a VPN, which provides a secure, encrypted tunnel for data transmission.\n \n\nBy understanding the potential security risks associated with WiFi connections and following these best practices, you can enjoy the convenience, flexibility, and mobility of WiFi while ensuring a secure browsing experience.\n\nVisit the following resources to learn more:", + "description": "WiFi is a wireless networking technology that allows devices to connect to the internet and communicate with each other without physical cables. It uses radio waves to transmit data, typically operating on the 2.4 GHz and 5 GHz frequency bands. WiFi networks are created by wireless routers or access points and can be found in homes, offices, public spaces, and many other locations. The technology follows IEEE 802.11 standards, with newer versions (like WiFi 6 or 802.11ax) offering increased speeds, better performance in crowded areas, and improved energy efficiency. WiFi enables the proliferation of mobile and smart devices, supporting the Internet of Things (IoT) and allowing for greater flexibility and mobility in network connectivity.\n\nVisit the following resources to learn more:", "links": [ { "title": "Wireless Networks - Howstuffworks", @@ -187,8 +203,19 @@ }, "-5haJATqlmj0SFSFAqN6A": { "title": "MS Office Suite", - "description": "Microsoft Office Suite, often referred to as MS Office, is one of the most widely-used software suites for productivity, communication, and document creation. It is a comprehensive set of applications designed to increase efficiency in both professional and personal settings. Below is an overview of the key applications within the MS Office Suite:\n\n* **Microsoft Word:** A versatile word processing application that allows users to create, format, and edit text documents. It is equipped with various tools for formatting, spell-checking, and collaborating in real-time with others.\n \n* **Microsoft Excel:** Excel is a powerful spreadsheet application that enables users to create, edit, and analyze data in a tabulated format. Functions and formulas simplify complicated calculations while charts and graphs help visualize data.\n \n* **Microsoft PowerPoint:** PowerPoint is a widely-used presentation software that allows users to create visually engaging slides with various multimedia elements. It is an effective tool for sharing ideas, data and presenting complex concepts in an understandable format.\n \n* **Microsoft Outlook:** Outlook is an email management system that integrates emails, calendars, tasks, and contacts into a single platform. It enables users to efficiently manage their inboxes, organize schedules and manage contacts.\n \n* **Microsoft OneNote:** OneNote is a digital notebook that allows users to take notes, annotate, and capture and store information from various sources (including web pages), organize it intuitively, and sync it across devices.\n \n* **Microsoft Access:** Access is a relational database management system that provides users with the tools needed to create, modify, and store data in an organized manner.\n \n\nAs part of Microsoft's Office 365 subscription, users also have access to cloud-based services like OneDrive, Skype for Business, and Microsoft Teams, which further enhance collaboration and productivity.\n\nWhen considering your cyber security strategy, it is essential to ensure that your MS Office applications are always up-to-date. Regular updates improve security, fix bugs, and protect against new threats. Additionally, it is crucial to follow best practices, such as using strong passwords and only downloading reputable add-ins, to minimize potential risks.", - "links": [] + "description": "The **Microsoft Office Suite** is a collection of productivity software developed by Microsoft, commonly used in both personal and professional settings. It includes core applications such as **Word** (word processing), **Excel** (spreadsheets), **PowerPoint** (presentations), and **Outlook** (email and calendar). Other applications in the suite may include **Access** (database management), **OneNote** (note-taking), and **Teams** (collaboration and communication). The suite offers integrated tools for creating, managing, and sharing documents, data, and communications, supporting a wide range of business and personal productivity tasks.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Microsoft Office Suite Directory", + "url": "https://www.microsoft.com/en-gb/microsoft-365/products-apps-services", + "type": "article" + }, + { + "title": "Every Office 365 App Explained", + "url": "https://www.youtube.com/watch?v=2W0T2qGZ9Dc", + "type": "video" + } + ] }, "wkuE_cChPZT2MHyGjUuU4": { "title": "HackTheBox", @@ -208,32 +235,65 @@ }, "kht-L7_v-DbglMYUHuchp": { "title": "TryHackMe", - "description": "[TryHackMe](https://tryhackme.com/) is an online platform for learning and practicing cyber security skills. It offers a wide range of cybersecurity challenges, known as \"rooms\", which are designed to teach various aspects of cybersecurity, such as ethical hacking, penetration testing, and digital forensics.\n\nKey Features:\n-------------\n\n* **Rooms**: Rooms are tasks and challenges that cover a wide range of topics and difficulty levels. Each room has specific learning objectives, resources, and guidance to help you learn and apply cybersecurity concepts.\n \n* **Hands-on Learning**: TryHackMe focuses on providing practical, hands-on experience by giving participants access to virtual machines to put their knowledge to the test.\n \n* **Gamification**: TryHackMe incorporates gamification elements such as points, badges, and leaderboards to engage users and encourage friendly competition.\n \n* **Community Collaboration**: The platform has a strong and supportive community, where users can share knowledge, ask questions, and collaborate on challenges.\n \n* **Educational Pathways**: TryHackMe offers learning pathways to guide users through a series of related rooms, helping them develop specific skills and knowledge in a structured way.\n \n\nGetting Started:\n----------------\n\nTo get started with TryHackMe, follow these steps:\n\n* Sign up for a free account at [tryhackme.com](https://tryhackme.com/).\n* Join a room based on your interests or skill level.\n* Follow the instructions and resources provided in the room to learn new concepts and complete the challenges.\n* Progress through various rooms and pathways to enhance your cybersecurity skills and knowledge.\n\nBy using TryHackMe, you'll have access to a constantly growing repository of cybersecurity challenges, tools, and resources, ensuring that you stay up-to-date with the latest developments in the field.", - "links": [] + "description": "TryHackMe is an online platform designed for cybersecurity training and learning through hands-on experience. It offers a wide range of virtual rooms and challenges covering various security topics, from basic to advanced levels. Users can access vulnerable machines, engage in capture-the-flag (CTF) style exercises, and learn practical skills in areas like penetration testing, web security, and network security. TryHackMe uses browser-based tools and virtual machines, making it accessible without requiring powerful hardware. The platform caters to beginners and experienced professionals alike, providing guided learning paths, real-world scenarios, and a supportive community. It's widely used for both individual skill development and corporate cybersecurity training.\n\nLearn more from the following resources:", + "links": [ + { + "title": "TryHackMe Website", + "url": "https://tryhackme.com/", + "type": "article" + }, + { + "title": "Start Your Cybersecurity Career with TryHackMe", + "url": "https://www.youtube.com/watch?v=HPF8y_gDP7w", + "type": "video" + } + ] }, "W94wY_otBuvVW_-EFlKA6": { "title": "VulnHub", - "description": "[VulnHub](https://www.vulnhub.com/) is a platform that provides a wide range of vulnerable virtual machines for you to practice your cybersecurity skills in a safe and legal environment. These machines, also known as virtual labs or boot-to-root (B2R), often mimic real-world scenarios, and are designed to train and challenge security enthusiasts, researchers, and students who want to learn how to find and exploit vulnerabilities.\n\nHow does VulnHub work?\n----------------------\n\n* **Download**: You can download a variety of virtual machines (VMs) from the VulnHub website. These VMs are usually available in `.ova`, `.vmx`, or `.vmdk` formats, which can be imported into virtualization platforms like VMware or VirtualBox.\n* **Configure**: After importing the VM, you'll need to configure the networking settings to ensure the host machine and the VM can communicate with each other.\n* **Attack**: You can now start exploring the VM, searching for vulnerabilities, and trying to exploit them. The ultimate goal is often to gain root or administrative access on the target machine.\n\nLearning Resources\n------------------\n\nVulnHub also provides learning resources like walkthroughs and hints from its community. These resources can be very helpful if you're a beginner and feeling stuck or just curious about another approach to solve a challenge. Remember that it's essential to experiment, learn from your mistakes, and improve your understanding of various cybersecurity concepts.\n\nCTF Integration\n---------------\n\nVulnHub can also be a great resource to practice for Capture The Flag (CTF) challenges. Many of the virtual machines and challenges available on VulnHub mirror the type of challenges you might encounter in a CTF competition. By practicing with these VMs, you will gain valuable experience that can be applied in a competitive CTF environment.\n\nIn summary, VulnHub is an excellent platform for anyone looking to improve their cybersecurity skills and gain hands-on experience by exploiting vulnerabilities in a safe and legal environment. The range of challenge difficulty ensures that both beginners and experienced security professionals can benefit from the platform while preparing for real-world scenarios and CTF competitions.", - "links": [] + "description": "VulnHub is an online platform that provides a collection of intentionally vulnerable virtual machines for cybersecurity enthusiasts, penetration testers, and ethical hackers to practice their skills. These virtual machines simulate various real-world scenarios with different vulnerabilities and security misconfigurations. Users can download and run these VMs in their own environments, attempting to exploit vulnerabilities and gain root access. VulnHub offers a hands-on approach to learning about cybersecurity, allowing users to explore different attack vectors, practice exploitation techniques, and understand common security flaws in a safe, legal environment. It's a valuable resource for both beginners and experienced professionals to enhance their offensive security skills and prepare for certifications.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Vulnhub Website", + "url": "https://www.vulnhub.com/", + "type": "article" + }, + { + "title": "A Beginners Guide to Vulnhub", + "url": "https://medium.com/@gavinloughridge/a-beginners-guide-to-vulnhub-part-1-52b06466635d", + "type": "article" + } + ] }, "pou5xHwnz9Zsy5J6lNlKq": { "title": "picoCTF", - "description": "[PicoCTF](https://picoctf.org/) is a popular online Capture The Flag (CTF) competition designed for beginners and experienced cyber security enthusiasts alike. It is organized annually by the [Plaid Parliament of Pwning (PPP)](https://ppp.cylab.cmu.edu/) team, a group of cyber security researchers and students from Carnegie Mellon University.\n\nFeatures\n--------\n\n* **Level-based Challenges**: PicoCTF offers a wide range of challenges sorted by difficulty levels. You will find challenges in topics like cryptography, web exploitation, forensics, reverse engineering, binary exploitation, and much more. These challenges are designed to build practical cybersecurity skills and engage in real-world problem-solving.\n \n* **Learning Resources**: The platform includes a collection of learning resources to help participants better understand the topics they are tackling. This allows you to quickly learn the necessary background information to excel in each challenge.\n \n* **Collaborative Environment**: Users can collaborate with a team or join a group to work together and share ideas. Working with others allows for hands-on practice in communication, organization, and critical thinking skills that are vital in the cybersecurity field.\n \n* **Leaderboard and Competitive Spirit**: PicoCTF maintains a growing leaderboard where participants can see their ranking, adding an exciting competitive aspect to the learning experience.\n \n* **Open for All Ages**: The competition is open to individuals of all ages, with a focus on students in middle and high school in order to cultivate the next generation of cybersecurity professionals.\n \n\nIn conclusion, PicoCTF is an excellent platform for beginners to start learning about cybersecurity, as well as for experienced individuals looking to improve their skills and compete. By participating in PicoCTF, you can enhance your knowledge, engage with the cyber security community, and hone your skills in this ever-growing field.", - "links": [] + "description": "**picoCTF** is an online cybersecurity competition designed to help students and beginners learn and practice hacking skills through capture-the-flag (CTF) challenges. Developed by Carnegie Mellon University, picoCTF features a series of progressively difficult puzzles that teach concepts such as reverse engineering, cryptography, web exploitation, forensics, and binary exploitation. It's an educational platform that offers hands-on experience in solving real-world cybersecurity problems, making it popular among both students and aspiring cybersecurity professionals for learning and improving their skills in a practical, interactive environment.\n\nLearn more from the following resources:", + "links": [ + { + "title": "picoCTF Website", + "url": "https://picoctf.org/", + "type": "article" + }, + { + "title": "BEGINNER Capture The Flag - PicoCTF 2021 001 \"Obedient Cat\"", + "url": "https://www.youtube.com/watch?v=P07NH5F-t3s", + "type": "video" + } + ] }, "WCeJrvWl837m1BIjuA1Mu": { "title": "SANS Holiday Hack Challenge", - "description": "The **SANs Holiday Hack Challenge** is a popular and engaging annual cybersecurity event that features a unique blend of digital forensics, offensive security, defensive security, and other cybersecurity topics. It is hosted by the SANS Institute, one of the largest and most trusted sources for information security training, certification, and research worldwide.\n\nOverview\n--------\n\nThe SANs Holiday Hack Challenge incorporates a series of challenging and entertaining cybersecurity puzzles, with a festive holiday theme, for participants of all skill levels. The event typically takes place during the December holiday season, and participants have around a month to complete the challenges. It is free to participate, making the event accessible to a wide range of cybersecurity enthusiasts, from beginners to seasoned professionals.\n\nFormat\n------\n\nThe SANs Holiday Hack Challenge presents a compelling storyline where participants assume the role of a security practitioner tasked with solving various security issues and puzzles. Details of the challenges are weaved into the storyline, which may contain videos, images, and other forms of multimedia. Solving the challenges requires creative problem-solving and the application of various cybersecurity skills, including:\n\n* Digital Forensics\n* Penetration Testing\n* Reverse Engineering\n* Web Application Security\n* Cryptography\n* Defensive Security Techniques\n\nEach year, the Holiday Hack Challenge presents a new storyline and set of challenges aimed at providing real-world learning opportunities for those looking to improve their cybersecurity skills.\n\nPrizes\n------\n\nParticipants have a chance to win prestigious recognition for their performance in the challenge. By successfully solving the holiday-themed cybersecurity puzzles, participants may be awarded prizes, SANS training courses, certifications, or other recognition in the cybersecurity community.\n\nWhy Participate\n---------------\n\nThe SANs Holiday Hack Challenge is a valuable experience for people with an interest in cybersecurity, offering an entertaining and educational challenge. Reasons to participate include:\n\n* **Skill Development**: The challenge provides an opportunity to sharpen your technical skills in various cybersecurity domains.\n* **Networking**: Work with like-minded security enthusiasts to solve problems, share knowledge, and build connections in the industry.\n* **Recognition**: Achieve recognition for your skills and contribution to tackling real-world cybersecurity issues.\n* **Fun**: Experience the thrill of solving complex security problems while enjoying the festive theme and engaging storyline.\n\nIn conclusion, the SANs Holiday Hack Challenge offers a unique opportunity to develop your cybersecurity skills in a fun and challenging environment. Whether you are new to the field or an industry veteran, participating in this event will help you grow professionally and make valuable connections in the cybersecurity community. Don't miss the next SANs Holiday Hack Challenge!", + "description": "The SANS Holiday Hack Challenge is an annual cybersecurity event that offers participants the opportunity to solve a series of themed cybersecurity puzzles and challenges. Designed to engage both beginners and experienced professionals, the challenge covers a wide range of topics including network forensics, penetration testing, reverse engineering, and more. It provides a fun, gamified learning experience that encourages participants to enhance their skills while collaborating with the global cybersecurity community. The event often features real-world security scenarios, creative storytelling, and interactive, hands-on tasks.\n\nLearn more from the following resources:", "links": [ { - "title": "SANS Holiday Hack Challenge", - "url": "https://www.sans.org/holidayhack", + "title": "SANS Holiday Hack Website", + "url": "https://www.sans.org/mlp/holiday-hack-challenge-2023/", "type": "article" }, { - "title": "Explore top posts about Security", - "url": "https://app.daily.dev/tags/security?ref=roadmapsh", - "type": "article" + "title": "Official SANS Holiday Hack Challenge Video", + "url": "https://www.youtube.com/watch?v=zfhhLi8jZzI", + "type": "video" } ] }, @@ -411,8 +471,19 @@ }, "SwVGVP2bbCFs2uNg9Qtxb": { "title": "OSCP", - "description": "Offensive Security Certified Professional (OSCP)\n------------------------------------------------\n\nThe **Offensive Security Certified Professional (OSCP)** is a highly respected and sought-after certification in the field of cybersecurity. This certification is designed to test your practical knowledge and skills in the identification and exploitation of vulnerabilities in a target environment, as well as your ability to effectively implement offensive security techniques to assess the security posture of networks and systems.\n\nKey Topics Covered:\n-------------------\n\n* Penetration testing methodologies\n* Advanced information gathering techniques\n* Buffer overflow attacks\n* Web application attacks\n* Various exploitation techniques\n* Privilege escalation\n* Client-side attacks\n* Post-exploitation techniques\n* Basic scripting and automation\n\nPrerequisites:\n--------------\n\nThere are no strict prerequisites for the OSCP, but it is recommended that candidates have a solid understanding of networking, system administration, and Linux/Unix command-line environments. Familiarity with basic programming concepts, scripting languages (e.g., Python, Bash), and operating system concepts will also be helpful.\n\nExam Format:\n------------\n\nTo obtain the OSCP certification, you must successfully complete the 24-hour hands-on exam, where you are required to attack and penetrate a target network, compromising several machines and completing specific objectives within the given time frame.\n\nBefore attempting the exam, candidates must complete the accompanying training course, **Penetration Testing with Kali Linux (PWK)**, which provides the necessary knowledge and practical experience required for the OSCP exam.\n\nWhy Pursue the OSCP Certification?\n----------------------------------\n\n* **Hands-on Approach:** OSCP emphasizes a practical, hands-on approach, ensuring that certified professionals possess both the theoretical knowledge and practical skills required to succeed in the cybersecurity field.\n* **Industry Recognition:** OSCP is widely recognized and respected within the cybersecurity community as a rigorous and demanding certification that validates a candidate's ability to perform under pressure.\n* **Career Advancement:** With the OSCP certification, you can demonstrate your advanced skills in offensive security techniques, making you a valuable asset to any security team and potentially opening up opportunities for career growth, higher salaries, and challenging roles in the industry.\n* **Continuous Learning:** Pursuing the OSCP certification will help you develop a deeper understanding of underlying vulnerabilities and attack vectors. This knowledge, combined with constantly evolving offensive security techniques, ensures that you stay ahead in the ever-changing cybersecurity landscape.\n\nObtaining the OSCP certification can be a challenging and rewarding journey that provides you with practical skills and industry recognition, enabling you to stand out as a cybersecurity professional and advance your career in the field.", - "links": [] + "description": "**OSCP (Offensive Security Certified Professional)** is a widely recognized certification in cybersecurity that focuses on penetration testing and ethical hacking. Offered by Offensive Security, it requires candidates to complete a challenging exam that involves identifying and exploiting vulnerabilities in a controlled environment. The OSCP certification emphasizes hands-on skills, practical experience, and the ability to conduct comprehensive security assessments, making it highly valued by employers for its rigorous approach to real-world penetration testing techniques.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Offsec OSCP Site", + "url": "https://www.offsec.com/courses/pen-200/", + "type": "article" + }, + { + "title": "How to prepare for the OSCP", + "url": "https://cybersecurityguide.org/programs/cybersecurity-certifications/oscp/", + "type": "article" + } + ] }, "rA1skdztev3-8VmAtIlmr": { "title": "CREST", @@ -448,18 +519,34 @@ }, "UY6xdt_V3YMkZxZ1hZLvW": { "title": "Operating Systems", - "description": "An **operating system (OS)** is a crucial component of a computer system as it manages and controls both the hardware and software resources. It provides a user-friendly interface and ensures the seamless functioning of the various applications installed on the computer.\n\nIn the context of cybersecurity, selection and proper maintenance of an operating system is paramount. This section will discuss the three major operating systems: Windows, macOS, and Linux, along with security considerations.\n\nWindows\n-------\n\nMicrosoft Windows is ubiquitous amongst desktop and laptop users, making it a primary target for cybercriminals. Attackers often focus on finding and exploiting vulnerabilities within Windows due to its extensive user-base. That said, Windows continues to enhance its built-in security features with updates and patches. Key features include:\n\n* Windows Defender: An antivirus program that detects and removes malware.\n* Windows Firewall: Monitors and controls incoming and outgoing network traffic.\n* BitLocker: A full disk encryption feature for securing data.\n\nAs a Windows user, keeping your system up-to-date and using additional security tools such as anti-malware software is vital.\n\nmacOS\n-----\n\nThe macOS, Apple's operating system for Macintosh computers, holds a reputation for strong security. Apple designed macOS with several built-in features to protect user privacy and data:\n\n* Gatekeeper: Ensures downloaded apps originate from trusted sources.\n* FileVault 2: Offers full-disk encryption for data protection.\n* XProtect: An antivirus tool that scans newly installed apps for malware.\n\nDespite macOS's sound security measures, no operating system is completely immune to threats. Running reputable security software and keeping your macOS updated is essential to safeguard against potential cyberattacks.\n\nLinux\n-----\n\nLinux is an open-source operating system considered to be more secure than its commercial counterparts. Linux uses a multi-user environment, mitigating the impact of potential threats by separating user information and privileges. Other notable features include:\n\n* Software Repositories: Official software repositories maintained by Linux distributions provide trusted sources for software installation.\n* SELinux (Security-Enhanced Linux): A security architecture that allows administrators to control system access.\n* System/package updates: Regular updates offered by distributions hold essential security fixes.\n\nAlthough Linux distributions are less targeted by cybercriminals, it is vital to follow security best practices, such as keeping your system updated and employing security tools like antivirus software and firewalls.\n\nRemember, the security of your operating system relies on timely updates, proper configuration, and the use of appropriate security tools. Stay vigilant and informed to ensure your system remains secure against ever-evolving cyber threats.", - "links": [] + "description": "**Operating systems (OS)** are software that manage computer hardware and provide a platform for applications to run. They handle essential functions such as managing memory, processing tasks, controlling input and output devices, and facilitating file management. Key examples include **Windows**, **macOS**, **Linux**, and **Unix**. Each operating system offers different features and interfaces, tailored to specific user needs or system requirements, from desktop computing to server management and embedded systems.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is an operating system?", + "url": "https://www.geeksforgeeks.org/what-is-an-operating-system/", + "type": "article" + }, + { + "title": "What is an operating system as fast as possible", + "url": "https://www.youtube.com/watch?v=pVzRTmdd9j0", + "type": "video" + } + ] }, "BNUKEQ4YpZmIhSPQdkHgU": { "title": "Windows", - "description": "Windows is a popular operating system (OS) developed by Microsoft Corporation. It was first introduced in 1985 and has since evolved to become one of the most widely used OS worldwide. Windows is known for its graphical user interface (GUI), and it supports a wide variety of applications, making it a versatile choice for both personal and professional use.\n\nKey Features\n------------\n\n* **Ease of use:** Windows is designed with a user-friendly interface, making it easy for users to navigate, manage files, and access applications.\n \n* **Compatibility:** Windows is compatible with a vast range of hardware and software, including most peripherals like printers, webcams, and more.\n \n* **Regular updates:** Microsoft provides regular updates for Windows, which helps maintain security, fix bugs, and enhance features.\n \n* **Large user community:** Due to its widespread use, there is a vast online community of users who provide support, solutions, and information about the platform.\n \n* **Versatile application support:** Windows supports a plethora of applications, including office productivity tools, games, multimedia software, and more.\n \n\nSecurity Features\n-----------------\n\nWindows has made significant strides to improve its security over the years. Some of the security features include:\n\n* **Windows Defender:** A built-in antivirus software that provides real-time protection against malware, ransomware, and other threats.\n \n* **Windows Firewall:** This feature helps protect your device from unauthorized access or intrusion by blocking potentially harmful network connections.\n \n* **User Account Control (UAC):** UAC helps prevent unauthorized changes to the system settings by prompting users for administrative permission when making system modifications.\n \n* **Windows Update:** Regular updates ensure that your system is up-to-date with the latest security patches, bug fixes, and feature improvements.\n \n* **BitLocker:** A disk encryption feature available in certain Windows editions, BitLocker helps secure your data by providing encryption for your hard drive or external storage devices.\n \n\nEssential Security Tips for Windows Users\n-----------------------------------------\n\nTo improve the security of Windows devices, users should:\n\n* Ensure that the Windows OS and all installed software are up-to-date.\n \n* Regularly update and run antivirus and anti-malware software.\n \n* Enable the built-in Windows Firewall to protect the device from unauthorized access.\n \n* Use strong and unique passwords for user accounts and enable two-factor authentication wherever possible.\n \n* Regularly back up important data to an external storage device or a secure cloud service to avoid data loss.\n \n\nBy following these security tips and staying informed about potential threats, Windows users can protect their devices and data from various cyber-attacks.", + "description": "Windows is Microsoft's widely-used operating system for personal computers and servers. It provides a graphical user interface, multitasking capabilities, and supports a vast array of software applications and hardware devices. Windows offers features like file management, user account control, built-in security tools, and regular updates. It comes in various editions for different use cases, from home computing to enterprise environments. Windows integrates with Microsoft's cloud services and includes tools for productivity, gaming, and system management. Its widespread adoption makes it a primary target for both software developers and cybersecurity threats, necessitating regular security updates and patches.\n\nLearn more from the following resources:", "links": [ { "title": "Windows Security", "url": "https://learn.microsoft.com/en-us/windows/security/", "type": "article" }, + { + "title": "Windows 11 Full Tutorial - A 2 Hour Course to Learn and Master Windows 11", + "url": "https://www.youtube.com/watch?v=UKn-r3X2CLk", + "type": "article" + }, { "title": "Explore top posts about Windows", "url": "https://app.daily.dev/tags/windows?ref=roadmapsh", @@ -469,7 +556,7 @@ }, "4frVcjYI1VlVU9hQgpwcT": { "title": "Linux", - "description": "Linux is an open-source operating system (OS) that is widely popular due to its flexibility, stability, and security features. As a Unix-based OS, Linux has a command-line interface, which allows users to perform various tasks through text commands. However, graphical user interfaces (GUIs) can also be installed for ease of use.\n\nKey Features\n------------\n\n* **Open-source**: Anyone can view, modify, and distribute the Linux source code, promoting collaboration and continuous improvement within the OS community.\n* **Modular design**: Linux can be customized for various computing environments, such as desktops, servers, and embedded systems.\n* **Stability and performance**: Linux is well-known for its ability to handle heavy loads without crashing, making it an ideal choice for servers.\n* **Strong Security**: Linux has robust security mechanisms, such as file permissions, a built-in firewall, and an extensive user privilege system.\n* **Large Community**: Linux has a vast, active user community that offers a wealth of knowledge, user-contributed software, and support forums.\n\nPopular Linux Distributions\n---------------------------\n\nThere are numerous Linux distributions available, catering to specific user needs and preferences. Some popular distributions include:\n\n* **Ubuntu**: A user-friendly distribution suitable for beginners, often used for desktop environments.\n* **Fedora**: A cutting-edge distribution with frequent updates and innovative features, ideal for developers and advanced users.\n* **Debian**: A very stable distribution that prioritizes free software and benefits from a large, active community.\n* **Arch Linux**: A highly customizable distribution that allows users to build their system from the ground up, suited for experienced users.\n* **CentOS**: A distribution focused on stability, security, and manageability, making it a popular choice for server environments.\n\nSecurity Best Practices for Linux\n---------------------------------\n\nWhile Linux is inherently secure, there are best practices to enhance your system's security further:\n\n* Keep your system updated: Regularly update your kernel, OS packages, and installed software to ensure you have the latest security patches.\n* Enable a firewall: Configure and enable a firewall, such as `iptables`, to control incoming and outgoing network traffic.\n* Use strong passwords and user accounts: Create separate accounts with strong passwords for different users and grant them only the required privileges.\n* Disable unused services: Unnecessary services can be potential security risks; ensure only required services are running on your system.\n* Implement a Security-Enhanced Linux (SELinux) policy: SELinux provides a mandatory access control (MAC) system that restricts user and process access to system resources.\n\nBy understanding Linux's features and best practices, you can leverage its powerful capabilities and robust security features to enhance your computing environment's performance and safety.\n\nLearn more from the following resources:", + "description": "Linux is an open-source, Unix-like operating system kernel first released by Linus Torvalds in 1991. It forms the core of various operating systems known as Linux distributions. Linux is known for its stability, security, and flexibility, making it popular for servers, embedded systems, and increasingly for desktop use. It supports a wide range of hardware and offers powerful command-line interfaces alongside graphical user interfaces. Linux adheres to Unix principles, emphasizing modularity and the philosophy of \"do one thing and do it well.\" Its open-source nature allows for community-driven development and customization. Linux is widely used in cloud computing, supercomputers, and Android devices, and is a fundamental component of the LAMP (Linux, Apache, MySQL, PHP) web server stack.\n\nLearn more from the following resources:", "links": [ { "title": "Linux from scratch - Cisco", @@ -481,11 +568,6 @@ "url": "https://roadmap.sh/linux", "type": "article" }, - { - "title": "Learn Linux", - "url": "https://linuxjourney.com/", - "type": "article" - }, { "title": "Linux Commands Cheat Sheet", "url": "https://cdn.hostinger.com/tutorials/pdf/Linux-Commands-Cheat-Sheet.pdf", @@ -510,8 +592,19 @@ }, "dztwr-DSckggQbcNIi4_2": { "title": "MacOS", - "description": "**macOS** is a series of proprietary graphical operating systems developed and marketed by Apple Inc. It is the primary operating system for Apple's Mac computers. macOS is widely recognized for its sleek design, robust performance, and innovative features, making it one of the most popular operating systems globally.\n\nKey Features\n------------\n\n* **User-friendly interface**: macOS is known for its simple and intuitive user interface, which makes it easy for users to navigate and use the system efficiently.\n \n* **Security**: macOS has several built-in security features, such as XProtect, Gatekeeper, and FileVault, to provide a secure computing environment. Additionally, macOS is based on UNIX, which is known for its strong security and stability.\n \n* **Integration with Apple ecosystem**: macOS is seamlessly integrated with Apple's software and hardware ecosystem, including iOS, iCloud, and other Apple devices, providing a consistent and well-connected user experience.\n \n* **App Store**: Apple's App Store offers a large and diverse selection of applications for macOS, ensuring easy and secure software downloads and installations.\n \n* **Time Machine**: macOS's Time Machine feature provides an easy and automatic way to back up your data, ensuring you never lose important files and can recover from system crashes.\n \n\nSecurity Tips\n-------------\n\n* **Keep your macOS up-to-date**: Always ensure that your macOS is running the latest version and security updates, as Apple regularly releases patches to fix potential vulnerabilities.\n \n* **Enable the Firewall**: Make sure to enable macOS's built-in firewall to protect your system from unauthorized access and potential intrusions.\n \n* **Use strong, unique passwords**: Ensure that your macOS user account is protected with a strong, unique password and enable two-factor authentication for your Apple ID.\n \n* **Be cautious with downloads**: Be careful when downloading and installing software from unknown sources. Use the macOS App Store whenever possible, and avoid downloading from third-party websites.\n \n* **Install antivirus software**: To add an extra layer of security, consider installing a reputable antivirus program on your Mac to protect against malware and other threats.\n \n\nBy following these security tips and staying vigilant, users can ensure their Mac remains a secure and enjoyable computing environment.", - "links": [] + "description": "**macOS** is an operating system developed by Apple Inc. for its line of Mac computers. Known for its user-friendly interface and integration with other Apple products, macOS features a Unix-based architecture, offering stability, security, and performance. It includes a suite of built-in applications, such as Safari, Mail, and Finder, and supports a wide range of third-party software. macOS provides seamless integration with services like iCloud, Continuity, and Handoff, enhancing productivity and connectivity across Apple devices. Regular updates and a focus on design and usability make macOS a popular choice for both personal and professional use.\n\nLearn more from the following resources:", + "links": [ + { + "title": "MacOS Website", + "url": "https://www.apple.com/uk/macos/macos-sequoia/", + "type": "article" + }, + { + "title": "Mac Tutorial for Beginners 2024", + "url": "https://www.youtube.com/watch?v=3jeeFc2Vo1U", + "type": "video" + } + ] }, "02aaEP9E5tlefeGBxf_Rj": { "title": "Installation and Configuration", @@ -525,17 +618,27 @@ }, "MGitS_eJBoY99zOR-W3F4": { "title": "Navigating using GUI and CLI", - "description": "Graphical User Interface (GUI) and Command Line Interface (CLI) are the two essential methods to navigate through a computer system or a network device. Both these interfaces are crucial for understanding and managing cyber security.\n\nGraphical User Interface (GUI)\n------------------------------\n\nA Graphical User Interface (GUI) is a type of user interface that allows users to interact with a software program, computer, or network device using images, icons, and visual indicators. The GUI is designed to make the user experience more intuitive, as it enables users to perform tasks using a mouse and a keyboard without having to delve into complex commands. Most modern operating systems (Windows, macOS, and Linux) offer GUIs as the primary means of interaction.\n\n**Advantages of GUI:**\n\n* User-friendly and visually appealing\n* Easier for beginners to learn and navigate\n* Reduces the need to memorize complex commands\n\n**Disadvantages of GUI:**\n\n* Consumes more system resources (memory, CPU) than CLI\n* Some advanced features might not be available or accessibly as quickly compared to CLI\n\nCommand Line Interface (CLI)\n----------------------------\n\nA Command Line Interface (CLI) is a text-based interface that allows users to interact with computer programs or network devices directly through commands that are entered via a keyboard. CLIs are used in a variety of contexts, including operating systems (e.g., Windows Command Prompt or PowerShell, macOS Terminal, and Linux shell), network devices (such as routers and switches), and some software applications.\n\n**Advantages of CLI:**\n\n* Faster and more efficient in performing tasks once commands are known\n* Requires fewer system resources (memory, CPU) than GUI\n* Provides more control and advanced features for experienced users\n\n**Disadvantages of CLI:**\n\n* Steeper learning curve for beginners\n* Requires memorization or reference material for commands and syntax\n\nBy understanding how to navigate and use both GUI and CLI, you will be better equipped to manage and secure your computer systems and network devices, as well as perform various cyber security tasks that may require a combination of these interfaces. It is essential to be familiar with both methods, as some tasks may require the precision and control offered by CLI, while others may be more efficiently performed using a GUI.\n\nIn the following sections, we will discuss some common CLI tools and their usage, along with how to secure and manage your computer systems and network devices using these interfaces. Stay tuned!", + "description": "Graphical User Interface (GUI)\n------------------------------\n\nA Graphical User Interface (GUI) is a type of user interface that allows users to interact with a software program, computer, or network device using images, icons, and visual indicators. The GUI is designed to make the user experience more intuitive, as it enables users to perform tasks using a mouse and a keyboard without having to delve into complex commands. Most modern operating systems (Windows, macOS, and Linux) offer GUIs as the primary means of interaction.\n\n**Advantages of GUI:**\n\n* User-friendly and visually appealing\n* Easier for beginners to learn and navigate\n* Reduces the need to memorize complex commands\n\n**Disadvantages of GUI:**\n\n* Consumes more system resources (memory, CPU) than CLI\n* Some advanced features might not be available or accessibly as quickly compared to CLI\n\nCommand Line Interface (CLI)\n----------------------------\n\nA Command Line Interface (CLI) is a text-based interface that allows users to interact with computer programs or network devices directly through commands that are entered via a keyboard. CLIs are used in a variety of contexts, including operating systems (e.g., Windows Command Prompt or PowerShell, macOS Terminal, and Linux shell), network devices (such as routers and switches), and some software applications.\n\n**Advantages of CLI:**\n\n* Faster and more efficient in performing tasks once commands are known\n* Requires fewer system resources (memory, CPU) than GUI\n* Provides more control and advanced features for experienced users\n\n**Disadvantages of CLI:**\n\n* Steeper learning curve for beginners\n* Requires memorization or reference material for commands and syntax\n\nBy understanding how to navigate and use both GUI and CLI, you will be better equipped to manage and secure your computer systems and network devices, as well as perform various cyber security tasks that may require a combination of these interfaces. It is essential to be familiar with both methods, as some tasks may require the precision and control offered by CLI, while others may be more efficiently performed using a GUI.", "links": [] }, "bTfL7cPOmBBFl-eHxUJI6": { "title": "Understand Permissions", - "description": "Understanding permissions is crucial for maintaining a secure environment in any system. Permissions determine the level of access and control users have over files, applications, and other system resources. By setting the appropriate permissions, you can effectively limit the potential for unauthorized access and data breaches.\n\nDifferent Types of Permissions\n------------------------------\n\nPermissions can be broadly categorized into three types:\n\n* **Read (R)**: This permission level allows users to view the content of a file or folder, without the ability to make any changes or execute actions.\n* **Write (W)**: This permission level grants users the ability to create, modify, or delete files and folders.\n* **Execute (X)**: This permission level allows users to run a file or application and execute actions within it.\n\nThese permissions can be combined in different ways to form the desired access level. For example, a user may have read and write permissions for a file, allowing them to view and modify its contents, but not execute any actions within it.\n\nSetting and Managing Permissions\n--------------------------------\n\nPermissions can be set and managed using various tools and methods, depending on the operating system being used:\n\n* **Windows**: Permissions are set through Access Control Lists (ACLs) in the security properties of a file or folder. This allows you to grant or deny specific permissions to users and groups.\n* **Mac**: Mac uses POSIX permissions to manage access control, which can be set using the \"Get Info\" window for a file or folder, or through Terminal commands.\n* **Linux**: Permissions on Linux systems are managed using the `chmod` command, along with the `chown` and `chgrp` commands to change the ownership of files and groups.\n\nIt's essential to understand how these tools work and use them effectively to maintain a secure environment.\n\nBest Practices for Implementing Permissions\n-------------------------------------------\n\nTo ensure cyber security with permissions, follow these best practices:\n\n* **Least Privilege Principle**: Grant users the minimum level of access they need to perform their tasks. People should not have unnecessary access to sensitive information or resources.\n* **Regularly Review Permissions**: Regularly audit permissions to ensure they are up-to-date and align with the current organizational roles and responsibilities.\n* **Use Groups and Roles**: Group users based on their job roles and assign permissions to groups instead of individuals. This simplifies the permission management process.\n* **Implement Security Training**: Educate users about the importance of permissions and their responsibilities to maintain a secure environment.\n\nBy understanding permissions and following best practices, you can enhance cyber security and minimize the risk of unauthorized access and data breaches.", + "description": "Permissions in computing systems define the level of access and actions allowed for users or processes on files, directories, and resources. They typically include read (ability to view content), write (ability to modify), and execute (ability to run programs or scripts) privileges. Permissions are fundamental to system security, data protection, and user management, controlling who can access, modify, or run specific resources. In Unix-like systems, permissions are often represented as rwx (read, write, execute) for owner, group, and others. Windows systems use Access Control Lists (ACLs) for more granular control. Proper permission management is crucial for maintaining system integrity, preventing unauthorized access, and ensuring compliance with security policies and regulations.\n\nLearn more from the following resources:", "links": [ { "title": "Linux File Permissions (Linux Journey)", "url": "https://linuxjourney.com/lesson/file-permissions", "type": "article" + }, + { + "title": "Linux Crash Course - Understanding File Permissions", + "url": "https://www.youtube.com/watch?v=4N4Q576i3zA", + "type": "video" + }, + { + "title": "Managing Windows permissions with CLI (Icacls)", + "url": "https://www.youtube.com/watch?v=ddtc2rgtgAI", + "type": "video" } ] }, @@ -546,13 +649,40 @@ }, "zRXyoJMap9irOYo3AdHE8": { "title": "Performing CRUD on Files", - "description": "When working with files in any system or application, understanding and performing CRUD operations (Create, Read, Update, and Delete) is essential for implementing robust cyber security measures.\n\nFile Creation\n-------------\n\n* **Windows**: You can create new files using the built-in text editor (Notepad) or dedicated file creation software. You can also use PowerShell commands for quicker file creation. The `New-Item` command followed by the file path creates a file.\n \n New-Item -Path \"C:\\Example\\example.txt\" -ItemType \"file\"\n \n \n* **Linux**: Unlike Windows, file creation is usually done through the terminal. The `touch` command helps create a file in the desired directory.\n \n touch /example/example.txt\n \n \n\nFile Reading\n------------\n\n* **Windows**: You can read a file using standard file readers, such as Notepad, Wordpad, etc., or you can utilize PowerShell commands. The `Get-Content` command provides the file content.\n \n Get-Content -Path \"C:\\Example\\example.txt\"\n \n \n* **Linux**: The `cat` command is the most common way to read the contents of a file in Linux.\n \n cat /example/example.txt\n \n \n\nFile Updating\n-------------\n\n* **Windows**: File updating can be accomplished using the previously mentioned text editors or PowerShell. The `Set-Content` or `Add-Content` commands are useful for updating a file.\n \n Set-Content -Path \"C:\\Example\\example.txt\" -Value \"Updated content\"\n Add-Content -Path \"C:\\Example\\example.txt\" -Value \"Appended content\"\n \n \n* **Linux**: Linux uses the built-in text editors, such as `nano` or `vim`, to update files. Alternatively, the `echo` command can append content to a file.\n \n echo \"Appended content\" >> /example/example.txt\n \n \n\nFile Deletion\n-------------\n\n* **Windows**: File deletion is performed by right-clicking the file and selecting 'Delete' or using PowerShell commands. The `Remove-Item` command followed by the file path can delete a file.\n \n Remove-Item -Path \"C:\\Example\\example.txt\"\n \n \n* **Linux**: The `rm` command allows you to delete a file in Linux.\n \n rm /example/example.txt\n \n \n\nBy mastering these CRUD operations, you can enhance your cyber security knowledge and implement effective incident response and file management strategies.", - "links": [] + "description": "Performing CRUD operations on files involves creating new files (using write mode), reading file contents (using read mode), updating files (by appending or overwriting existing content), and deleting files (using commands or functions like `os.remove()` in Python). These basic operations are fundamental for managing file data in various applications.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is CRUD?", + "url": "https://www.crowdstrike.com/cybersecurity-101/observability/crud/", + "type": "article" + }, + { + "title": "CRUD Operations", + "url": "https://www.freecodecamp.org/news/crud-operations-explained/", + "type": "article" + }, + { + "title": "What is CRUD?", + "url": "https://www.youtube.com/watch?v=iNkspbIfcic", + "type": "video" + } + ] }, "xeRWOX1fWQDLNLWMAFTEe": { "title": "Troubleshooting", - "description": "**Troubleshooting** is a crucial skill in the realm of cyber security, as it involves identifying, analyzing, and resolving various issues with computer systems, networks, and software. It is a systematic approach that requires logical thinking and the ability to deduce the possible cause of a problem from various symptoms. As an aspiring cyber security professional, sharpening your troubleshooting skills means you'll be better equipped to handle any security threats, vulnerabilities, and attacks on your organization's digital infrastructure.\n\nBelow, we have outlined some key steps and best practices for effective troubleshooting in cyber security:\n\nIdentifying the Problem\n-----------------------\n\nThe first step in troubleshooting is to identify the problem itself. This may involve recognizing unusual system behavior, error messages, or even end-user reports. To identify the problem, look for symptoms such as slow performance, application crashes, or network connectivity issues.\n\nGathering Information\n---------------------\n\nOnce the problem has been identified, gather as much information as possible about it. This means consulting event logs, system documentation, and users who may have experienced the issue firsthand. Additionally, pay attention to any error messages or anomalies in the system behavior that can provide valuable insights.\n\nFormulate a Hypothesis\n----------------------\n\nAfter gathering all available information, come up with a hypothesis or an educated guess about what may be causing the issue. Keep in mind that you may not be able to determine a single cause at this stage, so try to identify all possible causes and prioritize them based on the available evidence.\n\nTest the Hypothesis\n-------------------\n\nTest your hypothesis by attempting to confirm or refute it. To do this, apply a specific solution and observe any changes that occur. If there is no change, reconsider your hypothesis and apply another solution. Repeat this process until you've identified a cause or have exhausted all possible solutions.\n\nDocument and Communicate Findings\n---------------------------------\n\nOnce you've identified and resolved the problem, document your findings and communicate them to relevant stakeholders. This will help to ensure that issues are addressed efficiently in the future and will also contribute to your organization's knowledge base.\n\nTroubleshooting Best Practices\n------------------------------\n\n* Develop a methodical approach: Take a step-by-step approach and use logic, pattern recognition, and experience to guide you through the troubleshooting process.\n* Collaborate: Engage with other professionals to discuss potential solutions, as well as share insights and experiences.\n* Stay informed: Continuously update your knowledge and skillset with the latest technologies, trends, and methods in the cyber security landscape.\n* Invest in tools: Utilize effective troubleshooting tools like network analyzers, penetration testing tools, or log analyzers to help you diagnose and resolve issues more efficiently.\n\nMastering the art of troubleshooting is essential for successful cyber security professionals, and by employing the strategies laid out above, you'll be well on your way to enhancing your problem-solving capabilities in the field.\n\n* * *\n\nI hope this brief summary on troubleshooting has been informative and helps you further enhance your understanding of cyber security. Keep learning and good luck in your cyber security journey!\n\n_\\[Your Name Here\\], The Cyber Security Guide Author_", - "links": [] + "description": "Troubleshooting is a systematic approach to problem-solving used to identify, diagnose, and resolve issues in complex systems, particularly in technology and engineering fields. It involves a step-by-step process of gathering information, identifying symptoms, formulating hypotheses, testing potential solutions, and implementing fixes. Effective troubleshooting requires analytical thinking, deep knowledge of the system in question, and often the use of diagnostic tools. In IT and network environments, common troubleshooting steps include checking physical connections, verifying configurations, analyzing logs, and isolating variables. The goal is to efficiently pinpoint the root cause of a problem and implement an appropriate solution, minimizing downtime and restoring normal operations as quickly as possible.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Problem Solve", + "url": "https://www.techtarget.com/searchsecurity/info/problemsolve", + "type": "article" + }, + { + "title": "Steps for Network Troubleshooting", + "url": "https://www.youtube.com/watch?v=1i3XdhC2ZAs", + "type": "video" + } + ] }, "WDrSO7wBNn-2jB8mcyT7j": { "title": "Common Commands", @@ -572,26 +702,32 @@ }, "gSLr-Lc119eX9Ig-kDzJ2": { "title": "Networking Knowledge", - "description": "In the world of cyber security, having a strong foundation in networking knowledge is crucial. It's important to understand the fundamental concepts and mechanisms that govern how data is transferred, communicated, and secured across digital networks.\n\nTopics\n------\n\n* **Network Architecture**: Learn about the different networking models, such as the OSI model and TCP/IP model, which define how data is structured, transmitted, and received in a network.\n \n* **Network Protocols**: Familiarize yourself with various network protocols that are essential for effective communication between devices, including HTTP, HTTPS, FTP, and more. These protocols ensure that data is transmitted reliably and securely across networks.\n \n* **IP Addressing and Subnetting**: Gain an understanding of IP addresses (both IPv4 and IPv6), how they are assigned, and how subnetting works to divide networks into smaller segments for better management and security.\n \n* **Routing and Switching**: Learn about the roles of routers and switches in a network, as well as related technologies and protocols like DHCP, NAT, and various routing protocols (such as OSPF and BGP).\n \n* **Wireless Networking**: Delve into the world of wireless networks by studying the different types of wireless technologies like Wi-Fi, Bluetooth, and cellular networks. Understand the security concerns and best practices associated with wireless communication.\n \n* **Network Security**: Explore various techniques and tools used to defend networks from cyber threats, including firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), and VPNs. Learn about security protocols like SSL/TLS, encryption algorithms, and secure access control mechanisms.\n \n* **Network Troubleshooting**: Understand common network issues and how to resolve them, using various network troubleshooting tools and methodologies like ping, traceroute, and Wireshark.\n \n\nBy developing a strong foundation in networking knowledge, you will be well-equipped to tackle various cyber security challenges and protect your digital assets from potential threats. Remember, the ever-evolving landscape of cyber security demands continuous learning and updating of skills to stay ahead in the game.", - "links": [] + "description": "**Networking knowledge** encompasses understanding the principles, technologies, and protocols involved in connecting and managing networks. Key areas include:\n\n* **Network Protocols**: Familiarity with protocols like TCP/IP, DNS, DHCP, and HTTP, which govern data transmission and communication between devices.\n* **Network Topologies**: Knowledge of network architectures such as star, ring, mesh, and hybrid topologies, which influence how devices are interconnected.\n* **IP Addressing and Subnetting**: Understanding IP address allocation, subnetting, and CIDR notation for organizing and managing network addresses.\n* **Network Devices**: Knowledge of routers, switches, firewalls, and access points, and their roles in directing traffic, providing security, and enabling connectivity.\n* **Network Security**: Awareness of security measures like VPNs, firewalls, IDS/IPS, and encryption to protect data and prevent unauthorized access.\n* **Troubleshooting**: Skills in diagnosing and resolving network issues using tools like ping, traceroute, and network analyzers.\n\nThis knowledge is essential for designing, implementing, and maintaining effective and secure network infrastructures.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What are Network Protocols?", + "url": "https://www.solarwinds.com/resources/it-glossary/network-protocols", + "type": "article" + }, + { + "title": "Types of Network Topology", + "url": "https://www.geeksforgeeks.org/types-of-network-topology/", + "type": "article" + } + ] }, "OXUd1UPPsBhNoUGLKZJGV": { "title": "Understand the OSI Model", - "description": "The **Open Systems Interconnection (OSI) model** is a framework that standardizes the functions of a telecommunication or computing system into seven distinct layers. This model is widely used to understand how different networking protocols and technologies work together to enable data transmission and communication.\n\nGiven below are different layers of the OSI model, the primary functions they perform, and their relevance to network security.\n\nPhysical Layer\n--------------\n\nThe **Physical layer** deals with the physical connection between devices, like cables or wireless signals. It is responsible for transmitting raw data (in the form of bits) between devices over a physical medium, such as copper wires or fiber optic cables.\n\nData Link Layer\n---------------\n\nThe **Data Link layer** is responsible for creating a reliable link between two devices on a network. It establishes communication between devices by dividing the data into frames (small data units) and assigning each frame with a unique address. This layer also offers error detection and correction mechanisms to ensure reliable data transfer.\n\nNetwork Layer\n-------------\n\nThe **Network layer** is responsible for routing data packets between different devices on a network, regardless of the physical connection medium. It determines the optimal path to transfer data between the source and destination devices and assigns logical addresses (IP addresses) to devices on the network.\n\nTransport Layer\n---------------\n\nThe **Transport layer** is in charge of ensuring error-free and reliable data transmissions between devices. It achieves this by managing flow control, error checking, and data segmentation. This layer also establishes connections between devices and manages data transfer using protocols like Transmission Control Protocol (TCP) and User Datagram Protocol (UDP).\n\nSession Layer\n-------------\n\nThe **Session layer** manages sessions, which are continuous connections between devices. It establishes, maintains, and terminates connections between devices while ensuring proper synchronization and data exchange between the communication devices.\n\nPresentation Layer\n------------------\n\nThe **Presentation layer** is responsible for translating or converting the data format between different devices, allowing them to understand each other's data. This layer also deals with data encryption and decryption, which is an essential aspect of network security.\n\nApplication Layer\n-----------------\n\nThe **Application layer** is the interface between the user and the communication system. It is responsible for providing networking services for various applications, like email, web browsing, or file sharing.\n\nEach of these layers interacts with the adjacent layers to pass data packets back and forth. Understanding the OSI model is crucial for addressing potential security threats and vulnerabilities that can occur at each layer. By implementing strong network security measures at each layer, you can minimize the risk of cyber attacks and keep your data safe.\n\nIn the next section, we will discuss network protocols and how they play an essential role in network communication and security.", + "description": "The OSI (Open Systems Interconnection) Model is a conceptual framework that describes how data communication occurs between devices in a network. It consists of seven layers, each with specific functions:\n\n1. Physical: Deals with physical transmission media\n2. Data Link: Handles error-free transfer between adjacent nodes\n3. Network: Manages addressing and routing\n4. Transport: Ensures end-to-end data delivery and flow control\n5. Session: Establishes, manages, and terminates connections\n6. Presentation: Formats and encrypts data for the application layer\n7. Application: Provides network services to end-user applications\n\nLearn more from the following resources:", "links": [ { - "title": "What is OSI Model?", - "url": "https://www.youtube.com/watch?v=Ilk7UXzV_Qc", - "type": "video" - }, - { - "title": "Lecture - OSI Model", - "url": "https://www.youtube.com/watch?v=0Rb8AkTEASw", - "type": "video" + "title": "What is OSI Model? - AWS", + "url": "https://aws.amazon.com/what-is/osi-model/", + "type": "article" }, { - "title": "OSI Model Animation", - "url": "https://www.youtube.com/watch?v=vv4y_uOneC0", + "title": "What is OSI Model?", + "url": "https://www.youtube.com/watch?v=Ilk7UXzV_Qc", "type": "video" } ] @@ -630,11 +766,16 @@ }, "dJ0NUsODFhk52W2zZxoPh": { "title": "SSL and TLS Basics", - "description": "Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are cryptographic protocols designed to provide secure communication over a computer network. They play a vital role in protecting sensitive information transmitted online, such as login credentials, financial information, and private user data.\n\nSecure Sockets Layer (SSL)\n--------------------------\n\nSSL is the predecessor to TLS and was first introduced in the 1990s. It creates an encrypted connection between a client (typically a web browser) and a server to ensure that any data transmitted remains private and secure. SSL uses a combination of symmetric and asymmetric encryption methods, as well as digital certificates, to establish and maintain secure communication.\n\nTransport Layer Security (TLS)\n------------------------------\n\nTLS is an improved and more secure version of SSL, with TLS 1.0 being released as an upgrade to SSL 3.0. The current version, as of this guide, is TLS 1.3. TLS provides a more robust and flexible security framework, addressing many of the vulnerabilities present in SSL. While many people still refer to SSL when discussing secure web communication, it's important to note that SSL has been deprecated, and TLS is the best-practice standard for secure communication.\n\nKey Components\n--------------\n\n* **Encryption**: SSL and TLS use powerful algorithms to protect data through encryption, ensuring it's unreadable by anyone without the proper decryption keys.\n* **Authentication**: SSL/TLS digital certificates verify the identities of clients and servers, providing trust and authenticity.\n* **Integrity**: These security protocols use message authentication codes to ensure that the data sent between clients and servers has not been tampered with during transmission.\n\nHandshake Process\n-----------------\n\nSSL and TLS follow a series of steps, known as the \"handshake process,\" to create a secure connection:\n\n* **Client hello**: The client initiates the handshake process by sending a message with supported cryptographic algorithms, random numbers, and session information.\n* **Server hello**: The server responds with its chosen cryptographic algorithms, random numbers, and its digital certificate. Optionally, the server can request the client's certificate for mutual authentication.\n* **Client verification**: The client verifies the server's certificate and may send its own if requested. It then creates a pre-master secret, encrypts it with the server's public key, and sends it to the server.\n* **Key generation and exchange**: Both the client and server generate the master secret and session keys using the pre-master secret and shared random numbers. These keys are used for encrypting and decrypting the data transmitted.\n* **Secured connection**: Once the keys are exchanged, the client and server can now communicate securely using the established encryption and keys.\n\nSecure communication is critical for any organization handling sensitive data. SSL and TLS serve as the backbone for protecting data in transit and play a significant role in ensuring the confidentiality, integrity, and authenticity of online communications.\n\nLearn more from the following resources:", + "description": "Single Sign-On (SSO) is an authentication method that allows users to access multiple applications or systems with one set of login credentials. It enables users to log in once and gain access to various connected systems without re-entering credentials. SSO enhances user experience by reducing password fatigue, streamlines access management for IT departments, and can improve security by centralizing authentication controls. It typically uses protocols like SAML, OAuth, or OpenID Connect to securely share authentication information across different domains. While SSO offers convenience and can strengthen security when implemented correctly, it also presents a single point of failure if compromised, making robust security measures for the SSO system critical.\n\nLearn more from the following resources:", "links": [ { - "title": "SSH vs TLS vs SSL", - "url": "https://www.youtube.com/watch?v=k3rFFLmQCuY", + "title": "What’s the Difference Between SSL and TLS?", + "url": "https://aws.amazon.com/compare/the-difference-between-ssl-and-tls/", + "type": "article" + }, + { + "title": "TLS vs SSL - What's the Difference?", + "url": "https://www.youtube.com/watch?v=J7fI_jH7L84", "type": "video" } ] @@ -662,7 +803,7 @@ }, "E8Z7qFFW-I9ivr0HzoXCq": { "title": "Basics of Subnetting", - "description": "Subnetting is a technique used in computer networking to divide a large network into smaller, more manageable sub-networks, or \"subnets.\" It enhances network performance and security by reducing broadcast traffic and enabling better control over IP address allocation. Each subnet has its own range of IP addresses, which allows network administrators to optimize network traffic and reduce congestion by isolating different sections of a network.\n\nIn subnetting, an IP address is split into two parts: the network portion and the host portion. The network portion identifies the overall network, while the host portion identifies individual devices within that network. Subnet masks are used to define how much of the IP address belongs to the network and how much is reserved for hosts. By adjusting the subnet mask, administrators can create multiple subnets from a single network, with each subnet having a limited number of devices. Subnetting is particularly useful for large organizations, allowing them to efficiently manage IP addresses, improve security by segmenting different parts of the network, and control traffic flow by minimizing unnecessary data transmissions between segments.\n\nLearn more from the following resources:", + "description": "Subnetting is a technique used in computer networking to divide a large network into smaller, more manageable sub-networks, or \"subnets.\" It enhances network performance and security by reducing broadcast traffic and enabling better control over IP address allocation. Each subnet has its own range of IP addresses, which allows network administrators to optimize network traffic and reduce congestion by isolating different sections of a network. In subnetting, an IP address is split into two parts: the network portion and the host portion. The network portion identifies the overall network, while the host portion identifies individual devices within that network. Subnet masks are used to define how much of the IP address belongs to the network and how much is reserved for hosts. By adjusting the subnet mask, administrators can create multiple subnets from a single network, with each subnet having a limited number of devices. Subnetting is particularly useful for large organizations, allowing them to efficiently manage IP addresses, improve security by segmenting different parts of the network, and control traffic flow by minimizing unnecessary data transmissions between segments.\n\nLearn more from the following resources:", "links": [ { "title": "Networking Basics: What is IPv4 Subnetting?", @@ -683,18 +824,51 @@ }, "2nQfhnvBjJg1uDZ28aE4v": { "title": "Public vs Private IP Addresses", - "description": "When it comes to IP addresses, they are categorized in two major types: Public IP Addresses and Private IP Addresses. Both play a key role in network communication; however, they serve different purposes. Let's examine them more closely:\n\nPublic IP Addresses\n-------------------\n\nA public IP address is a globally unique IP address that is assigned to a device or a network. This type of IP address is reachable over the Internet and enables devices to communicate with other devices, servers, and networks located anywhere in the world.\n\nHere are some key features of public IP addresses:\n\n* Routable over the Internet.\n* Assigned by the Internet Assigned Numbers Authority (IANA).\n* Usually assigned to an organization or Internet Service Provider (ISP).\n* Can be either static (permanent) or dynamic (changes periodically).\n\nExample: `72.14.207.99`\n\nPrivate IP Addresses\n--------------------\n\nPrivate IP addresses, on the other hand, are used within local area networks (LANs) and are not visible on the Internet. These addresses are reserved for internal use within an organization, home, or local network. They are often assigned by a router or a network administrator for devices within the same network, such as your computer, printer, or smartphone.\n\nHere are some key features of private IP addresses:\n\n* Not routable over the Internet (requires Network Address Translator (NAT) to communicate with public IP addresses).\n* Assigned by local network devices, such as routers or network administrators.\n* Reusable in different private networks (as they are not globally unique).\n* Static or dynamic (depending on the network's configuration).\n\nPrivate IP address ranges:\n\n* `10.0.0.0` to `10.255.255.255` (Class A)\n* `172.16.0.0` to `172.31.255.255` (Class B)\n* `192.168.0.0` to `192.168.255.255` (Class C)\n\nExample: `192.168.1.100`\n\nIn summary, public IP addresses are used for communication over the Internet, whereas private IP addresses are used within local networks. Understanding the difference between these two types of IP addresses is essential for grasping the basics of network connectivity and cyber security.", - "links": [] + "description": "Public addresses are IP addresses assigned to devices directly accessible over the internet, allowing them to communicate with external networks and services. In contrast, private addresses are used within local networks and are not routable over the internet, providing a way for devices within a private network to communicate with each other while conserving public IP address space. Public addresses are unique across the internet, whereas private addresses are reused across different local networks and are typically managed by network address translation (NAT) to interface with public networks.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Public vs Private IP Addresses", + "url": "https://www.avast.com/c-ip-address-public-vs-private", + "type": "article" + }, + { + "title": "What is the difference between public and private ip?", + "url": "https://www.youtube.com/watch?v=R6Czae6Iow4&t=1s", + "type": "video" + } + ] }, "0TWwox-4pSwuXojI8ixFO": { "title": "localhost", - "description": "Localhost (also known as loopback address) is a term used to define a network address that is used by a device (usually a computer or a server) to refer to itself. In other words, it's a way for your device to establish a network connection to itself. The most commonly used IP address for localhost is `127.0.0.1`, which is reserved as a loopback address in IPv4 networks. For IPv6 networks, it's represented by `::1`.\n\nPurpose and Usage of Localhost\n------------------------------\n\nLocalhost is useful for a variety of reasons, such as:\n\n* **Testing and Development**: Developers can use localhost to develop and test web applications or software without the need for connecting to external network resources.\n \n* **Network Services**: Some applications and servers use localhost to provide network services to the local system only, optimizing performance and security.\n \n* **Troubleshooting**: Localhost can be used as a diagnostic tool to test if the network stack on the device is functioning correctly.\n \n\nConnecting to Localhost\n-----------------------\n\nTo connect to localhost, you can use several methods depending on the tasks you want to accomplish:\n\n* **Web Browser**: If you're running a local web server, you can simply enter `http://127.0.0.1` or `http://localhost` in your browser's address bar and access the locally hosted web application.\n \n* **Command Line**: You can use utilities like `ping`, `traceroute`, or `telnet` at the command prompt to verify connectivity and network functionality using localhost.\n \n* **Application Settings**: Some applications, such as web servers or database servers, may have configuration settings that allow you to bind them to the loopback address (`127.0.0.1` or `::1`). This will restrict the services to the local system and prevent them from being accessed by external sources.\n \n\nRemember, connections to localhost do not pass through your computer's physical network interfaces, and as such, they're not subject to the same security risks or performance limitations that a real network connection might have.", - "links": [] + "description": "**Localhost** refers to the standard hostname used to access the local computer on which a network service or application is running. It resolves to the loopback IP address `127.0.0.1` for IPv4 or `::1` for IPv6. When you connect to `localhost`, you're effectively communicating with your own machine, allowing you to test and debug network services or applications locally without accessing external networks.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is localhost?", + "url": "https://www.freecodecamp.org/news/what-is-localhost/", + "type": "article" + }, + { + "title": "What is localhost? | Explained", + "url": "https://www.youtube.com/watch?v=m98GX51T5dI", + "type": "video" + } + ] }, "W_oloLu2Euz5zRSy7v_T8": { "title": "loopback", - "description": "Loopback is an essential concept in IP terminology that refers to a test mechanism used to validate the operation of various network protocols, and software or hardware components. The primary function of the loopback feature is to enable a device to send a data packet to itself to verify if the device's network stack is functioning correctly.\n\nImportance of Loopback\n----------------------\n\nThe concept of loopback is critical for the following reasons:\n\n* **Troubleshooting**: Loopback helps in diagnosing and detecting network connectivity issues. It can also help ascertain whether an application or device is correctly processing and responding to incoming network traffic.\n* **Testing**: Loopback can be used extensively by developers to test software applications or components without external network access. This ensures that the software behaves as expected even without a working network connection.\n\nLoopback Address\n----------------\n\nIn IP terminology, there's a pre-allocated IP address for loopback. For IPv4, the reserved address is `127.0.0.1`. For IPv6, the loopback address is `::1`. When a device sends a packet to either of these addresses, the packet is rerouted to the local device, making it the source and destination simultaneously.\n\nLoopback Interface\n------------------\n\nApart from loopback addresses, there's also a network device known as the \"loopback interface.\" This interface is a virtual network interface implemented in software. The loopback interface is assigned a loopback address and can be used to emulate network connections for various purposes, such as local services or inter-process communications.\n\nSummary\n-------\n\nLoopback plays a crucial role in IP technology by enabling devices to run diagnostic tests and validate the correct functioning of software and hardware components. Using the loopback addresses for IPv4 (`127.0.0.1`) and IPv6 (`::1`), it allows network packets to circulate internally within the local device, facilitating developers to test and verify network operations.", - "links": [] + "description": "**Loopback** refers to a special network interface used to send traffic back to the same device for testing and diagnostic purposes. The loopback address for IPv4 is `127.0.0.1`, while for IPv6 it is `::1`. When a device sends a request to the loopback address, the network data does not leave the local machine; instead, it is processed internally, allowing developers to test applications or network services without requiring external network access. Loopback is commonly used to simulate network traffic, check local services, or debug issues locally.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is a loopback address?", + "url": "https://www.geeksforgeeks.org/what-is-a-loopback-address/", + "type": "article" + }, + { + "title": "Understanding the loopback address and loopback interfaces", + "url": "https://study-ccna.com/loopback-interface-loopback-address/", + "type": "article" + } + ] }, "PPIH1oHW4_ZDyD3U3shDg": { "title": "CIDR", @@ -714,12 +888,17 @@ }, "f-v8qtweWXFY_Ryo3oYUF": { "title": "subnet mask", - "description": "A **subnet mask** is a crucial component of Internet Protocol (IP) addressing, acting as a \"mask\" to separate the network portion of an IP address from the host portion. It is a 32-bit number representing a sequence of 1's followed by a sequence of 0's, used to define the boundary of a subnet within a given IP address.\n\nThe primary purpose of a subnet mask is to:\n\n* Define network boundaries\n* Facilitate IP routing\n* Break down large IP networks into smaller, manageable subnetworks (subnets)\n\nFormat\n------\n\nThe subnet mask is written in the same dotted-decimal format as IP addresses (i.e., four octets separated by dots). For instance, the default subnet mask for a Class A IP address is `255.0.0.0`, for Class B is `255.255.0.0`, and for Class C is `255.255.255.0`.\n\nImportance in Cybersecurity\n---------------------------\n\nUnderstanding and configuring subnet masks correctly is crucial in cybersecurity, as they:\n\n* Help to isolate different segments of your network, leading to greater security control and more efficient usage of resources\n* Facilitate the division of IP networks into smaller subnets, which can then be assigned to different departments, groups, or functions within an organization\n* Enhance network efficiency by preventing unnecessary broadcast traffic\n* Improve the overall network stability and monitoring capabilities\n\nTo determine the appropriate subnet mask for different requirements, you can use various subnetting tools available online. Proper management of subnet masks is crucial for maintaining a secure, efficient, and well-functioning network.", + "description": "A subnet mask is a 32-bit number used in IP networking to divide an IP address into network and host portions. It determines which part of an IP address refers to the network and which part refers to the host. Subnet masks enable network administrators to create subnetworks, improving network efficiency and security by controlling traffic flow between subnets. Common subnet masks include 255.255.255.0 (for a /24 network) and 255.255.0.0 (for a /16 network). Subnetting helps in efficient IP address allocation, reduces broadcast traffic, and enhances network performance. Understanding subnet masks is crucial for network configuration, troubleshooting, and implementing effective network segmentation strategies.\n\nLearn more from the following resources:", "links": [ { - "title": "Wildcard mask", - "url": "https://en.wikipedia.org/wiki/Wildcard_mask", + "title": "What Is a Subnet Mask?", + "url": "https://www.spiceworks.com/tech/networking/articles/what-is-subnet-mask/", "type": "article" + }, + { + "title": "What is a subnet mask?", + "url": "https://www.youtube.com/watch?v=s_Ntt6eTn94", + "type": "video" } ] }, @@ -741,8 +920,13 @@ }, "d5Cv3EXf6OXW19yPJ4x6e": { "title": "VLAN", - "description": "A **VLAN** or **Virtual Local Area Network** is a logical grouping of devices or users within a network, based on shared attributes like location, department, or security requirements. VLANs play a crucial role in improving network security, enabling better resource allocation, and simplifying network management.\n\nKey Features of VLANs\n---------------------\n\n* **Isolation:** VLANs isolate traffic between different groups, helping to minimize the risk of unauthorized access to sensitive data.\n* **Scalability:** VLANs allow network administrators to grow and change networks with ease, without causing disruptions.\n* **Cost Effectiveness:** VLANs can reduce the need for additional hardware by reusing existing switches and networks for added functionality.\n* **Improved Performance:** By narrowing the broadcast domain, VLANs can improve network performance by reducing unnecessary traffic.\n\nTypes of VLANs\n--------------\n\n* **Port-based VLANs:** In this type, devices are separated based on their physical connection to the switch. Each port is assigned to a specific VLAN.\n* **Protocol-based VLANs:** Devices are grouped based on the network protocol they use. For example, all IP devices can be assigned to one VLAN, while IPX devices can be assigned to another.\n* **MAC-based VLANs:** Devices are assigned to VLANs based on their MAC addresses. This approach offers better security and flexibility but requires more administrative effort.\n\nCreating and Managing VLANs\n---------------------------\n\nVLANs are created and managed through network switches that support VLAN configuration. Switches use a VLAN ID (ranging from 1 to 4094) to uniquely identify each VLAN. VLAN Trunking Protocol (VTP) and IEEE 802.1Q standard are typically used to manage VLANs between different switches.\n\nSecurity Considerations\n-----------------------\n\nVLANs play a crucial role in network security; however, they are not foolproof. VLAN hopping and unauthorized access can still occur if proper measures, such as Private VLANs and Access Control Lists (ACLs), are not implemented to secure the network.\n\nIn summary, VLANs offer a flexible and secure way to manage and segment networks based on needs and requirements. By understanding their purpose, types, and security considerations, network administrators can efficiently use VLANs to improve overall network performance and security.", + "description": "A Virtual Local Area Network (VLAN) is a logical segmentation of a physical network, allowing multiple isolated networks to exist on the same physical infrastructure. VLANs group devices together based on function, department, or application, regardless of their physical location. They improve network performance by reducing broadcast traffic, enhance security by isolating sensitive systems, and provide flexibility in network design and management. VLANs are configured on network switches using IEEE 802.1Q standard, which adds tags to Ethernet frames to identify VLAN membership. This technology is crucial for efficient network administration in large enterprises, data centers, and complex network environments.\n\nLearn more from the following resources:", "links": [ + { + "title": "What is a VLAN?", + "url": "https://www.solarwinds.com/resources/it-glossary/vlan", + "type": "article" + }, { "title": "VLAN Explained", "url": "https://www.youtube.com/watch?v=jC6MJTh9fRE", @@ -784,8 +968,13 @@ }, "ZTC5bLWEIQcdmowc7sk_E": { "title": "VM", - "description": "A **Virtual Machine (VM)** is a software-based emulation of a computer system that operates on a physical hardware, also known as a host. VMs provide an additional layer of isolation and security as they run independent of the host's operating system. They can execute their own operating system (called the guest OS) and applications, allowing users to run multiple operating systems on the same hardware simultaneously.\n\nVirtual machines are commonly used in cybersecurity for tasks such as:\n\n* **Testing and analysis**: Security researchers often use VMs to study malware and vulnerabilities in a safe and contained environment without risking their primary system.\n \n* **Network segmentation**: VMs can be used to isolate different network segments within an organization, to help prevent the spread of malware or limit the impact of an attack.\n \n* **System recovery**: VMs can act as backups for critical systems or applications. In the event of a system failure, a VM can be spun up to provide continuity in business operations.\n \n* **Software development and testing**: Developers can use VMs to build and test software in a controlled and reproducible environment, reducing the risks of incompatibilities or unexpected behaviors when the software is deployed on a live system.\n \n\nKey terminologies associated with VMs include:\n\n* **Hypervisor**: Also known as Virtual Machine Monitor (VMM), is a software or hardware component that creates, runs, and manages virtual machines. Hypervisors are divided into two types - Type 1 (bare-metal) and Type 2 (hosted).\n \n* **Snapshot**: A snapshot is a point-in-time image of a virtual machine that includes the state of the guest OS, applications, and data. Snapshots are useful for quickly reverting a VM back to a previous state if needed.\n \n* **Live Migration**: This refers to the process of moving a running virtual machine from one physical host to another with minimal or no disruption to the guest OS and its applications. Live migration enables load balancing and ensures minimal downtime during hardware maintenance.\n \n\nUnderstanding and effectively utilizing virtual machines plays a significant role in enhancing the security posture of an organization, allowing for agile incident response and proactive threat analysis.", + "description": "A Virtual Machine (VM) is a software-based emulation of a physical computer. It runs an operating system and applications, isolated from the underlying hardware. VMs allow multiple \"guest\" operating systems to run on a single physical \"host\" machine, each with its own allocated virtual resources (CPU, memory, storage). This technology enables efficient hardware utilization, easier system administration, and improved security through isolation. VMs are widely used in cloud computing, software development, testing environments, and for running legacy applications. Hypervisors, such as VMware vSphere or Microsoft Hyper-V, manage the creation and operation of VMs on physical hardware.\n\nLearn more from the following resources:", "links": [ + { + "title": "What is a Virtual Machine and how does it work?", + "url": "https://azure.microsoft.com/en-gb/resources/cloud-computing-dictionary/what-is-a-virtual-machine", + "type": "article" + }, { "title": "Explore top posts about Infrastructure", "url": "https://app.daily.dev/tags/infrastructure?ref=roadmapsh", @@ -837,12 +1026,23 @@ }, "Kkd3f_0OYNCdpDgrJ-_Ju": { "title": "NAT", - "description": "Network Address Translation (NAT) is a key element in modern network security. It acts as a middleman between devices on your local area network (LAN) and the external internet. NAT helps to conserve IP addresses and improve privacy and security by translating IP addresses within private networks to public IP addresses for communication on the internet.\n\nHow NAT works\n-------------\n\nNAT is implemented on a router, firewall or a similar networking device. When devices in the LAN communicate with external networks, NAT allows these devices to share a single public IP address, which is registered on the internet. This is achieved through the following translation types:\n\n* **Static NAT:** A one-to-one mapping between a private IP address and a public IP address. Each private address is mapped to a unique public address.\n* **Dynamic NAT:** A one-to-one mapping between a private IP address and a public IP address, but the public address is chosen from a pool rather than being pre-assigned.\n* **Port Address Translation (PAT):** Also known as NAT Overload, PAT maps multiple private IP addresses to a single public IP address, using unique source port numbers to differentiate the connections.\n\nAdvantages of NAT\n-----------------\n\n* **Conservation of IP addresses:** NAT helps mitigate the shortage of IPv4 addresses by allowing multiple devices to share a single public IP address, reducing the need for organizations to purchase additional IP addresses.\n* **Security and Privacy:** By hiding internal IP addresses, NAT adds a layer of obscurity, making it harder for attackers to target specific devices within your network.\n* **Flexibility:** NAT enables you to change your internal IP address scheme without having to update the public IP address, reducing time and effort in reconfiguring your network.\n\nDisadvantages of NAT\n--------------------\n\n* **Compatibility issues:** Certain applications and protocols may encounter issues when operating behind a NAT environment, such as IP-based authentication or peer-to-peer networking.\n* **Performance impact:** The translation process may introduce latency and reduce performance in high-traffic networks.\n* **End-to-End Connectivity:** NAT generally breaks the end-to-end communication model of the internet, which can cause issues in some scenarios.\n\nIn summary, NAT plays a crucial role in modern cybersecurity by conserving IP addresses, obscuring internal networks and providing a level of security against external threats. While there are some disadvantages, its benefits make it an essential component in network security.", - "links": [] + "description": "**Network Address Translation (NAT)** is a method used to modify IP address information in packet headers while they are in transit across a network. NAT allows multiple devices on a private network to share a single public IP address for accessing external resources, helping conserve the limited number of available public IP addresses. It also enhances security by hiding internal IP addresses from the public internet. Common types of NAT include **Static NAT** (one-to-one mapping), **Dynamic NAT** (many-to-many mapping), and **Port Address Translation (PAT)** or **NAT overload** (many-to-one mapping, commonly used in home routers).\n\nLearn more from the following resources:", + "links": [ + { + "title": "How NAT Works", + "url": "https://www.comptia.org/content/guides/what-is-network-address-translation", + "type": "article" + }, + { + "title": "NAT explained", + "url": "https://www.youtube.com/watch?v=FTUV0t6JaDA", + "type": "video" + } + ] }, "FdoqB2---uDAyz6xZjk_u": { "title": "IP", - "description": "IP, or Internet Protocol, is a fundamental concept in cybersecurity that refers to the way data is transferred across networks, specifically the internet. It is a core component of the internet's architecture and serves as the primary building block for communication between devices connected to the network.\n\nAn IP address is a unique identifier assigned to each device connected to a network, like a computer or smartphone. It comprises a series of numbers separated by dots (e.g., 192.168.1.1). IP addresses can be either IPv4 (32-bit) or the newer IPv6 (128-bit) format, which provides more available addresses. They allow devices to send and receive data packets to and from other devices on the internet.\n\nLearn more from the following resources:", + "description": "IP, or Internet Protocol, is a fundamental concept in cybersecurity that refers to the way data is transferred across networks, specifically the internet. It is a core component of the internet's architecture and serves as the primary building block for communication between devices connected to the network. An IP address is a unique identifier assigned to each device connected to a network, like a computer or smartphone. It comprises a series of numbers separated by dots (e.g., 192.168.1.1). IP addresses can be either IPv4 (32-bit) or the newer IPv6 (128-bit) format, which provides more available addresses. They allow devices to send and receive data packets to and from other devices on the internet.\n\nLearn more from the following resources:", "links": [ { "title": "What is an IP address and what does it mean?", @@ -858,18 +1058,45 @@ }, "lwSFIbIX-xOZ0QK2sGFb1": { "title": "Router", - "description": "A **router** is a networking device responsible for forwarding data packets between computer networks. It acts as a traffic coordinator, choosing the best possible path for data transmission, thus ensuring smooth communication between networks. Routers are an integral part of the internet, helping to establish and maintain connections between different networks and devices.\n\nFunctionality of Routers\n------------------------\n\n* **Routing Decisions**: Routers analyze incoming data packets and make decisions on which path to forward the data based on destination IP addresses and network conditions.\n \n* **Connecting Networks**: Routers are essential in connecting different networks together. They enable communication between your home network and the broader internet, as well as between different networks within an organization.\n \n* **Managing Traffic**: Routers manage the flow of data to ensure optimal performance and avoid network congestion. They can prioritize certain types of data, such as video streaming, to ensure a better user experience.\n \n\nTypes of Routers\n----------------\n\n* **Wired Routers**: Utilize Ethernet cables to connect devices to the network. They typically come with multiple ethernet ports for devices such as computers, gaming consoles, and smart TVs.\n \n* **Wireless Routers**: Provide network access without needing physical cables. Wireless routers use Wi-Fi to transmit data between devices and are the most common type of router found in homes and offices.\n \n* **Core Routers**: Operate within the backbone of the internet, directing data packets between major networks (such as ISPs). These routers are high-performance devices capable of handling massive amounts of data traffic.\n \n\nRouter Security\n---------------\n\nAs routers are a critical gateway between your network and the internet, it's essential to keep them secure. Some common router security practices include:\n\n* Changing default passwords and usernames: Manufacturers often set simple default passwords, which can be easily guessed or discovered by attackers. It's important to set a strong, unique password for your router.\n \n* Regular firmware updates: Router manufacturers release updates to address security vulnerabilities and improve performance. Keep your router's software up to date.\n \n* Disable remote management: Some routers have a feature that allows remote access, which can be exploited by hackers. If you don't need this feature, disable it.\n \n* Create a guest network: If your router supports it, create a separate network for guests to use. This isolates them from your primary network, ensuring that they cannot access your devices or data.\n \n\nBy understanding routers and their role in cybersecurity, you can take the necessary steps to secure your network and protect your data.", - "links": [] + "description": "Amazon Simple Storage Service (S3) is a scalable, object-based cloud storage service provided by AWS. It allows users to store and retrieve large amounts of data, such as files, backups, or media content, with high durability and availability. S3 is designed for flexibility, enabling users to access data from anywhere via the internet while offering security features like encryption and access controls. It is widely used for data storage, content distribution, disaster recovery, and big data analytics, providing cost-effective, scalable storage for a variety of applications.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is a Router", + "url": "https://www.cloudflare.com/en-gb/learning/network-layer/what-is-a-router/", + "type": "article" + }, + { + "title": "What is a router and how does it work?", + "url": "https://www.youtube.com/watch?v=UIJzHLpG9bM", + "type": "video" + } + ] }, "r9byGV8XuBPzoqj5ZPf2W": { "title": "Switch", - "description": "A **switch** is a networking device that connects devices together on a computer network. It filters and forwards data packets between different devices by using their MAC (Media Access Control) addresses to identify them. Switches play an essential role in managing traffic and ensuring that data reaches its intended destination efficiently.\n\nKey Features and Functions\n--------------------------\n\n* **Intelligent Traffic Management:** Switches monitor the data packets as they travel through the network, only forwarding them to the devices that need to receive the data. This optimizes network performance and reduces congestion.\n* **Layer 2 Switching:** Switches operate at the data link layer (Layer 2) of the OSI (Open Systems Interconnection) model. They use MAC addresses to identify devices and determine the appropriate path for data packets.\n* **Broadcast Domains:** A switch creates separate collision domains, breaking up a single broadcast domain into multiple smaller ones, which helps minimize the impact of broadcast traffic on network performance.\n* **MAC Address Table:** Switches maintain a MAC address table, storing the mapping of MAC addresses to the appropriate physical interfaces, helping the switch identify the destination of the data packets efficiently.\n\nTypes of Switches\n-----------------\n\nSwitches can be categorized into two main types:\n\n* **Unmanaged Switch:** These switches are simple plug-and-play devices that require no configuration. They are best suited for small networks or places where advanced features and customized settings are not necessary.\n* **Managed Switch:** These switches offer a higher level of control and customization, allowing network administrators to monitor, manage, and secure network traffic. Managed switches are typically used in enterprise-level networks or environments that require advanced security features and traffic optimization.\n\nBy understanding the role and functionality of switches within computer networks, you can better navigate the complexities of cyber security and make informed decisions for optimizing network performance and security.", - "links": [] + "description": "A switch is a network device that operates at the data link layer (Layer 2) of the OSI model, connecting multiple devices within a local area network (LAN). It uses MAC addresses to forward data packets between devices, creating separate collision domains for each port. Switches improve network efficiency by sending packets only to their intended destinations, reducing unnecessary traffic. They support full-duplex communication, allowing simultaneous data transmission in both directions. Modern switches often include advanced features like VLANs, port mirroring, and Quality of Service (QoS) management. Switches are fundamental to creating efficient, segmented networks and are crucial components in both small office and large enterprise network infrastructures.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is a network switch?", + "url": "https://www.cloudflare.com/en-gb/learning/network-layer/what-is-a-network-switch/", + "type": "article" + }, + { + "title": "What is a SWITCH?", + "url": "https://www.youtube.com/watch?v=9eH16Fxeb9o", + "type": "video" + } + ] }, "gTozEpxJeG1NTkVBHH-05": { "title": "VPN", - "description": "A **Virtual Private Network** (VPN) is a technology that provides secure and encrypted connections between devices over a public network, such as the internet. VPNs are primarily used to protect your internet activity and privacy from being accessed or monitored by external parties, such as hackers or government agencies.\n\nThe main components of a VPN are:\n\n* **VPN client**: The software installed on your device that connects to the VPN server.\n* **VPN server**: A remote server that handles and encrypts your internet traffic before sending it to its intended destination.\n* **Encryption**: The process of converting your data into unreadable code to protect it from unauthorized access.\n\nWhen you connect to a VPN, your device's IP address is replaced with the VPN server's IP address, making it seem as if your internet activity is coming from the server's location. This allows you to access content and websites that may be blocked or restricted in your region, and also helps to protect your identity and location online.\n\nUsing a reliable VPN service is an essential part of maintaining good cyber security, especially when using public Wi-Fi networks or accessing sensitive information online.\n\nKeep in mind, however, that not all VPNs are created equal. Make sure to do your research and choose a reputable VPN provider with a strong focus on privacy and security. Some popular and trusted VPN services include ExpressVPN, NordVPN, and CyberGhost.\n\nVisit the following resources to learn more:", + "description": "A Virtual Private Network (VPN) is a secure connection method used to extend private networks across public networks like the Internet. It creates an encrypted tunnel between the user's device and a remote server, masking the user's IP address and encrypting data in transit. VPNs are used for various purposes, including enhancing online privacy, bypassing geographical restrictions, securing communications over public Wi-Fi, and allowing remote access to corporate networks. They employ protocols like OpenVPN, L2TP/IPsec, or WireGuard to ensure data confidentiality and integrity. While VPNs offer significant privacy and security benefits, their effectiveness can vary based on the provider's policies and the specific implementation.\n\nVisit the following resources to learn more:", "links": [ + { + "title": "What is a VPN?", + "url": "https://azure.microsoft.com/en-us/resources/cloud-computing-dictionary/what-is-vpn", + "type": "article" + }, { "title": "VPN (Virtual Private Network) Explained", "url": "https://www.youtube.com/watch?v=R-JUOpCgTZc", @@ -884,41 +1111,69 @@ }, "LrwTMH_1fTd8iB9wJg-0t": { "title": "MAN", - "description": "A Metropolitan Area Network **(MAN)** is a type of computer network that spans across a metropolitan area or a large geographical area, typically covering a city or a region. It is designed to interconnect various local area networks **(LANs)** and wide area networks **(WANs)** to enable communication and data exchange between different locations within the metropolitan area.\n\nExamples of MAN\n---------------\n\nSome examples of Metropolitan Area Networks **(MANs)** include:\n\n1. **Cable TV Networks:** Many cable TV networks also offer internet services to their subscribers, creating a MAN that covers a specific metropolitan area.\n2. **Educational Institutions:** Universities, colleges, and research institutions often have their own MANs to interconnect their campuses and facilities spread across a metropolitan area.\n3. **City-Wide Wi-Fi Networks:** Some cities have established their own Wi-Fi networks to provide internet access to residents and businesses, creating a MAN that covers the entire city.\n4. **Public Transportation Networks:** Some metropolitan areas have implemented MANs to provide internet connectivity on public transportation networks such as buses and trains.\n\nAdvantages of MAN\n-----------------\n\n* **Improved Connectivity:** MANs provide a high-speed and reliable means of communication between different locations within a metropolitan area, facilitating efficient data exchange and collaboration among organizations, businesses, and individuals.\n \n* **Cost-Effective:** Compared to establishing multiple separate networks for each location, implementing a MAN can be more cost-effective as it allows for shared infrastructure and resources, reducing overall costs of networking equipment and maintenance.\n \n* **Scalability:** MANs are highly scalable and can be expanded to accommodate new locations or increased network traffic as the metropolitan area grows, making it a flexible solution for evolving connectivity needs.\n \n* **Centralized Management:** A MAN allows for centralized management of the network, making it easier to monitor and control network operations, troubleshoot issues, and implement security measures.\n \n\nDisadvantages of MAN\n--------------------\n\n* **Complexity:** MANs can be complex to design, implement, and maintain due to their large scale and geographical spread. They require skilled network administrators and engineers to manage and troubleshoot the network effectively.\n \n* **Cost of Implementation:** Establishing a MAN requires significant upfront investment in networking infrastructure and equipment, which can be a barrier to entry for smaller organizations or municipalities.\n \n* **Limited Coverage:** MANs are typically limited to metropolitan areas, and their coverage may not extend to remote or rural areas outside the metropolitan region, which can pose connectivity challenges for organizations located in those areas.\n \n* **Vulnerability to Single Point of Failure:** Since MANs are centralized networks, they are susceptible to a single point of failure, such as a failure in the main network node, which can disrupt the entire network and impact communication and data exchange among connected locations.", - "links": [] + "description": "A **Metropolitan Area Network (MAN)** is a type of network that spans a city or large campus, connecting multiple local area networks (LANs) within that geographic area. MANs are designed to provide high-speed data transfer and communication services to organizations, institutions, or businesses across a city. They support a variety of applications, including internet access, intranet connectivity, and data sharing among multiple locations. Typically, MANs are faster and cover a broader area than LANs but are smaller in scope compared to wide area networks (WANs).\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is a Metropolitan Area Network?", + "url": "https://www.cloudflare.com/en-gb/learning/network-layer/what-is-a-metropolitan-area-network/", + "type": "article" + }, + { + "title": "Network Types: MAN", + "url": "https://youtu.be/4_zSIXb7tLQ?si=1jTQ5C9PT4WUOztP&t=183", + "type": "video" + } + ] }, "xWxusBtMEWnd-6n7oqjHz": { "title": "LAN", - "description": "A **Local Area Network (LAN)** is a vital component of cyber security that you must understand. This chapter covers a brief introduction to LAN, its basic functionalities and importance in maintaining a secure network environment.\n\nWhat is LAN?\n------------\n\nLAN stands for Local Area Network, which is a group of computers and other devices interconnected within a limited geographical area, like an office, school campus or even a home. These networks facilitate sharing of resources, data and applications among connected devices. They can be wired (Ethernet) or wireless (Wi-Fi).\n\nKey Components of LAN\n---------------------\n\nLAN comprises several key components, including:\n\n* **Workstations**: End user devices like computers, laptops or smartphones connected to the network.\n* **Servers**: Computers that provide resources and services to the workstations.\n* **Switches**: Networking devices that connect workstations and servers, and distribute network traffic efficiently.\n* **Routers**: Devices that connect the LAN to the internet or other networks (e.g., Wide Area Networks or WANs).\n\nImportance of LAN\n-----------------\n\nLANs play a fundamental role in modern organizations, providing:\n\n* **Resource Sharing**: They allow sharing of resources such as printers, scanners, storage drives and software applications across multiple users.\n* **Communication**: They enable faster communication between connected devices and allow users to collaborate effectively using email, chat or VoIP services.\n* **Data Centralization**: They allow data storage and retrieval from central servers rather than individual devices, which simplifies data management and backups.\n* **Scalability**: LANs can be easily expanded to accommodate more users and resources to support business growth.\n\nLAN Security\n------------\n\nUnderstanding LAN is crucial for maintaining a secure network environment. Since a LAN connects multiple devices, it forms the central point of various security vulnerabilities. Implementing effective security measures is vital to prevent unauthorized access, data leaks, and malware infections. Some best practices for securing your LAN include:\n\n* **Firewalls**: Deploy hardware-based and software-based firewalls to protect your network from external and internal threats.\n* **Antivirus Software**: Use antivirus applications on workstations and servers to prevent malware infections.\n* **Wireless Security**: Implement robust Wi-Fi security measures like WPA2 encryption and strong passwords to prevent unauthorized access.\n* **Access Controls**: Implement network access controls to grant authorized users access to specific resources and data.\n* **Network Segmentation**: Divide the network into separate zones based on required access levels and functions to contain potential threats.\n* **Regular Updates**: Keep your workstations, servers and network devices up-to-date with security patches and updates to fix vulnerabilities.\n* **Network Monitoring**: Use network monitoring tools to keep track of network traffic and identify potential threats or anomalies.\n\nBy understanding the components and importance of LAN, you can effectively contribute to improving your organization's cyber security posture. In the next chapter, we will discuss additional cyber security topics that you need to be familiar with.", - "links": [] + "description": "A Local Area Network (LAN) is a computer network that interconnects computers and devices within a limited area, such as a home, office, school, or small group of buildings. LANs typically use Ethernet or Wi-Fi technologies to enable high-speed data communication among connected devices. They allow for resource sharing, including files, printers, and internet connections. LANs are characterized by higher data transfer rates, lower latency, and more direct control over network configuration and security compared to wide area networks (WANs). Common LAN applications include file sharing, collaborative work, local hosting of websites or services, and networked gaming. The advent of software-defined networking and cloud technologies has expanded LAN capabilities, enabling more flexible and scalable local network infrastructures.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is a LAN?", + "url": "https://www.cisco.com/c/en_uk/products/switches/what-is-a-lan-local-area-network.html", + "type": "article" + }, + { + "title": "LAN vs. WAN: What's the Difference?", + "url": "https://www.youtube.com/watch?v=5OoX_cRLaNM", + "type": "video" + } + ] }, "vCkTJMkDXcQmwsmeNUAX5": { "title": "WAN", - "description": "A **Wide Area Network (WAN)** is a telecommunication network that extends over a large geographical area, such as interconnecting multiple local area networks (LANs). WANs commonly use leased lines, circuit switching, or packet switching to transmit data between LANs, allowing them to share resources and communicate with one another. A WAN can be privately owned and managed, or leased from telecommunication service providers.\n\nCharacteristics of WANs\n-----------------------\n\n* **Large geographic coverage**: WANs can span across cities, states, and even countries, making them suitable for businesses with multiple locations requiring connectivity.\n \n* **Communication technologies**: WANs rely on multiple technologies for communication, such as fiber optic cables, leased line connections, satellite links, and even cellular networks.\n \n* **Data transmission rates**: WANs generally offer lower data transfer rates as compared to LANs, primarily due to the longer distances and increased complexity.\n \n* **Higher latency**: WANs can suffer from higher latency (delay in data transmission) due to the physical distance involved and routing of traffic through various devices and service providers.\n \n* **Security concerns**: Given the broad scope and involvement of third-party service providers, securing WAN connections is crucial to protect sensitive data transmission and maintain privacy.\n \n\nCommon WAN Technologies\n-----------------------\n\nHere are a few widely-used WAN technologies:\n\n* **Leased Line**: A dedicated, point-to-point communication link provided by telecommunication service providers. It offers a fixed bandwidth and guaranteed quality of service (QoS), making it suitable for businesses requiring high-speed and consistent connectivity.\n \n* **Multiprotocol Label Switching (MPLS)**: A protocol for high-speed data transfer between network nodes. MPLS enables traffic engineering, Quality of Service (QoS), and efficient use of bandwidth by labeling data packets and directing them over a predetermined path.\n \n* **Virtual Private Network (VPN)**: A VPN works by creating an encrypted tunnel over the internet between the two communicating sites, effectively creating a private and secure connection over a public network.\n \n* **Software-Defined WAN (SD-WAN)**: A technology that simplifies the management and operation of WANs by decoupling the networking hardware from its control mechanism. It allows businesses to use a combination of transport resources, optimize network traffic, and improve application performance.\n \n\nConclusion\n----------\n\nUnderstanding the concept of WAN is essential in the context of cyber security, as it forms the backbone of connectivity between remote LANs. Ensuring security measures are taken to protect data transmission over WANs is crucial to maintaining the overall protection of businesses and their sensitive information.", - "links": [] - }, - "QCVYF1rmPsMVtklBNDNaB": { - "title": "WLAN", - "description": "A **Wireless Local Area Network (WLAN)** is a type of local area network that uses wireless communication to connect devices, such as computers and smartphones, within a specific area. Unlike a wired network, which requires physical cables to establish connections, WLANs facilitate connections through radio frequency (RF) signals, providing a more flexible networking option.\n\nKey Components of WLAN\n----------------------\n\nThere are two main components in a WLAN:\n\n* **Wireless Access Point (WAP)**: A WAP is a networking device that enables wireless devices to connect to the network. It acts as a bridge between the devices and the wired network, converting RF signals into data that can travel through a wired connection.\n* **Wireless Client**: Wireless clients are devices like laptops, smartphones, and tablets that are fitted with WLAN adapters. These adapters enable devices to send and receive wireless signals to connect with the WAP.\n\nKey WLAN Standards\n------------------\n\nThere are several WLAN standards, defined by the Institute of Electrical and Electronics Engineers (IEEE) 802.11 series. Some of the most common standards include:\n\n* **802.11a**: Supports throughput up to 54 Mbps in the 5 GHz frequency band.\n* **802.11b**: Supports throughput up to 11 Mbps in the 2.4 GHz frequency band.\n* **802.11g**: Supports throughput up to 54 Mbps in the 2.4 GHz frequency band and is backward compatible with 802.11b.\n* **802.11n**: Supports throughput up to 600 Mbps and operates in both 2.4 GHz and 5 GHz frequency bands.\n* **802.11ac**: Supports throughput up to several Gigabits per second and operates in the 5 GHz frequency band. This is currently the most widely adopted standard.\n\nWLAN Security\n-------------\n\nAs WLANs use wireless signals to transmit data, they can be susceptible to various security threats. Some essential security measures include:\n\n* **Wired Equivalent Privacy (WEP)**: An early security protocol that uses encryption to protect wireless communications. Due to several security flaws, it has been replaced by more secure protocols.\n \n* **Wi-Fi Protected Access (WPA)**: WPA is an enhanced security protocol that addressed the vulnerabilities of WEP. It uses Temporal Key Integrity Protocol (TKIP) for encryption and provides better authentication and encryption methods.\n \n* **Wi-Fi Protected Access II (WPA2)**: WPA2 is an advanced security protocol that uses Advanced Encryption Standard (AES) encryption and replaces TKIP from WPA. This protocol provides a high level of security and is currently the recommended standard for securing WLANs.\n \n* **Wi-Fi Protected Access 3 (WPA3)**: WPA3 is the latest security standard with enhanced encryption and authentication features. It addresses the vulnerabilities in WPA2 and provides even stronger security for WLANs.\n \n\nTo maintain a secure WLAN, it's essential to use the appropriate security standard, change default settings, and regularly update firmware to address any security vulnerabilities.\n\nVisit the following resources to learn more:", + "description": "A Wide Area Network (WAN) is a telecommunications network that extends over a large geographical area, connecting multiple smaller networks like LANs across cities, countries, or continents. WANs use technologies such as leased lines, satellites, cellular networks, or the internet to facilitate long-distance communication. They enable organizations to share data and resources across dispersed locations, supporting remote offices and global operations. WANs typically involve slower transmission speeds compared to LANs due to longer distances and varied connection types. Key considerations for WANs include bandwidth management, security protocols like VPNs, and optimizing performance across diverse network conditions.\n\nLearn more from the following resources:", "links": [ { - "title": "Wireless Technologies", - "url": "https://www.youtube.com/watch?v=_VwpcLiBkAQ", - "type": "video" + "title": "What is a WAN?", + "url": "https://www.cloudflare.com/en-gb/learning/network-layer/what-is-a-wan/", + "type": "article" }, { - "title": "Wireless Networking", - "url": "https://www.youtube.com/watch?v=NeTwL-040ds", + "title": "WAN...it's not the internet!", + "url": "https://www.youtube.com/watch?v=xPi4uZu4uF0", "type": "video" + } + ] + }, + "QCVYF1rmPsMVtklBNDNaB": { + "title": "WLAN", + "description": "A Wireless Local Area Network (WLAN) is a type of computer network that uses wireless data connections to link devices within a limited area. WLANs typically use Wi-Fi technology, allowing devices like laptops, smartphones, and IoT devices to connect to the internet or communicate with each other without physical cable connections. WLANs operate on radio frequencies, usually in the 2.4 GHz or 5 GHz bands, and are set up using wireless routers or access points. They offer flexibility and mobility within the network's range, but require security measures like encryption (e.g., WPA3) to protect against unauthorized access and data interception.\n\nVisit the following resources to learn more:", + "links": [ + { + "title": "What Is a Wireless LAN?", + "url": "https://www.cisco.com/c/en/us/products/wireless/wireless-lan.html", + "type": "article" }, { - "title": "Wireless Encryption", - "url": "https://www.youtube.com/watch?v=YNcobcHXnnY&", + "title": "Wireless Networking Explained | Cisco CCNA 200-301", + "url": "https://www.youtube.com/watch?v=Uz-RTurph3c", "type": "video" }, { - "title": "Wireless Attacks", - "url": "https://www.youtube.com/watch?v=tSLqrKhUvts", + "title": "Wireless Technologies", + "url": "https://www.youtube.com/watch?v=_VwpcLiBkAQ", "type": "video" } ] @@ -962,8 +1217,19 @@ }, "tf0TymdPHbplDHvuVIIh4": { "title": "NTP", - "description": "**NTP** (Network Time Protocol) is a crucial aspect of cybersecurity, as it helps in synchronizing the clocks of computer systems and other devices within a network. Proper time synchronization is vital for various functions, including authentication, logging, and ensuring the accuracy of digital signatures. In this section, we will discuss the importance, primary functions, and potential security risks associated with NTP.\n\nImportance of NTP in Cybersecurity\n----------------------------------\n\n* **Authentication**: Many security protocols, such as Kerberos, rely on accurate timekeeping for secure authentication. Time discrepancies may lead to authentication failures, causing disruptions in network services and affecting the overall security of the system.\n* **Logging and Auditing**: Accurate timestamps on log files are essential for identifying and investigating security incidents. Inconsistent timing can make it challenging to track malicious activities and correlate events across systems.\n* **Digital Signatures**: Digital signatures often include a timestamp to indicate when a document was signed. Accurate time synchronization is necessary to prevent tampering or repudiation of digital signatures.\n\nPrimary Functions of NTP\n------------------------\n\n* **Clock Synchronization**: NTP helps in coordinating the clocks of all devices within a network by synchronizing them with a designated reference time source, usually a central NTP server.\n* **Time Stratum Hierarchy**: NTP uses a hierarchical system of time servers called \"stratum\" to maintain time accuracy. Servers at a higher stratum provide time to lower stratum servers, which in turn synchronize the clocks of client devices.\n* **Polling**: NTP clients continually poll their configured NTP servers at regular intervals to maintain accurate time synchronization. This process allows for the clients to adjust their clocks based on the information received from the server.\n\nSecurity Risks and Best Practices with NTP\n------------------------------------------\n\nWhile NTP is essential for maintaining accurate time synchronization across a network, it is not without security risks:\n\n* **NTP Reflection/Amplification Attacks**: These are a type of DDoS (Distributed Denial of Service) attack that leverages misconfigured NTP servers to amplify malicious traffic targeted at a victim's system. To mitigate this risk, ensure your NTP server is securely configured to prevent abuse by attackers.\n* **Time Spoofing**: An attacker can manipulate NTP traffic to alter the time on client devices, potentially causing authentication failures or allowing unauthorized access. Use authentication keys with NTP to ensure the integrity of time updates by verifying the server's identity.\n* **Untrusted Servers**: Obtain time from a reliable time source to prevent tampering. Always configure clients to use trusted NTP servers, like [pool.ntp.org](http://pool.ntp.org), which provides access to a global group of well-maintained NTP servers.\n\nBy understanding and implementing these crucial aspects of NTP, you can improve the overall security posture of your network by ensuring accurate time synchronization across all systems.", - "links": [] + "description": "**Network Time Protocol (NTP)** is a protocol used to synchronize the clocks of computers and network devices over a network. It ensures that all systems maintain accurate and consistent time by coordinating with a hierarchy of time sources, such as atomic clocks or GPS, through network communication. NTP operates over UDP port 123 and uses algorithms to account for network delays and adjust for clock drift, providing millisecond-level accuracy. Proper time synchronization is crucial for applications requiring time-sensitive operations, logging events, and maintaining the integrity of security protocols.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is NTP?", + "url": "https://www.pubnub.com/learn/glossary/ntp-protocol/", + "type": "article" + }, + { + "title": "Network Time Protocol (NTP)", + "url": "https://www.youtube.com/watch?v=BAo5C2qbLq8", + "type": "video" + } + ] }, "hN8p5YBcSaPm-byQUIz8L": { "title": "IPAM", @@ -983,26 +1249,48 @@ }, "P0ZhAXd_H-mTOMr13Ag31": { "title": "Star", - "description": "In a star network topology, all devices (nodes) are connected to a central device, called a hub or switch. The central device manages the data transmission between the devices connected to it, creating a star-like structure.\n\nAdvantages\n----------\n\n* **Easy to Install and Configure**: Adding new devices or removing existing ones is quite simple, as they only have to connect or disconnect from the central hub or switch.\n* **Fault-Tolerance**: If a device fails or a connection is broken, the rest of the devices can continue to communicate with each other without any major impact.\n* **Centralized Management**: The central hub or switch can easily manage and monitor the network devices, which makes troubleshooting and maintenance more efficient.\n* **Scalability**: It is easy to expand a star network by connecting additional devices to the central hub or switch, allowing for network growth without affecting performance.\n\nDisadvantages\n-------------\n\n* **Dependency on Central Hub or Switch**: If the central device fails, the entire network becomes inoperable. It is essential to ensure the reliability of the central device in a star network.\n* **Cost**: Since a central hub or switch is required, star topologies can be more expensive compared to other network topologies, especially when dealing with larger networks. Additionally, cabling costs can be higher due to individual connections to the central device.\n* **Limited Range**: The distance between devices is determined by the length of the cables connecting to the central hub or switch. Longer cable runs can increase latency and decrease network performance.\n\nApplications\n------------\n\nStar topology is commonly used in home and office networks, as well as in local area networks (LANs). It is a suitable choice when centralized control and easier network management are necessary, or when scalability and easy addition of new devices are priority.", - "links": [] - }, - "9vEUVJ8NTh0wKyIE6-diY": { - "title": "Ring", - "description": "Ring topology is a type of network configuration where each device is connected to two other devices, forming a circular layout or ring. In this topology, data packets travel from one device to another in a unidirectional manner until they reach the intended recipient or return to the sender, indicating that the recipient was not found in the network.\n\nAdvantages of Ring Topology\n---------------------------\n\n* **Easy to Install and Configure:** Ring topology is relatively simpler to set up and maintain as it involves connecting each device to the two adjacent devices only.\n* **Predictable Data Transfer Time:** As data packets move in a circular pattern, it becomes easier to predict the maximum time required for a packet to reach its destination.\n* **Minimal Network Congestion:** The unidirectional flow of packets can significantly reduce the chances of network congestion, as the collision of data packets is less likely.\n\nDisadvantages of Ring Topology\n------------------------------\n\n* **Dependency on All Devices:** The malfunctioning of a single device or cable can interrupt the entire network, making it difficult to isolate the cause of the issue.\n* **Limited Scalability:** Adding or removing devices in a ring topology can temporarily disrupt the network as the circular pattern needs to be re-established.\n* **Slower Data Transfer:** Since data packets must pass through multiple devices before reaching the destination, the overall speed of data transfer can be slower compared to other topologies.\n\nDespite its drawbacks, ring topology can be a suitable option for small networks with a predictable data transfer pattern that require minimal maintenance and setup effort. However, for larger and more complex networks, other topologies like star, mesh, or hybrid configurations may provide better flexibility, reliability, and performance.", - "links": [] - }, - "PYeF15e7iVB9seFrrO7W6": { - "title": "Mesh", - "description": "Mesh topology is a network architecture where devices or nodes are interconnected with multiple direct, point-to-point links to every other node in the network. This structure allows data to travel from source to destination through multiple paths, enhancing reliability and fault tolerance. In a full mesh topology, every node is connected to every other node, while in a partial mesh, only some nodes have multiple connections. Mesh networks are highly resilient to failures, as traffic can be rerouted if a link goes down. They're commonly used in wireless networks, IoT applications, and critical infrastructure where redundancy and self-healing capabilities are crucial. However, mesh topologies can be complex and expensive to implement, especially in large networks due to the high number of connections required.\n\nLearn more from the following resources:", + "description": "A star network topology is a configuration where all devices (nodes) are connected directly to a central hub or switch. In this arrangement, each node has a dedicated point-to-point link to the central device, forming a star-like structure. This topology offers advantages such as easy installation and reconfiguration, centralized management, and fault isolation. If one connection fails, it doesn't affect others. However, the central hub is a single point of failure for the entire network. Star topologies are commonly used in local area networks (LANs) due to their reliability, scalability, and ease of maintenance, making them a popular choice in both small office and large enterprise environments.\n\nLearn more from the following resources:", "links": [ { - "title": "What is mesh topology?", - "url": "https://www.lenovo.com/gb/en/glossary/mesh-topology", + "title": "Advantages and Disadvantages of Star Topology", + "url": "https://www.geeksforgeeks.org/advantages-and-disadvantages-of-star-topology/", "type": "article" }, { - "title": "Mesh topology explained", - "url": "https://www.computerhope.com/jargon/m/mesh.htm", + "title": "Star Topology", + "url": "https://www.youtube.com/watch?v=EQ3rW22-Py0", + "type": "video" + } + ] + }, + "9vEUVJ8NTh0wKyIE6-diY": { + "title": "Ring", + "description": "In a ring topology, each network device is connected in a circular fashion, where data travels through each node in one direction (or both in a bidirectional setup) until it reaches its destination. This structure simplifies wiring and ensures a predictable data path, but a failure in any single node or connection can disrupt the entire network unless redundant paths are used. Ring topology is known for its straightforward installation but is less common today due to its vulnerability to network interruptions.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is ring topology?", + "url": "https://www.lenovo.com/gb/en/glossary/what-is-ring-topology/", + "type": "article" + }, + { + "title": "Network Topologies - Ring", + "url": "https://www.youtube.com/watch?v=hjeDN2xnc50", + "type": "video" + } + ] + }, + "PYeF15e7iVB9seFrrO7W6": { + "title": "Mesh", + "description": "Mesh topology is a network architecture where devices or nodes are interconnected with multiple direct, point-to-point links to every other node in the network. This structure allows data to travel from source to destination through multiple paths, enhancing reliability and fault tolerance. In a full mesh topology, every node is connected to every other node, while in a partial mesh, only some nodes have multiple connections. Mesh networks are highly resilient to failures, as traffic can be rerouted if a link goes down. They're commonly used in wireless networks, IoT applications, and critical infrastructure where redundancy and self-healing capabilities are crucial. However, mesh topologies can be complex and expensive to implement, especially in large networks due to the high number of connections required.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is mesh topology?", + "url": "https://www.lenovo.com/gb/en/glossary/mesh-topology", + "type": "article" + }, + { + "title": "Mesh topology explained", + "url": "https://www.computerhope.com/jargon/m/mesh.htm", "type": "article" } ] @@ -1025,13 +1313,35 @@ }, "8Mog890Lj-gVBpWa05EzT": { "title": "SSH", - "description": "SSH, or Secure Shell, is a cryptographic network protocol that provides a secure and encrypted method for managing network devices and accessing remote servers. SSH is widely used by administrators and developers to enable secure remote access, file transfers, and remote command execution over unsecured networks, such as the internet.\n\nKey Features\n------------\n\n* **Encryption**: SSH uses a variety of encryption algorithms to ensure the confidentiality and integrity of data transmitted between the client and server.\n \n* **Authentication**: SSH supports multiple authentication methods, including password-based, public key, and host-based authentication, providing flexibility in securely verifying the identities of communicating parties.\n \n* **Port Forwarding**: SSH allows forwarding of network ports, enabling users to tunnel other protocols securely, such as HTTP or FTP, through an encrypted connection.\n \n* **Secure File Transfer**: SSH provides two file transfer protocols, SCP (Secure Copy Protocol) and SFTP (SSH File Transfer Protocol), to securely transfer files between a local client and remote server.\n \n\nCommon Use Cases\n----------------\n\n* **Remote System Administration**: Administrators can securely access and manage remote systems, such as servers and network devices, using SSH to execute commands and configure settings.\n \n* **Secure File Transfers**: Developers and administrators can transfer files securely between systems using SCP or SFTP, protecting sensitive data from eavesdropping.\n \n* **Remote Application Access**: Users can securely access remote applications by creating an SSH tunnel, allowing them to connect to services that would otherwise be inaccessible due to firewalls or other network restrictions.\n \n\nTips for Secure SSH Usage\n-------------------------\n\n* **Disable root login**: To reduce the risk of unauthorized access, it is recommended to disable direct root login and use a standard user account with sudo privileges for administration tasks.\n \n* **Use Key-Based Authentication**: To further enhance security, disallow password-based authentication and use public key authentication instead, making it more difficult for attackers to gain access through brute-force attacks.\n \n* **Limit SSH Access**: Restrict SSH access to specific IP addresses or networks, minimizing the potential attack surface.\n \n* **Keep SSH Software Updated**: Regularly update your SSH client and server software to ensure you have the latest security patches and features.\n \n\nIn summary, SSH is a vital protocol for ensuring secure communication, remote access, and file transfers. By understanding its key features, use cases, and best practices, users can leverage the security benefits of SSH to protect their sensitive data and systems.", - "links": [] + "description": "SSH (Secure Shell) is a cryptographic network protocol used for secure remote login and other secure network services over an unsecured network. It provides a secure channel over an unsecured network by using strong encryption to protect the connection against eavesdropping, tampering, and man-in-the-middle attacks. SSH is commonly used for remote command-line login, remote command execution, and secure file transfers. It typically runs on TCP port 22 and replaces older, less secure protocols like Telnet. SSH uses public-key cryptography for authentication and supports various authentication methods, including passwords and key-based authentication. It's a fundamental tool for system administrators, developers, and anyone requiring secure remote access to systems.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is SSH? | Secure Shell (SSH) protocol", + "url": "https://www.cloudflare.com/en-gb/learning/access-management/what-is-ssh/", + "type": "article" + }, + { + "title": "How does SSH work", + "url": "https://www.youtube.com/watch?v=5JvLV2-ngCI", + "type": "video" + } + ] }, "Ia6M1FKPNpqLDiWx7CwDh": { "title": "RDP", - "description": "**Remote Desktop Protocol (RDP)**, developed by Microsoft, is a proprietary protocol that enables users to connect to a remote computer over a network, and access and control its resources, as if they were using the computer locally. This is useful for users who need to work remotely, manage servers or troubleshoot issues on another computer.\n\nHow RDP Works\n-------------\n\nRDP uses a client-server architecture, where the remote computer being accessed acts as the server and the user's computer acts as the client. The client establishes a connection with the server to access its resources, such as display, keyboard, mouse, and other peripherals.\n\nThe protocol primarily operates on standard Transmission Control Protocol (TCP) port 3389 (although it can be customized) and uses the User Datagram Protocol (UDP) to provide a more robust and fault-tolerant communication channel.\n\nFeatures of RDP\n---------------\n\n* **Multi-platform support:** Although developed by Microsoft, RDP clients are available for various platforms, including Windows, macOS, Linux, and even mobile devices like Android and iOS.\n* **Secure connection:** RDP can provide encryption and authentication to secure the connection between client and server, ensuring that data transmitted over the network remains confidential and protected from unauthorized access.\n* **Dynamic resolution adjustment:** RDP can adapt the remote computer's screen resolution to fit the client's screen, providing a better user experience.\n* **Clipboard sharing:** RDP allows users to copy and paste content between the local and remote computers.\n* **Printer and file sharing:** Users can access and print files from their local computer to the remote one, and vice versa.\n\nSecurity Considerations\n-----------------------\n\nThough RDP is popular and useful, it does come with its share of security concerns. Some common risks include:\n\n* Unauthorized access: If an attacker successfully gains access to an RDP session, they may be able to compromise and control the remote computer.\n* Brute force attacks: Attackers may use brute force techniques to guess login credentials, especially if the server has a weak password policy.\n* Vulnerabilities: As a proprietary protocol, RDP can be susceptible to vulnerabilities that could lead to system breaches.\n\nTo mitigate these risks, you should:\n\n* Use strong, unique passwords for RDP accounts and consider implementing two-factor authentication.\n* Limit RDP access to specific IP addresses or Virtual Private Networks (VPNs) to reduce exposure.\n* Apply security patches regularly to keep RDP up-to-date and minimize the risk of exploits.\n* Employ network-level authentication (NLA) to offer an additional layer of security.", - "links": [] + "description": "**Remote Desktop Protocol (RDP)** is a Microsoft-developed protocol that enables users to remotely access and control a computer over a network. It allows users to interact with a remote desktop environment as if they were sitting in front of the computer, providing access to applications, files, and network resources. RDP is commonly used for remote administration, technical support, and remote work. It operates over TCP port 3389 and supports encryption for secure data transmission, though proper security measures, like strong passwords and multi-factor authentication, are essential to prevent unauthorized access.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is the Remote Desktop Protocol (RDP)?", + "url": "https://www.cloudflare.com/en-gb/learning/access-management/what-is-the-remote-desktop-protocol/", + "type": "article" + }, + { + "title": "What is RDP and how to use it?", + "url": "https://www.youtube.com/watch?v=flPnBSz-lqw", + "type": "video" + } + ] }, "ftYYMxRpVer-jgSswHLNa": { "title": "FTP", @@ -1051,8 +1361,19 @@ }, "YEy6o-clTBKZp1yOkLwNb": { "title": "SFTP", - "description": "**SFTP** (Secure File Transfer Protocol) is a network protocol designed to securely transfer files over an encrypted connection, usually via SSH (Secure Shell). SFTP provides file access, file transfer, and file management functionalities, making it a popular choice for secure file transfers between a client and a server.\n\nKey features of SFTP\n--------------------\n\n* **Security**: SFTP automatically encrypts data before it is sent, ensuring that your files and sensitive data are protected from unauthorized access while in transit.\n \n* **Authentication**: SFTP relies on SSH for user authentication, allowing you to use password-based, public key, or host-based authentication methods.\n \n* **File Integrity**: SFTP uses checksums to verify that transferred files have maintained their integrity during transport, allowing you to confirm that files received are identical to those sent.\n \n* **Resume Capability**: SFTP offers support for resuming interrupted file transfers, making it an ideal choice for transferring large files or transferring files over potentially unreliable connections.\n \n\nHow SFTP works\n--------------\n\nSFTP operates over an established SSH connection between the client and server. Upon successful SSH authentication, the client can issue commands to the server, such as to list, upload, or download files. The data transferred between the client and server is encrypted, ensuring that sensitive information is not exposed during the transfer process.\n\nWhen to use SFTP\n----------------\n\nSFTP is an ideal choice whenever you need to securely transfer files between a client and a server. Examples of when you might want to use SFTP instead of other protocols include:\n\n* Transferring sensitive data such as customer information, financial records, or intellectual property.\n* Uploading or downloading files to/from a remote server in a secure manner, especially when dealing with confidential data.\n* Managing files on a remote server, which may involve creating, renaming, or deleting files and directories.\n\nOverall, SFTP provides a secure and reliable way of transferring files over the internet, making it an essential tool for maintaining the integrity and confidentiality of your data in today's cyber security landscape.", - "links": [] + "description": "SFTP (SSH File Transfer Protocol) is a secure file transfer protocol that provides file access, transfer, and management over a reliable data stream. It runs over the SSH protocol, typically on port 22, ensuring encrypted file transfers. SFTP offers stronger security than traditional FTP by encrypting both commands and data in transit, preventing unauthorized interception. It supports features like resuming interrupted transfers, directory listings, and remote file system operations. SFTP is widely used for secure file transfers in various environments, from web hosting to enterprise data management, offering a more secure alternative to FTP while maintaining similar functionality. Its integration with SSH makes it a preferred choice for secure, authenticated file transfers in many network configurations.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is SFTP?", + "url": "https://www.precisely.com/glossary/sftp", + "type": "article" + }, + { + "title": "How to use SFTP Commands to Copy Files to/from a Server", + "url": "https://www.youtube.com/watch?v=22lBJIfO9qQ&t=4s", + "type": "video" + } + ] }, "3Awm221OJHxXNLiL9yxfd": { "title": "HTTP / HTTPS", @@ -1072,24 +1393,51 @@ }, "LKK1A5-xawA7yCIAWHS8P": { "title": "SSL / TLS", - "description": "**Secure Socket Layer (SSL)** and **Transport Layer Security (TLS)** are cryptographic protocols designed to provide security and data integrity for communications over networks. These protocols are commonly used for securing web traffic and ensuring that sensitive information, such as credit card numbers and login credentials, are transmitted securely between clients (e.g., web browsers) and servers.\n\nSSL\n---\n\nSSL was developed by Netscape in the mid-1990s and has gone through several iterations. The last version, SSLv3, was released in 1996. SSL was deprecated in 2015 due to security concerns, and it is not recommended for use in modern applications.\n\nTLS\n---\n\nTLS is the successor to SSL and is continually evolving with new versions and updates. The most recent version, TLS 1.3, was released in 2018. TLS is widely used and considered the standard for securing web traffic.\n\nHow SSL/TLS Works\n-----------------\n\nSSL/TLS operates by encrypting the data transmitted between a client and a server, ensuring that the data cannot be easily intercepted or tampered with. The encryption is achieved using a combination of cryptographic algorithms, key exchanges, and digital certificates.\n\nHere are the key steps in setting up an SSL/TLS connection:\n\n* **Handshake:** The client and server will engage in a process called a \"handshake\" to establish a secure connection. During this process, the client and server agree on which version of SSL/TLS to use, and choose the cipher suites and cryptographic algorithms they will use to secure the communication.\n \n* **Key Exchange:** The client and server will perform a key exchange, a process by which they generate and securely share encryption keys. These keys will be used to encrypt and decrypt the data being transmitted between them.\n \n* **Certificate Verification:** The server will provide a digital certificate, which contains its public key and information about the server. The client checks the validity of the certificate by confirming that it was issued by a trusted Certificate Authority (CA) and has not expired.\n \n* **Secure Communication:** Once the handshake, key exchange, and certificate verification are complete, the client and server can begin securely transmitting data using the encryption keys they have shared.\n \n\nAdvantages of SSL/TLS\n---------------------\n\n* **Secure communication:** SSL/TLS provides a secure, encrypted tunnel for data to be transmitted between clients and servers, protecting sensitive information from eavesdropping, interception, and tampering.\n \n* **Authentication:** SSL/TLS uses digital certificates to authenticate the server and sometimes the client. This helps to ensure that the parties involved in the communication are who they claim to be.\n \n* **Data integrity:** SSL/TLS includes mechanisms to confirm that the data received has not been tampered with during transmission, maintaining the integrity of the information being sent.\n \n\nLearn more from the following resources:", + "description": "Single Sign-On (SSO) is an authentication method that allows users to access multiple applications or systems with one set of login credentials. It enables users to log in once and gain access to various connected systems without re-entering credentials. SSO enhances user experience by reducing password fatigue, streamlines access management for IT departments, and can improve security by centralizing authentication controls. It typically uses protocols like SAML, OAuth, or OpenID Connect to securely share authentication information across different domains. While SSO offers convenience and can strengthen security when implemented correctly, it also presents a single point of failure if compromised, making robust security measures for the SSO system critical.\n\nLearn more from the following resources:", "links": [ { - "title": "SSL, TLS, HTTPS Explained", - "url": "https://www.youtube.com/watch?v=j9QmMEWmcfo", + "title": "What’s the Difference Between SSL and TLS?", + "url": "https://aws.amazon.com/compare/the-difference-between-ssl-and-tls/", + "type": "article" + }, + { + "title": "TLS vs SSL - What's the Difference?", + "url": "https://www.youtube.com/watch?v=J7fI_jH7L84", "type": "video" } ] }, "AjywuCZdBi9atGUbetlUL": { "title": "VMWare", - "description": "_VMware_ is a global leader in virtualization and cloud infrastructure solutions. Established in 1998, they have been at the forefront of transforming the IT landscape. VMware's virtualization platform can be applied to a wide range of areas such as data centers, desktops, and applications.\n\nVMware Products and Technologies\n--------------------------------\n\nSome of the popular VMware products include the following:\n\n* **VMware vSphere**: It is the most well-known VMware product, and it forms the foundation of the virtual infrastructure. vSphere enables you to create, manage and run multiple virtual machines on a single physical server. It essentially provides better utilization of hardware resources and enhanced server management.\n \n* **VMware Workstation**: This desktop virtualization product allows you to run multiple isolated operating systems on a single Windows or Linux PC. It enables you to create and manage virtual machines effortlessly and is primarily targeted at developers and IT professionals.\n \n* **VMware Fusion**: Similar to the Workstation but designed specifically for Mac users, Fusion allows you to run Windows and Linux applications on a Mac without requiring a reboot.\n \n* **VMware Horizon**: This product focuses on providing remote access to virtual desktops and applications. It helps organizations to securely deliver resources to users, improve desktop management, and reduce costs associated with maintaining traditional PCs.\n \n* **VMware NSX**: NSX is VMware's network virtualization and security platform. It is designed to work in tandem with VMware vSphere and other virtualization platforms, providing advanced networking and security features like micro-segmentation, distributed firewalling, and load balancing.\n \n* **VMware vSAN**: vSAN is a software-defined storage solution that allows you to decouple storage functions from the underlying hardware. With vSAN, you can pool together direct-attached storage devices across multiple vSphere servers and create a shared datastore that can be easily managed and scaled.\n \n\nBenefits of VMware Virtualization\n---------------------------------\n\nVMware's virtualization technologies offer various advantages, such as:\n\n* **Increased efficiency**: By consolidating multiple physical servers into virtual machines running on fewer physical servers, resource utilization is improved, which reduces energy and hardware costs.\n \n* **Flexibility**: Virtualization allows you to run multiple operating systems and applications simultaneously, which increases productivity and enables you to switch between tasks more quickly.\n \n* **Scalability**: VMware makes it easy to add or remove virtual machines and resources as needed, allowing you to scale your IT infrastructure efficiently.\n \n* **Business continuity**: Virtualization ensures high availability and disaster recovery by replicating your virtual machines and enabling automatic failover to other servers in case of any hardware failure.\n \n* **Simplified management**: Virtualized environments can be managed from a central location, reducing the time and effort required to maintain and monitor IT resources.\n \n\nIn conclusion, VMware is an industry-leading company providing various virtualization products and services that cater to different types of users and environments. As a user, you should evaluate your requirements and choose the right VMware product for your needs to fully reap the benefits of virtualization.", - "links": [] + "description": "VMware is a leading provider of virtualization and cloud computing software. Its core technology allows multiple virtual machines (VMs) to run on a single physical server, each with its own operating system and resources. VMware's product suite includes tools for server virtualization, desktop virtualization, cloud management, and network virtualization. Key products like vSphere and ESXi enable efficient resource utilization, improved scalability, and simplified IT management. VMware's solutions are widely used in enterprise environments for consolidating servers, enabling cloud computing, facilitating disaster recovery, and supporting development and testing environments. The company's technology plays a crucial role in modern data center operations and hybrid cloud strategies.\n\nLearn more from the following resources:", + "links": [ + { + "title": "VMWare Website", + "url": "https://www.vmware.com/", + "type": "article" + }, + { + "title": "What is VMWare", + "url": "https://www.youtube.com/watch?v=zPNCp9AV-vA", + "type": "video" + } + ] }, "vGVFhZXYOZOy4qFpLLbxp": { "title": "VirtualBox", - "description": "VirtualBox is a powerful, open-source and feature-rich virtualization software created by Oracle Corporation. It allows users to set up and run multiple guest operating systems, referred to as \"virtual machines\" (VMs), within a single host computer. VirtualBox operates on a wide range of operating systems, including Windows, macOS, Linux, and Solaris, making it highly versatile for different users and environments.\n\nKey Features\n------------\n\n* **Cross-platform compatibility**: VirtualBox can be installed and used on a variety of host operating systems. This is beneficial for users who work with multiple platforms and require access to different applications or environments across them.\n \n* **Snapshot functionality**: This feature allows users to take a snapshot of their virtual machine, capturing its current state. This can be useful for testing updates or changes, as users can revert to their previous snapshot if conflicts or issues arise.\n \n* **USB device support**: VirtualBox allows users to access USB devices connected to their host computer, such as flash drives, printers, or webcams, from within their guest operating system.\n \n* **Shared folders**: Users can easily share files between their host system and virtual machines using a shared folder feature. This simplifies file transfers and resource sharing between your host computer and your virtual environments.\n \n\nSetting up VirtualBox\n---------------------\n\n* Download and install the latest version of VirtualBox from the [official website](https://www.virtualbox.org/).\n* Once installed, launch the VirtualBox application.\n* Click on \"New\" to create a new virtual machine and follow the wizard to configure the VM settings, such as the operating system, memory allocation, and virtual hard disk.\n* Once the VM is configured, click \"Start\" to launch the virtual machine.\n* Install your desired guest operating system within the virtual machine.\n\nAdvantages of VirtualBox\n------------------------\n\n* Open-source software: VirtualBox is free and its source code is available for users to modify and contribute to.\n \n* Simple user interface: VirtualBox has an intuitive and easy-to-use interface, making it user-friendly for beginners and professionals alike.\n \n* Regular updates and improvements: Oracle Corporation and the community behind VirtualBox regularly release updates, bug fixes, and new features, ensuring that the software remains up-to-date and dynamic.\n \n\nConsiderations\n--------------\n\nWhile VirtualBox has numerous benefits, there are certain performance limitations when compared to other, more advanced virtualization solutions, such as VMware or Hyper-V. Users working with resource-intensive operating systems or applications may experience some performance differences when utilizing VirtualBox as their choice of virtualization software.\n\n* * *\n\nIn conclusion, VirtualBox is a powerful and flexible tool for creating and managing virtual environments on a variety of host operating systems. With its open-source nature, cross-platform compatibility, and user-friendly interface, it is an excellent choice for cybersecurity enthusiasts and professionals looking to explore virtualization technologies.", - "links": [] + "description": "VirtualBox is a free, open-source virtualization software developed by Oracle. It allows users to run multiple operating systems simultaneously on a single physical machine. VirtualBox supports a wide range of guest operating systems, including various versions of Windows, Linux, macOS, and more. It provides features like snapshots for easy system state preservation, shared folders for file exchange between host and guest systems, and USB device support. VirtualBox is popular among developers, IT professionals, and enthusiasts for testing software, running legacy applications, and experimenting with different operating systems without the need for separate physical hardware.\n\nLearn more from the following resources:", + "links": [ + { + "title": "VirtualBox Website", + "url": "https://www.virtualbox.org/", + "type": "article" + }, + { + "title": "How to use VirtualBox", + "url": "https://www.youtube.com/watch?v=nvdnQX9UkMY", + "type": "video" + } + ] }, "BisNooct1vJDKaBKsGR7_": { "title": "esxi", @@ -1109,8 +1457,19 @@ }, "jqX1A5hFF3Qznqup4lfiF": { "title": "proxmox", - "description": "Proxmox is an open-source platform for enterprise-level virtualization. It is a complete server virtualization management solution that allows system administrators to create and manage virtual machines in a unified environment.\n\nKey Features\n------------\n\n* **Server Virtualization**: Proxmox enables you to turn your physical server into multiple virtual servers, each running its own operating system, applications, and services. This helps to maximize server usage and reduce operating costs.\n \n* **High Availability**: Proxmox VE supports high availability and failover. In case of hardware or software failure, automatic migration of virtual machines can prevent downtime for critical applications and services.\n \n* **Storage**: Proxmox offers a variety of storage solution options, including local (LVM, ZFS, directories), network (iSCSI, NFS, GlusterFS, Ceph), and distributed storage (Ceph RBD).\n \n* **Live Migration**: Live migration is a crucial feature that allows you to move running virtual machines from one host to another with minimal downtime.\n \n* **Operating System Support**: Proxmox VE supports a wide range of guest operating systems, including Linux, Windows, BSD, and others.\n \n* **Web Interface**: Proxmox offers a powerful and user-friendly web interface for managing your virtual environment. This allows you to create, start, stop or delete virtual machines, monitor their performance, manage their storage, and more from any web browser.\n \n* **Role-based Access Control**: Proxmox VE provides a role-based access control system, allowing you to create users with specific permissions and assign them to different parts of the Proxmox system.\n \n* **Backup and Restore**: Proxmox offers built-in backup and restore functionality, allowing you to easily create full, incremental, or differential backups of your virtual machines and easily restore them when needed.\n \n\nConclusion\n----------\n\nAs a powerful and feature-rich virtualization solution, Proxmox Virtual Environment enables administrators to manage their virtual infrastructure more efficiently and reliably. Boasting an easy-to-use web interface, comprehensive storage options, and support for multiple operating systems, Proxmox VE is an excellent choice for managing your virtual environment.", - "links": [] + "description": "**Proxmox** is an open-source virtualization management platform that integrates both **Proxmox Virtual Environment (Proxmox VE)** and **Proxmox Mail Gateway**. Proxmox VE combines virtualization technologies, including KVM for virtual machines and LXC for lightweight containers, into a unified web-based interface for managing and deploying virtualized environments. It offers features such as high availability, storage management, and backup solutions. Proxmox Mail Gateway provides email security and anti-spam solutions, protecting email systems from threats. Proxmox is valued for its flexibility, cost-effectiveness, and comprehensive management capabilities.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Proxmox Website", + "url": "https://www.proxmox.com/en/", + "type": "article" + }, + { + "title": "What is Proxmox virtualization?", + "url": "https://www.youtube.com/watch?v=GMAvmHEWAMU", + "type": "video" + } + ] }, "CIoLaRv5I3sCr9tBnZHEi": { "title": "Hypervisor", @@ -1130,8 +1489,24 @@ }, "251sxqoHggQ4sZ676iX5w": { "title": "VM", - "description": "Virtualization technology enables the creation of multiple virtual environments, known as Virtual Machines (VMs), within a single physical computer. VMs function independently of each other, allowing users to run various operating systems and applications in a single hardware platform.\n\nWhat are Virtual Machines?\n--------------------------\n\nA virtual machine (VM) is a virtual environment that emulates a physical computer, allowing you to run an operating system and applications separately from the underlying hardware. VMs allow for efficient utilization of computer resources, as they enable multiple instances of a system to run on the same physical machine.\n\nKey Components of VMs\n---------------------\n\nHypervisor\n----------\n\nA hypervisor, also known as a virtual machine monitor (VMM), is the software responsible for creating, managing, and monitoring the virtual environments on a host machine. There are two types of hypervisors:\n\n* **Type 1 Hypervisors:** Also known as \"bare-metal\" or \"native\" hypervisors. They run directly on the hardware and manage the virtual machines without requiring an underlying operating system.\n* **Type 2 Hypervisors:** Known as \"hosted\" hypervisors. They are installed as an application on a host operating system, which then manages the virtual machines.\n\nGuest Operating System\n----------------------\n\nThe guest operating system, or guest OS, is the operating system installed on a virtual machine. Since VMs are independent of each other, you can run different operating systems and applications on each one without any conflicts.\n\nVirtual Hardware\n----------------\n\nVirtual hardware refers to the resources allocated to a virtual machine, such as CPU, RAM, storage, and networking. Virtual hardware is managed by the hypervisor and ensures that each VM has access to a required set of resources without interfering with other VMs on the host machine.\n\nBenefits of Virtual Machines\n----------------------------\n\n* **Resource Efficiency:** VMs optimize the use of hardware resources, reducing costs and enabling more efficient use of energy.\n* **Isolation:** VMs provide a secure and isolated environment for applications and operating systems, reducing the risk of conflicts and potential security threats.\n* **Flexibility:** VMs allow for the easy deployment, migration, and backup of operating systems and applications. This makes it simple to test new software, recover from failures, and scale resources as needed.\n* **Cost Savings:** With the ability to run multiple workloads on a single physical machine, organizations can save on hardware, maintenance, and operational expenses.\n\nPopular Virtualization Software\n-------------------------------\n\nThere is a wide range of virtualization software available, including:\n\n* VMware vSphere: A Type 1 hypervisor commonly used in enterprise environments for server virtualization.\n* Microsoft Hyper-V: A Type 1 hypervisor integrated into the Windows Server operating system.\n* Oracle VM VirtualBox: A Type 2 hypervisor that runs on Windows, macOS, and Linux hosts, popular for desktop virtualization.\n\nIn conclusion, virtual machines play a critical role in modern computing, providing a flexible and efficient method to optimize computing resources, isolate applications, and enhance security. Understanding VMs and virtualization technology is an essential part of any comprehensive cybersecurity guide.\n\n[Virtual Machines Part-1 by Abhishek Veeramalla](https://www.youtube.com/watch?v=lgUwYwBozow)", - "links": [] + "description": "A Virtual Machine (VM) is a software-based emulation of a physical computer. It runs an operating system and applications, isolated from the underlying hardware. VMs allow multiple \"guest\" operating systems to run on a single physical \"host\" machine, each with its own allocated virtual resources (CPU, memory, storage). This technology enables efficient hardware utilization, easier system administration, and improved security through isolation. VMs are widely used in cloud computing, software development, testing environments, and for running legacy applications. Hypervisors, such as VMware vSphere or Microsoft Hyper-V, manage the creation and operation of VMs on physical hardware.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is a Virtual Machine and how does it work?", + "url": "https://azure.microsoft.com/en-gb/resources/cloud-computing-dictionary/what-is-a-virtual-machine", + "type": "article" + }, + { + "title": "Explore top posts about Infrastructure", + "url": "https://app.daily.dev/tags/infrastructure?ref=roadmapsh", + "type": "article" + }, + { + "title": "Virtualization Explained", + "url": "https://www.youtube.com/watch?v=UBVVq-xz5i0", + "type": "video" + } + ] }, "LocGETHz6ANYinNd5ZLsS": { "title": "GuestOS", @@ -1167,8 +1542,19 @@ }, "tk4iG5i1Ml9w9KRO1tGJU": { "title": "nslookup", - "description": "**Nslookup** is a network administration command-line tool designed for retrieving information about Domain Name System (DNS) records. DNS is responsible for translating domain names into IP addresses, allowing users to access websites and resources by using human-readable names (e.g., [www.example.com](http://www.example.com)) instead of numerical IP addresses.\n\nUses\n----\n\n* Query DNS servers to verify the configuration of domain names\n* Find the IP address of a specific domain name\n* Troubleshoot DNS-related issues and errors\n* Identify the authoritative DNS servers for a domain\n\nHow to Use\n----------\n\n* **Open Command Prompt or Terminal**: Press `Windows key + R`, type `cmd`, and press Enter to open Command Prompt on Windows. On macOS or Linux, open Terminal.\n \n* **Running Nslookup**: To start using Nslookup, type `nslookup` and hit Enter. You'll now see the `>` prompt, indicating you are in Nslookup mode.\n \n* **Query DNS Records**: In Nslookup mode, you can query different types of DNS records by typing the record type followed by the domain name. For instance, to find the A (address) record of [www.example.com](http://www.example.com), type `A www.example.com`. To exit Nslookup mode, type `exit`.\n \n\nCommonly Used Record Types\n--------------------------\n\nBelow are some of the most-commonly queried DNS record types:\n\n* **A**: Stands for 'Address'; returns the IPv4 address associated with a domain name\n* **AAAA**: Stands for 'Address', for IPv6; returns the IPv6 address associated with a domain name\n* **NS**: Stands for 'Name Server'; returns the authoritative DNS servers for a specific domain\n* **MX**: Stands for 'Mail Exchange'; returns the mail server(s) responsible for handling email for a specific domain\n* **CNAME**: Stands for 'Canonical Name'; returns the domain name that an alias is pointing to\n* **TXT**: Stands for 'Text'; returns additional text information that can be associated with a domain, like security policies (e.g., SPF)\n\nExample\n-------\n\nIf you want to find the A (IPv4) record for [example.com](http://example.com), follow these steps:\n\n* Open Command Prompt or Terminal\n* Type `nslookup` and hit Enter\n* Type `A example.com` and hit Enter\n\nThis will return the IPv4 address associated with the domain name [example.com](http://example.com).", - "links": [] + "description": "**nslookup** is a network utility used to query Domain Name System (DNS) servers for information about domain names and IP addresses. It allows users to obtain details such as IP address mappings for a given domain name, reverse lookups to find domain names associated with an IP address, and DNS record types like A, MX, and CNAME records. nslookup helps troubleshoot DNS-related issues, verify DNS configurations, and analyze DNS records. It can be run from the command line in various operating systems, including Windows, macOS, and Linux.\n\nLearn more from the following resources", + "links": [ + { + "title": "nslookup", + "url": "https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/nslookup", + "type": "article" + }, + { + "title": "What is Nslookup?", + "url": "https://www.youtube.com/watch?v=n6pT8lbyhog", + "type": "video" + } + ] }, "jr8JlyqmN3p7Ol3_kD9AH": { "title": "iptables", @@ -1188,8 +1574,19 @@ }, "k6UX0BJho5arjGD2RWPgH": { "title": "Packet Sniffers", - "description": "Packet sniffers are essential network troubleshooting tools that capture and inspect data packets passing through a network. They're especially useful for detecting security vulnerabilities, monitoring network traffic, and diagnosing network-related issues.\n\nHow Packet Sniffers Work\n------------------------\n\nPacket sniffers work by actively listening to the network traffic and extracting data from the packets transmitted across the network. They can either capture all packets or filter them based on specific criteria, like IP addresses, protocols, or port numbers.\n\nCommon Features\n---------------\n\nSome of the main features offered by packet sniffers include:\n\n* **Capture and analysis**: Packet sniffers can capture and analyze individual data packets, providing detailed information about the packet's header, payload, and other relevant information.\n* **Filtering**: To make it easier for users to locate specific network traffic, packet sniffers often feature filtering options that can narrow down the data to a single protocol, port number, or IP address.\n* **Packet injection**: Some packet sniffers can inject data packets into the network, which is useful for testing security mechanisms or for simulating traffic in a network environment.\n* **Graphical representation**: Packet sniffers may also provide graphical representations for data, making it easier to visualize network traffic patterns and identify potential congestion points or other issues.\n\nPopular Packet Sniffers\n-----------------------\n\nThere are numerous packet sniffers available, both open-source and commercial. Some popular packet sniffers include:\n\n* [@article@Wireshark](https://www.wireshark.org/): A popular open-source packet analyzer with advanced features and support for various platforms.\n* [@article@tcpdump](https://www.tcpdump.org/): A command-line packet sniffer and analyzer primarily used in Unix-based systems.\n* [@article@Npcap](https://nmap.org/npcap/): A packet capture framework for Windows that supports Windows 10 and newer versions.\n\nCyber Security & Packet Sniffers\n--------------------------------\n\nPacket sniffers are valuable tools for cybersecurity professionals. They can help identify unauthorized or malicious network activity, track down the source of specific traffic patterns or attacks, and assist with the development of network security policies. When using packet sniffers, it's important to keep in mind that monitoring other users' network activity without their consent may raise legal and ethical issues.\n\nTo sum up, packet sniffers are powerful tools that can provide valuable insights into network traffic and security, ultimately helping to maintain and secure any given network environment.", - "links": [] + "description": "**Packet sniffers** are tools used to capture and analyze network traffic by intercepting data packets as they traverse a network. They provide insights into network activity, including protocols, IP addresses, and payload contents, which can be useful for diagnosing network issues, monitoring performance, and detecting unauthorized or malicious activity. Packet sniffers operate in promiscuous mode, allowing them to capture all packets on a network segment, and are commonly used for network troubleshooting, security analysis, and forensic investigations. Examples include Wireshark and tcpdump.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Packet Sniffing Explained", + "url": "https://www.avast.com/c-packet-sniffing", + "type": "article" + }, + { + "title": "What is Packet Sniffing?", + "url": "https://www.youtube.com/watch?v=5oioSbgBQ8I", + "type": "video" + } + ] }, "u-6xuZUyOrogh1bU4cwER": { "title": "ipconfig", @@ -1209,18 +1606,51 @@ }, "2M3PRbGzo14agbEPe32ww": { "title": "netstat", - "description": "Netstat, short for 'network statistics', is a command-line tool that provides valuable information about the network connections, routing tables, and network interface statistics on a computer system. Netstat can help in diagnosing and troubleshooting network-related issues by displaying real-time data about network traffic, connections, routes, and more.\n\nKey Features\n------------\n\n* **Network Connections:** Netstat can show open and active network connections, including inbound and outbound, as well as display the ports on which your system is currently listening.\n* **Routing Tables:** Netstat provides information about your system's routing tables, which can help you identify the path a packet takes to reach its destination.\n* **Network Interface Statistics:** Netstat displays statistics for network interfaces, covering details such as packets transmitted, packets received, errors, and more.\n\nCommon Netstat Commands\n-----------------------\n\n* `netstat -a`: Displays all active connections and listening ports\n* `netstat -n`: Displays active connections without resolving hostnames (faster)\n* `netstat -r`: Displays the routing table\n* `netstat -i`: Displays network interfaces and their statistics\n* `netstat -s`: Displays network protocol statistics (TCP, UDP, ICMP)\n\nExample Use Cases\n-----------------\n\n* **Identify Open Ports:** You can use netstat to determine which ports are open and listening on your system, helping you identify potential security vulnerabilities.\n* **Monitor Network Connections:** Netstat allows you to monitor active connections to ensure that nothing unauthorized or suspicious is connecting to your system.\n* **Troubleshoot Network Issues:** By displaying routing table information, netstat can help you understand the pathways your system takes to reach various destinations, which can be crucial when diagnosing network problems.\n\nNetstat is a versatile and powerful tool for gaining insights into your system's network behavior. Armed with this knowledge, you'll be better equipped to address potential vulnerabilities and monitor your system's health in the context of cyber security.", - "links": [] + "description": "**netstat** (network statistics) is a command-line tool used to display network connections, routing tables, and network interface statistics. It provides information about active TCP and UDP connections, listening ports, and the status of network interfaces. By using **netstat**, users can monitor network activity, diagnose connectivity issues, and identify open ports and services running on a system. The tool is available on various operating systems, including Windows, macOS, and Linux, and is often employed for network troubleshooting and security assessments.\n\nLearn more from the following resources:", + "links": [ + { + "title": "netstat command", + "url": "https://docs.oracle.com/cd/E19504-01/802-5753/6i9g71m3i/index.html", + "type": "article" + }, + { + "title": "netstat Command Explained", + "url": "https://www.youtube.com/watch?v=8UZFpCQeXnM", + "type": "video" + } + ] }, "iJRQHzh5HXADuWpCouwxv": { "title": "Port Scanners", - "description": "Port scanners are essential tools in the troubleshooting and cybersecurity landscape. They are designed to detect open or closed network ports on a target system. Network ports serve as communication endpoints for various applications and services running on a device, and knowing the status of these ports can help identify potential security vulnerabilities or confirm that specific services are running as intended.\n\nIn this section, we will explore the following aspects of port scanners:\n\n* **Why port scanners are important**\n* **Types of port scanners**\n* **Popular port scanning tools**\n\nWhy port scanners are important\n-------------------------------\n\nPort scanners can help in the following situations:\n\n* **Identifying open ports:** Open ports might expose your system to attacks if they are left unsecured. A port scanner can help you identify which network ports are open and need to be secured.\n* **Detecting unauthorized services:** Scanning for open ports can help you find if any unauthorized applications are running on your network, as these services might open ports that you are not aware of.\n* **Testing firewall rules:** Port scanners can also verify if your firewall rules are effective and configured correctly.\n* **Troubleshooting network issues:** By detecting open and closed ports, port scanners can help you diagnose network problems and ensure your applications and services are running smoothly.\n\nTypes of port scanners\n----------------------\n\nThere are three main types of port scanners:\n\n* **TCP Connect:** This scanner initiates a full TCP connection between the scanner and the target device. It goes through the entire process of establishing a TCP connection, including a three-way handshake. This type of scan is accurate but more easily detectable.\n* **TCP SYN or Half-Open scan:** This scanner only sends a SYN packet (a request to start a connection) to the target device. If the target device responds with a SYN/ACK packet, the port is considered open. This type of scan is faster and less detectable, as it doesn't establish a full connection.\n* **UDP Scan:** This scanner targets User Datagram Protocol (UDP) ports, which are typically used for streaming and real-time communication applications. It sends UDP packets to the target device, and if there's no response, the port is considered open. This type of scan can be less accurate, as some devices may not respond to UDP probes.\n\nPopular port scanning tools\n---------------------------\n\nHere are some popular and widely used port scanning tools:\n\n* **Nmap:** Nmap (Network Mapper) is a free, open-source tool that is highly versatile and powerful. It offers various types of scans, including TCP Connect, TCP SYN, and UDP scans.\n* **Masscan:** Masscan is a high-speed port scanner that is typically used for large-scale scanning, thanks to its ability to scan the entire internet within a few minutes.\n* **Angry IP Scanner:** It is a cross-platform port scanner that is very user-friendly and suitable for beginners. It supports both TCP and UDP scanning.\n\nRemember to always use port scanners responsibly and only on your own systems or where you have permission to perform a scan. Unauthorized port scanning can have legal and ethical implications.", - "links": [] + "description": "Port scanners are essential tools in the troubleshooting and cybersecurity landscape. They are designed to detect open or closed network ports on a target system. Network ports serve as communication endpoints for various applications and services running on a device, and knowing the status of these ports can help identify potential security vulnerabilities or confirm that specific services are running as intended.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Top 5 Best port scanners", + "url": "https://securitytrails.com/blog/best-port-scanners", + "type": "article" + }, + { + "title": "How To Use nmap To Scan For Open Ports", + "url": "https://www.youtube.com/watch?v=ifbwTt3_oCg", + "type": "video" + } + ] }, "GuuY-Q6FZzfspB3wrH64r": { "title": "ping", - "description": "**Ping** is a fundamental networking tool that helps users to check the connectivity between two devices, typically a source computer, and a remote device, such as a server or another computer. The name \"ping\" comes from the sonar terminology, where a signal is sent out and a response is expected to verify the presence of an object.\n\nThe ping command operates by sending Internet Control Message Protocol (ICMP) Echo Request packets to the target host and waiting for an ICMP Echo Reply. By sending multiple requests and calculating the time interval between sending the request and receiving a reply, the tool provides valuable information about the quality and reliability of the network connection.\n\nUsing Ping\n----------\n\nTo use the ping command, open a command prompt or terminal window, and type `ping` followed by the IP address or hostname of the target device. For example:\n\n ping example.com\n \n\nInterpreting Ping Results\n-------------------------\n\nThe output of the ping command will display the following information:\n\n* **Sent**: The number of packets sent to the target device.\n* **Received**: The number of packets received from the target device (if connectivity is successful).\n* **Lost**: The number of packets that did not reach the target device, indicating a problem in the connection.\n* **Minimum, Maximum, and Average Round Trip Time (RTT)**: Provides an estimate of the time it takes for a single packet to travel from the source device to the destination and back again.\n\nTroubleshooting with Ping\n-------------------------\n\nPing is particularly useful for diagnosing and troubleshooting network connectivity issues. Some common scenarios in which it can help include:\n\n* Verifying if a remote device is active and responding.\n* Identifying network latency or slow network connections.\n* Troubleshooting routing problems and packet loss.\n* Testing the resolution of domain names to IP addresses.\n\nBy understanding and utilizing the ping command, users can diagnose and resolve various network-related issues to ensure a stable and secure online experience.\n\nRemember that some devices or servers may be configured not to respond to ICMP requests, which might result in no response or a \"Request timed out\" message after using the ping command. This behavior is usually configured to prevent potential security risks or attacks, so don't panic if you encounter this while troubleshooting.", - "links": [] + "description": "**Ping** is a network utility used to test the reachability and responsiveness of a device on a network. It sends Internet Control Message Protocol (ICMP) echo request packets to a target host and measures the time it takes for an echo reply to be received. Ping is commonly used to diagnose network connectivity issues, determine network latency, and check if a specific server or device is online. A successful ping response indicates that the target device is reachable, while failures or delays may suggest network problems, such as packet loss or routing issues.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is ping?", + "url": "https://www.solarwinds.com/resources/it-glossary/ping", + "type": "article" + }, + { + "title": "Ping command explained", + "url": "https://www.youtube.com/watch?v=7sv5pL-XgSg", + "type": "video" + } + ] }, "D2YYv1iTRGken75sHO0Gt": { "title": "dig", @@ -1240,7 +1670,7 @@ }, "hkO3Ga6KctKODr4gos6qX": { "title": "arp", - "description": "ARP is a protocol used by the Internet Protocol (IP) to map an IP address to a physical address, also known as a Media Access Control (MAC) address. ARP is essential for routing data between devices in a Local Area Network (LAN) as it allows for the translation of IP addresses to specific hardware on the network.\n\nWhen a device wants to communicate with another device on the same LAN, it needs to determine the corresponding MAC address for the target IP address. ARP helps in this process by broadcasting an ARP request containing the target IP address. All devices within the broadcast domain receive this ARP request and compare the target IP address with their own IP address. If a match is found, the device with the matching IP address sends an ARP reply which contains its MAC address.\n\nThe device that initiated the ARP request can now update its ARP cache (a table that stores IP-to-MAC mappings) with the new information, and then proceed to send data to the target's MAC address.\n\nLearn more from the following resources:", + "description": "ARP is a protocol used by the Internet Protocol (IP) to map an IP address to a physical address, also known as a Media Access Control (MAC) address. ARP is essential for routing data between devices in a Local Area Network (LAN) as it allows for the translation of IP addresses to specific hardware on the network. When a device wants to communicate with another device on the same LAN, it needs to determine the corresponding MAC address for the target IP address. ARP helps in this process by broadcasting an ARP request containing the target IP address. All devices within the broadcast domain receive this ARP request and compare the target IP address with their own IP address. If a match is found, the device with the matching IP address sends an ARP reply which contains its MAC address. The device that initiated the ARP request can now update its ARP cache (a table that stores IP-to-MAC mappings) with the new information, and then proceed to send data to the target's MAC address.\n\nLearn more from the following resources:", "links": [ { "title": "What is Address Resolution Protocol?", @@ -1256,28 +1686,88 @@ }, "K05mEAsjImyPge0hDtsU0": { "title": "Protocol Analyzers", - "description": "Protocol analyzers, also known as packet analyzers or network analyzers, are tools used to capture and analyze the data packets transmitted across a network. These tools help in monitoring network traffic, identifying security vulnerabilities, troubleshooting network problems, and ensuring that the network is operating efficiently. By analyzing the packets on a network, you can gain insights into the performance of your network infrastructure and the behavior of various devices and applications on it.\n\nFeatures & Uses of Protocol Analyzers\n-------------------------------------\n\n* **Traffic Monitoring & Analysis**: Protocol analyzers allow you to monitor the traffic on your network in real-time, which helps identify bottlenecks, network congestion, and other performance issues.\n \n* **Security Analysis**: Analyzing network traffic can help identify unusual traffic patterns, potential security threats or breaches, and malicious activities. By studying the data packets, you can detect unauthorized access, malware infections, or other cyber attacks.\n \n* **Protocol Debugging**: These tools enable you to analyze different network protocols (such as HTTP, FTP, and SMTP) and their respective packets, which proves useful in troubleshooting issues related to application performance and communication.\n \n* **Bandwidth Utilization**: Protocol analyzers allow you to analyze the volume of network traffic and how the available bandwidth resources are being used, helping you optimize the network for better performance.\n \n* **Network Troubleshooting**: By capturing and analyzing packet data, you can identify network problems and take corrective measures to improve the overall performance and stability of the network.\n \n\nPopular Protocol Analyzers\n--------------------------\n\nHere's a list of some widely-used protocol analyzers:\n\n* **Wireshark**: Wireshark is an open-source packet analyzer with support for numerous protocols. It is one of the most popular and widely-used network troubleshooting tools available.\n \n* **TCPDump**: TCPDump is a command-line packet analyzer that allows you to capture network traffic and view it in a human-readable format, making it easy to analyze.\n \n* **Ethereal**: Ethereal is another open-source packet analyzer that provides a graphical user interface for capturing, filtering, and analyzing network traffic.\n \n* **Nmap**: Nmap is a popular network scanning tool that also includes packet capture and analysis capabilities, allowing you to analyze the network for vulnerabilities and other issues.\n \n* **Microsoft Message Analyzer**: Microsoft Message Analyzer is a versatile protocol analyzer developed by Microsoft that provides deep packet inspection and analysis of network traffic, including encrypted traffic.\n \n\nIn conclusion, protocol analyzers are essential tools for network administrators, security professionals, and developers alike to ensure the performance, security, and stability of their networks. By understanding how these tools work and using them effectively, you can take proactive measures to maintain and improve the health of your network.", - "links": [] + "description": "**Protocol analyzers**, also known as network analyzers or packet sniffers, are tools used to capture, inspect, and analyze network traffic. They help diagnose network issues, troubleshoot performance problems, and ensure security by providing detailed insights into the data packets transmitted across a network. Protocol analyzers decode and display various network protocols, such as TCP/IP, HTTP, and DNS, allowing users to understand communication patterns, detect anomalies, and identify potential vulnerabilities. Popular examples include Wireshark and tcpdump.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is a protocol analyzer?", + "url": "https://www.geeksforgeeks.org/what-is-protocol-analyzer/", + "type": "article" + }, + { + "title": "Protocol Analyzers", + "url": "https://www.youtube.com/watch?v=hTMhlB-o0Ow", + "type": "video" + } + ] }, "xqwIEyGfdZFxk6QqbPswe": { "title": "nmap", - "description": "**Nmap** (Network Mapper) is an open-source network scanner that is widely used in cyber security for discovering hosts and services on a computer network. Nmap allows you to efficiently explore and scan networks to identify open ports, running services, and other security vulnerabilities.\n\nFeatures of Nmap\n----------------\n\n* **Host Discovery**: Nmap facilitates finding hosts on the network using various techniques such as ICMP echo requests, TCP SYN/ACK probes, and ARP scans.\n \n* **Port Scanning**: Nmap can identify open ports on target hosts, which can reveal potential security vulnerabilities and provide crucial information during a penetration test.\n \n* **Service and Version Detection**: Nmap can detect the name and version of the services running on target hosts. This information helps to identify software that might be outdated or have known security flaws.\n \n* **Operating System Detection**: Nmap can make intelligent guesses about the operating system of a target host, which can be useful for tuning your attack strategy based on the vulnerabilities of specific systems.\n \n* **Scriptable**: Nmap has a built-in scripting engine (NSE) that allows users to write custom scripts for automating and extending its functionality.\n \n\nHow to use Nmap\n---------------\n\nNmap can be installed on various platforms such as Windows, Linux, and macOS. After installation, Nmap can be used via the command line with different options and flags, depending on the desired scan type.\n\nFor example, to perform a simple host and port discovery, the following command can be used:\n\n nmap -sn -p 80,443 192.168.0.0/24\n \n\nThis command will perform a \"ping scan\" (`-sn`) on the specified IP range (`192.168.0.0/24`) and check for open ports 80 and 443.\n\nImportant Notes\n---------------\n\n* While Nmap is a valuable tool for cyber security professionals, it can also be used by malicious attackers to gather information about potential targets. It is essential to use Nmap responsibly and only on networks and systems that you have permission to scan.\n \n* Scanning large networks can generate considerable traffic and may impact the performance of the target hosts. It is important to configure your scans appropriately and be mindful of potential network disruptions.\n \n\nFor more information and usage examples, refer to the [official Nmap documentation](https://nmap.org/book/man.html).", - "links": [] + "description": "**Nmap** (Network Mapper) is an open-source network scanning tool used to discover hosts and services on a network, identify open ports, and detect vulnerabilities. It provides detailed information about networked devices, including their IP addresses, operating systems, and running services. Nmap supports various scanning techniques such as TCP SYN scan, UDP scan, and service version detection. It's widely used for network security assessments, vulnerability scanning, and network inventory management, helping administrators and security professionals understand and secure their network environments.\n\nLearn more from the following resources:", + "links": [ + { + "title": "NMAP Website", + "url": "https://nmap.org/", + "type": "article" + }, + { + "title": "NMAP Cheat Sheet", + "url": "https://www.tutorialspoint.com/nmap-cheat-sheet", + "type": "article" + }, + { + "title": "Nmap Tutorial to find Network Vulnerabilities", + "url": "https://www.youtube.com/watch?v=4t4kBkMsDbQ", + "type": "video" + } + ] }, "xFuWk7M-Vctk_xb7bHbWs": { "title": "route", - "description": "`route` is a command-line utility that allows you to view and manipulate the IP routing table in your computer. The primary function of the routing table is to determine the best path for sending IP packets to their destination. Properly managing this table is crucial for network administrators, as it plays a direct role in your computer's ability to communicate with other devices on the network effectively.\n\nUsing the Route Command\n-----------------------\n\nThe syntax for the route command is as follows:\n\n route [COMMAND] [OPTIONS]\n \n\nHere are some basic commands that you can use with `route`:\n\n* **route add** - Adds a new route to the table\n* **route delete** - Removes a route from the table\n* **route change** - Modifies a specific route in the table\n* **route get** - Retrieves information about a specific route\n* **route show** - Displays the entire routing table\n\nPlease note that, to modify the routing table, administrative privileges may be needed.\n\nExamples of Route Usage\n-----------------------\n\n* **View the routing table**\n\n route -n\n \n\nThis command will display the current routing table in a numerical format, which includes the destination, gateway, and interface.\n\n* **Add a new route**\n\n sudo route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.1.1\n \n\nThis command adds a new route to the destination network 192.168.2.0 with a netmask of 255.255.255.0 and a gateway of 192.168.1.1.\n\n* **Delete a route**\n\n sudo route delete -net 192.168.2.0 netmask 255.255.255.0\n \n\nThis command removes the route to the destination network 192.168.2.0 with a netmask of 255.255.255.0.\n\n* **Change an existing route**\n\n sudo route change -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.1.2\n \n\nThis command modifies the existing route to the destination network 192.168.2.0 with a new gateway of 192.168.1.2.\n\nConclusion\n----------\n\nThe `route` command is an essential tool for network administrators and anyone involved in cyber security. Understanding and being able to manipulate the IP routing table can help ensure that your computer is able to communicate effectively with other devices on the network, thus contributing to a more secure and efficient network environment.", - "links": [] + "description": "The `route` command is a network utility used to view and manipulate the IP routing table on Unix-like and Windows systems. It allows users to display the current routes that data packets take, as well as add, modify, or delete routes for network traffic. This command is often used in network troubleshooting and configuration to control how data flows between different networks and subnets. By specifying routes manually, administrators can define specific paths for network traffic, bypassing default routes and optimizing performance or security.\n\nLearn more from the following resources:", + "links": [ + { + "title": "How to check the routing table in Linux", + "url": "https://www.geeksforgeeks.org/route-command-in-linux-with-examples/", + "type": "article" + } + ] }, "y8GaUNpaCT1Ai88wPOk6d": { "title": "tcpdump", - "description": "Tcpdump is a powerful command-line packet analyzer tool that allows you to monitor and intercept network traffic on your system. This utility is beneficial for troubleshooting network connectivity problems and analyzing network protocols. Tcpdump can capture and display the packet headers on a particular network interface or a specific port.\n\nKey Features\n------------\n\n* Capture packets in real-time\n* Display captured packets in a human-readable format\n* Write packets to a file and read saved packet files\n* Filter packets based on specific conditions such as IP addresses, protocol, or port\n\nBasic Usage\n-----------\n\nTo start using Tcpdump, open your terminal/command line and enter the following command:\n\n tcpdump -i any\n \n\nThis command will capture packets on all network interfaces. The output will display source and destination IP addresses, port numbers, and packet length.\n\nCommon Tcpdump Commands\n-----------------------\n\nHere are some essential tcpdump commands for different tasks:\n\n* **Monitor a specific interface**: To monitor a specific network interface, replace `` with the name of the interface you want to monitor:\n \n tcpdump -i \n \n \n* **Capture specific number of packets:** To capture a specific number of packets, use the `-c` option followed by the number of packets you want to capture:\n \n tcpdump -i any -c 10\n \n \n* **Save captured packets to a file:** Tcpdump can save the captured packets to a file for further analysis. To save the packets in a file, use the `-w` option followed by the file name:\n \n tcpdump -i any -w capture.pcap\n \n \n* **Filter captured packets**: You can filter the captured packets by various parameters such as IP addresses, protocol, or port numbers. Some examples of the filter are:\n \n * Capture packets from/to a specific IP address:\n \n tcpdump -i any host 192.168.1.1\n \n \n * Capture packets related to a specific port:\n \n tcpdump -i any port 80\n \n \n * Capture packets by protocol (e.g., icmp, tcp, or udp):\n \n tcpdump -i any icmp\n \n \n\nYou can learn more about tcpdump filters and advanced options from its official documentation or by typing `man tcpdump` in your terminal. Tcpdump is an invaluable tool for any network administrator and will help you get to the root of any network issues.", - "links": [] + "description": "Tcpdump is a powerful command-line packet analyzer used for network troubleshooting and security analysis. It captures and displays the contents of network packets matching specified criteria. Tcpdump can intercept and display communication protocols, packet headers, and payload data passing over a network interface. It's commonly used for diagnosing network issues, monitoring network traffic, detecting suspicious activities, and analyzing protocol behavior. Tcpdump offers various filtering options to focus on specific types of traffic, IP addresses, or ports. While primarily used on Unix-like systems, its Windows equivalent is WinDump. Due to its ability to capture sensitive data, tcpdump usage often requires administrative privileges and must comply with legal and ethical guidelines.\n\nLearn more from the following resources:", + "links": [ + { + "title": "tcpdump man page", + "url": "https://www.tcpdump.org/manpages/tcpdump.1.html", + "type": "article" + }, + { + "title": "TCP Dump - What is it and how to use it?", + "url": "https://www.youtube.com/watch?v=e45Kt1IYdCI", + "type": "video" + } + ] }, "cSz9Qx3PGwmhq3SSKYKfg": { "title": "tracert", - "description": "Tracert, short for \"Trace Route\", is a command-line utility that helps in diagnosing network connectivity issues by displaying the route taken by data packets to reach a specific destination. It identifies each hop along the path and calculates the time it takes for the data packets to travel from one point to another. Tracert can be particularly useful in determining potential delays or interruptions in network communication.\n\nHow to Use Tracert\n------------------\n\n* Open `Command Prompt` on your Windows computer or `Terminal` on Linux or macOS.\n* Type `tracert` followed by the target destination, which can either be an IP address or a domain name. For example: `tracert example.com`\n\nThe output will show a list of hops in sequential order, with each line representing a single hop, its IP address, hostname, and the round-trip time (in milliseconds) for the data packets to reach that point.\n\nInterpreting Tracert Results\n----------------------------\n\nWhen analyzing the results of a tracert command, consider the following:\n\n* _Hops_: These are the individual steps the data packets take to reach the destination. If the route appears excessively long, there may be an issue with the network configuration or an inefficient routing path.\n* _Round-trip Time (RTT)_: This measures how long it takes for data packets to travel from the source to the destination and back. If the RTT is consistently high or increases significantly between specific hops, there could be a network delay, bottleneck, or congestion.\n* _Request Timed Out_: If you see this error, it means that a data packet failed to reach a specific hop within the given time. This could be an indication of a connection failure, firewall blocking, or packet loss.\n\nHowever, note that some routers may be configured to discard or de-prioritize ICMP echo requests (the packets used by tracert) due to security reasons or traffic management, which might result in incomplete or inaccurate tracert results.\n\nLimitations and Alternatives\n----------------------------\n\nWhile tracert is a handy troubleshooting tool, it has some limitations:\n\n* It relies on ICMP (Internet Control Message Protocol) packets, which may be filtered or blocked by firewalls or other network devices.\n* The results might be affected by short-lived network congestions or latency spikes which are not necessarily representative of the average performance.\n* It provides limited insight into the underlying causes of network issues (e.g., hardware failures, software misconfigurations).\n\nFor more advanced network troubleshooting and analysis, you may consider other tools such as:\n\n* `ping`: To test basic connectivity and latency towards a specific host or IP address.\n* `nslookup` or `dig`: To look up DNS records, diagnose DNS problems, or verify proper domain name resolution.\n* `mtr` (My Traceroute): Available on Linux and macOS, it combines the functionality of both \"traceroute\" and \"ping,\" providing real-time, continuous statistics on each hop's performance.", - "links": [] + "description": "Tracert (traceroute in Unix-based systems) is a network diagnostic tool used to trace the path that data packets take from a source computer to a destination host. It shows the number of hops (intermediate routers) traversed, the IP addresses of these routers, and the round-trip time for each hop. Tracert works by sending packets with increasing Time-To-Live (TTL) values, causing each router along the path to respond. This tool is valuable for identifying network bottlenecks, pinpointing where packet loss occurs, and understanding the routing path of network traffic. It's commonly used for troubleshooting network connectivity issues, analyzing network performance, and mapping network topology.\n\nLearn more from the following resources:", + "links": [ + { + "title": "traceroute man page", + "url": "https://linux.die.net/man/8/traceroute", + "type": "article" + }, + { + "title": "tracert", + "url": "https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/tracert", + "type": "article" + }, + { + "title": "Traceroute (tracert) Explained", + "url": "https://www.youtube.com/watch?v=up3bcBLZS74", + "type": "video" + } + ] }, "lG6afUOx3jSQFxbH92otL": { "title": "Kerberos", @@ -1297,18 +1787,51 @@ }, "lV3swvD6QGLmD9iVfbKIF": { "title": "LDAP", - "description": "LDAP is a protocol used to access directory services, i.e., a hierarchical database that holds information about various objects, such as users, groups, computer accounts, and more. In the context of cybersecurity, it's essential in storing information related to authentication, authorization, and user profiles. LDAP is primarily utilized in enterprise environments as a centralized system for managing user accounts and their permissions.\n\n**How LDAP works**\n\n* It is based on a client-server model, where the client sends a request to the server (usually an LDAP directory server), and the server responds accordingly.\n* LDAP servers store directory entries in a hierarchical (tree-like) structure, starting from the root (known as the \"base DN\") and following a series of branches down to individual entries.\n* Each entry in the LDAP directory has a distinguished name (DN), which uniquely identifies the entry in the hierarchy.\n\n**LDAP in Cyber Security** In cybersecurity, LDAP servers are often used for the following purposes:\n\n* **Authentication**: LDAP stores user account and password information, which can be used to authenticate users to access specific applications or resources.\n* **Authorization**: Using LDAP directory groups, you can manage access controls for users and grant or deny permissions based on their role or membership.\n* **User Management**: LDAP provides a single, centralized repository for managing user account information, making it easier to maintain consistent user data across multiple systems or applications.\n\n**LDAP Security Best Practices** To enhance the security of your LDAP implementation, consider adopting these best practices:\n\n* Use secure protocols like LDAPS (LDAP over SSL) or StartTLS to encrypt the data transmitted between the client and the LDAP server.\n* Implement strong access control rules to ensure that only authorized clients can access the LDAP directory.\n* Regularly update and patch both client-side and server-side LDAP software to protect against known vulnerabilities.\n* Limit the searchable scope on the client-side, to minimize the risk of information disclosure.\n* Use strong authentication methods, such as multi-factor authentication (MFA), to secure access to the LDAP directory.\n\nIn conclusion, LDAP is a critical component in many enterprise-level cybersecurity architectures, as it plays a vital role in handling authentication and authorization processes. To ensure the security of your LDAP implementation, it's crucial to follow best practices and carefully manage access to directory services.", - "links": [] + "description": "LDAP (Lightweight Directory Access Protocol) is a standardized application protocol for accessing and maintaining distributed directory information services over an IP network. It's primarily used for querying and modifying directory services, such as user authentication and information lookup. LDAP organizes data in a hierarchical tree structure and is commonly used in enterprise environments for centralized user management, authentication, and authorization. It supports features like single sign-on and can integrate with various applications and services. LDAP is widely used in conjunction with Active Directory and other directory services to provide a centralized repository for user accounts, groups, and other organizational data, facilitating efficient user and resource management in networked environments.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What Is LDAP & How Does It Work?", + "url": "https://www.okta.com/uk/identity-101/what-is-ldap/", + "type": "article" + }, + { + "title": "", + "url": "https://www.youtube.com/watch?v=vy3e6ekuqqg", + "type": "video" + } + ] }, "xL32OqDKm6O043TYgVV1r": { "title": "SSO", - "description": "Single Sign-On, or SSO, is an authentication mechanism that allows users to access multiple applications, systems, or websites by entering their login credentials only once. This means that a user can quickly and conveniently navigate between multiple platforms without the need to authenticate multiple times, providing both a seamless user experience and an added layer of security.\n\nKey Components of SSO\n---------------------\n\nThere are typically three main components involved in the Single Sign-On process:\n\n* **User:** The individual who wants to access multiple applications within an environment.\n* **Service Provider (SP):** The application or website the user is trying to access.\n* **Identity Provider (IdP):** The third-party platform that securely stores and manages user identities, ensuring only authorized users can access the applications.\n\nHow SSO Works\n-------------\n\nSSO operates by leveraging a centralized authentication system, usually provided by an Identity Provider (IdP). When a User attempts to access a Service Provider (SP), the following process occurs:\n\n* The User requests access to a Service Provider.\n \n* The Service Provider checks if the User is already authenticated to the Identity Provider.\n \n* If not, the User is redirected to the Identity Provider's login page.\n \n* The User submits their login credentials to the Identity Provider.\n \n* If the credentials are valid, the Identity Provider issues an encrypted token called a \"security assertion\".\n \n* The User presents this token to the Service Provider as proof of authentication.\n \n* The Service Provider validates the token and grants access to the User.\n \n\nBenefits of SSO\n---------------\n\n* **Improved User Experience:** Users spend less time logging in, allowing them to focus on their work without being repeatedly prompted for authentication.\n \n* **Reduced Password Fatigue:** Users only need to remember one set of login credentials, minimizing the need to write down or reuse passwords, which can be a security risk.\n \n* **Enhanced Security:** By limiting the number of times a user enters their login credentials, SSO reduces the risk of phishing attacks and potential password breaches.\n \n* **Simplified Identity Management:** Centralizing authentication through a single Identity Provider makes it easier for administrators to manage access rights and monitor user activity across multiple platforms.\n \n* **Reduced Help Desk Costs:** With fewer password-related issues to address, help desk teams can focus on more critical tasks, resulting in lower support costs.\n \n\nOverall, implementing Single Sign-On in your organization can dramatically improve both user experience and system security. However, it is essential to choose a reliable Identity Provider and ensure secure integration with all relevant Service Providers.", - "links": [] + "description": "Single Sign-On (SSO) is an authentication method that allows users to access multiple applications or systems with one set of login credentials. It enables users to log in once and gain access to various connected systems without re-entering credentials. SSO enhances user experience by reducing password fatigue, streamlines access management for IT departments, and can improve security by centralizing authentication controls. It typically uses protocols like SAML, OAuth, or OpenID Connect to securely share authentication information across different domains. While SSO offers convenience and can strengthen security when implemented correctly, it also presents a single point of failure if compromised, making robust security measures for the SSO system critical.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is SSO? | How single sign-on works", + "url": "https://www.cloudflare.com/en-gb/learning/access-management/what-is-sso/", + "type": "article" + }, + { + "title": "What Is Single Sign-on (SSO)? How It Works", + "url": "https://www.youtube.com/watch?v=O1cRJWYF-g4", + "type": "video" + } + ] }, "tH3RLnJseqOzRIbZMklHD": { "title": "RADIUS", - "description": "**RADIUS** (Remote Authentication Dial-In User Service) is a widely used client-server protocol that offers centralized authentication, authorization, and accounting (AAA) management for users connecting to a network. Developed in 1991, RADIUS allows the transfer of user authentication and configuration information between devices and servers on a network.\n\nHow RADIUS Works\n----------------\n\nRADIUS uses the User Datagram Protocol (UDP) for communication between the client and the server. When a user attempts to connect to a network, the client (like a VPN server or wireless access point) forwards the authentication request to the RADIUS server. The server then checks the user's credentials against its user database or forwards the request to another authentication server.\n\nUpon successful authentication, the RADIUS server sends back an **Access-Accept** message, as well as user-specific access policies (such as VLAN assignments or firewall rules). If the authentication fails, the server sends an **Access-Reject** message. Additionally, RADIUS tracks and reports user activity, making it responsible for the accounting aspect of AAA.\n\nBenefits of RADIUS\n------------------\n\n* **Centralized Management**: RADIUS allows administrators to manage user authentication and policies from a central location. This significantly simplifies the management of large and diverse networks.\n \n* **Scalability**: RADIUS servers can manage authentication for thousands of users and devices, making it well-suited for large organizations.\n \n* **Flexibility**: Being a widely adopted standard, RADIUS is compatible with various devices, such as routers, switches, VPN gateways, and wireless access points. It also allows for integration with other authentication services, like LDAP or Active Directory.\n \n* **Security**: RADIUS encrypts passwords during transmission, minimizing risks associated with data breaches. Additionally, it can enforce various access policies to further strengthen network security.\n \n\nRADIUS vs. TACACS+\n------------------\n\nAnother popular AAA protocol is Terminal Access Controller Access-Control System Plus (TACACS+). While both RADIUS and TACACS+ provide similar functionality, there are notable differences:\n\n* RADIUS combines authentication and authorization, while TACACS+ separates them, allowing for greater flexibility and more granular control.\n* RADIUS uses UDP for communication, whereas TACACS+ uses TCP, ensuring reliable and ordered delivery of packets.\n* TACACS+ encrypts the entire payload, while RADIUS only encrypts the password.\n\nOrganizations may choose between RADIUS and TACACS+ based on their specific requirements, network setup, and device compatibility.\n\nIn conclusion, RADIUS plays a crucial role in implementing a robust and efficient AAA framework, simplifying network administration while ensuring security and compliance.", - "links": [] + "description": "**Remote Authentication Dial-In User Service (RADIUS)** is a network protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for users who connect to and use a network service. It is commonly used for managing access to network resources such as VPNs, Wi-Fi, and dial-up services. RADIUS servers validate user credentials, enforce access policies, and log user activities. It operates over UDP ports 1812 (authentication) and 1813 (accounting), and supports encryption for securely transmitting user credentials and data.\n\nLearn more from the following resources:", + "links": [ + { + "title": "RADIUS (Remote Authentication Dial-In User Service)", + "url": "https://www.techtarget.com/searchsecurity/definition/RADIUS", + "type": "article" + }, + { + "title": "How RADIUS Authentication Works", + "url": "https://www.youtube.com/watch?v=LLrb3em-_po", + "type": "video" + } + ] }, "WXRaVCYwuGQsjJ5wyvbea": { "title": "Certificates", @@ -1328,7 +1851,7 @@ }, "vYvFuz7lAJXZ1vK_4999a": { "title": "Local Auth", - "description": "In this section, we will discuss local authentication, which is a crucial aspect of ensuring the security of your computer systems and networks.\n\nWhat is Local Authentication?\n-----------------------------\n\nLocal authentication is the process of verifying a user's identity on a single, isolated system, such as a computer or a server. It refers to the direct checking of user credentials (such as username and password) against a locally stored database, instead of relying on a centralized authentication service.\n\nHow Does Local Authentication Work?\n-----------------------------------\n\nIn a local authentication setup, user and password information is stored on the same system where authentication takes place. When a user attempts to log in, the system checks the provided credentials against the stored data. If they match, access is granted, otherwise, it is denied.\n\nHere is a high-level overview of how local authentication works:\n\n* User attempts to log in by entering their credentials, typically a username and password.\n* System checks the provided credentials against a local database.\n* If the credentials match an entry in the database, access is granted to the user.\n* If the credentials do not match any entries in the database, access is denied and an error message is displayed.\n\nAdvantages and Disadvantages of Local Authentication\n----------------------------------------------------\n\nAdvantages\n----------\n\n* **Simplicity**: Local authentication is simple to set up, as it doesn't require any external authentication services or additional infrastructure.\n* **No Dependency on Internet Connectivity**: Since user credentials are stored locally, users can still authenticate even if there is no internet connection.\n\nDisadvantages\n-------------\n\n* **Scalability**: Managing and maintaining user accounts on individual systems becomes difficult when the number of systems and users increases.\n* **Increased Risk**: Information about user accounts, including passwords, may be stored in plain text, making them vulnerable to unauthorized access.\n* **Incomplete Security**: Local authentication alone may not provide sufficient security to protect sensitive information, necessitating the use of additional security measures such as secure socket layer (SSL) and two-factor authentication (2FA).\n\nBest Practices for Local Authentication\n---------------------------------------\n\nTo ensure the security of your system while using local authentication:\n\n* Always use strong, unique passwords for each user account.\n* Regularly update and patch the system to keep it secure against known vulnerabilities.\n* Consider implementing additional security measures, such as encryption, to protect sensitive data.\n* Periodically review user accounts to ensure they have the appropriate access privileges and are no longer needed.\n* Implement logs and monitoring to detect any suspicious activity on your system relating to user authentication.\n\nIn conclusion, local authentication can be an effective method for authenticating users on a single system. However, it is important to be aware of its limitations and make sure to implement additional security measures when necessary to keep your data safe.", + "description": "Local authentication refers to the process of verifying a user's identity on a specific device or system without relying on external servers or networks. It typically involves storing and checking credentials directly on the device itself. Common methods include username/password combinations, biometrics (fingerprint, face recognition), or PIN codes. Local authentication is often used for device access, offline applications, or as a fallback when network-based authentication is unavailable. While it offers quick access and works without internet connectivity, it can be less secure than centralized authentication systems and more challenging to manage across multiple devices. Local authentication is commonly used in personal devices, standalone systems, and scenarios where network-based authentication is impractical or unnecessary.", "links": [] }, "_hYN0gEi9BL24nptEtXWU": { @@ -1338,44 +1861,97 @@ }, "rzY_QsvnC1shDTPQ-til0": { "title": "Understand Common Hacking Tools", - "description": "Common Hacking Tools\n--------------------\n\nAs you journey into the world of cyber security, it is essential to be familiar with common hacking tools used by cyber criminals. These tools help hackers exploit vulnerabilities in systems and networks, but they can also be used ethically by security professionals to test their own networks and systems for vulnerabilities. Below is a brief overview of some common hacking tools:\n\nNmap (Network Mapper)\n---------------------\n\nNmap is a popular open-source network scanner used by cyber security professionals and hackers alike to discover hosts and services on a network. It helps identify hosts, open ports, running services, OS types, and many other details. It is particularly useful for network inventorying and security audits.\n\nWireshark\n---------\n\nWireshark is another open-source tool used for network analysis and troubleshooting. It allows the user to capture and analyze the traffic that is being transmitted through a network. It helps identify any suspicious activity, such as malware communication or unauthorized access attempts.\n\nMetasploit\n----------\n\nMetasploit is a powerful penetration testing framework that covers a wide range of exploits and vulnerabilities. With a customizable and extensible set of tools, Metasploit is particularly useful for simulating real-world cyber attacks and helps identify where your system is most vulnerable.\n\nJohn the Ripper\n---------------\n\nJohn the Ripper is a well-known password cracker tool, which can be used to identify weak passwords and test password security. It supports various encryption algorithms and can also be used for identifying hashes.\n\nBurp Suite\n----------\n\nBurp Suite is a web application security testing tool, mainly used to test for vulnerabilities in web applications. It includes tools for intercepting and modifying the requests, automating tests, scanning, and much more.\n\nAircrack-ng\n-----------\n\nAircrack-ng is a set of tools targeting Wi-Fi security. It includes tools for capturing and analyzing network packets, cracking Wi-Fi passwords, and testing the overall security of wireless networks.\n\nKali Linux\n----------\n\nKali Linux is a Linux distribution, specifically built for penetration testing and security auditing. It comes preinstalled with a wide range of hacking tools and is commonly used by ethical hackers and security professionals.\n\nKeep in mind that while these tools are commonly used by hackers, they can also be employed ethically by security professionals to understand and address vulnerabilities in their own systems. The key is to use them responsibly and always seek permission before testing any network or system that does not belong to you.", - "links": [] + "description": "Common hacking tools encompass a range of software used for network exploration, security auditing, and penetration testing. These include network scanners like Nmap, vulnerability assessment tools such as Nessus, password crackers like John the Ripper, and exploitation frameworks like Metasploit. Wireshark for packet analysis, Burp Suite for web application security testing, and Aircrack-ng for wireless network auditing are also widely used. While these tools have legitimate purposes in cybersecurity for identifying and addressing vulnerabilities, they can be misused for malicious activities. Ethical use of these tools requires proper authorization and adherence to legal and ethical guidelines. Understanding these tools is crucial for both offensive and defensive cybersecurity practices.\n\nLearn more from the following resources:", + "links": [ + { + "title": "100 Top Hacking Tools and Ethical Hacking Tools", + "url": "https://www.eccouncil.org/cybersecurity-exchange/ethical-hacking/best-ethical-hacking-tools/", + "type": "article" + }, + { + "title": "I Tried 100+ Hacking Tools", + "url": "https://www.youtube.com/watch?v=4WqymtvuWZQ", + "type": "video" + } + ] }, "Lg7mz4zeCToEzZBFxYuaU": { "title": "Understand Common Exploit Frameworks", - "description": "Exploit frameworks are essential tools in the cybersecurity landscape, as they provide a systematic and efficient way to test vulnerabilities, develop exploits, and launch attacks. They automate many tasks and help security professionals and ethical hackers to identify weaknesses, simulate attacks, and strengthen defenses. In this section, we will discuss some of the most common exploit frameworks and their features.\n\nMetasploit\n----------\n\n[Metasploit](https://www.metasploit.com/) is probably the most widely used and well-known exploit framework. It is an open-source platform with a large and active user community, which constantly contributes to its development, vulnerability research, and exploit creation.\n\n* **Key Features:**\n * Supports more than 1,500 exploits and over 3,000 modules\n * Provides a command-line interface as well as a Graphical User Interface (GUI) called Armitage\n * Offers integration with other popular tools, such as Nmap and Nessus\n * Enables payload delivery, exploit execution, and post-exploitation tasks\n\nCanvas\n------\n\n[Canvas](https://www.immunityinc.com/products/canvas/) is a commercial exploit framework developed by Immunity Inc. It includes a wide range of modules that target various platforms, networking devices, and vulnerabilities.\n\n* **Key Features:**\n * Contains a collection of more than 450 exploits\n * Offers exploit development and fuzzing tools\n * Provides intuitive GUI for managing and executing attacks\n * Allows customization through Python scripting\n\nExploit Pack\n------------\n\n[Exploit Pack](https://exploitpack.com/) is another commercial exploit framework that focuses on ease of use and extensive exploit modules selection. It is frequently updated to include the latest exploits and vulnerabilities.\n\n* **Key Features:**\n * Offers over 38,000 exploits for Windows, Linux, macOS, and other platforms\n * Provides a GUI for managing and executing exploits\n * Allows exploit customization and development using JavaScript\n * Includes fuzzers, shellcode generators, and other advanced features\n\nSocial-Engineer Toolkit (SET)\n-----------------------------\n\n[SET](https://github.com/trustedsec/social-engineer-toolkit) is an open-source framework designed to perform social engineering attacks, such as phishing and spear-phishing. Developed by TrustedSec, it focuses on human interaction and targets user credentials, software vulnerabilities, and more.\n\n* **Key Features:**\n * Executes email-based attacks, SMS-based attacks, and URL shortening/exploitation\n * Provides template-based phishing email creation\n * Integrates with Metasploit for payloads and exploits\n * Offers USB-based exploitation for human-interface devices\n\nWhen using these exploit frameworks, it is important to remember that they are powerful tools that can cause significant damage if misused. Always ensure that you have explicit permission from the target organization before conducting any penetration testing activities.", + "description": "Common exploit frameworks are comprehensive platforms used for developing, testing, and executing security exploits. The most prominent is Metasploit, which offers a large database of known vulnerabilities and exploit modules. It allows security professionals to simulate attacks and test system defenses. Other frameworks include Canvas by Immunity, Core Impact, and the open-source BeEF (Browser Exploitation Framework). These tools typically provide features for vulnerability scanning, payload generation, post-exploitation activities, and reporting. While primarily used for legitimate security testing and penetration testing, these frameworks can also be misused by malicious actors. Proper usage requires strict ethical guidelines, legal authorization, and a thorough understanding of cybersecurity principles and potential impacts.\n\nLearn more from the following resources:", "links": [ { - "title": "Metasploit Primer (TryHackMe)", - "url": "https://tryhackme.com/room/rpmetasploit", + "title": "Metasploit Framework", + "url": "https://www.metasploit.com/", + "type": "article" + }, + { + "title": "Core Impact", + "url": "https://www.coresecurity.com/", + "type": "article" + }, + { + "title": "Immunity Canvas", + "url": "www.immunitysec.com", "type": "article" + }, + { + "title": "Metasploit for Beginners", + "url": "https://www.youtube.com/watch?v=8lR27r8Y_ik", + "type": "video" } ] }, "Rae-f9DHDZuwIwW6eRtKF": { "title": "Understand Concept of Defense in Depth", - "description": "Defense in depth, also known as layered security, is a comprehensive approach to cybersecurity that involves implementing multiple layers of protection to safeguard an organization's assets, networks, and systems. This strategy is based on the concept that no single security measure can guarantee complete protection; therefore, a series of defensive mechanisms are employed to ensure that even if one layer is breached, the remaining layers will continue to provide protection.\n\nIn this section, we'll explore some key aspects of defense in depth:\n\nMultiple Layers of Security\n---------------------------\n\nDefense in depth is built upon the integration of various security measures, which may include:\n\n* **Physical security**: Protecting the organization's facilities and hardware from unauthorized access or damage.\n* **Access control**: Managing permissions to limit users' access to specific resources or data.\n* **Antivirus software**: Detecting, removing, and preventing malware infections.\n* **Firewalls**: Filtering network traffic to block or permit data communication based on predefined rules.\n* **Intrusion Detection and Prevention Systems (IDPS)**: Monitoring and analyzing network traffic to detect and prevent intrusions and malicious activities.\n* **Data backup and recovery**: Ensuring the organization's data is regularly backed up and can be fully restored in case of loss or accidental deletion.\n* **Encryption**: Encoding sensitive data to protect it from unauthorized access or theft.\n\nImplementing these layers allows organizations to minimize the risk of cybersecurity breaches, and in the event of an incident, quickly and effectively respond and recover.\n\nContinuous Monitoring and Assessment\n------------------------------------\n\nEffective defense in depth requires continuous monitoring and assessment of an organization's overall security posture. This involves:\n\n* Regularly reviewing and updating security policies and procedures.\n* Conducting security awareness training to educate employees on potential threats and best practices.\n* Performing vulnerability assessments and penetration testing to identify weaknesses in systems and networks.\n* Implementing incident response plans to ensure swift action in the event of a security breach.\n\nCollaboration and Information Sharing\n-------------------------------------\n\nDefense in depth benefits greatly from collaboration between various stakeholders, such as IT departments, security teams, and business leaders, all working together to maintain and improve the organization's security posture.\n\nIn addition, sharing information about threats and vulnerabilities with other organizations, industry associations, and law enforcement agencies can help strengthen the collective security of all parties involved.\n\nIn summary, defense in depth involves the implementation of multiple layers of security measures, continuous monitoring, and collaboration to protect an organization's valuable assets from cyber threats. By adopting this approach, organizations can minimize the risk of a breach and improve their overall cybersecurity posture.", - "links": [] + "description": "Defense in Depth is a cybersecurity strategy that employs multiple layers of security controls throughout an IT system or network. This approach assumes that no single security measure is perfect, and therefore combines various defensive mechanisms to protect assets. It typically includes physical security, network security, endpoint protection, application security, data security, and user education. By implementing overlapping security measures, the strategy aims to create a comprehensive security posture that can withstand various types of attacks, slow down intruders, and provide multiple opportunities for detection and response. This layered approach helps organizations maintain security even if one layer is compromised, significantly improving overall resilience against cyber threats.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is Defense in Depth?", + "url": "https://www.fortinet.com/resources/cyberglossary/defense-in-depth", + "type": "article" + }, + { + "title": "Defense-in-Depth - CompTIA Security+", + "url": "https://www.youtube.com/watch?v=HLQ4wX8NxQY", + "type": "video" + } + ] }, "Ec6EairjFJLCHc7b-1xxe": { "title": "Understand Concept of Runbooks", - "description": "Runbooks are a type of written documentation that details a step-by-step procedure for addressing a specific cyber security issue or incident. They are essential resources that help IT professionals and security teams streamline their response and management of security incidents.\n\nImportance of Runbooks in Cyber Security\n----------------------------------------\n\nRunbooks play a vital role in fortifying an organization's security posture. Here are some reasons why they are important:\n\n* **Standardization**: Runbooks help standardize the process of responding to security incidents, ensuring that the organization follows best practices and avoids potential mistakes.\n* **Efficiency**: Well-prepared runbooks provide clear instructions, which save time and reduce confusion during high-pressure security events.\n* **Knowledge sharing**: They act as a centralized source of knowledge for security procedures that can be shared across teams and can be used for training purposes.\n* **Auditing and compliance**: Runbooks showcase an organization's commitment to robust security practices, which can be critical for meeting regulatory requirements and passing security audits.\n\nComponents of a Good Runbook\n----------------------------\n\nHere are key components that make up an effective runbook:\n\n* **Title**: Clearly state the purpose of the runbook (e.g., \"Responding to a Ransomware Attack\").\n* **Scope**: Define the types of incidents or situations the runbook should be used for and the intended audience (e.g., for all team members dealing with data breaches).\n* **Prerequisites**: List any required resources or tools needed to execute the runbook's instructions.\n* **Step-by-step Instructions**: Provide a clear, concise, and accurate set of tasks to be performed, starting from the detection of the incident to its resolution.\n* **Roles and Responsibilities**: Define the roles of each team member involved in executing the runbook, including their responsibilities during each step of the process.\n* **Escalation**: Include a predefined set of conditions for escalating the situation to higher authorities or external support.\n* **Communication and reporting**: Explain how to communicate the incident to the relevant stakeholders and what information needs to be reported.\n* **Post-incident review**: Outline the process for reviewing and improving the runbook and the overall incident response after an event has been resolved.\n\nUpdating and Maintaining Runbooks\n---------------------------------\n\nRunbooks should be periodically reviewed and updated to ensure their effectiveness. It is important to incorporate lessons learned from past incidents, emerging threats, and new technologies into the runbook to keep it relevant and effective.\n\nIn conclusion, runbooks play a crucial role in fostering a resilient cyber security posture. Organizations should invest time and effort in developing and maintaining comprehensive runbooks for dealing with a wide range of security incidents.", - "links": [] + "description": "Runbooks are standardized documents or automated scripts that outline step-by-step procedures for carrying out specific IT operations or resolving common issues. They provide a consistent approach to routine tasks, incident response, and problem-solving, enabling IT teams to handle situations efficiently and minimize human error. Runbooks typically include detailed instructions, decision trees, troubleshooting guides, and may incorporate automation for repetitive tasks. They are essential for maintaining operational consistency, reducing downtime, facilitating knowledge transfer among team members, and supporting rapid incident resolution in complex IT environments. Modern runbooks are often digital, interactive, and integrated with IT service management tools for streamlined operations and continuous improvement.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is a runbook?", + "url": "https://www.pagerduty.com/resources/learn/what-is-a-runbook/", + "type": "article" + }, + { + "title": "Create Automation Runbooks with AWS Systems Manager", + "url": "https://www.youtube.com/watch?v=fQ_KahCPBeU", + "type": "video" + } + ] }, "7KLGFfco-hw7a62kXtS3d": { "title": "Understand Basics of Forensics", - "description": "**Forensics** is a specialized area within cybersecurity that deals with the investigation of cyber incidents, the collection, preservation, and analysis of digital evidence, and the efforts to tie this evidence to specific cyber actors. The main goal of digital forensics is to identify the cause of an incident, determine the extent of the damage, and provide necessary information to recover and prevent future attacks. This discipline typically involves several key steps:\n\n* **Preparation**: Developing a forensic strategy, setting up a secure laboratory environment, and ensuring the forensics team has the necessary skills and tools.\n* **Identification**: Determining the scope of the investigation, locating and identifying the digital evidence, and documenting any relevant information.\n* **Preservation**: Ensuring the integrity of the digital evidence is maintained by creating backups, securing storage, and applying legal and ethical guidelines.\n* **Analysis**: Examining the digital evidence using specialized tools and techniques to extract relevant information, identify patterns, and uncover hidden details.\n* **Reporting**: Compiling the findings of the investigation into a report that provides actionable insights, including the identification of cyber actors, the methods used, and the damage caused.\n\nProfessionals working in digital forensics need a solid understanding of various technologies, as well as the ability to think critically, be detail-oriented, and maintain the integrity and confidentiality of data. Moreover, they should be well-versed in related laws and regulations to ensure compliance and admissibility of evidence in legal proceedings. Some of the key skills to master include:\n\n* Knowledge of digital evidence collection and preservation techniques\n* Familiarity with forensic tools and software, such as EnCase, FTK, or Autopsy\n* Understanding of file systems, operating systems, and network protocols\n* Knowledge of malware analysis and reverse engineering\n* Strong analytical and problem-solving skills\n* Effective communication abilities to convey technical findings to non-technical stakeholders\n\nOverall, digital forensics is a crucial component of cybersecurity as it helps organizations respond effectively to cyber attacks, identify vulnerabilities, and take appropriate steps to safeguard their digital assets.", + "description": "Digital forensics is the process of collecting, analyzing, and preserving electronic evidence for legal or investigative purposes. It involves recovering data from various digital devices, including computers, smartphones, and networks, often in cases of cybercrime, data breaches, or legal disputes. Forensic analysts use specialized tools and techniques to extract and examine data, maintain chain of custody, and present findings in a court-admissible manner. Key aspects include data acquisition, file recovery, timeline analysis, and malware detection. Digital forensics plays a crucial role in cybersecurity incident response, criminal investigations, and corporate compliance, requiring a meticulous approach to ensure the integrity and admissibility of digital evidence.\n\nLearn more from the following resources:", "links": [ { "title": "Introduction to Digital Forensics (TryHackMe)", "url": "https://tryhackme.com/room/introdigitalforensics", "type": "article" + }, + { + "title": "Digital Forensics", + "url": "https://www.youtube.com/watch?v=UtDWApdO8Zk", + "type": "video" } ] }, "_x3BgX93N-Pt1_JK7wk0p": { "title": "Basics and Concepts of Threat Hunting", - "description": "Threat hunting is a proactive approach to cybersecurity where security professionals actively search for hidden threats or adversaries that may have bypassed traditional security measures, such as firewalls and intrusion detection systems. Rather than waiting for automated tools to flag suspicious activity, threat hunters use a combination of human intuition, threat intelligence, and advanced analysis techniques to identify indicators of compromise (IoCs) and potential threats within a network or system.\n\nThe process involves several key concepts, starting with a **hypothesis**, where a hunter develops a theory about potential vulnerabilities or attack vectors that could be exploited. They then conduct a **search** through logs, traffic data, or endpoint activity to look for anomalies or patterns that may indicate malicious behavior. **Data analysis** is central to threat hunting, as hunters analyze vast amounts of network and system data to uncover subtle signs of attacks or compromises. If threats are found, the findings lead to **detection and mitigation**, allowing the security team to contain the threat, remove malicious entities, and prevent similar incidents in the future.\n\nThreat hunting also involves **continuous learning** and adapting, as hunters refine their techniques based on evolving attack methods and the latest threat intelligence. This approach improves an organization’s overall security posture by identifying sophisticated or previously unknown threats that might evade conventional security measures.\n\nLearn more from the following resources:", + "description": "Threat hunting is a proactive approach to cybersecurity where security professionals actively search for hidden threats or adversaries that may have bypassed traditional security measures, such as firewalls and intrusion detection systems. Rather than waiting for automated tools to flag suspicious activity, threat hunters use a combination of human intuition, threat intelligence, and advanced analysis techniques to identify indicators of compromise (IoCs) and potential threats within a network or system. The process involves several key concepts, starting with a **hypothesis**, where a hunter develops a theory about potential vulnerabilities or attack vectors that could be exploited. They then conduct a **search** through logs, traffic data, or endpoint activity to look for anomalies or patterns that may indicate malicious behavior. **Data analysis** is central to threat hunting, as hunters analyze vast amounts of network and system data to uncover subtle signs of attacks or compromises. If threats are found, the findings lead to **detection and mitigation**, allowing the security team to contain the threat, remove malicious entities, and prevent similar incidents in the future.\n\nLearn more from the following resources:", "links": [ { "title": "What is Threat Hunting", @@ -1394,10 +1970,15 @@ "description": "Vulnerability management is the process of identifying, evaluating, prioritizing, and mitigating security vulnerabilities in an organization's systems, applications, and networks. It is a continuous, proactive approach to safeguarding digital assets by addressing potential weaknesses that could be exploited by attackers. The process begins with **vulnerability scanning**, where tools are used to detect known vulnerabilities by analyzing software, configurations, and devices.\n\nOnce vulnerabilities are identified, they are **assessed and prioritized** based on factors such as severity, potential impact, and exploitability. Organizations typically use frameworks like CVSS (Common Vulnerability Scoring System) to assign risk scores to vulnerabilities, helping them focus on the most critical ones first.\n\nNext, **remediation** is carried out through patching, configuration changes, or other fixes. In some cases, mitigation may involve applying temporary workarounds until a full patch is available. Finally, continuous **monitoring and reporting** ensure that new vulnerabilities are swiftly identified and addressed, maintaining the organization's security posture. Vulnerability management is key to reducing the risk of exploitation and minimizing the attack surface in today's complex IT environments.\n\nLearn more from the following resources:", "links": [ { - "title": "What is vulnerability management?", + "title": "What is vulnerability management? - Rapid7", "url": "https://www.rapid7.com/fundamentals/vulnerability-management-and-scanning/", "type": "article" }, + { + "title": "What is Vulnerability Management? - CrowdStrike", + "url": "https://www.crowdstrike.com/cybersecurity-101/vulnerability-management/", + "type": "article" + }, { "title": "Vulnerability Management explained by experts", "url": "https://www.youtube.com/watch?v=RE6_Lo2wSIg", @@ -1407,7 +1988,7 @@ }, "uoGA4T_-c-2ip_zfEUcJJ": { "title": "Basics of Reverse Engineering", - "description": "Reverse engineering is the process of deconstructing a system, software, or hardware to understand its internal workings, design, and functionality without having access to its source code or original documentation. In cybersecurity, reverse engineering is often used to analyze malware or software vulnerabilities to uncover how they operate, allowing security professionals to develop defenses, patches, or detection methods. This involves breaking down the binary code, disassembling it into machine code, and then interpreting it to understand the logic, behavior, and intent behind the program.\n\nReverse engineering can also be used in hardware to investigate a device's design or performance, or in software development for compatibility, debugging, or enhancing legacy systems. The process typically includes static analysis, where the code is examined without execution, and dynamic analysis, where the program is executed in a controlled environment to observe its runtime behavior. The insights gained through reverse engineering are valuable for improving security, fixing bugs, or adapting systems for different uses. However, it’s important to be aware of the legal and ethical boundaries, as reverse engineering certain software or hardware can violate intellectual property rights.\n\nLearn more from the following resources:", + "description": "Reverse engineering is the process of deconstructing a system, software, or hardware to understand its internal workings, design, and functionality without having access to its source code or original documentation. In cybersecurity, reverse engineering is often used to analyze malware or software vulnerabilities to uncover how they operate, allowing security professionals to develop defenses, patches, or detection methods. This involves breaking down the binary code, disassembling it into machine code, and then interpreting it to understand the logic, behavior, and intent behind the program. Reverse engineering can also be used in hardware to investigate a device's design or performance, or in software development for compatibility, debugging, or enhancing legacy systems. The process typically includes static analysis, where the code is examined without execution, and dynamic analysis, where the program is executed in a controlled environment to observe its runtime behavior. The insights gained through reverse engineering are valuable for improving security, fixing bugs, or adapting systems for different uses. However, it’s important to be aware of the legal and ethical boundaries, as reverse engineering certain software or hardware can violate intellectual property rights.\n\nLearn more from the following resources:", "links": [ { "title": "Reverse Engineering for Everyone!", @@ -1423,12 +2004,23 @@ }, "NkAAQikwH-A6vrF8fWpuB": { "title": "Penetration Testing Rules of Engagement", - "description": "Penetration testing, also known as ethical hacking, is an essential component of a strong cybersecurity program. Rules of engagement (RoE) for penetration testing define the scope, boundaries, and guidelines for conducting a successful penetration test. These rules are crucial to ensure lawful, efficient, and safe testing.\n\nKey Components\n--------------\n\n* **Scope**: The primary objective of defining a scope is to reasonably limit the testing areas. It specifies the systems, networks, or applications to be tested (in-scope) and those to be excluded (out-of-scope). Additionally, the scope should indicate testing methodologies, objectives, and timeframes.\n \n* **Authorization**: Penetration testing must be authorized by the organization's management or the system owner. Proper authorization ensures the testing is legitimate, lawful, and compliant with organizational policies. Obtain written permission, detail authorization parameters, and report concerns or issues that may arise during the test.\n \n* **Communication**: Establish a clear communication plan to ensure timely and accurate information exchange between penetration testers and stakeholders. Designate primary contacts and a secondary point of contact for escalations, emergencies or incident handling. Document the preferred communication channels and establish reporting protocols.\n \n* **Testing Approach**: Select an appropriate testing approach, such as black-box, white-box, or grey-box testing, depending on the objectives and available information. Clarify which penetration testing methodologies will be utilized (e.g., OSSTMM, OWASP, PTES) and specify whether automated tools, manual techniques, or both will be used during the test.\n \n* **Legal & Regulatory Compliance**: Comply with applicable laws, regulations, and industry standards (e.g., GDPR, PCI-DSS, HIPAA) to prevent violations and potential penalties. Seek legal advice if necessary and ensure all parties involved are aware of the regulations governing their specific domain.\n \n* **Rules of Engagement Document**: Formalize all rules in a written document and have it signed by all relevant parties (e.g., system owner, penetration tester, legal advisor). This document should include information such as scope, approach, communication guidelines, and restrictions on testing techniques. Keep it as a reference for incident handling and accountability during the test.\n \n\nIn conclusion, robust penetration rules of engagement not only help identify potential security vulnerabilities in your organization but also ensure that the testing process is transparent and compliant. Establishing RoE is necessary to minimize the risk of legal issues, miscommunications, and disruptions to the organization's routine operations.", - "links": [] + "description": "**Penetration Testing Rules of Engagement** define the guidelines and boundaries for conducting a penetration test. They establish the scope, objectives, and constraints, including the systems and networks to be tested, the testing methods allowed, and the times during which testing can occur. These rules ensure that the testing is conducted ethically and legally, minimizing disruptions and protecting sensitive data. They also include communication protocols for reporting findings and any necessary approvals or permissions from stakeholders to ensure that the testing aligns with organizational policies and compliance requirements.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Why are rules of engagement important to a Penetration Test?", + "url": "https://www.triaxiomsecurity.com/rules-of-engagement-important-to-penetration-test/", + "type": "article" + }, + { + "title": "CompTIA Pentest+ : Rules of Engagement", + "url": "https://www.youtube.com/watch?v=Rt-4j8k6J2U", + "type": "video" + } + ] }, "PUgPgpKio4Npzs86qEXa7": { "title": "Perimiter vs DMZ vs Segmentation", - "description": "Perimeter and DMZ (Demilitarized Zone) segmentation is a crucial aspect of network security that helps protect internal networks by isolating them from external threats. In this section, we will discuss the concepts of perimeter and DMZ segmentation, and how they can be used to enhance the security of your organization.\n\nPerimeter Segmentation\n----------------------\n\nPerimeter segmentation is a network security technique that involves isolating an organization's internal networks from the external, untrusted network (typically the internet). The goal is to create a protective barrier to limit the access of external attackers to the internal network, and minimize the risk of data breaches and other security threats.\n\nTo achieve this, perimeter segmentation typically involves the use of network security appliances such as firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS). These devices act as gatekeepers, enforcing security policies and filtering network traffic to protect the internal network from malicious activity.\n\nDMZ Segmentation\n----------------\n\nThe DMZ is a specially isolated part of the network situated between the internal network and the untrusted external network. DMZ segmentation involves creating a separate, secure area for hosting public-facing services (such as web servers, mail servers, and application servers) that need to be accessible to external users.\n\nThe primary purpose of the DMZ is to provide an additional layer of protection for internal networks. By keeping public-facing services in the DMZ and isolated from the internal network, you can prevent external threats from directly targeting your organization's most sensitive assets.\n\nTo implement a DMZ in your network, you can use devices such as firewalls, routers, or dedicated network security appliances. Properly configured security policies and access controls help ensure that only authorized traffic flows between the DMZ and the internal network, while still allowing necessary external access to the DMZ services.\n\nKey Takeaways\n-------------\n\n* Perimeter and DMZ segmentation are crucial security techniques that help protect internal networks from external threats.\n* Perimeter segmentation involves isolating an organization's internal networks from the untrusted external network, typically using security appliances such as firewalls, IDS, and IPS.\n* DMZ segmentation involves creating a separate, secure area within the network for hosting public-facing services that need to be accessible to external users while maintaining additional security for internal assets.\n* Implementing proper network segmentation and security policies can significantly reduce the risk of data breaches and other security threats.\n\nLearn more from the following resources:", + "description": "In network security, **perimeter**, **DMZ (Demilitarized Zone)**, and **segmentation** are strategies for organizing and protecting systems:\n\n1. **Perimeter** security refers to the outer boundary of a network, typically protected by firewalls, intrusion detection systems (IDS), and other security measures. It acts as the first line of defense against external threats, controlling incoming and outgoing traffic to prevent unauthorized access.\n \n2. **DMZ** is a subnet that sits between an internal network and the external internet, hosting public-facing services like web servers and mail servers. The DMZ isolates these services to minimize the risk of attackers gaining access to the internal network by compromising a public-facing server.\n \n3. **Segmentation** divides a network into smaller, isolated sections or zones, each with its own security controls. This limits the spread of attacks, enhances internal security, and enforces access control between different parts of the network, reducing the potential impact of a breach.\n \n\nTogether, these strategies create a layered defense, protecting sensitive resources by managing traffic flow and access points across the network.\n\nLearn more from the following resources:", "links": [ { "title": "Best practice for network segmentation", @@ -1460,18 +2052,51 @@ }, "kqT0FRLt9Ak9P8PhHldO-": { "title": "Roles of Compliance and Auditors", - "description": "Compliance and auditors play a crucial role in maintaining the security and integrity of any organization's digital infrastructure. They ensure that organizations follow industry-specific regulations, international standards, and defined security policies to reduce the risk of security breaches and protect sensitive data.\n\nCompliance\n----------\n\nCompliance refers to adhering to a set of rules, regulations, and best practices defined by industry standards, government regulations, or an organization's internal security policies. These may include:\n\n* **Industry Standards**: Security standards specific to an industry, e.g., _Payment Card Industry Data Security Standard (PCI DSS)_ for companies handling credit card transactions.\n* **Government Regulations**: Rules defined at a national or regional level to ensure the protection of sensitive information, e.g., _General Data Protection Regulation (GDPR)_ in the European Union.\n* **Internal Security Policies**: Guidelines and procedures created by an organization to manage its digital infrastructure and data securely.\n\nAuditors\n--------\n\nAuditors, specifically cybersecurity auditors or information system auditors, are responsible for evaluating and verifying an organization's compliance with relevant regulations and standards. They perform rigorous assessments, suggest corrective actions, and prepare detailed reports highlighting discrepancies and vulnerabilities in the organization's information systems. Some key responsibilities of auditors include:\n\n* **Assessment**: Conduct comprehensive reviews of security policies, procedures, and controls in place. This may involve evaluating the effectiveness of firewalls, security software, and network configurations.\n* **Risk Management**: Identify and evaluate potential risks and vulnerabilities to an organization's digital infrastructure, such as data breaches, cyber-attacks, or human errors.\n* **Documentation**: Prepare detailed reports highlighting findings, recommendations, and corrective actions. This may include a list of vulnerabilities, compliance gaps, and improvement suggestions.\n* **Consultation**: Provide expert advice and technical guidance to management and IT teams to help organizations meet compliance requirements and improve their overall security posture.\n\nTo summarize, compliance and auditors are essential in maintaining an organization's cybersecurity stance. Effective coordination between security professionals, management, and IT teams is needed to ensure the safety and protection of sensitive data and systems from evolving cyber threats.", - "links": [] + "description": "Compliance officers ensure that an organization adheres to legal, regulatory, and internal policies by proactively implementing controls, training employees, and mitigating risks. Auditors, both internal and external, assess the effectiveness of these controls and the accuracy of financial reporting through periodic evaluations, providing independent assurance to management and stakeholders. While compliance focuses on prevention and day-to-day adherence, auditors focus on verifying and evaluating past performance to ensure integrity and identify areas for improvement. Both roles work together to manage risk and maintain organizational accountability.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is a compliance audit?", + "url": "https://www.auditboard.com/blog/compliance-audit/", + "type": "article" + } + ] }, "ggAja18sBUUdCfVsT0vCv": { "title": "Understand the Definition of Risk", - "description": "In the context of cybersecurity, risk can be defined as the possibility of damage, loss, or any negative occurrence that is caused by external or internal vulnerabilities, and that may be avoided through preemptive action. Risk is typically characterized by three main components:\n\n* **Threat:** A potential danger to the confidentiality, integrity, or availability of information in your system. Threats can be natural (e.g., floods, earthquakes), human-made (e.g., hackers, malicious software), or due to technical issues (e.g., hardware malfunction).\n \n* **Vulnerability:** A weakness or flaw in your system that can be exploited by a threat agent to compromise the security of the system. Vulnerabilities can exist in various aspects, such as physical access, network services, or security procedures.\n \n* **Impact:** The potential amount of damage or loss that can occur to your organization, system, or data due to the successful execution of a threat. Impacts can be financial, reputational, operational, or any other negative consequence that your organization faces as a result of a security breach.\n \n\nWhen evaluating the risk levels of a cybersecurity scenario, it is important to assess the likelihood of a specific threat exploiting a specific vulnerability, as well as the associated impact if such an event occurs. By understanding risks and their components, you can better prioritize your security resources and take appropriate steps to mitigate potential risks. Remember that risk cannot be entirely eliminated, but rather managed to an acceptable level through effective security measures and strategies.", - "links": [] + "description": "In the context of cybersecurity, risk can be defined as the possibility of damage, loss, or any negative occurrence that is caused by external or internal vulnerabilities, and that may be avoided through preemptive action. Risk is typically characterized by three main components:\n\n* **Threat:** A potential danger to the confidentiality, integrity, or availability of information in your system. Threats can be natural (e.g., floods, earthquakes), human-made (e.g., hackers, malicious software), or due to technical issues (e.g., hardware malfunction).\n \n* **Vulnerability:** A weakness or flaw in your system that can be exploited by a threat agent to compromise the security of the system. Vulnerabilities can exist in various aspects, such as physical access, network services, or security procedures.\n \n* **Impact:** The potential amount of damage or loss that can occur to your organization, system, or data due to the successful execution of a threat. Impacts can be financial, reputational, operational, or any other negative consequence that your organization faces as a result of a security breach.\n \n\nWhen evaluating the risk levels of a cybersecurity scenario, it is important to assess the likelihood of a specific threat exploiting a specific vulnerability, as well as the associated impact if such an event occurs. By understanding risks and their components, you can better prioritize your security resources and take appropriate steps to mitigate potential risks. Remember that risk cannot be entirely eliminated, but rather managed to an acceptable level through effective security measures and strategies.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is Cybersecurity Risk?", + "url": "https://securityscorecard.com/blog/what-is-cybersecurity-risk-factors-to-consider/", + "type": "article" + }, + { + "title": "Risk Analysis - Know Your Threat Tolerance", + "url": "https://www.youtube.com/watch?v=xt_Cdtvjbd4", + "type": "video" + } + ] }, "9asy3STW4oTYYHcUazaRj": { "title": "Understand Backups and Resiliency", - "description": "Backups and resiliency are crucial components of an effective cyber security strategy. They help organizations maintain their operations and data integrity, even in the face of various threats such as data breaches, hardware failures, or natural disasters. In this section, we will discuss the importance of creating and maintaining regular data backups and developing a resilient infrastructure.\n\nData Backups\n------------\n\nData backups are simply copies of your valuable data that are stored in a secure location, separate from your primary storage. They provide a means to recover your data in case of any data loss incidents, such as accidental deletion, hardware failure, or cyber attacks like ransomware.\n\n**Best practices for data backups include:**\n\n* **Frequent and scheduled backups**: Schedule regular backups and automate the process to ensure consistency and reduce the risk of human error.\n \n* **Multiple copies**: Maintain multiple copies of your backups, preferably on different types of storage media (e.g., external hard drives, cloud storage, or tapes).\n \n* **Offsite storage**: Store at least one copy of your backups offsite. This will help protect against data loss due to onsite physical disasters or theft.\n \n* **Encryption**: Encrypt your backups to protect sensitive data from unauthorized access.\n \n* **Testing and verification**: Regularly test your backups to ensure they are functioning properly and can be restored when needed.\n \n\nInfrastructure Resiliency\n-------------------------\n\nInfrastructure resiliency refers to the ability of your organization's IT systems to maintain availability and functionality in the face of unexpected disruptions, such as power outages, hardware failures, or cyber attacks. A resilient infrastructure helps minimize downtime and data loss, ensuring that your organization can continue its operations during and after an incident.\n\n**Key components of a resilient infrastructure include:**\n\n* **Redundancy**: Design your infrastructure in a way that it includes redundant components (e.g., servers, power supplies, or network connections) to ensure uninterrupted operations in case of a failure.\n \n* **Disaster recovery planning**: Develop a comprehensive disaster recovery plan that outlines the steps and resources to restore your systems and data after an incident. This plan should include provisions for regular testing and updating.\n \n* **Incident response planning**: Establish a clear incident response process that defines roles, responsibilities, and procedures for identifying, investigating, and mitigating security incidents.\n \n* **Regular monitoring and maintenance**: Proactively monitor your infrastructure for signs of potential issues, and perform routine maintenance to minimize vulnerabilities and reduce the likelihood of failures.\n \n\nBy investing in robust data backups and building a resilient infrastructure, you will ensure that your organization is well-prepared to handle any unexpected disruptions and maintain the continuity of essential operations.", - "links": [] + "description": "Backups and resiliency are critical components of data protection and business continuity strategies. Backups involve regularly copying data to secure storage locations, ensuring data can be recovered in case of loss, corruption, or disaster. Resiliency refers to a system's ability to maintain operations and recover quickly from disruptions. This includes implementing redundant systems, distributing resources across multiple locations, and designing fault-tolerant architectures. Effective backup and resiliency strategies incorporate diverse backup methods (full, incremental, differential), off-site storage, regular testing of recovery procedures, and automated failover mechanisms. These practices are essential for minimizing downtime, protecting against data loss, and maintaining business operations in the face of various threats, from hardware failures to cyberattacks.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Backup & Restore", + "url": "https://aws.amazon.com/solutions/resilience/backup-restore/", + "type": "article" + }, + { + "title": "Why backup should be a part of your cyber resilience plan?", + "url": "https://www.youtube.com/watch?v=S8BIkoHlU_0", + "type": "video" + }, + { + "title": "AWS re:Invent 2023 - Backup and disaster recovery strategies for increased resilience", + "url": "https://www.youtube.com/watch?v=E073XISxrSU", + "type": "video" + } + ] }, "H38Vb7xvuBJXVzgPBdRdT": { "title": "Cyber Kill Chain", @@ -1491,18 +2116,51 @@ }, "pnfVrOjDeG1uYAeqHxhJP": { "title": "MFA & 2FA", - "description": "Introduction\n------------\n\nMulti-Factor Authentication (MFA) and Two-Factor Authentication (2FA) are security measures designed to enhance the protection of user accounts and sensitive information. These supplementary methods require the user to provide more than one form of verification to access an account, making it more difficult for unauthorized users to gain access. In this section, we'll discuss the basics of MFA and 2FA and why they are crucial to cybersecurity.\n\nTwo-Factor Authentication (2FA)\n-------------------------------\n\n2FA strengthens security by requiring two distinct forms of verification before granting access. This means that even if a malicious actor has your password, they will still need the second form of verification to access your account, reducing the risk of unauthorized access.\n\nTwo-Factor Authentication usually involves a combination of:\n\n* Something you know (e.g., passwords, PINs)\n* Something you have (e.g., physical tokens, mobile phones)\n* Something you are (e.g., biometrics, such as fingerprints or facial recognition)\n\nA common example of 2FA is when you receive a unique code via SMS when logging into a website or access sensitive information. You will need to provide that code along with your password to gain access, adding an extra layer of security.\n\nMulti-Factor Authentication (MFA)\n---------------------------------\n\nMFA enhances security even further by requiring more than two forms of verification, incorporating three or more factors from the categories mentioned earlier (knowledge, possession, and inherence). By incorporating additional authentication methods, MFA raises the bar for attackers, making it much more difficult for them to gain access.\n\nThe main advantage of using MFA over 2FA is that even if one factor is compromised, there are still additional hurdles for an attacker to overcome. For example, if someone intercepts your mobile phone as the second factor, they would still have to bypass a biometric authentication requirement.\n\nImportance in Cybersecurity\n---------------------------\n\nUsing MFA and 2FA lends more security to user accounts, lowering the chances of being compromised. They provide multiple layers of protection, making it significantly harder for cybercriminals to breach accounts or gain unauthorized access.\n\nImplementing 2FA and MFA should be a priority for businesses and individuals alike in order to maintain a high level of cybersecurity. By educating users on the benefits and importance of these forms of authentication and ensuring their widespread adoption, we can create a more secure online environment.", - "links": [] + "description": "**Multi-Factor Authentication (MFA)** and **Two-Factor Authentication (2FA)** are security methods that require users to provide two or more forms of verification to access a system. **2FA** specifically uses two factors, typically combining something the user knows (like a password) with something they have (like a phone or token) or something they are (like a fingerprint). **MFA**, on the other hand, can involve additional layers of authentication beyond two factors, further enhancing security. Both methods aim to strengthen access controls by making it harder for unauthorized individuals to gain access, even if passwords are compromised.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is MFA?", + "url": "https://www.onelogin.com/learn/what-is-mfa", + "type": "article" + }, + { + "title": "What is 2FA?", + "url": "https://www.microsoft.com/en-gb/security/business/security-101/what-is-two-factor-authentication-2fa", + "type": "article" + } + ] }, "_S25EOGS3P8647zLM5i-g": { "title": "Operating System Hardening", - "description": "OS hardening, or Operating System hardening, is the process of strengthening your operating system's security settings to prevent unauthorized access, data breaches, and other malicious activities. This step is essential for enhancing the security posture of your device or network and to minimize potential cyber risks.\n\nThe Importance of OS Hardening\n------------------------------\n\nIn today's world of evolving cyber threats and vulnerabilities, default security configurations provided by operating systems are often insufficient. OS hardening is necessary to:\n\n* **Inhibit unauthorized access**: Limit the potential entry points for attackers.\n* **Close security gaps**: Reduce the risks of exploits and vulnerabilities in your system.\n* **Prevent data breaches**: Safeguard sensitive data from cybercriminals.\n* **Align with compliance requirements**: Ensure your system complies with industry regulations and standards.\n\nKey Principles of OS Hardening\n------------------------------\n\nHere are some fundamental principles that can help strengthen your operating system security:\n\n* **Least Privilege**: Limit user rights and permissions, only providing the minimum access required for essential tasks. Implement stringent access controls and separation of duties.\n* **Disable or remove unnecessary services**: Unnecessary software, programs, and services can introduce vulnerabilities. Turn them off or uninstall them when not needed.\n* **Patch Management**: Keep your system and applications up-to-date with the latest security patches and updates.\n* **Regular Monitoring**: Implement monitoring mechanisms to detect and respond to potential threats promptly.\n* **Authentication and Password Security**: Enforce strong, unique passwords and use Multi-Factor Authentication (MFA) for added protection.\n\nSteps for OS Hardening\n----------------------\n\nA comprehensive OS hardening process includes the following steps:\n\n* **Create a Standard Operating Environment (SOE)**: Develop a standardized and secure system configuration as a baseline for all company systems.\n* **Inventory**: Identify and track all the devices, software, and services in your environment and their respective configurations.\n* **Assess current security controls**: Evaluate the existing security settings to identify gaps requiring improvement.\n* **Apply required hardening measures**: Implement necessary changes, including applying patches, updating software, and configuring security settings.\n* **Monitor and review**: Continuously monitor your environment and update your hardening measures and policies as needed.\n\nBy incorporating OS hardening into your cybersecurity practices, you can significantly reduce the risks associated with cyber threats and protect your business's valuable assets.", - "links": [] + "description": "**Operating system hardening** involves configuring and securing an OS to reduce vulnerabilities and improve its defense against attacks. This process includes disabling unnecessary services and ports, applying security patches and updates, configuring strong authentication mechanisms, enforcing least privilege principles, and enabling firewalls and intrusion detection systems. Hardening also involves setting up proper file permissions, securing system logs, and regularly auditing the system to ensure compliance with security policies and best practices. The goal is to minimize the attack surface and protect the OS from potential threats and exploits.\n\nLearn more from the following resources", + "links": [ + { + "title": "OS Hardening: 15 Best Practices", + "url": "https://perception-point.io/guides/os-isolation/os-hardening-10-best-practices/", + "type": "article" + }, + { + "title": "Hardening Techniques", + "url": "https://www.youtube.com/watch?v=wXoC46Qr_9Q", + "type": "video" + } + ] }, "aDF7ZcOX9uR8l0W4aqhYn": { "title": "Understand Concept of Isolation", - "description": "Isolation is a key principle in cyber security that helps to ensure the confidentiality, integrity, and availability of information systems and data. The main idea behind isolation is to separate different components or processes, such that if one is compromised, the others remain protected. Isolation can be applied at various levels, including hardware, software, and network layers. It is commonly used to protect sensitive data, critical systems, and to limit the potential damage caused by malicious activities.\n\nHardware Isolation\n------------------\n\nHardware isolation provides a physical separation between various components or systems, thereby preventing direct access or interference between them. This can be achieved through several mechanisms, including:\n\n* **Air-gapped systems**: A computer or network that has no direct connections to external networks or systems, ensuring that unauthorized access or data leakage is virtually impossible.\n \n* **Hardware security modules (HSMs)**: Dedicated physical devices that manage digital keys and cryptographic operations, ensuring that sensitive cryptographic material is separated from other system components and protected against tampering or unauthorized access.\n \n\nSoftware Isolation\n------------------\n\nSoftware isolation seeks to separate data and processes within the software environment itself. Some common methods include:\n\n* **Virtualization**: The creation of isolated virtual machines (VMs) within a single physical host, allowing multiple operating systems and applications to run in parallel without direct access to each other's resources.\n \n* **Containers**: Lightweight virtual environments that allow applications to run in isolation from one another, sharing the same operating system kernel, but having separate file systems, libraries, and namespaces.\n \n* **Sandboxing**: A security technique that confines an application's activities to a restricted environment, protecting the underlying system and other applications from potential harm.\n \n\nNetwork Isolation\n-----------------\n\nNetwork isolation aims to separate and control communication between different systems, devices, or networks. This can be implemented through several means, such as:\n\n* **Firewalls**: Devices or software that act as a barrier, filtering and controlling traffic between networks or devices based on predefined policies.\n \n* **Virtual Local Area Networks (VLANs)**: Logical partitions created within a physical network, segregating devices into separate groups with restricted communication between them.\n \n* **Virtual Private Networks (VPNs)**: Encrypted connections that securely tunnel network traffic over the public internet, protecting it from eavesdropping or tampering and ensuring the privacy of the communication.\n \n\nImplementing the concept of isolation within your cyber security strategy can significantly enhance your organization's security posture by limiting the attack surface, containing potential threats, and mitigating the impact of security breaches.", - "links": [] + "description": "Isolation in computing and cybersecurity refers to the practice of separating systems, processes, or data to contain potential threats and minimize the impact of security breaches. It involves creating boundaries between different components of a system or network to prevent unauthorized access or the spread of malware. Common isolation techniques include virtual machines, containers, network segmentation, and sandboxing. Isolation enhances security by limiting the attack surface, containing potential breaches, and protecting sensitive data or critical systems from compromised areas. It's a fundamental principle in designing secure architectures, implementing least privilege access, and managing multi-tenant environments in cloud computing.\n\nLearn more from the following resources:", + "links": [ + { + "title": "The Power of Isolation in Cyber security", + "url": "https://peel-cyber.co.uk/the-power-of-isolation-in-cyber-security/", + "type": "article" + }, + { + "title": "Bridging the Air Gap - Understanding Digital Isolation", + "url": "https://www.youtube.com/watch?v=0rv2996e3S0", + "type": "video" + } + ] }, "FJsEBOFexbDyAj86XWBCc": { "title": "Basics of IDS and IPS", @@ -1574,7 +2232,7 @@ }, "7tDxTcKJNAUxbHLPCnPFO": { "title": "Blue / Red / Purple Teams", - "description": "In the context of cybersecurity, Blue Team, Red Team, and Purple Team are terms used to describe different roles and methodologies employed to ensure the security of an organization or system. Let's explore each one in detail.\n\nIn cybersecurity, Blue Team and Red Team refer to opposing groups that work together to improve an organization's security posture. The Blue Team represents defensive security personnel who protect systems and networks from attacks, while the Red Team simulates real-world adversaries to test the Blue Team's defenses. Purple Team bridges the gap between the two, facilitating collaboration and knowledge sharing to enhance overall security effectiveness. This approach combines the defensive strategies of the Blue Team with the offensive tactics of the Red Team, creating a more comprehensive and dynamic security framework that continuously evolves to address emerging threats and vulnerabilities.\n\nLearn more from the following resources:", + "description": "In the context of cybersecurity, Blue Team, Red Team, and Purple Team are terms used to describe different roles and methodologies employed to ensure the security of an organization or system. Let's explore each one in detail. In cybersecurity, Blue Team and Red Team refer to opposing groups that work together to improve an organization's security posture. The Blue Team represents defensive security personnel who protect systems and networks from attacks, while the Red Team simulates real-world adversaries to test the Blue Team's defenses. Purple Team bridges the gap between the two, facilitating collaboration and knowledge sharing to enhance overall security effectiveness. This approach combines the defensive strategies of the Blue Team with the offensive tactics of the Red Team, creating a more comprehensive and dynamic security framework that continuously evolves to address emerging threats and vulnerabilities.\n\nLearn more from the following resources:", "links": [ { "title": "What is a blue team?", @@ -1611,12 +2269,23 @@ }, "M6uwyD4ibguxytf1od-og": { "title": "True Negative / True Positive", - "description": "True Negative / True Positive\n-----------------------------\n\nA true positive is an instance when security tools correctly detect and identify a threat, such as a malware or intrusion attempt. A high number of true positives indicates that a security tool is working effectively and catching potential threats as required.\n\nA true negative occurs when the security tool correctly identifies that there is no threat or attack in a given situation. In other words, the system does not raise an alarm when there is no attack happening. A high number of true negatives show that the security tool is not overly sensitive, generating unnecessary alerts.", - "links": [] + "description": "True Negative / True Positive\n-----------------------------\n\nA True Positive occurs when a security system correctly identifies a genuine threat or malicious activity. It's an accurate alert that correctly detects an actual security incident. For example, an antivirus correctly flagging a file as malware. A True Negative is when a security system correctly identifies that there is no threat when indeed no threat exists. It's the system's accurate determination that normal, benign activity is not a security risk. For example, a firewall correctly allowing legitimate network traffic.\n\nBoth True Positives and True Negatives represent correct assessments by security systems, contributing to effective threat detection and minimizing false alarms. Balancing these with minimizing false positives and false negatives is crucial for optimal security system performance.\n\nLearn more from the following resources:", + "links": [ + { + "title": "False Positives and False Negatives in Information Security", + "url": "https://www.guardrails.io/blog/false-positives-and-false-negatives-in-information-security/", + "type": "article" + }, + { + "title": "False Positives and False Negatives", + "url": "https://www.youtube.com/watch?v=bUNBzMnfHLw", + "type": "video" + } + ] }, "wN5x5pY53B8d0yopa1z8F": { "title": "Basics of Threat Intel, OSINT", - "description": "Threat Intelligence (Threat Intel) and Open-Source Intelligence (OSINT) are both critical components in cybersecurity that help organizations stay ahead of potential threats. Threat Intelligence refers to the collection, analysis, and dissemination of information about potential or current attacks targeting an organization. This intelligence typically includes details on emerging threats, attack patterns, malicious IP addresses, and indicators of compromise (IoCs), helping security teams anticipate, prevent, or mitigate cyberattacks. Threat Intel can be sourced from both internal data (such as logs or past incidents) and external feeds, and it helps in understanding the tactics, techniques, and procedures (TTPs) of adversaries.\n\nOSINT, a subset of Threat Intel, involves gathering publicly available information from open sources to assess and monitor threats. These sources include websites, social media, forums, news articles, and other publicly accessible platforms. OSINT is often used for reconnaissance to identify potential attack vectors, compromised credentials, or leaks of sensitive data. It’s also a valuable tool in tracking threat actors, as they may leave traces in forums or other public spaces. Both Threat Intel and OSINT enable organizations to be more proactive in their cybersecurity strategies by identifying vulnerabilities, understanding attacker behavior, and implementing timely defenses based on actionable insights.\n\nLearn more from the following resources:", + "description": "Threat Intelligence (Threat Intel) and Open-Source Intelligence (OSINT) are both critical components in cybersecurity that help organizations stay ahead of potential threats. Threat Intelligence refers to the collection, analysis, and dissemination of information about potential or current attacks targeting an organization. This intelligence typically includes details on emerging threats, attack patterns, malicious IP addresses, and indicators of compromise (IoCs), helping security teams anticipate, prevent, or mitigate cyberattacks. Threat Intel can be sourced from both internal data (such as logs or past incidents) and external feeds, and it helps in understanding the tactics, techniques, and procedures (TTPs) of adversaries. OSINT, a subset of Threat Intel, involves gathering publicly available information from open sources to assess and monitor threats. These sources include websites, social media, forums, news articles, and other publicly accessible platforms. OSINT is often used for reconnaissance to identify potential attack vectors, compromised credentials, or leaks of sensitive data. It’s also a valuable tool in tracking threat actors, as they may leave traces in forums or other public spaces. Both Threat Intel and OSINT enable organizations to be more proactive in their cybersecurity strategies by identifying vulnerabilities, understanding attacker behavior, and implementing timely defenses based on actionable insights.\n\nLearn more from the following resources:", "links": [ { "title": "Open-Source Intelligence (OSINT) in 5 Hours", @@ -1632,13 +2301,29 @@ }, "zQx_VUS1zRmF4zCGjJD5-": { "title": "Understand Handshakes", - "description": "In the world of cyber security, a **handshake** refers to the process of establishing a connection between two parties or devices as part of a secure communication protocol. A handshake typically ensures that both parties are aware of the connection and also serves to initiate the setup of a secure communication channel.\n\nThere are two common types of handshakes in cyber security:\n\n* **Three-Way Handshake**\n* **Cryptographic Handshake**\n\nThree-Way Handshake (TCP Handshake)\n-----------------------------------\n\nIn the context of a Transmission Control Protocol (TCP) connection, a three-way handshake is used to establish a secure and reliable connection between two devices. This process involves three specific steps:\n\n* **SYN**: The initiating device sends a SYN (synchronize) packet to establish a connection with the receiving device.\n* **SYN-ACK**: The receiving device acknowledges the SYN packet by sending back a SYN-ACK (synchronize-acknowledge) packet.\n* **ACK**: The initiating device acknowledges the SYN-ACK packet by sending an ACK (acknowledge) packet.\n\nOnce these steps are completed, the connection is established, and data can be exchanged securely between the two devices.\n\nCryptographic Handshake (SSL/TLS Handshake)\n-------------------------------------------\n\nA cryptographic handshake is used to establish a secure connection using cryptographic protocols like Secure Sockets Layer (SSL) or Transport Layer Security (TLS). The SSL/TLS handshake involves several steps, some of which include:\n\n* **Client Hello**: The initiating party (client) sends a \"Client Hello\" message, which includes supported cipher suites, SSL/TLS version, and a random value.\n* **Server Hello**: The receiving party (server) replies with a \"Server Hello\" message, choosing the highest SSL/TLS version and a compatible cipher suite, along with its random value.\n* **Authentication**: The server shares its digital certificate, allowing the client to verify its identity using a trusted certificate authority (CA).\n* **Key Exchange**: Both parties exchange the necessary information (like public keys) to generate a shared secret key that will be used for encryption and decryption.\n\nOnce this process is successfully completed, a secure communication channel is established, and encrypted data can be shared between both parties.\n\nUnderstanding handshakes in cyber security is crucial for professionals, as it helps ensure secure communication and data exchange between devices and users. This knowledge can be useful in protecting sensitive information and preventing cyber attacks.", - "links": [] + "description": "In networking and cybersecurity, a handshake is a process of establishing a secure connection between two parties before data exchange begins. It typically involves a series of predefined messages exchanged to verify identities, agree on communication parameters, and sometimes establish encryption keys. The most common example is the TCP three-way handshake used to initiate a connection. In cryptographic protocols like TLS/SSL, handshakes are more complex, involving certificate verification and key exchange. Handshakes are crucial for ensuring secure, authenticated communications, preventing unauthorized access, and setting up the parameters for efficient data transfer in various network protocols and security systems.\n\nLearn more from the following resources:", + "links": [ + { + "title": "TCP 3-Way Handshake Process", + "url": "https://www.geeksforgeeks.org/tcp-3-way-handshake-process/", + "type": "article" + }, + { + "title": "TLS Handshake Explained", + "url": "https://www.youtube.com/watch?v=86cQJ0MMses", + "type": "video" + } + ] }, "uz6ELaLEu9U4fHVfnQiOa": { "title": "Understand CIA Triad", - "description": "The **CIA Triad** is a foundational concept in cybersecurity that stands for **Confidentiality, Integrity, and Availability**. These three principles represent the core objectives that should be guaranteed in any secure system.\n\nConfidentiality\n---------------\n\nConfidentiality aims to protect sensitive information from unauthorized users or intruders. This can be achieved through various security mechanisms, such as encryption, authentication, and access control. Maintaining confidentiality ensures that only authorized individuals can access the information and systems.\n\nKey Points:\n-----------\n\n* Encryption: Converts data into an unreadable format for unauthorized users, but can be decrypted by authorized users.\n* Authentication: Ensures the identity of the users trying to access your system or data, typically through the use of credentials like a username/password or biometrics.\n* Access Control: Defines and regulates which resources or data can be accessed by particular users and under which conditions.\n\nIntegrity\n---------\n\nIntegrity ensures that information and systems are protected from modifications or tampering by unauthorized individuals. This aspect of the triad is crucial for maintaining accuracy, consistency, and reliability in your systems and data. Integrity controls include checksums, file permissions, and digital signatures.\n\nKey Points:\n-----------\n\n* Checksums: Mathematical calculations that can be used to verify the integrity of data by detecting any changes.\n* File Permissions: Ensure that only authorized users have the ability to modify or delete specific files.\n* Digital Signatures: A cryptographic technique that can be used to authenticate the source and integrity of data or messages.\n\nAvailability\n------------\n\nAvailability ensures that systems and information are accessible and functional when needed. This can be achieved by implementing redundancy, fault tolerance, and backup solutions. High availability translates to better overall reliability of your systems, which is essential for critical services.\n\nKey Points:\n-----------\n\n* Redundancy: Duplicate or backup components or systems that can be used in case of failure.\n* Fault Tolerance: The capacity of a system to continue functioning, even partially, in the presence of faults or failures.\n* Backups: Regularly saving copies of your data to prevent loss in case of a catastrophe, such as a hardware failure, malware attack, or natural disaster.\n\nIn summary, the CIA Triad is an essential aspect of cybersecurity, providing a clear framework to evaluate and implement security measures. By ensuring confidentiality, integrity, and availability, you create a robust and secure environment for your information and systems.", + "description": "The CIA Triad is a fundamental model in information security that defines three key principles: Confidentiality, Integrity, and Availability. Confidentiality ensures that data is accessible only to authorized parties. Integrity guarantees that information remains accurate and unaltered throughout its lifecycle. Availability ensures that data and resources are accessible to authorized users when needed. This model serves as a guide for developing security policies, designing secure systems, and evaluating the effectiveness of security measures. Balancing these three elements is crucial for comprehensive information security, as overemphasizing one aspect may compromise the others. The CIA Triad forms the basis for most security programs and is essential in risk assessment, compliance efforts, and overall cybersecurity strategy.\n\nLearn more from the following resources:", "links": [ + { + "title": "The CIA Triad", + "url": "https://www.fortinet.com/resources/cyberglossary/cia-triad", + "type": "article" + }, { "title": "The CIA Triad - Professor Messer", "url": "https://www.youtube.com/watch?v=SBcDGb9l6yo", @@ -1648,8 +2333,13 @@ }, "cvI8-sxY5i8lpelW9iY_5": { "title": "Privilege Escalation", - "description": "Privilege escalation attacks occur when an attacker gains unauthorized access to a system and then elevates their privileges to perform actions that they should not have been able to do. There are two main types of privilege escalation:\n\n* **Horizontal Privilege Escalation**: In this type of attack, an attacker gains unauthorized access to a user account with the same privilege level as their own, but is able to perform actions or access data that belongs to another user.\n \n* **Vertical Privilege Escalation**: Also known as \"Privilege Elevation,\" this type of attack involves an attacker gaining unauthorized access to a system and then elevating their privilege level from a regular user to an administrator, system owner, or root user. This provides the attacker with greater control over the system and its resources.\n \n\nTo protect your systems and data from privilege escalation attacks, consider implementing the following best practices:\n\n* **Principle of Least Privilege**: Assign the minimum necessary access and privileges to each user account, and regularly review and update access permissions as required.\n \n* **Regularly Update and Patch Software**: Keep your software and systems up-to-date with the latest security patches to address known vulnerabilities that could be exploited in privilege escalation attacks.\n \n* **Implement Strong Authentication and Authorization**: Use strong authentication methods (e.g., multi-factor authentication) and ensure proper access controls are in place to prevent unauthorized access to sensitive data or system resources.\n \n* **Conduct Security Audits**: Regularly check for any misconfigurations, vulnerabilities or outdated software that could be exploited in privilege escalation attacks.\n \n* **Monitor and Log System Activities**: Implement logging and monitoring systems to detect suspicious account activities or changes in user privileges that may indicate a privilege escalation attack.\n \n\nBy understanding the types of privilege escalation attacks and following these best practices, you can create a more secure environment for your data and systems, and reduce the risk of unauthorized users gaining unrestricted access.\n\nVisit the following resources to learn more:", + "description": "Privilege escalation is a technique where an attacker increases their access level within a system, moving from lower to higher permissions, such as from a standard user to an administrator. This can be achieved by exploiting system vulnerabilities, misconfigurations, or security weaknesses. It is critical to implement strong access controls, adhere to the principle of least privilege, and regularly update and patch systems to defend against such attacks.\n\nVisit the following resources to learn more:", "links": [ + { + "title": "What is privilege escalation?", + "url": "https://www.crowdstrike.com/cybersecurity-101/privilege-escalation/", + "type": "article" + }, { "title": "Privilege Escalation", "url": "https://www.youtube.com/watch?v=ksjU3Iu195Q", @@ -1659,7 +2349,7 @@ }, "fyOYVqiBqyKC4aqc6-y0q": { "title": "Web Based Attacks and OWASP10", - "description": "The Open Web Application Security Project (OWASP) is a non-profit organization focused on improving the security of software. One of their most well-known projects is the **OWASP Top 10**, which is a list of the most critical web application security risks. The Top 10 project aims to raise awareness and provide businesses, developers, and security teams with guidance on how to address these risks effectively.\n\nThe OWASP Top 10 is updated periodically, with the most recent version released in 2021. Here is a brief summary of the current top 10 security risks:\n\n* **Injection**: Injection flaws, such as SQL, NoSQL, or OS command injection, occur when untrusted data is sent to an interpreter as part of a command or query, allowing an attacker to execute malicious commands or access unauthorized data.\n \n* **Broken Authentication**: Application functions related to authentication and session management are often implemented incorrectly, allowing attackers to compromise passwords, keys, or session tokens, or exploit other implementation flaws to assume users' identities.\n \n* **Sensitive Data Exposure**: Many web applications and APIs do not properly protect sensitive data, such as financial, healthcare, or personally identifiable information (PII). Attackers can steal or modify this data to conduct crimes like identity theft or credit card fraud.\n \n* **XML External Entities (XXE)**: Poorly configured XML parsers can be vulnerable to external entity attacks, allowing attackers to access unauthorized data, perform server-side request forgery (SSRF), or launch denial-of-service (DoS) attacks.\n \n* **Broken Access Control**: Restrictions on what authenticated users are allowed to do often fail to be properly enforced. Attackers can exploit these flaws to access unauthorized functionality or data, modify user access, or perform other unauthorized actions.\n \n* **Security Misconfiguration**: Insecure default configurations, incomplete or ad hoc configurations, misconfigured HTTP headers, and verbose error messages can provide attackers with valuable information to exploit vulnerabilities.\n \n* **Cross-Site Scripting (XSS)**: XSS flaws occur when an application includes untrusted data in a web page without proper validation or escaping. Attackers can execute malicious scripts in the context of the user's browser, leading to account takeover, defacement, or redirection to malicious sites.\n \n* **Insecure Deserialization**: Insecure deserialization flaws can enable an attacker to execute arbitrary code, conduct injection attacks, elevate privileges, or perform other malicious actions.\n \n* **Using Components with Known Vulnerabilities**: Applications and APIs using components with known vulnerabilities may compromise the system if those vulnerabilities are exploited.\n \n* **Insufficient Logging & Monitoring**: Insufficient logging and monitoring, coupled with inadequate integration with incident response, allow attackers to maintain their presence within a system, move laterally, and exfiltrate or tamper with data.\n \n\nTo mitigate these risks, the OWASP Top 10 project provides detailed information, including how to test for each risk, code examples for various programming languages, and specific steps to prevent or remediate the issues. By understanding and implementing the recommended practices, organizations can improve their web application security and protect their users' data.\n\nVisit the following resources to learn more:", + "description": "The OWASP (Open Web Application Security Project) Top 10 is a regularly updated list of the most critical web application security risks. It serves as a standard awareness document for developers and security professionals, highlighting the most important security concerns in web applications. The list includes vulnerabilities like injection flaws, broken authentication, sensitive data exposure, XML external entities (XXE), broken access control, security misconfigurations, cross-site scripting (XSS), insecure deserialization, using components with known vulnerabilities, and insufficient logging and monitoring. This resource helps organizations prioritize security efforts, guide secure development practices, and improve overall web application security posture.\n\nVisit the following resources to learn more:", "links": [ { "title": "OWASP Top Ten", @@ -1680,18 +2370,56 @@ }, "Hoou7kWyfB2wx_yFHug_H": { "title": "nmap", - "description": "Nmap\n----\n\nNmap, short for \"Network Mapper,\" is a powerful and widely used open-source tool for network discovery, scanning, and security auditing. Nmap was originally designed to rapidly scan large networks, but it also works well for scanning single hosts. Security professionals, network administrators, and cyber security enthusiasts alike use Nmap to identify available hosts and services on a network, reveal their version information, and explore network infrastructure.\n\nKey Features\n------------\n\nNmap offers a multitude of features that can help you gather information about your network:\n\n* **Host Discovery** - Locating active devices on a network.\n* **Port Scanning** - Identifying open network ports and associated services.\n* **Version Detection** - Determining the software and version running on network devices.\n* **Operating System Detection** - Identifying the operating systems of scanned devices.\n* **Scriptable Interaction with the Target** - Using Nmap Scripting Engine (NSE) to automate tasks and extend functionality.\n\nHow It Works\n------------\n\nNmap sends specially crafted packets to the target hosts and analyzes the received responses. Based on this information, it detects active hosts, their operating systems, and the services they are running. It can be used to scan for open ports, check for vulnerabilities, and gather valuable information about target devices.\n\nExample Usage\n-------------\n\nNmap is a command-line tool with several command options. Here is an example of a basic scan:\n\n nmap -v -A 192.168.1.1\n \n\nThis command performs a scan on the target IP address `192.168.1.1`, with `-v` for verbose output and `-A` for aggressive scan mode, which includes operating system and version detection, script scanning, and traceroute.\n\nGetting Started with Nmap\n-------------------------\n\nNmap is available for download on Windows, Linux, and macOS. You can download the appropriate binary or source package from the [official Nmap website](https://nmap.org/download.html). Extensive documentation, including installation instructions, usage guidelines, and specific features, can be found on the [Nmap reference guide](https://nmap.org/book/man.html).\n\nConclusion\n----------\n\nUnderstanding and using Nmap is an essential skill for any cyber security professional or network administrator. With its wide range of features and capabilities, it provides invaluable information about your network infrastructure, enabling you to detect vulnerabilities and improve overall security. Regularly monitoring your network with Nmap and other incident response and discovery tools is a critical aspect of maintaining a strong cyber security posture.", - "links": [] + "description": "**Nmap** (Network Mapper) is an open-source network scanning tool used to discover hosts and services on a network, identify open ports, and detect vulnerabilities. It provides detailed information about networked devices, including their IP addresses, operating systems, and running services. Nmap supports various scanning techniques such as TCP SYN scan, UDP scan, and service version detection. It's widely used for network security assessments, vulnerability scanning, and network inventory management, helping administrators and security professionals understand and secure their network environments.\n\nLearn more from the following resources:", + "links": [ + { + "title": "NMAP Website", + "url": "https://nmap.org/", + "type": "article" + }, + { + "title": "NMAP Cheat Sheet", + "url": "https://www.tutorialspoint.com/nmap-cheat-sheet", + "type": "article" + } + ] }, "jJtS0mgCYc0wbjuXssDRO": { "title": "tracert", - "description": "`tracert` (Trace Route) is a network diagnostic tool that displays the route taken by packets across a network from the sender to the destination. This tool helps in identifying network latency issues and determining if there are any bottlenecks, outages, or misconfigurations in the network path. Available in most operating systems by default, `tracert` can be executed through a command-line interface (CLI) such as Command Prompt in Windows or Terminal in Linux and macOS.\n\nHow Tracert Works\n-----------------\n\nWhen you initiate a `tracert` command, it sends packets with varying Time-to-Live (TTL) values to the destination. Each router or hop in the network path decreases the original TTL value by 1. When the TTL reaches 0, the router sends an Internet Control Message Protocol (ICMP) \"Time Exceeded\" message back to the source. `tracert` records the time it took for the packet to reach each hop and presents the data in a readable format. The process continues until the destination is reached or the maximum TTL value is exceeded.\n\nUsing Tracert\n-------------\n\nTo use `tracert`, follow these simple steps:\n\n* Open the command prompt (Windows) or terminal (Linux/macOS).\n \n* Type `tracert` followed by the target's domain name or IP address, and press Enter. For example:\n \n\n tracert example.com\n \n\n* The trace will run, showing the details of each hop, latency, and hop's IP address or hostname in the output.\n\nInterpreting Tracert Results\n----------------------------\n\nThe output of `tracert` includes several columns of information:\n\n* Hop: The number of the router in the path from source to destination.\n* RTT1, RTT2, RTT3: Round-Trip Times measured in milliseconds, representing the time it took for a packet to travel from your machine to the hop and back. Three different times are displayed for each hop (each measuring a separate ICMP packet).\n* Hostname (optional) and IP Address: Domain name (if applicable) and IP address of the specific hop.\n\nUnderstanding the `tracert` output helps in identifying potential network issues such as high latency, routing loops, or unreachable destinations.\n\nLimitations and Considerations\n------------------------------\n\nSome limitations and considerations to keep in mind when using `tracert`:\n\n* Results may vary due to dynamic routing or load balancing on the network.\n* Firewalls or routers might be configured to block ICMP packets or not decrement the TTL value, potentially giving incomplete or misleading results.\n* `tracert` might not be able to discover every hop in certain network configurations.\n* On Linux/macOS systems, the equivalent command is called `traceroute`.\n\nUsing `tracert` in incident response and discovery helps security teams analyze network path issues, locate potential bottlenecks or problematic hops, and understand network infrastructure performance.", - "links": [] + "description": "Tracert (traceroute in Unix-based systems) is a network diagnostic tool used to trace the path that data packets take from a source computer to a destination host. It shows the number of hops (intermediate routers) traversed, the IP addresses of these routers, and the round-trip time for each hop. Tracert works by sending packets with increasing Time-To-Live (TTL) values, causing each router along the path to respond. This tool is valuable for identifying network bottlenecks, pinpointing where packet loss occurs, and understanding the routing path of network traffic. It's commonly used for troubleshooting network connectivity issues, analyzing network performance, and mapping network topology.\n\nLearn more from the following resources:", + "links": [ + { + "title": "traceroute man page", + "url": "https://linux.die.net/man/8/traceroute", + "type": "article" + }, + { + "title": "tracert", + "url": "https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/tracert", + "type": "article" + }, + { + "title": "Traceroute (tracert) Explained", + "url": "https://www.youtube.com/watch?v=up3bcBLZS74", + "type": "video" + } + ] }, "OUarb1oS1-PX_3OXNR0rV": { "title": "nslookup", - "description": "NSLookup, short for \"Name Server Lookup\", is a versatile network administration command-line tool used for querying the Domain Name System (DNS) to obtain information associated with domain names and IP addresses. This tool is available natively in most operating systems such as Windows, MacOS, and Linux distributions.\n\nUsing NSLookup\n--------------\n\nTo use NSLookup, open the command prompt or terminal on your device and enter the command `nslookup`, followed by the domain name or IP address you want to query. For example:\n\n nslookup example.com\n \n\nFeatures of NSLookup\n--------------------\n\n* **DNS Record Types**: NSLookup supports various DNS record types like A (IPv4 address), AAAA (IPv6 address), MX (Mail Exchange), NS (Name Servers), and more.\n \n* **Reverse DNS Lookup**: You can perform reverse DNS lookups to find the domain name associated with a specific IP address. For example:\n \n nslookup 192.0.2.1\n \n \n* **Non-interactive mode**: NSLookup can execute single queries without entering the interactive mode. To do this, simply execute the command as mentioned earlier.\n \n* **Interactive mode**: Interactive mode allows you to carry out multiple queries during a single session. To enter the interactive mode, type nslookup without any arguments in your terminal.\n \n\nLimitations\n-----------\n\nDespite being a useful tool, NSLookup has some limitations:\n\n* No support for DNSSEC (Domain Name System Security Extensions).\n* Obsolete or not maintained in some Unix-based systems, replaced with more modern utilities like `dig`.\n\nAlternatives\n------------\n\nSome alternatives to NSLookup include:\n\n* **dig**: \"Domain Information Groper\" is a flexible DNS utility that supports a wide range of DNS record types and provides more detailed information than NSLookup.\n \n* **host**: Another common DNS lookup tool that provides host-related information for both forward and reverse lookups.\n \n\nConclusion\n----------\n\nIn summary, NSLookup is a handy DNS query tool for network administrators and users alike. It offers the basic functionality for finding associated domain names, IP addresses, and other DNS data while being simple to use. However, for more advanced needs, you should consider using alternatives like dig or host.", - "links": [] + "description": "**nslookup** is a network utility used to query Domain Name System (DNS) servers for information about domain names and IP addresses. It allows users to obtain details such as IP address mappings for a given domain name, reverse lookups to find domain names associated with an IP address, and DNS record types like A, MX, and CNAME records. nslookup helps troubleshoot DNS-related issues, verify DNS configurations, and analyze DNS records. It can be run from the command line in various operating systems, including Windows, macOS, and Linux.\n\nLearn more from the following resources", + "links": [ + { + "title": "nslookup", + "url": "https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/nslookup", + "type": "article" + }, + { + "title": "What is Nslookup?", + "url": "https://www.youtube.com/watch?v=n6pT8lbyhog", + "type": "video" + } + ] }, "W7iQUCjODGYgE4PjC5TZI": { "title": "curl", @@ -1727,12 +2455,23 @@ }, "yfTpp-ePuDB931FnvNB-Y": { "title": "ping", - "description": "Ping is a fundamental network utility that helps users determine the availability and response time of a target device, such as a computer, server, or network device, by sending small packets of data to it. It operates on the Internet Control Message Protocol (ICMP) and forms an essential part of the incident response and discovery toolkit in cyber security.\n\nHow Ping Works\n--------------\n\nWhen you issue a Ping command, your device sends out ICMP Echo Request packets to the target device. In response, the target device sends out ICMP Echo Reply packets. The round-trip time (RTT) between the request and reply is measured and reported, which is an indication of the network latency and helps identify network problems.\n\nUses of Ping in Cyber Security\n------------------------------\n\n* **Availability and Reachability:** Ping helps ensure that the target device is online and reachable in the network. A successful ping indicates that the target is available and responding to network requests.\n* **Response Time Measurements:** Ping provides the RTT measurements, which are useful for identifying network latency issues or bottlenecks. High RTTs indicate potential network congestion or other issues.\n* **Troubleshoot Connectivity Issues:** In case of network issues or cyber attacks, Ping can help isolate the problem by determining whether the issue is with the target device, the network infrastructure, or a security configuration.\n* **Confirming Access Control:** Ping can also be used to ensure that firewalls or intrusion detection systems (IDS) are properly configured by confirming if ICMP requests are allowed or blocked.\n\nPing Limitations\n----------------\n\n* **Blocking ICMP Traffic**: Some devices or firewalls may be configured to block ICMP traffic, making them unresponsive to Ping requests.\n* **False-Negative Results**: A poor network connection or heavy packet loss may result in a false-negative Ping result, incorrectly displaying the target device as unavailable.\n\nDespite these limitations, Ping remains a useful tool in the cyber security world for network diagnostics and incident response. However, it is essential to use Ping in conjunction with other discovery tools and network analysis techniques for comprehensive network assessments.", - "links": [] + "description": "**Ping** is a network utility used to test the reachability and responsiveness of a device on a network. It sends Internet Control Message Protocol (ICMP) echo request packets to a target host and measures the time it takes for an echo reply to be received. Ping is commonly used to diagnose network connectivity issues, determine network latency, and check if a specific server or device is online. A successful ping response indicates that the target device is reachable, while failures or delays may suggest network problems, such as packet loss or routing issues.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is ping?", + "url": "https://www.solarwinds.com/resources/it-glossary/ping", + "type": "article" + }, + { + "title": "Ping command explained", + "url": "https://www.youtube.com/watch?v=7sv5pL-XgSg", + "type": "video" + } + ] }, "fzdZF-nzIL69kaA7kwOCn": { "title": "arp", - "description": "ARP is a protocol used by the Internet Protocol (IP) to map an IP address to a physical address, also known as a Media Access Control (MAC) address. ARP is essential for routing data between devices in a Local Area Network (LAN) as it allows for the translation of IP addresses to specific hardware on the network.\n\nWhen a device wants to communicate with another device on the same LAN, it needs to determine the corresponding MAC address for the target IP address. ARP helps in this process by broadcasting an ARP request containing the target IP address. All devices within the broadcast domain receive this ARP request and compare the target IP address with their own IP address. If a match is found, the device with the matching IP address sends an ARP reply which contains its MAC address.\n\nThe device that initiated the ARP request can now update its ARP cache (a table that stores IP-to-MAC mappings) with the new information, and then proceed to send data to the target's MAC address.\n\nLearn more from the following resources:", + "description": "ARP is a protocol used by the Internet Protocol (IP) to map an IP address to a physical address, also known as a Media Access Control (MAC) address. ARP is essential for routing data between devices in a Local Area Network (LAN) as it allows for the translation of IP addresses to specific hardware on the network. When a device wants to communicate with another device on the same LAN, it needs to determine the corresponding MAC address for the target IP address. ARP helps in this process by broadcasting an ARP request containing the target IP address. All devices within the broadcast domain receive this ARP request and compare the target IP address with their own IP address. If a match is found, the device with the matching IP address sends an ARP reply which contains its MAC address. The device that initiated the ARP request can now update its ARP cache (a table that stores IP-to-MAC mappings) with the new information, and then proceed to send data to the target's MAC address.\n\nLearn more from the following resources:", "links": [ { "title": "What is Address Resolution Protocol?", @@ -1812,18 +2551,51 @@ }, "Sm9bxKUElINHND8FdZ5f2": { "title": "wireshark", - "description": "Wireshark is an open-source network protocol analyzer that allows you to monitor and analyze the packets of data transmitted through your network. This powerful tool helps to identify issues in network communication, troubleshoot application protocol problems, and keep a close eye on cyber security threats.\n\nKey Features of Wireshark\n-------------------------\n\n* **Packet Analysis:** Wireshark inspects each packet in real-time, allowing you to delve deep into the various layers of network protocols to gather valuable information about the source, destination, size, and type of data.\n \n* **Intuitive User Interface:** The graphical user interface (GUI) in Wireshark is easy to navigate, making it accessible for both new and experienced users. The main interface displays a summary of packet information that can be further examined in individual packet detail and hex views.\n \n* **Display Filters:** Wireshark supports wide-range of filtering options to focus on specific network traffic or packets. These display filters help in pinpointing the desired data more efficiently.\n \n* **Capture Filters:** In addition to display filters, Wireshark also allows the use of capture filters that limit the data captured based on specific criteria such as IP addresses or protocol types. This helps to mitigate the volume of irrelevant data and reduce storage requirements.\n \n* **Protocol Support:** Wireshark supports hundreds of network protocols, providing comprehensive insights into your network.\n \n\nHow to Use Wireshark\n--------------------\n\n* **Download and Install:** Visit the [Wireshark official website](https://www.wireshark.org/) and download the appropriate version for your operating system. Follow the installation prompts to complete the process.\n \n* **Capture Network Traffic:** Launch Wireshark and select the network interface you want to monitor (e.g., Wi-Fi, Ethernet). Click the \"Start\" button to begin capturing live packet data.\n \n* **Analyze and Filter Packets:** As packets are captured, they will be displayed in the main interface. You can apply display filters to narrow down the displayed data or search for specific packets using different parameters.\n \n* **Stop and Save Capture:** When you're done analyzing network traffic, click the \"Stop\" button to cease capturing packets. You may save the captured data for future analysis by selecting \"File\" > \"Save As\" and choosing a suitable file format.\n \n\nWireshark's capabilities make it an invaluable tool in incident response and discovery for cyber security professionals. Familiarize yourself with this tool to gain a deeper understanding of your network's security and prevent potential cyber threats.", - "links": [] + "description": "Wireshark is a powerful, open-source network protocol analyzer used for real-time packet capture and analysis. It allows users to examine network traffic at a microscopic level, capturing and interactively browsing the traffic running on a computer network. Wireshark can decode a wide variety of network protocols, making it an essential tool for network troubleshooting, security analysis, software and protocol development, and education. It provides a user-friendly graphical interface and offers features like deep inspection of hundreds of protocols, live capture and offline analysis, and the ability to read/write many different capture file formats. Wireshark is widely used by IT professionals, security experts, and developers for diagnosing network issues and understanding network communication.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Wireshark Website", + "url": "https://www.wireshark.org/", + "type": "article" + }, + { + "title": "How to Use Wireshark: Comprehensive Tutorial + Tips", + "url": "https://www.varonis.com/blog/how-to-use-wireshark", + "type": "article" + }, + { + "title": "How to use Wireshark", + "url": "https://www.youtube.com/watch?v=zWoHJ3oGRGY", + "type": "video" + } + ] }, "gNan93Mg9Ym2AF3Q2gqoi": { "title": "winhex", - "description": "WinHex is a versatile forensic tool that every incident responder should have in their arsenal. In this section, we will provide you with a brief summary of WinHex and its capabilities in assisting in incident response and discovery tasks. WinHex is a popular hex and disk editor for computer forensics and data recovery purposes.\n\nKey Features of WinHex\n----------------------\n\nHere are some of the essential features of WinHex that make it an excellent tool for incident response:\n\n* **Hex Editing**: As a hex editor, WinHex allows you to analyze file structures and edit raw data. It supports files of any size and can search for hex values, strings, or data patterns, which is particularly helpful in forensic analysis.\n \n* **Disk Imaging and Cloning**: WinHex can be used to image and clone disks, which is helpful during incident response to acquire forensic copies of compromised systems for analysis. The imaging process can be customized to support different compression levels, block sizes, and error handling options.\n \n* **File Recovery**: With WinHex, you can recover lost, deleted, or damaged files from various file systems such as FAT, NTFS, and others. It can search for specific file types based on their headers and footers, making it easier to locate and recover pertinent files during an investigation.\n \n* **RAM Analysis**: WinHex provides the functionality to capture and analyze the contents of physical memory (RAM). This feature can help incident responders to identify and examine malware artifacts, running processes, and other valuable information residing in memory while responding to an incident.\n \n* **Slack Space and Unallocated Space Analysis**: WinHex can analyze and display the content in slack spaces and unallocated spaces on a drive. This capability enables a more thorough investigation as fragments of critical evidence might be residing in these areas.\n \n* **Scripting Support**: WinHex allows automation of common tasks with its scripting language (called WinHex Scripting or WHS). This feature enables efficient and consistent processing during forensic investigations.\n \n* **Integration with X-Ways Forensics**: WinHex is seamlessly integrated with X-Ways Forensics, providing access to an array of powerful forensic features, such as advanced data carving, timeline analysis, registry analysis, and more.\n \n\nUsing WinHex in Incident Response\n---------------------------------\n\nArmed with the knowledge of its essential features, you can utilize WinHex in several ways during incident response:\n\n* Conducting an initial assessment or triage of a compromised system by analyzing logs, file metadata, and relevant artifacts.\n* Acquiring disk images of affected systems for further analysis or preservation of evidence.\n* Analyzing and recovering files that might have been deleted, tampered with, or inadvertently lost during the incident.\n* Examining memory for traces of malware or remnants of an attacker's activities.\n* Crafting custom scripts to automate repetitive tasks, ensuring a more efficient and systematic investigation.\n\nIn conclusion, WinHex is an indispensable and powerful utility for incident responders. Its diverse set of features makes it suitable for various tasks, from initial triage to in-depth forensic investigations. By incorporating WinHex into your incident response toolkit, you can enhance your ability to analyze, understand, and respond to security incidents effectively.", - "links": [] + "description": "WinHex is a universal hexadecimal editor and disk editor primarily used for computer forensics and data recovery. It allows users to examine and edit the raw content of files, disks, or memory in hexadecimal and ASCII formats. WinHex provides advanced features for data analysis, including disk cloning, secure data erasure, and file system reconstruction. It supports various file systems and can work with physical disks, disk images, and RAM. Forensic experts use WinHex to investigate digital evidence, recover deleted files, and analyze data structures. While powerful, it requires careful use as it can directly manipulate raw data, potentially causing unintended changes to critical system files or data.\n\nLearn more from the following resources:", + "links": [ + { + "title": "WinHex Website", + "url": "https://x-ways.net/winhex/", + "type": "article" + }, + { + "title": "What is WinHex?", + "url": "https://www.lenovo.com/in/en/glossary/winhex/", + "type": "article" + } + ] }, "wspNQPmqWRjKoFm6x_bVw": { "title": "memdump", - "description": "Memdump is a handy tool designed for forensic analysis of a system's memory. The main purpose of Memdump is to extract valuable information from the RAM of a computer during a cyber security incident or investigation. By analyzing the memory dump, cyber security professionals can gain insights into the attacker's methods, identify malicious processes, and uncover potential evidence for digital forensics purposes.\n\nKey Features\n------------\n\n* **Memory Dumping**: Memdump allows you to create an image of the RAM of a computer, capturing the memory contents for later analysis.\n* **File Extraction**: With Memdump, you can extract executable files or any other file types from the memory dump to investigate potential malware or data theft.\n* **String Analysis**: Memdump can help you identify suspicious strings within the memory dump, which may provide crucial information about an ongoing attack or malware's behavior.\n* **Compatibility**: Memdump is compatible with various operating systems, including Windows, Linux, and macOS.\n\nExample Usage\n-------------\n\nFor a Windows environment, you can use Memdump as follows:\n\n memdump.exe -O output_file_path\n \n\nThis command will create a memory dump of the entire RAM of the system and save it to the specified output file path. You can then analyze this memory dump using specialized forensic tools to uncover valuable information about any cyber security incidents.\n\nRemember that Memdump should always be executed with administrator privileges so that it can access the entire memory space.\n\nConclusion\n----------\n\nMemdump is a powerful forensic tool that can greatly assist you in conducting an incident response or discovery process. By capturing and analyzing a system's memory, you can identify threats, gather evidence, and ultimately enhance your overall cyber security posture.", - "links": [] + "description": "**memdump** is a tool or process used to capture the contents of a computer's physical memory (RAM) for analysis. This \"memory dump\" can be useful in digital forensics, debugging, or incident response to identify active processes, open files, network connections, or potentially malicious code running in memory. By analyzing a memory dump, security professionals can investigate malware, recover encryption keys, or gather evidence in case of a breach. Tools like `memdump` (Linux utility) or `DumpIt` (Windows) are commonly used to perform this process.\n\nLearn more from the following resources:", + "links": [ + { + "title": "memdump", + "url": "https://www.kali.org/tools/memdump/", + "type": "article" + } + ] }, "_jJhL1RtaqHJmlcWrd-Ak": { "title": "FTK Imager", @@ -1875,8 +2647,19 @@ }, "762Wf_Eh-3zq69CZZiIjR": { "title": "tail", - "description": "Summary\n-------\n\n`head` is a versatile command-line utility that enables users to display the first few lines of a text file, by default it shows the first 10 lines. In case of incident response and cyber security, it is a useful tool to quickly analyze logs or configuration files while investigating potential security breaches or malware infections in a system.\n\nUsage\n-----\n\nThe basic syntax of `head` command is as follows:\n\n head [options] [file(s)]\n \n\nWhere `options` are flags that could be used to modify the output and `[file(s)]` are the input file(s) for which you want to display the first few lines.\n\nExamples\n--------\n\n* Display the first 10 lines of a file:\n\n head myfile.txt\n \n\n* You can change the number of lines to display using `-n` flag:\n\n head -n 20 myfile.txt\n \n\n* To display the first 5 lines of multiple files:\n\n head -n 5 file1.txt file2.txt\n \n\n* Another helpful flag is `-q` or `--quiet`, which avoids displaying file headers when viewing multiple files:\n\n head -q -n 5 file1.txt file2.txt\n \n\nApplication in Incident Response\n--------------------------------\n\nDuring an incident response, the `head` command helps to quickly analyze logs and files to identify potential malicious activity or errors. You can use `head` to peek into logs at the early stages of an investigation, and once you have gathered enough information, you can move on to more advanced tools to analyze the data in depth.\n\nFor example:\n\n* Check the first 5 lines of the system log for any potential issues:\n\n head -n 5 /var/log/syslog\n \n\n* Analyze the beginning of a large log file without loading the entire file:\n\n head -n 100 /var/log/large-log-file.log\n \n\nIn summary, the `head` command is a handy tool for preliminary analysis of log files that can save crucial time during an incident response. However, for more in-depth analysis, other tools and techniques should be employed.", - "links": [] + "description": "The tail command is a Unix/Linux utility used to display the last part of a file. By default, it shows the last 10 lines of a specified file. It's particularly useful for viewing recent entries in log files, monitoring file changes in real-time, and quickly checking the end of large text files. The command can be customized to display a different number of lines, and with the -f (follow) option, it can continuously update to show new lines as they're added to the file. This makes tail invaluable for system administrators and developers for real-time log monitoring, troubleshooting, and observing ongoing processes or application outputs.\n\nLearn more from the following resources:", + "links": [ + { + "title": "tail man page", + "url": "https://man7.org/linux/man-pages/man1/tail.1.html", + "type": "article" + }, + { + "title": "Linux Tail Command", + "url": "https://www.youtube.com/watch?v=7Y6Ho9JUxTE", + "type": "video" + } + ] }, "IXNGFF4sOFbQ_aND-ELK0": { "title": "ipconfig", @@ -1896,8 +2679,19 @@ }, "jqWhR6oTyX6yolUBv71VC": { "title": "Salting", - "description": "Salting is a crucial concept within the realm of cryptography. It is a technique employed to enhance the security of passwords or equivalent sensitive data by adding an extra layer of protection to safeguard them against hacking attempts, such as brute-force attacks or dictionary attacks.", - "links": [] + "description": "Salting is a crucial concept within the realm of cryptography. It is a technique employed to enhance the security of passwords or equivalent sensitive data by adding an extra layer of protection to safeguard them against hacking attempts, such as brute-force attacks or dictionary attacks.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is salting?", + "url": "https://www.techtarget.com/searchsecurity/definition/salt", + "type": "article" + }, + { + "title": "", + "url": "https://www.youtube.com/watch?v=PsIO0gxJF3g", + "type": "video" + } + ] }, "0UZmAECMnfioi-VeXcvg8": { "title": "Hashing", @@ -1933,22 +2727,50 @@ }, "fxyJxrf3mnFTa3wXk1MCW": { "title": "PKI", - "description": "Public Key Infrastructure, or PKI, is a system used to manage the distribution and identification of public encryption keys. It provides a framework for the creation, storage, and distribution of digital certificates, allowing users to exchange data securely through the use of a public and private cryptographic key pair provided by a Certificate Authority (CA).\n\nKey Components of PKI\n---------------------\n\n* **Certificate Authority (CA):** A trusted third-party organization that issues and manages digital certificates. The CA verifies the identity of entities and issues digital certificates attesting to that identity.\n \n* **Registration Authority (RA):** A subordinate authority that assists the CA in validating entities' identity before issuing digital certificates. The RA may also be involved in revoking certificates or managing key recovery.\n \n* **Digital Certificates:** Electronic documents containing the public key and other identifying information about the entity, along with a digital signature from the CA.\n \n* **Private and Public Key Pair:** Unique cryptographic keys generated together, where the public key is shared with others and the private key is kept secret by the owner. The public key encrypts data, and only the corresponding private key can decrypt it.\n \n\nBenefits of PKI\n---------------\n\n* **Secure Communication:** PKI enables secure communication across networks by encrypting data transmitted between parties, ensuring that only the intended recipient can read it.\n \n* **Authentication:** Digital certificates issued by a CA validate the identity of entities and their public keys, enabling trust between parties.\n \n* **Non-repudiation:** PKI ensures that a sender cannot deny sending a message, as their digital signature is unique and verified by their digital certificate.\n \n* **Integrity:** PKI confirms the integrity of messages by ensuring that they have not been tampered with during transmission.\n \n\nCommon Uses of PKI\n------------------\n\n* Secure email communication\n* Secure file transfer\n* Secure remote access and VPNs\n* Secure web browsing (HTTPS)\n* Digital signatures\n* Internet of Things (IoT) security\n\nIn summary, PKI plays a crucial role in establishing trust and secure communication between entities in the digital world. By using a system of trusted CAs and digital certificates, PKI provides a secure means of exchanging data, authentication, and maintaining the integrity of digital assets.", - "links": [] + "description": "**Public Key Infrastructure (PKI)** is a framework that manages digital certificates and public-private key pairs, enabling secure communication, authentication, and data encryption over networks. PKI supports various security services such as confidentiality, integrity, and digital signatures. It includes components like **Certificate Authorities (CAs)**, which issue and revoke digital certificates, **Registration Authorities (RAs)**, which verify the identity of certificate requestors, and **certificates** themselves, which bind public keys to individuals or entities. PKI is essential for secure online transactions, encrypted communications, and identity verification in applications like SSL/TLS, email encryption, and code signing.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is PKI?", + "url": "https://cpl.thalesgroup.com/faq/public-key-infrastructure-pki/what-public-key-infrastructure-pki", + "type": "article" + } + ] }, "7svh9qaaPp0Hz23yinIye": { "title": "Private vs Public Keys", - "description": "Cryptography plays a vital role in securing cyber systems from unauthorized access and protecting sensitive information. One of the most popular methods used for ensuring data privacy and authentication is the concept of **Public-Key Cryptography**. This type of cryptography relies on two distinct keys: **Private Key** and **Public Key**. This section provides a brief summary of Private Keys and Public Keys, and highlights the differences between the two.\n\nPrivate Key\n-----------\n\nA Private Key, also known as a Secret Key, is a confidential cryptographic key that is uniquely associated with an individual or an organization. It should be kept secret and not revealed to anyone, except the authorized person who owns it. The Private Key is used for decrypting data that was encrypted using the corresponding Public Key, or for signing digital documents, proving the identity of the signer.\n\nKey characteristics of Private Keys:\n\n* Confidential and not shared with others\n* Used for decryption or digital signing\n* Loss or theft of Private Key can lead to data breaches and compromise of sensitive information\n\nPublic Key\n----------\n\nA Public Key is an openly available cryptographic key that is paired with a Private Key. Anyone can use the Public Key to encrypt data or to verify signatures, but only the person/organization with the corresponding Private Key can decrypt the encrypted data or create signatures. The Public Key can be distributed freely without compromising the security of the underlying cryptographic system.\n\nKey characteristics of Public Keys:\n\n* Publicly available and can be shared with anyone\n* Used for encryption or verifying digital signatures\n* Loss or theft of Public Key does not compromise sensitive information or communication security\n\nKey Differences\n---------------\n\nThe main differences between Private and Public keys are as follows:\n\n* Ownership: The Private Key is confidential and owned by a specific individual/organization, while the Public Key is owned by the same individual/organization but can be publicly distributed.\n* Accessibility: The Private Key is never shared or revealed to anyone, whereas the Public Key can be shared freely.\n* Purpose: The Private Key is used for decrypting data and creating digital signatures, while the Public Key is used for encrypting data and verifying digital signatures.\n* Security: Loss or theft of the Private Key can lead to serious security breaches while losing a Public Key does not compromise the security of the system.\n\nUnderstanding the roles and differences between Private and Public Keys is essential for ensuring the effective application of Public-Key Cryptography in securing cyber systems and protecting sensitive information.", - "links": [] + "description": "**Public keys** and **private keys** are cryptographic components used in asymmetric encryption.\n\n* **Public Key:** This key is shared openly and used to encrypt data or verify a digital signature. It can be distributed widely and is used by anyone to send encrypted messages to the key owner or to verify their digital signatures.\n \n* **Private Key:** This key is kept secret by the owner and is used to decrypt data encrypted with the corresponding public key or to create a digital signature. It must be protected rigorously to maintain the security of encrypted communications and authentication.\n \n\nTogether, they enable secure communications and authentication, where the public key encrypts or verifies, and the private key decrypts or signs.\n\nLearn more from the following resources:", + "links": [ + { + "title": "SSH Keys Explained", + "url": "https://www.sectigo.com/resource-library/what-is-an-ssh-key", + "type": "article" + }, + { + "title": "Public Key vs Private Key: How are they Different?", + "url": "https://venafi.com/blog/what-difference-between-public-key-and-private-key/", + "type": "article" + } + ] }, "kxlg6rpfqqoBfmMMg3EkJ": { "title": "Obfuscation", - "description": "Obfuscation is the practice of making something difficult to understand or find by altering or hiding its appearance or content. In the context of cyber security and cryptography, obfuscation refers to the process of making data, code, or communication less readable and harder to interpret or reverse engineer.\n\n5.1 Why Use Obfuscation?\n------------------------\n\nThe primary purpose of obfuscation is to enhance security by:\n\n* Concealing sensitive information from unauthorized access or misuse.\n* Protecting intellectual property (such as proprietary algorithms and code).\n* Preventing or impeding reverse engineering, tampering, or analysis of code or data structures.\n\nObfuscation can complement other security measures such as encryption, authentication, and access control, but it should not be relied upon as the sole line of defense.\n\n5.2 Techniques for Obfuscation\n------------------------------\n\nThere are several techniques for obfuscating data or code, including:\n\n* **Identifier renaming**: This technique involves changing the names of variables, functions, or objects in code to make it harder for an attacker to understand their purpose or behavior.\n \n _Example: Renaming `processPayment()` to `a1b2c3()`._\n \n* **Control flow alteration**: This involves modifying the structure of code to make it difficult to follow or analyze, without affecting its functionality. This can include techniques such as inserting dummy loops or conditionals, or changing the order of instructions.\n \n _Example: Changing a straightforward loop into a series of nested loops with added conditional statements._\n \n* **Data encoding**: Transforming or encoding data can make it less legible and harder to extract or manipulate. This can involve encoding strings or data structures, or splitting data across multiple variables or containers.\n \n _Example: Encoding a string as a series of character codes or a base64-encoded binary string._\n \n* **Code encryption**: Encrypting portions of code or entire programs can prevent reverse engineering, tampering, or analysis. The code is decrypted at runtime, either by an interpreter or within the application itself.\n \n _Example: Using a cryptographically secure encryption algorithm, such as AES, to encrypt the main logic of a program._\n \n\n5.3 Limitations and Considerations\n----------------------------------\n\nWhile obfuscation can be an effective deterrent against casual or unskilled attackers, it's important to recognize its limitations:\n\n* It is not foolproof: Determined and skilled attackers can often reverse-engineer or deobfuscate code or data if they are motivated enough.\n* Obfuscation can impact performance and maintainability: The added complexity and overhead can make code slower to execute and harder to maintain or update.\n* Relying solely on obfuscation is not recommended: It should be used as one layer in a comprehensive security strategy that includes encryption, authentication, and access control.\n\nIn conclusion, obfuscation can be a useful tool to improve the security posture of a system, but it should not be relied upon as the only means of protection.", - "links": [] + "description": "**Obfuscation** is the practice of deliberately making data, code, or communications difficult to understand or analyze, often to protect intellectual property or enhance security. In software development, obfuscation involves transforming code into a complex or less readable form to hinder reverse engineering or unauthorized access. This technique can include renaming variables and functions to meaningless labels, or altering code structure while preserving functionality. In security contexts, obfuscation can also involve disguising malicious payloads to evade detection by antivirus or security systems.\n\nLearn more from the following resources:", + "links": [ + { + "title": "How does Obfuscation work?", + "url": "https://www.hypr.com/security-encyclopedia/obfuscation", + "type": "article" + }, + { + "title": "Obfuscation - CompTIA Security+", + "url": "https://www.youtube.com/watch?v=LfuTMzZke4g", + "type": "video" + } + ] }, "auR7fNyd77W2UA-PjXeJS": { "title": "ATT&CK", - "description": "MITRE ATT&CK® stands for Adversarial Tactics, Techniques & Common Knowledge.\n\nMITRE ATT&CK documents various strategies, methods, and processes employed by adversaries at every stage of a cybersecurity incident, from the reconnaissance and strategizing phase to the final implementation of the attack.\n\nThe insights provided by MITRE ATT&CK can empower security professionals and teams to enhance their defensive strategies and responses against potential threats.\n\nThis framework was created by the non-profit organization MITRE Corporation and is continuously updated with contributions from cybersecurity experts worldwide.\n\nLearn more from the following resources:", + "description": "MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. It provides a comprehensive matrix of attack methods used by threat actors, organized into tactics like initial access, execution, persistence, and exfiltration. This framework is widely used by cybersecurity professionals for threat modeling, improving defensive capabilities, and developing more effective security strategies. ATT&CK helps organizations understand attacker behavior, assess their security posture, and prioritize defenses against the most relevant threats.\n\nLearn more from the following resources:", "links": [ { "title": "MITRE ATT&CK®", @@ -2017,13 +2839,35 @@ }, "SOkJUTd1NUKSwYMIprv4m": { "title": "NIST", - "description": "[NIST](https://www.nist.gov/) is an agency under the U.S. Department of Commerce that develops and promotes measurement, standards, and technology. One of their primary responsibilities is the development of cyber security standards and guidelines, which help organizations improve their security posture by following the best practices and recommendations laid out by NIST.\n\nSome important NIST publications related to cyber security are:\n\nNIST Cybersecurity Framework\n----------------------------\n\nThe [NIST Cybersecurity Framework](https://www.nist.gov/cyberframework) provides a structure for managing cyber risks and helps organizations understand, communicate, and manage their cyber risks. It outlines five core functions:\n\n* Identify – Develop understanding of risks to systems, assets, data, and capabilities\n* Protect – Implement safeguards to ensure delivery of critical infrastructure services\n* Detect – Identify occurrence of a cybersecurity event in a timely manner\n* Respond – Take action on detected cybersecurity events to contain the impact\n* Recover – Maintain plans for resilience and restore capabilities or services impaired due to a cybersecurity event\n\nNIST Special Publication 800-53 (SP 800-53)\n-------------------------------------------\n\n[NIST SP 800-53](https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final) provides guidelines for selecting security and privacy controls for federal information systems as well as for systems that process federal information. This publication defines specific security and privacy controls that can be applied to address various risk factors and offers guidance on tailoring these controls for the unique needs of an organization.\n\nNIST Special Publication 800-171 (SP 800-171)\n---------------------------------------------\n\n[NIST SP 800-171](https://csrc.nist.gov/publications/detail/sp/800-171/rev-2/final) addresses security requirements for protecting controlled unclassified information (CUI) in non-federal information systems and organizations. It is particularly relevant for entities that work with federal agencies, as they must meet these requirements in order to manage and safeguard CUI effectively.\n\nNIST Risk Management Framework (RMF)\n------------------------------------\n\nThe [NIST Risk Management Framework](https://csrc.nist.gov/projects/risk-management/) provides a structured process for organizations to manage security and privacy risks using NIST guidelines and standards. This framework consists of six steps:\n\n* Categorize Information Systems\n* Select Security Controls\n* Implement Security Controls\n* Assess Security Controls\n* Authorize Information Systems\n* Monitor Security Controls\n\nBy following NIST cyber security standards, organizations can reduce their vulnerability to cyber-attacks and enhance their overall security posture.", - "links": [] + "description": "**NIST (National Institute of Standards and Technology)** is a U.S. federal agency that develops and promotes measurement standards, technology, and best practices. In the context of cybersecurity, NIST provides widely recognized guidelines and frameworks, such as the **NIST Cybersecurity Framework (CSF)**, which offers a structured approach to managing and mitigating cybersecurity risks. NIST also publishes the **NIST Special Publication (SP) 800 series**, which includes standards and guidelines for securing information systems, protecting data, and ensuring system integrity. These resources are essential for organizations seeking to enhance their security posture and comply with industry regulations.\n\nLearn more from the following resources:", + "links": [ + { + "title": "NIST Website", + "url": "https://www.nist.gov/", + "type": "article" + }, + { + "title": "What is NIST?", + "url": "https://www.encryptionconsulting.com/education-center/nist/", + "type": "article" + } + ] }, "fjEdufrZAfW4Rl6yDU8Hk": { "title": "RMF", - "description": "The **Risk Management Framework (RMF)** is a comprehensive, flexible approach for managing cybersecurity risks in an organization. It provides a structured process to identify, assess, and manage risks associated with IT systems, networks, and data. Developed by the National Institute of Standards and Technology (NIST), the RMF is widely adopted by various government and private sector organizations.\n\nKey Components\n--------------\n\nThe RMF consists of six steps, which are continuously repeated to ensure the continuous monitoring and improvement of an organization's cybersecurity posture:\n\n* **Categorize** - Classify the information system and its information based on their impact levels (e.g., low, moderate, or high).\n* **Select** - Choose appropriate security controls from the NIST SP 800-53 catalog based on the system's categorization.\n* **Implement** - Apply the chosen security controls to the IT system and document the configuration settings and implementation methods.\n* **Assess** - Determine the effectiveness of the implemented security controls by testing and reviewing their performance against established baselines.\n* **Authorize** - Grant authorization to operate the IT system, based on the residual risks identified during the assessment phase, and document the accepted risks.\n* **Monitor** - Regularly review and update the security controls to address any changes in the IT system or environment or to respond to newly identified threats.\n\nBenefits of RMF\n---------------\n\n* **Clear and consistent process**: RMF provides a systematic and repeatable process for managing cybersecurity risks.\n* **Flexibility**: It can be tailored to an organization's unique requirements and risk tolerance levels.\n* **Standardization**: RMF facilitates the adoption of standardized security controls and risk management practices across the organization.\n* **Accountability**: It promotes transparency and clear assignment of responsibilities for managing risks.\n* **Continuous improvement**: By monitoring and revisiting the risks and security controls, organizations can ensure that their cybersecurity posture remains effective and up-to-date.\n\nIn summary, the Risk Management Framework (RMF) is a vital component of an organization's cybersecurity strategy. By following the structured and continuous process outlined in the RMF, organizations can effectively manage the cybersecurity risks they face and maintain a robust and resilient cybersecurity posture.", - "links": [] + "description": "A **Risk Management Framework (RMF)** is a structured approach that organizations use to identify, assess, manage, and mitigate risks. It provides a systematic process to ensure that risks are effectively controlled and aligned with the organization's objectives. Key components include:\n\n1. **Risk Identification:** Identifying potential internal and external risks that could impact the organization.\n2. **Risk Assessment:** Evaluating the likelihood and impact of identified risks.\n3. **Risk Mitigation:** Developing strategies to reduce or eliminate risks, such as controls, policies, and contingency plans.\n4. **Risk Monitoring:** Continuously tracking risks and the effectiveness of mitigation measures.\n5. **Communication and Reporting:** Regularly updating stakeholders on the risk status and actions taken.\n6. **Review and Improvement:** Periodically reassessing the framework and adapting to changes in the business or regulatory environment.\n\nThe RMF ensures that risks are managed proactively and consistently across the organization, helping to safeguard assets and support strategic decision-making.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is the Risk Management Framework?", + "url": "https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF", + "type": "article" + }, + { + "title": "RMF explained in 5 minutes", + "url": "https://www.youtube.com/watch?v=X5yqPFp__rc", + "type": "video" + } + ] }, "sSihnptkoEqUsHjDpckhG": { "title": "CIS", @@ -2059,7 +2903,7 @@ }, "c2kY3wZVFKZYxMARhLIwO": { "title": "SIEM", - "description": "SIEM, short for Security Information and Event Manager, is a term used to describe tools that greatly increases visibility into a network or system. It does this by monitoring, filtering, collecting, normalizing, and correlating vast amounts of data such as logs, and neatly presents it via an interface/dashboard.\n\nOrganizations leverage SIEMs to monitor and thus identify, protect, and respond to potential threats in their environment.\n\nFor hands-on experience, you should consider setting up a SIEM in your own environment. There are some commercial tools that you can try out for free, and there are also open source alternatives, such as Wazuh or LevelBlue OSSIM (AlienVault).\n\nVisit the following resources to learn more:", + "description": "SIEM, short for Security Information and Event Manager, is a term used to describe tools that greatly increases visibility into a network or system. It does this by monitoring, filtering, collecting, normalizing, and correlating vast amounts of data such as logs, and neatly presents it via an interface/dashboard. Organizations leverage SIEMs to monitor and thus identify, protect, and respond to potential threats in their environment. For hands-on experience, you should consider setting up a SIEM in your own environment. There are some commercial tools that you can try out for free, and there are also open source alternatives, such as Wazuh or LevelBlue OSSIM (AlienVault).\n\nVisit the following resources to learn more:", "links": [ { "title": "Security 101: What is a SIEM? - Microsoft", @@ -2090,8 +2934,19 @@ }, "i0ulrA-GJrNhIVmzdWDrn": { "title": "SOAR", - "description": "", - "links": [] + "description": "SOAR (Security Orchestration, Automation, and Response) is a set of software solutions and tools that enable organizations to streamline security operations. It combines three key capabilities: orchestration of security tools, automation of repetitive tasks, and intelligent incident response. SOAR platforms integrate with existing security tools, automate workflow processes, and provide case management features. They help security teams respond faster to incidents, reduce manual workload, standardize response procedures, and improve overall incident management efficiency. SOAR solutions are particularly valuable in managing the high volume of security alerts in modern environments, helping prioritize threats and coordinate responses across multiple tools and teams.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is SOAR?", + "url": "https://www.paloaltonetworks.co.uk/cyberpedia/what-is-soar", + "type": "article" + }, + { + "title": "What is SOAR (Security, Orchestration, Automation & Response)", + "url": "https://www.youtube.com/watch?v=k7ju95jDxFA", + "type": "video" + } + ] }, "zR6djXnfTSFVEfvJonQjf": { "title": "ParrotOS", @@ -2117,12 +2972,22 @@ }, "10qbxX8DCrfyH7tgYexxQ": { "title": "LOLBAS", - "description": "**LoLBAS** stands for **Living off the Land Binaries and Scripts**. It is a collection of tools, utilities, and scripts, often built-in within an operating system, that attackers exploit for unintended purposes. These tools can assist the adversaries in achieving their objectives without the need to install any additional software, thus avoiding detection by many security solutions.\n\nIn this section, we will explore the concept and significance of LoLBAS, and the challenges they present in the context of cyber security.\n\nWhat is LoLBAS?\n---------------\n\nLoLBAS are legitimate tools, binaries, and scripts that are already present in a system. These may be default OS utilities, like PowerShell or Command Prompt, or commonly installed applications, such as Java or Python. Adversaries utilize these tools to perform malicious activities, as they blend into the environment and are less likely to raise any alarms.\n\nSome examples of LoLBAS include:\n\n* PowerShell: Used for executing commands and scripts for various administrative functions.\n* Cscript and Wscript: Used for executing VBScript and JScript files.\n* Certutil: Used for updating certificate store but can also be leveraged to download files from the internet.\n\nWhy LoLBAS are popular among adversaries?\n-----------------------------------------\n\nThere are several reasons why adversaries choose to use LoLBAS for their malicious purposes:\n\n* **No additional software required**: As these tools are already a part of the target system, there is no need to install new software that could potentially be detected.\n* **Ease of use**: Many LoLBAS provide powerful capabilities without requiring complex coding. As a result, adversaries can swiftly implement and execute tasks using them.\n* **Masquerading as legitimate actions**: Since LoLBAS are typically used for legitimate purposes, suspicious activities using these tools can blend in with regular traffic, making it difficult to identify and detect.\n\nChallenges posed by LoLBAS\n--------------------------\n\nUtilizing LoLBAS presents unique challenges in cyber security due to the following reasons:\n\n* **Difficulty in detection**: Identifying and differentiating between malicious and legitimate uses of these tools is a challenging task.\n* **False positives**: Blocking, limiting, or monitoring the usage of LoLBAS frequently leads to false positives, as legitimate users might also rely on these tools.\n\nSecuring against LoLBAS attacks\n-------------------------------\n\nTo protect against LoLBAS-based attacks, organizations should consider taking the following steps:\n\n* **Monitor behavior**: Establish baselines of normal system behavior and monitor for deviations, which could suggest malicious use of LoLBAS.\n* **Least privilege principle**: Apply the principle of least privilege by limiting user permissions, reducing the potential attack surface.\n* **Harden systems**: Remove or disable unnecessary tools and applications that could be exploited by adversaries.\n* **Educate users**: Train users on the risks and signs of LoLBAS usage and encourage them to report suspicious activity.\n* **Employ advanced security solutions**: Use technologies like Endpoint Detection and Response (EDR) and behavioral analytics to detect abnormal patterns that could be associated with LoLBAS abuse.\n\nConclusion\n----------\n\nLoLBAS present a significant challenge to cyber security, as they blend in with legitimate system activities. However, overcoming this challenge is possible through a combination of proactive monitoring, system hardening, and user education.\n\nEnsure you are well prepared to identify and mitigate LoLBAS attacks by following the recommendations provided in this guide. Stay vigilant and stay secure!", + "description": "**LOLBAS** (Living Off the Land Binaries and Scripts) refers to a collection of legitimate system binaries and scripts that can be abused by attackers to perform malicious actions while evading detection. These tools, which are often part of the operating system or installed software, can be leveraged for various purposes, such as executing commands, accessing data, or modifying system configurations, thereby allowing attackers to carry out their activities without deploying custom malware. The use of LOLBAS techniques makes it harder for traditional security solutions to detect and prevent malicious activities since the binaries and scripts used are typically trusted and deemed legitimate.\n\nLearn more from the following resources:", "links": [ { "title": "LOLBAS project", "url": "https://lolbas-project.github.io/#", "type": "article" + }, + { + "title": "Understanding the risks of LOLBAS in security", + "url": "https://pentera.io/blog/the-lol-isnt-so-funny-when-it-bites-you-in-the-bas/", + "type": "article" + }, + { + "title": "LOLBAS T1105, MS Process Abuse", + "url": "https://www.youtube.com/watch?v=fq2_VvAU29g", + "type": "video" } ] }, @@ -2144,18 +3009,51 @@ }, "7oFwRkmoZom8exMDtMslX": { "title": "syslogs", - "description": "", - "links": [] + "description": "Syslog is a standard protocol used for message logging in computer systems, particularly in Unix-like environments. It allows separation of the software that generates messages, the system that stores them, and the software that reports and analyzes them. Syslog messages typically include information about system events, security incidents, and application statuses, categorized by facility and severity level. These logs are crucial for system administration, troubleshooting, security monitoring, and compliance. Many network devices and applications support syslog, enabling centralized log management. Syslog data can be stored locally or sent to remote servers for aggregation and analysis, playing a vital role in maintaining system health, detecting anomalies, and conducting forensic investigations.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is syslog?", + "url": "https://www.solarwinds.com/resources/it-glossary/syslog", + "type": "article" + }, + { + "title": "Free CCNA | Syslog", + "url": "https://www.youtube.com/watch?v=RaQPSKQ4J5A", + "type": "video" + } + ] }, "xXz-SwvXA2cLfdCd-hLtW": { "title": "netflow", - "description": "", - "links": [] + "description": "**NetFlow** is a network protocol developed by Cisco for collecting and analyzing network traffic data. It provides detailed information about network flows, including the source and destination IP addresses, ports, and the amount of data transferred. NetFlow data helps network administrators monitor traffic patterns, assess network performance, and identify potential security threats. By analyzing flow data, organizations can gain insights into bandwidth usage, detect anomalies, and optimize network resources. NetFlow is widely supported across various network devices and often integrated with network management and security tools for enhanced visibility and control.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Cisco NetFlow Website", + "url": "https://www.cisco.com/c/en/us/products/ios-nx-os-software/ios-netflow/index.html", + "type": "article" + }, + { + "title": "What is NetFlow?", + "url": "https://www.youtube.com/watch?v=aqTpUmUibB8", + "type": "video" + } + ] }, "TIxEkfBrN6EXQ3IKP1B7u": { "title": "Packet Captures", - "description": "", - "links": [] + "description": "**Packet captures** involve recording and analyzing network traffic data packets as they travel across a network. This process allows network administrators and security professionals to inspect the content of packets, including headers and payloads, to diagnose network issues, monitor performance, and detect suspicious activities. Packet captures are typically performed using tools like Wireshark or tcpdump, which collect and store packets for later examination. This analysis helps in understanding network behavior, troubleshooting problems, and identifying security threats or vulnerabilities.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Packet Capture: What is it and What You Need to Know", + "url": "https://www.varonis.com/blog/packet-capture", + "type": "article" + }, + { + "title": "Wireshark Tutorial for Beginners", + "url": "https://www.youtube.com/watch?v=qTaOZrDnMzQ", + "type": "video" + } + ] }, "np0PwKy-EvIa_f_LC6Eem": { "title": "Firewall Logs", @@ -2175,18 +3073,46 @@ }, "OAukNfV5T0KTnIF9jKYRF": { "title": "MAC-based", - "description": "_Mandatory Access Control (MAC)_ is a robust security model when it comes to hardening, as it enforces strict policies on operating systems and applications regarding system access. In MAC-based hardening, the end-users are not allowed to modify access controls on your system.\n\nHow MAC-based Hardening Works\n-----------------------------\n\nTypical MAC mechanisms work based on predefined security attributes or labels. These labels determine access permissions and are integrated within the system to classify data, resources, and users. Once these labels are in place, the operating system or a trusted security kernel rigorously enforces the constraints on how they access data.\n\nBenefits of MAC-Based Hardening\n-------------------------------\n\nMAC-based hardening offers numerous benefits for organizations seeking to improve their cybersecurity posture:\n\n* **Enforced Security Policies**: MAC policies can be pre-configured in accordance with your organization's security requirements, ensuring consistency on all systems.\n* **Limited Access**: Users have limited access to resources, which reduces the potential for insider threats and accidental leaks of sensitive data.\n* **Protection of Sensitive Data**: By preventing unauthorized users from accessing sensitive data, MAC-based hardening helps protect against data breaches and other cybersecurity risks.\n* **Auditing and Compliance**: MAC-based hardening mechanisms help facilitate audits and compliance with industry regulations.\n\nPopular MAC-based Models\n------------------------\n\nThere are various MAC models implemented in modern software systems. Some of the most popular models include:\n\n* **Bell-LaPadula (BLP) Model**: Designed for confidentiality, the BLP Model enforces the \"no read up, no write down\" rule, meaning that users may only read data at the same or lower levels of sensitivity, while only allowing data to be written to the same or higher levels of sensitivity.\n* **Biba Model**: Focusing on integrity, the Biba Model enforces the \"no write up, no read down\" rule, which works opposite to BLP Model.\n* **Clark-Wilson Model**: The Clark-Wilson Model emphasizes well-formed transactions, separation of duties, and certification processes to maintain data integrity and confidentiality.\n\nImplementing MAC-Based Hardening\n--------------------------------\n\nTo implement MAC-based hardening, it's important to follow these general steps:\n\n* **Establish Security Policies**: Define clear policies and guidelines, including security labels, for the various data classifications, users, and resources.\n* **Select an Appropriate MAC Model**: Choose a MAC model suitable for your organization's needs and implement it across your systems.\n* **Train Staff**: Provide training to your staff to ensure understanding and adherence to your organization's MAC-based policies.\n* **Monitor and Audit**: Continually monitor the system for deviations from the MAC policies and perform periodic audits to verify their enforcement.\n\nIn summary, MAC-based hardening offers robust access controls by enforcing strict policies in accordance with your organization's security requirements. In doing so, it reduces the potential for unauthorized access to data and resources, ultimately enhancing your cybersecurity posture.", - "links": [] + "description": "**Mandatory Access Control (MAC)** is a security model in which access to resources is governed by predefined policies set by the system or organization, rather than by individual users. In MAC, access decisions are based on security labels or classifications assigned to both users and resources, such as sensitivity levels or clearance levels. Users cannot change these access controls; they are enforced by the system to maintain strict security standards and prevent unauthorized access. MAC is often used in high-security environments, such as government or military systems, to ensure that data and resources are accessed only by individuals with appropriate authorization.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is Mandatory Access Control?", + "url": "https://nordlayer.com/learn/access-control/mandatory-access-control/", + "type": "article" + }, + { + "title": "Mandatory Access Control (MAC) Models", + "url": "https://www.youtube.com/watch?v=mNN-fEboRAA", + "type": "video" + } + ] }, "6oAzYfwsHQYNVbi7c2Tly": { "title": "NAC-based", - "description": "Network Access Control (NAC) based hardening is a crucial component in enhancing the security of your network infrastructure. NAC provides organizations with the ability to control and manage access to the network resources, ensuring that only authorized users and devices can connect to the network. It plays a vital role in reducing the attack surface and preventing unauthorized access to sensitive data and resources.\n\nKey Features of NAC-Based Hardening\n-----------------------------------\n\n* **Authentication and Authorization:** NAC-based hardening ensures that users and devices connecting to the network are properly authenticated and have been granted appropriate access permissions. This includes the use of strong passwords, multi-factor authentication (MFA), and enforcing access control policies.\n \n* **Endpoint Health Checks:** NAC solutions continuously monitor the health and compliance of endpoints, such as whether anti-virus software and security patches are up to date. If a device is found to be non-compliant, it can be automatically quarantined or disconnected from the network, thus preventing the spread of threats.\n \n* **Real-Time Visibility and Control:** NAC provides real-time visibility into the devices connected to your network, allowing you to identify and control risks proactively. This includes monitoring for unauthorized devices, unusual behavior, or known security gaps.\n \n* **Device Profiling:** NAC-based hardening can automatically identify and classify devices connected to the network, making it easier to enforce access control policies based on device type and ownership.\n \n* **Policy Enforcement:** NAC solutions enforce granular access policies for users and devices, reducing the attack surface and limiting the potential damage of a security breach. Policies can be based on factors such as user role, device type, and location.\n \n\nNAC Best Practices\n------------------\n\nTo get the most out of a NAC-based hardening approach, here are some best practices to consider:\n\n* **Develop a Comprehensive Access Control Policy:** Clearly define the roles, responsibilities, and access permissions within your organization, ensuring that users have the least privilege required to perform their job functions.\n* **Regularly Review and Update Policies:** As your organization evolves, so should your NAC policies. Regularly review and update policies to maintain alignment with organizational changes.\n* **Educate Users:** Educate end-users about the importance of security and their role in maintaining a secure network. Offer training on topics such as password management, avoiding phishing attacks, and identifying social engineering attempts.\n* **Ensure Comprehensive Coverage:** Ensure that your NAC solution covers all entry points to your network, including remote access, wireless networks, and guest access.\n* **Monitor and Respond to NAC Alerts:** NAC solutions generate alerts when suspicious activity is detected, such as an unauthorized device trying to connect to the network. Make sure you have a process in place to respond to these alerts in a timely manner.\n\nBy implementing NAC-based hardening in your cybersecurity strategy, you protect your organization from threats and maintain secure access to critical resources.", - "links": [] + "description": "Network Access Control (NAC) based hardening is a crucial component in enhancing the security of your network infrastructure. NAC provides organizations with the ability to control and manage access to the network resources, ensuring that only authorized users and devices can connect to the network. It plays a vital role in reducing the attack surface and preventing unauthorized access to sensitive data and resources. By implementing NAC-based hardening in your cybersecurity strategy, you protect your organization from threats and maintain secure access to critical resources.\n\nLearn more from the following resouces:", + "links": [ + { + "title": "What is Network Access Control", + "url": "https://www.fortinet.com/resources/cyberglossary/what-is-network-access-control", + "type": "article" + }, + { + "title": "Network Access Control", + "url": "https://www.youtube.com/watch?v=hXeFJ05J4pQ", + "type": "video" + } + ] }, "W7bcydXdwlubXF2PHKOuq": { "title": "Port Blocking", - "description": "Port blocking is an essential practice in hardening the security of your network and devices. It involves restricting, filtering, or entirely denying access to specific network ports to minimize exposure to potential cyber threats. By limiting access to certain ports, you can effectively safeguard your systems against unauthorized access and reduce the likelihood of security breaches.\n\nWhy is Port Blocking Important?\n-------------------------------\n\n* **Reducing attack surface**: Every open port presents a potential entry point for attackers. By blocking unused or unnecessary ports, you shrink the attack surface of your network.\n* **Securing sensitive data**: Limiting access to specific ports can help protect sensitive data by ensuring that only authorized individuals can access certain network services.\n* **Compliance with regulations**: Various regulations such as PCI DSS, HIPAA, and GDPR require organizations to have a secure data protection infrastructure, which includes controlling access to your network.\n\nHow to Implement Port Blocking\n------------------------------\n\nTo implement port blocking, consider the following steps:\n\n* **Identifying necessary ports**: Analyze your network to determine which ports need to remain open for key services and functions, and which can be safely blocked.\n* **Creating a port blocking policy**: Develop a policy that defines which ports should be blocked and why, along with the rationale behind permitting access to specific ports.\n* **Using firewall rules**: Configure the firewall on your devices and network infrastructure to block the ports deemed appropriate by your policy.\n* **Testing**: Test your configuration to ensure that only the necessary ports are accessible, and the blocked ports are indeed blocked.\n* **Monitoring and maintaining**: Regularly monitor and review open ports for any possible changes, and update your port blocking policy and configurations as needed.\n\nRemember, implementing port blocking is just one piece of a comprehensive cybersecurity strategy. Be sure to consider additional hardening concepts and best practices to ensure your network remains secure.", - "links": [] + "description": "Port blocking is an essential practice in hardening the security of your network and devices. It involves restricting, filtering, or entirely denying access to specific network ports to minimize exposure to potential cyber threats. By limiting access to certain ports, you can effectively safeguard your systems against unauthorized access and reduce the likelihood of security breaches.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is port blocking with LAN?", + "url": "https://www.geeksforgeeks.org/what-is-port-blocking-within-lan/", + "type": "article" + } + ] }, "FxuMJmDoDkIsPFp2iocFg": { "title": "Group Policy", @@ -2222,13 +3148,30 @@ }, "oFgyQYL3Ws-l7B5AF-bTR": { "title": "Sinkholes", - "description": "A **sinkhole** is a security mechanism employed in cybersecurity to redirect and isolate malicious traffic, primarily aimed at protecting networks from Distributed Denial of Service (DDoS) attacks and botnets. The main principle behind sinkholes is to create a \"black hole\" where malicious traffic is directed and monitored, allowing other network operations to run unaffected.\n\nHow Sinkholes Work\n------------------\n\n* **Network redirection:** When an attacker attempts to target a network, they often rely on multiple sources of traffic or requests. Sinkholes work by redirecting this incoming malicious traffic to a separate, isolated server or IP address, known as the sinkhole server.\n \n* **Traffic analysis:** Once the malicious traffic has been redirected, the sinkhole provides an opportunity for cybersecurity professionals to analyze the incoming data. This analysis can help determine the nature of the attack and potentially trace it back to its origin.\n \n* **Prevention and mitigation:** By redirecting malicious traffic away from the original target, sinkholes prevent or minimize the effects of DDoS attacks or botnet activities on a network. Additionally, information gathered from the sinkhole can aid in the development of new security measures to prevent future attacks.\n \n\nTypes of Sinkholes\n------------------\n\nThere are mainly two types of sinkholes used in cybersecurity: Passive Sinkholes and Active Sinkholes.\n\n* **Passive Sinkholes:** In a passive sinkhole, the sinkhole server is configured to passively intercept and log any malicious traffic directed towards it. This allows for analysis of attack patterns, data payloads, and other useful information without taking any direct action.\n \n* **Active Sinkholes:** An active sinkhole, on the other hand, goes one step further by not only intercepting and logging malicious traffic but also responding to the source, potentially disrupting the attacker's operations.\n \n\nBenefits of Sinkholes\n---------------------\n\n* **DDoS prevention:** By redirecting and isolating malicious traffic, sinkholes can effectively prevent or reduce the impact of DDoS attacks on a network.\n* **Attack analysis:** The isolated environment provided by sinkholes enables security professionals to study attack patterns and develop strategies to counter them.\n* **Botnet disruption:** Sinkholes can disrupt the communication between botnets and their command and control (C&C) servers, limiting their ability to carry out coordinated attacks.\n\nLimitations of Sinkholes\n------------------------\n\n* **Resource-intensive:** Sinkhole servers require dedicated resources to handle the influx of traffic and may need regular updating and maintenance.\n* **Possibility of collateral damage:** In some cases, sinkhole servers may inadvertently redirect or block legitimate traffic, leading to disruptions in network operations.\n\nConclusion\n----------\n\nSinkholes are valuable tools in the cybersecurity arsenal, helping to prevent and mitigate the effects of DDoS attacks and botnets. By isolating malicious traffic, they not only minimize the impact of attacks on networks but also provide valuable insights into attack patterns, contributing to the development of more robust cybersecurity measures.", - "links": [] + "description": "A sinkhole in cybersecurity is a method used to redirect malicious Internet traffic away from its intended destination to a designated server or IP address controlled by a security team or researcher. This technique is often employed to combat botnets, malware, and other cyber threats. By redirecting traffic to a sinkhole, analysts can monitor and analyze malicious activities, prevent further spread of threats, and gather intelligence on attack patterns. Sinkholes are particularly useful in disrupting command and control communications of botnets, effectively neutralizing their ability to receive instructions or exfiltrate data. This approach is a critical tool in large-scale threat mitigation and cyber defense strategies.\n\nLearn more from the following resources:", + "links": [ + { + "title": "DNS Sinkholes: What is it and how to start using", + "url": "https://www.threatintelligence.com/blog/dns-sinkhole", + "type": "article" + } + ] }, "e-MDyUR3GEv-e4Qsx_5vV": { "title": "Patching", - "description": "Patching is the process of updating, modifying, or repairing software or systems by applying fixes, also known as patches. Patches are designed to address vulnerabilities, fix bugs, or improve the overall security of a system. Regular patching is an essential component of any cyber security strategy.\n\nImportance of Patching\n----------------------\n\n* **Fix security vulnerabilities** - Attackers are constantly on the lookout for unpatched systems, which makes patching a critical step in securing your environment. Patches help fix any security weaknesses that the software developers have identified.\n \n* **Enhance system stability** - Patches often include improvements to the software's codebase or configuration, enhancing the overall performance and stability of the system.\n \n* **Improve software functionality** - Patches can add new features and update existing ones, ensuring that your software remains up-to-date with the latest technology advancements.\n \n\nPatch Management\n----------------\n\nTo make patching effective, organizations need to establish a well-structured patch management process. A good patch management process includes:\n\n* **Inventory** - Maintaining a comprehensive inventory of all devices and software within your organization allows you to detect the need for patches and implement them in a timely manner.\n \n* **Risk assessment** - Evaluate the risk associated with the vulnerabilities addressed by a patch. This will help prioritize which patches should be applied first.\n \n* **Patch testing** - Always test patches in a controlled environment before deploying them to your production systems. This will help identify any potential compatibility or performance issues that the patch might cause.\n \n* **Deployment** - Ensure that patches are deployed across your organization's systems in a timely and consistent manner, following a predefined schedule.\n \n* **Monitoring and reporting** - Establishing a mechanism for monitoring and reporting on the status of patching activities ensures that your organization remains compliant with relevant regulations and best practices.\n \n* **Patch rollback** - In case a patch causes unexpected issues or conflicts, having a plan for rolling back patches is essential. This may include creating backups and having a process for quickly restoring systems to their pre-patch state.\n \n\nBy integrating patching into your organization's cyber security strategy, you can significantly reduce the attack surface and protect your critical assets from cyber threats. Regular patching, combined with other hardening concepts and best practices, ensures a strong and resilient cyber security posture.", - "links": [] + "description": "**Patching** refers to the process of updating software or systems with fixes or improvements to address security vulnerabilities, bugs, or performance issues. This involves applying patches—small pieces of code provided by software vendors or developers—to close security gaps, resolve operational problems, and enhance functionality. Regular patching is crucial for maintaining system security and stability, protecting against exploits, and ensuring that systems remain compliant with security standards and best practices.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is Patch Management?", + "url": "https://www.ibm.com/topics/patch-management", + "type": "article" + }, + { + "title": "What Is Patch Management, and Why Does Your Company Need It?", + "url": "https://www.youtube.com/watch?v=O5XXlJear0w", + "type": "video" + } + ] }, "UF3BV1sEEOrqh5ilnfM1B": { "title": "Jump Server", @@ -2280,8 +3223,19 @@ }, "6ILPXeUDDmmYRiA_gNTSr": { "title": "SSL vs TLS", - "description": "", - "links": [] + "description": "Single Sign-On (SSO) is an authentication method that allows users to access multiple applications or systems with one set of login credentials. It enables users to log in once and gain access to various connected systems without re-entering credentials. SSO enhances user experience by reducing password fatigue, streamlines access management for IT departments, and can improve security by centralizing authentication controls. It typically uses protocols like SAML, OAuth, or OpenID Connect to securely share authentication information across different domains. While SSO offers convenience and can strengthen security when implemented correctly, it also presents a single point of failure if compromised, making robust security measures for the SSO system critical.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What’s the Difference Between SSL and TLS?", + "url": "https://aws.amazon.com/compare/the-difference-between-ssl-and-tls/", + "type": "article" + }, + { + "title": "TLS vs SSL - What's the Difference?", + "url": "https://www.youtube.com/watch?v=J7fI_jH7L84", + "type": "video" + } + ] }, "gNFVtBxSYP5Uw3o3tlJ0M": { "title": "IPSEC", @@ -2317,7 +3271,7 @@ }, "z_fDvTgKw51Uepo6eMQd9": { "title": "LDAPS", - "description": "LDAPS (Lightweight Directory Access Protocol Secure) is a secure version of the Lightweight Directory Access Protocol (LDAP), which is used to access and manage directory services over a network. LDAP is commonly employed for user authentication, authorization, and management in environments like Active Directory, where it helps manage access to resources such as applications and systems.\n\nLDAPS adds security by encrypting LDAP traffic using SSL/TLS (Secure Sockets Layer/Transport Layer Security) protocols, protecting sensitive information like usernames, passwords, and directory data from being intercepted or tampered with during transmission. This encryption ensures data confidentiality and integrity, making LDAPS a preferred choice for organizations that require secure directory communication.\n\nBy using LDAPS, organizations can maintain the benefits of LDAP while ensuring that sensitive directory operations are protected from potential eavesdropping or man-in-the-middle attacks on the network.\n\nLearn more from the following resources:", + "description": "LDAPS (Lightweight Directory Access Protocol Secure) is a secure version of the Lightweight Directory Access Protocol (LDAP), which is used to access and manage directory services over a network. LDAP is commonly employed for user authentication, authorization, and management in environments like Active Directory, where it helps manage access to resources such as applications and systems. LDAPS adds security by encrypting LDAP traffic using SSL/TLS (Secure Sockets Layer/Transport Layer Security) protocols, protecting sensitive information like usernames, passwords, and directory data from being intercepted or tampered with during transmission. This encryption ensures data confidentiality and integrity, making LDAPS a preferred choice for organizations that require secure directory communication.\n\nBy using LDAPS, organizations can maintain the benefits of LDAP while ensuring that sensitive directory operations are protected from potential eavesdropping or man-in-the-middle attacks on the network.\n\nLearn more from the following resources:", "links": [ { "title": "How to enable LDAPS", @@ -2333,13 +3287,30 @@ }, "_9lQSG6fn69Yd9rs1pQdL": { "title": "SRTP", - "description": "", - "links": [] + "description": "SRTP (Secure Real-time Transport Protocol) is a security-enhanced version of the Real-time Transport Protocol (RTP) used for voice and video communication over IP networks. It provides encryption, message authentication, and integrity for RTP data in unicast and multicast applications. SRTP is designed to ensure the confidentiality of media streams and protect against eavesdropping, tampering, and replay attacks in Voice over IP (VoIP) and video conferencing systems. It uses AES encryption for confidentiality and HMAC-SHA1 for authentication. SRTP is widely used in secure communication applications, including SIP-based VoIP systems and WebRTC, to protect sensitive audio and video transmissions across potentially untrusted networks.\n\nLearn more from the following resources:", + "links": [ + { + "title": "SRTP (Secure RTP)", + "url": "https://developer.mozilla.org/en-US/docs/Glossary/RTP", + "type": "article" + } + ] }, "9rmDvycXFcsGOq3v-_ziD": { "title": "S/MIME", - "description": "**S/MIME** stands for Secure/Multipurpose Internet Mail Extensions, and it is a cryptographic protocol that enhances the security of business emails through encryption and digital signatures. It allows users to encrypt emails and digitally sign them to verify the sender’s identity.\n\nAdvantages of S/MIME\n--------------------\n\n* **Verification**: Confirms the sender’s identity.\n \n* **Confidentiality**: Protects the content from unauthorized access.\n \n* **Integrity**: Ensures the message has not been altered.\n \n* **Secure Data Transfer**: Safely transmits files like images, audio, videos, and documents.\n \n* **Non-repudiation**: Prevents the sender from denying the origin of the message.\n \n\nHow S/MIME Works\n----------------\n\nS/MIME enables the transmission of non-ASCII data via the Secure Mail Transfer Protocol (SMTP). It securely sends various data files, including music, video, and images, using encryption. Data encrypted with a public key can only be decrypted by the recipient’s private key, ensuring secure end-to-end communication.", - "links": [] + "description": "S/MIME (Secure/Multipurpose Internet Mail Extensions) is a protocol for sending digitally signed and encrypted messages. It provides end-to-end encryption and authentication for email communications. S/MIME uses public key cryptography to ensure message confidentiality, integrity, and non-repudiation. It allows users to verify the sender's identity and ensures that the message hasn't been tampered with during transmission. S/MIME is widely supported by major email clients and is commonly used in corporate environments to secure sensitive communications. While it offers strong security, its adoption can be limited by the need for certificate management and the complexity of key exchange processes.\n\nLearn more from the following resources:", + "links": [ + { + "title": "S/MIME for message signing and encryption in Exchange Online", + "url": "https://learn.microsoft.com/en-us/exchange/security-and-compliance/smime-exo/smime-exo", + "type": "article" + }, + { + "title": "S/MIME - Secure MIME protocol - Functions, Services", + "url": "https://www.youtube.com/watch?v=0hzmoB7yYfw", + "type": "video" + } + ] }, "3140n5prZYySsuBHjqGOJ": { "title": "Antivirus", @@ -2469,11 +3440,22 @@ } ] }, - "7w9qj16OD4pUzq-ItdxeK": { - "title": "NIPS", - "description": "", - "links": [] - }, + "7w9qj16OD4pUzq-ItdxeK": { + "title": "NIPS", + "description": "A **Network Intrusion Prevention System (NIPS)** is a security technology designed to monitor, detect, and prevent malicious activities or policy violations on a network. Unlike intrusion detection systems (IDS), which only alert on potential threats, a NIPS actively blocks or mitigates suspicious traffic in real-time. It analyzes network traffic patterns, inspects packet contents, and uses predefined signatures or behavioral analysis to identify threats. By preventing attacks such as malware, unauthorized access, and denial-of-service (DoS) attacks, a NIPS helps protect network integrity and maintain secure operations.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is an Intrusion Prevention System?", + "url": "https://www.paloaltonetworks.co.uk/cyberpedia/what-is-an-intrusion-prevention-system-ips", + "type": "article" + }, + { + "title": "Intrusion Prevention - SY0-601 CompTIA Security+", + "url": "https://www.youtube.com/watch?v=WPPSsFnWOYg", + "type": "video" + } + ] + }, "jWl1VWkZn3n1G2eHq6EnX": { "title": "Host Based Firewall", "description": "A host-based firewall is a software application that runs directly on individual devices, such as computers, servers, or mobile devices, to control network traffic to and from that specific host. It acts as a security barrier, monitoring and filtering incoming and outgoing network connections based on predefined rules. Host-based firewalls provide an additional layer of protection beyond network firewalls, allowing for more granular control over each device's network activities. They can block unauthorized access attempts, prevent malware from communicating with command and control servers, and restrict applications from making unexpected network connections. This approach is particularly valuable in environments with mobile or remote workers, where devices may not always be protected by corporate network firewalls. However, managing host-based firewalls across numerous devices can be challenging, requiring careful policy configuration and regular updates to maintain effective security without impeding legitimate user activities.\n\nLearn more from the following resources:", @@ -2498,6 +3480,11 @@ "title": "What is Sandboxing?", "url": "https://www.checkpoint.com/cyber-hub/threat-prevention/what-is-sandboxing/", "type": "article" + }, + { + "title": "Sandboxing in under 4 minutes", + "url": "https://www.youtube.com/watch?v=kn32PHG2wcU", + "type": "video" } ] }, @@ -2525,6 +3512,16 @@ "title": "What Is WPS and Why Is It Dangerous?", "url": "https://blog.pulsarsecurity.com/what-is-wps-why-is-it-dangerous", "type": "article" + }, + { + "title": "WPS – What is it, and how does it work?", + "url": "https://passwork.pro/blog/what-is-wps/", + "type": "article" + }, + { + "title": "What is WPS in WiFi", + "url": "https://www.youtube.com/watch?v=pO1r4PWf2yg", + "type": "video" } ] }, @@ -2536,13 +3533,29 @@ "title": "What Is Wi-Fi Security? WEP, WPA, WPA2 & WPA3 Differences", "url": "https://nilesecure.com/network-security/what-is-wi-fi-security-wep-wpa-wpa2-wpa3-differences", "type": "article" + }, + { + "title": "WiFi Security: What is WEP, WPA, and WPA2", + "url": "https://www.youtube.com/watch?v=jErjdGfbgoE", + "type": "video" } ] }, "w6V4JOtXKCMPAkKIQxvMg": { "title": "Preparation", - "description": "The **preparation** stage of the incident response process is crucial to ensure the organization's readiness to effectively deal with any type of security incidents. This stage revolves around establishing and maintaining an incident response plan, creating an incident response team, and providing proper training and awareness sessions for the employees. Below, we'll highlight some key aspects of the preparation stage.\n\nIncident Response Plan\n----------------------\n\nAn _Incident Response Plan_ is a documented set of guidelines and procedures for identifying, investigating, and responding to security incidents. It should include the following components:\n\n* **Roles and Responsibilities**: Define the roles within the incident response team and the responsibilities of each member.\n* **Incident Classification**: Establish criteria to classify incidents based on their severity, impact, and type.\n* **Escalation Procedures**: Define a clear path for escalating incidents depending on their classification, involving relevant stakeholders when necessary.\n* **Communication Guidelines**: Set up procedures to communicate about incidents internally within the organization, as well as externally with partners, law enforcement, and the media.\n* **Response Procedures**: Outline the steps to be taken for each incident classification, from identification to resolution.\n\nIncident Response Team\n----------------------\n\nAn _Incident Response Team_ is a group of individuals within an organization that have been appointed to manage security incidents. The team should be comprised of members with diverse skillsets and backgrounds, including but not limited to:\n\n* Security Analysts\n* Network Engineers\n* IT Managers\n* Legal Counsel\n* Public Relations Representatives\n\nTraining and Awareness\n----------------------\n\nEmployee training and awareness is a crucial component of the preparation stage. This includes providing regular training sessions on security best practices and the incident response process, as well as conducting simulated incident exercises to evaluate the efficiency of the response plan and the team's readiness.\n\nContinuous Improvement\n----------------------\n\nThe preparation phase is not a one-time activity; it should be regularly revisited, evaluated, and updated based on lessons learned from previous incidents, changes in the organization's structure, and emerging threats in the cybersecurity landscape.\n\nIn summary, the preparation stage is the foundation of an effective incident response process. By establishing a comprehensive plan, assembling a skilled team, and ensuring ongoing employee training and awareness, organizations can minimize the potential damage of cybersecurity incidents and respond to them quickly and effectively.", - "links": [] + "description": "The **Preparation** phase in incident response involves establishing and maintaining the tools, policies, and procedures necessary to handle security incidents effectively. This includes creating an incident response plan, defining roles and responsibilities, training staff, and ensuring that appropriate technologies, such as monitoring systems and logging tools, are in place to detect and respond to incidents. Preparation also involves conducting regular drills, threat intelligence gathering, and vulnerability assessments to enhance readiness, ensuring the organization is equipped to mitigate potential security threats quickly and efficiently.\n\nLearn more from the following resources:", + "links": [ + { + "title": "", + "url": "https://www.microsoft.com/en-gb/security/business/security-101/what-is-incident-response", + "type": "article" + }, + { + "title": "", + "url": "https://www.youtube.com/watch?v=ePZGqlcB1O8", + "type": "video" + } + ] }, "XsRoldaBXUSiGbvY1TjQd": { "title": "Identification", @@ -2594,8 +3607,19 @@ }, "vFjbZAJq8OfLb3_tsc7oT": { "title": "Recovery", - "description": "The recovery phase of the incident response process is a critical step in regaining normalcy after a cyber security incident. This phase focuses on restoring the affected systems and data, implementing necessary improvements to prevent future occurrences, and getting back to normal operations. In this section, we will discuss the key components and best practices for the recovery phase.\n\nRestoring Systems and Data\n--------------------------\n\nThe primary objective of the recovery phase is to restore affected systems and data to their pre-incident status. This process may involve:\n\n* Cleaning and repairing infected systems\n* Restoring data from backups\n* Reinstalling compromised software and applications\n* Updating system configurations and patching vulnerabilities\n\nPost-Incident Analysis\n----------------------\n\nOnce systems are back in operation, it is vital to analyze the incident thoroughly to understand the root cause, impact, and lessons learned. This analysis will assess the effectiveness of your incident response process and identify areas for improvement. Post-incident analysis may include:\n\n* Reviewing logs, incident reports, and other evidence collected during the investigation\n* Interviewing staff involved in the response\n* Examining the attacker's tools, tactics, and procedures\n* Evaluating any potential legal or regulatory implications of the incident\n\nImplementing Improvements\n-------------------------\n\nBased on the findings of the post-incident analysis, take proactive measures to strengthen your security posture and harden your defenses. These improvements may involve:\n\n* Updating policies, procedures, and security controls\n* Enhancing monitoring and detection capabilities\n* Conducting security training and awareness programs for employees\n* Engaging external cyber security experts for consultation and guidance\n\nDocumenting and Communicating\n-----------------------------\n\nThorough documentation of the incident, response actions, and post-incident analysis is essential for internal and external communication, legal and regulatory compliance, and continued improvement. Documentation should be concise, accurate, and easily accessible. It may include:\n\n* Incident response reports and action items\n* Updated policies, procedures, and guidelines\n* Security awareness materials for employees\n* Executive summaries for senior management\n\nContinuous Review and Improvement\n---------------------------------\n\nLastly, it is important to never consider the recovery process as \"finished.\" Just as the threat landscape evolves, your organization should maintain a proactive approach to cyber security by regularly reviewing, updating, and enhancing your incident response process.\n\nIn summary, the recovery phase of the incident response process involves the restoration of affected systems and data, post-incident analysis, implementing improvements, documenting the incident, and maintaining a continuous improvement mindset. By following these steps, you will be better equipped to handle and recover from future cyber security incidents.", - "links": [] + "description": "The recovery phase of incident response focuses on restoring affected systems and services to normal operation, which involves repairing systems, recovering data from backups, validating functionality, and communicating with stakeholders. This phase also includes conducting a post-incident review to document lessons learned and update response plans to improve future preparedness. The aim is to minimize downtime, ensure data integrity, and return to normal operations efficiently.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Incident Response Plan: Framework and Steps", + "url": "https://www.crowdstrike.com/cybersecurity-101/incident-response/incident-response-steps/", + "type": "article" + }, + { + "title": "Incident Response Process", + "url": "https://www.youtube.com/watch?v=fU_w8Ou9RVg", + "type": "video" + } + ] }, "ErRol7AT02HTn3umsPD_0": { "title": "Lessons Learned", @@ -2604,8 +3628,19 @@ }, "zqRaMmqcLfx400kJ-h0LO": { "title": "Zero Day", - "description": "A **zero-day** refers to a vulnerability in software, hardware, or firmware that is unknown to the parties responsible for fixing or patching it. Cybercriminals can exploit these vulnerabilities to gain unauthorized access to systems, steal sensitive data, or perform other malicious activities. Zero-day vulnerabilities are particularly dangerous because they are difficult to detect and prevent, given that there are no existing fixes or defenses against them.\n\nZero-Day Exploits\n-----------------\n\nAttackers can create **zero-day exploits** by writing malicious code that takes advantage of the discovered zero-day vulnerability. These exploits can be delivered through various methods such as spear phishing emails or drive-by downloads from compromised websites.\n\nZero-Day Detection & Response\n-----------------------------\n\nDue to the unknown nature of zero-day vulnerabilities, traditional security measures such as signature-based antivirus programs and firewalls may not be effective in detecting them. However, organizations can take several steps to protect themselves from zero-day attacks:\n\n* **Patch management**: Regularly update and patch all software, hardware, and firmware to minimize entry points for potential attacks.\n* **Monitor network traffic**: Use network monitoring tools to analyze network traffic continually and look for any unusual or suspicious activities, which may indicate a zero-day exploit attempt.\n* **Behavior-based detection**: Implement security solutions that focus on monitoring the behavior of applications and network traffic for any signs of malicious activities, rather than relying solely on signature-based detection methods.\n* **Use threat intelligence**: Subscribe to threat intelligence feeds that provide information on the latest security vulnerabilities and emerging threats, so you can stay informed about possible zero-day attacks.\n* **Implement strong access control**: Control access to critical systems and data, limit the number of privileged accounts, and enforce least privilege policies wherever possible, making it harder for attackers to exploit zero-day vulnerabilities.\n* **Educate employees**: Train employees to recognize and avoid common attack vectors such as phishing emails or downloading suspicious files, as they can often be the initial entry point for zero-day exploits.\n\nIn conclusion, while it is impossible to predict and prevent zero-day vulnerabilities completely, organizations can improve their cyber resilience by taking a proactive approach and using a combination of security methods and best practices.", - "links": [] + "description": "A zero-day vulnerability is a software security flaw unknown to the vendor and exploit developers, leaving it unpatched and potentially exploitable. When attackers discover and exploit such a vulnerability before the software creator can develop and release a fix, it's called a zero-day attack. These attacks are particularly dangerous because they take advantage of the window between discovery and patching, during which systems are highly vulnerable. Zero-days are prized in cybercriminal circles and can be used for various malicious purposes, including data theft, system compromise, or as part of larger attack campaigns. Defending against zero-days often requires proactive security measures, as traditional signature-based defenses are ineffective against unknown threats.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is a Zero-day Attack?", + "url": "https://www.kaspersky.com/resource-center/definitions/zero-day-exploit", + "type": "article" + }, + { + "title": "What is a Zero Day Threat?", + "url": "https://www.youtube.com/watch?v=w5MV1Jeo76g", + "type": "video" + } + ] }, "HPlPGKs7NLqmBidHJkOZg": { "title": "Known vs Unknown", @@ -2641,8 +3676,29 @@ }, "rxzcAzHjzIc9lkWSw0fef": { "title": "VirusTotal", - "description": "VirusTotal's main feature is multi-scanning using over 70 antivirus scanners to generate a cumulative report on whether a file is malicious. It also stores file hashes, eliminating the need to rescan previously uploaded files. Researchers can comment in the community, sharing their analysis and insights into malware for others to benefit from.\n\nVirusTotal's aggregated data comes from various antivirus engines, website scanners, file and URL analysis tools, and user contributions. These tools serve diverse purposes, including heuristic engines, known-bad signatures, metadata extraction, and identification of malicious signals.\n\nAdditionally, VirusTotal offers services to search by file hash, IP address, and URL, which are also scanned. For more comprehensive features, VirusTotal provides Premium services such as Intelligence & Hunting.\n\nVisit the following resources to learn more:", - "links": [] + "description": "VirusTotal's main feature is multi-scanning using over 70 antivirus scanners to generate a cumulative report on whether a file is malicious. It also stores file hashes, eliminating the need to rescan previously uploaded files. Researchers can comment in the community, sharing their analysis and insights into malware for others to benefit from. VirusTotal's aggregated data comes from various antivirus engines, website scanners, file and URL analysis tools, and user contributions. These tools serve diverse purposes, including heuristic engines, known-bad signatures, metadata extraction, and identification of malicious signals. Additionally, VirusTotal offers services to search by file hash, IP address, and URL, which are also scanned. For more comprehensive features, VirusTotal provides Premium services such as Intelligence & Hunting.\n\nVisit the following resources to learn more:", + "links": [ + { + "title": "VirusTotal's Docs on how VirusTotal Works", + "url": "https://docs.virustotal.com/docs/how-it-works", + "type": "article" + }, + { + "title": "VirusTotal's website", + "url": "https://www.virustotal.com", + "type": "article" + }, + { + "title": "@CISA's definition of VirusTotal", + "url": "https://www.cisa.gov/resources-tools/services/virustotal", + "type": "article" + }, + { + "title": "Walkthrough VirusTotal Intelligence Interface", + "url": "https://www.youtube.com/watch?v=WoHVM8pCfsQ", + "type": "video" + } + ] }, "h__KxKa0Q74_egY7GOe-L": { "title": "Joe Sandbox", @@ -2684,23 +3740,33 @@ "title": "UrlVoid", "url": "https://www.urlvoid.com/", "type": "article" + }, + { + "title": "How to Check a Suspicious Web Link Without Clicking It", + "url": "https://www.youtube.com/watch?v=C1D0tNnTDe4", + "type": "video" } ] }, "lMiW2q-b72KUl-2S7M6Vb": { "title": "urlscan", - "description": "**[urlscan.io](http://urlscan.io)** is a free service to scan and analyze websites. When a URL is submitted to [urlscan.io](http://urlscan.io), an automated process will browse to the URL like a regular user and record the activity that this page navigation creates. This includes the domains and IPs contacted, the resources (JavaScript, CSS, etc) requested from those domains, as well as additional information about the page itself. [urlscan.io](http://urlscan.io) will take a screenshot of the page, record the DOM content, JavaScript global variables, cookies created by the page, and a myriad of other observations. If the site is targeting the users one of the more than 900 brands tracked by [urlscan.io](http://urlscan.io), it will be highlighted as potentially malicious in the scan results.\n\nVisit the following resources to learn more:", + "description": "[urlscan.io](http://urlscan.io) is a free service to scan and analyze websites. When a URL is submitted to [urlscan.io](http://urlscan.io), an automated process will browse to the URL like a regular user and record the activity that this page navigation creates. This includes the domains and IPs contacted, the resources (JavaScript, CSS, etc) requested from those domains, as well as additional information about the page itself. [urlscan.io](http://urlscan.io) will take a screenshot of the page, record the DOM content, JavaScript global variables, cookies created by the page, and a myriad of other observations. If the site is targeting the users one of the more than 900 brands tracked by [urlscan.io](http://urlscan.io), it will be highlighted as potentially malicious in the scan results.\n\nVisit the following resources to learn more:", "links": [ { "title": "urlscan.io", "url": "https://urlscan.io/", "type": "article" + }, + { + "title": "Cybersecurity Tool for Beginner Security Analysts - URLScan", + "url": "https://www.youtube.com/watch?v=tA60bJstrQQ", + "type": "video" } ] }, "-RnlvUltJ9IDtH0HEnMbN": { "title": "WHOIS", - "description": "Whois is a protocol that allows querying databases to obtain information about the owner of a domain name, an IP address, or an autonomous system number on the Internet.\n\nIn the field of cyber security, Whois data is one of several components in passive reconnaissance and open-source intelligence(OSINT) gathering.", + "description": "WHOIS is a query and response protocol used to retrieve information about registered domain names, IP addresses, and autonomous systems on the Internet. It provides details such as the domain registrar, registration date, expiration date, and contact information for the domain owner (although this may be limited due to privacy protection). WHOIS databases are maintained by regional Internet registries and domain registrars. The protocol is commonly used by network administrators, cybersecurity professionals, and researchers for tasks like verifying domain ownership, investigating potential cyber threats, and gathering information for legal or business purposes. However, with the implementation of GDPR and other privacy regulations, some WHOIS information has become more restricted.\n\nLearn more from the following resources:", "links": [ { "title": "How to use the whois command on Linux", @@ -2711,6 +3777,11 @@ "title": "Whois lookup", "url": "https://www.whois.com/whois/", "type": "article" + }, + { + "title": "Passive Reconnaissance - Whois Lookup Tutorial", + "url": "https://www.youtube.com/watch?v=12MITs5KK40", + "type": "video" } ] }, @@ -2742,8 +3813,14 @@ }, "M65fCl72qlF0VTbGNT6du": { "title": "Whishing", - "description": "Social engineering attack involving voice, such as a phone call to trick a victim to do something to the benefit of the attacker.\n\nDerived from voice-phishing, or \"vishing\".", - "links": [] + "description": "Whishing, a portmanteau of \"wireless\" and \"phishing,\" is a cyber attack method that targets users of wireless networks, particularly public Wi-Fi hotspots. Attackers set up rogue wireless access points or compromise existing ones to intercept network traffic or redirect users to malicious websites. These fake hotspots often mimic legitimate ones, tricking users into connecting and potentially exposing their sensitive information. Whishing attacks can lead to theft of login credentials, financial data, or personal information. To protect against whishing, users are advised to avoid sensitive transactions on public Wi-Fi, use VPNs, verify network authenticity, and ensure HTTPS connections when browsing.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Wi-fi Phishing Explained", + "url": "https://it-explained.com/words/wi-fi-phishing-explained-explained", + "type": "article" + } + ] }, "KSwl6sX2W47vUmytpm8LH": { "title": "Whaling", @@ -2763,17 +3840,33 @@ }, "d4U6Jq-CUB1nNN2OCFoum": { "title": "Smishing", - "description": "SMS-phishing, or \"smishing\", is a type of social-engineering attack based on SMS, or text messages, to trick a victim into doing something to the benefit of the attacker, such as clicking on a malicious link or providing sensitive information.", - "links": [] + "description": "Smishing, a portmanteau of \"SMS\" and \"phishing,\" is a form of cyber attack that uses text messages (SMS) to deceive recipients into divulging sensitive information or taking harmful actions. Attackers typically impersonate trusted entities like banks, government agencies, or popular services, urging victims to click on malicious links, download harmful apps, or provide personal data. These messages often create a sense of urgency or offer enticing rewards to manipulate recipients. Smishing exploits the trust people place in mobile communications and the limited security features of SMS. As mobile device usage increases, smishing has become a significant threat, requiring user awareness and caution when interacting with unsolicited text messages.\n\nLearn more from the following:", + "links": [ + { + "title": "What is smishing (SMS phishing)?", + "url": "https://www.ibm.com/topics/smishing", + "type": "article" + }, + { + "title": "What is smishing? How phishing via text message works", + "url": "https://www.youtube.com/watch?v=ZOZGQeG8avQ", + "type": "video" + } + ] }, "cbEMUyg_btIPjdx-XqIM5": { "title": "Spam vs Spim", - "description": "Spam refers to unsolicited and often irrelevant messages sent over email, typically to a large number of recipients, with the purpose of advertising, phishing, spreading malware, or other malicious activities. Spam emails are usually sent by automated bots and are characterized by their bulk nature.\n\nSpim is a type of spam that specifically targets instant messaging (IM) platforms rather than email. Spim messages are unsolicited and typically used for advertising, phishing, or spreading malware. As instant messaging apps have grown in popularity, so too has the prevalence of Spim.\n\nVisit the following resources to learn more:", + "description": "Spam refers to unsolicited and often irrelevant messages sent over email, typically to a large number of recipients, with the purpose of advertising, phishing, spreading malware, or other malicious activities. Spam emails are usually sent by automated bots and are characterized by their bulk nature. Spim is a type of spam that specifically targets instant messaging (IM) platforms rather than email. Spim messages are unsolicited and typically used for advertising, phishing, or spreading malware. As instant messaging apps have grown in popularity, so too has the prevalence of Spim.\n\nVisit the following resources to learn more:", "links": [ { "title": "What Is Spam?", "url": "https://www.proofpoint.com/us/threat-reference/spam", "type": "article" + }, + { + "title": "What Is Spim?", + "url": "https://www.brosix.com/blog/what-is-spim/", + "type": "article" } ] }, @@ -2781,11 +3874,6 @@ "title": "Shoulder Surfing", "description": "In a Shoulder Surfing Attack, an attacker tries to get information when you are unaware of where the attacker looks over your shoulder or from your back to see what you're doing on your device and obtain sensitive information. Shoulder Surfing attacks are accomplished by observing the content \"over the victim's shoulder\". It is a social engineering attack where the attackers physically view the device screen and keypad to obtain personal information. This attack is mostly done when you are in a public place or crowded area. Sometimes attackers attack when you are busy on your device and the attacker could be your friend, someone you know or it may be some stranger.\n\nVisit the following resources to learn more:", "links": [ - { - "title": "What is Shoulder Surfing", - "url": "https://www.geeksforgeeks.org/what-is-shoulder-surfing-in-cyber-security/", - "type": "article" - }, { "title": "What is shoulder surfing, and how can you avoid it?", "url": "https://nordvpn.com/blog/shoulder-surfing/?srsltid=AfmBOorl5NPpW_Tnhas9gB2HiblorqwXyK0NJae7uaketrnDwbjJmiYV", @@ -2821,16 +3909,32 @@ }, "o-keJgF9hmifQ_hUD91iN": { "title": "Tailgating", - "description": "Tailgating is the act of getting access to a restricted area by simply following an authorized person. This is a common social engineering technique used by attackers to gain physical access to a building or a restricted area. The attacker waits for an authorized person to open the door and then follows them inside. This technique is effective because it is based on trust and the assumption that the attacker is an authorized person.", - "links": [] + "description": "Tailgating is the act of getting access to a restricted area by simply following an authorized person. This is a common social engineering technique used by attackers to gain physical access to a building or a restricted area. The attacker waits for an authorized person to open the door and then follows them inside. This technique is effective because it is based on trust and the assumption that the attacker is an authorized person.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Tailgating attacks", + "url": "https://www.proofpoint.com/us/threat-reference/tailgating-attacks-cybersecurity", + "type": "article" + }, + { + "title": "Tailgating and Piggybacking - Social Engineering Tactics Explained", + "url": "https://www.youtube.com/watch?v=4SpvulRcVQ0", + "type": "video" + } + ] }, "v9njgIxZyabJZ5iND3JGc": { "title": "Zero day", - "description": "A **zero-day** is the technique used by an attacker to infiltrate a system that has a vulnerability that is not publicly known. The term \"zero day\" signifies that the attack occurs before the target becomes aware of the existing vulnerability. In this scenario, the attacker deploys malware prior to the developer or vendor having the chance to issue a patch to rectify the flaw.\n\nVisit the following resources to learn more:", + "description": "A zero-day vulnerability is a software security flaw unknown to the vendor and exploit developers, leaving it unpatched and potentially exploitable. When attackers discover and exploit such a vulnerability before the software creator can develop and release a fix, it's called a zero-day attack. These attacks are particularly dangerous because they take advantage of the window between discovery and patching, during which systems are highly vulnerable. Zero-days are prized in cybercriminal circles and can be used for various malicious purposes, including data theft, system compromise, or as part of larger attack campaigns. Defending against zero-days often requires proactive security measures, as traditional signature-based defenses are ineffective against unknown threats.\n\nLearn more from the following resources:", "links": [ { - "title": "Zero-day Vulnerabilities", - "url": "https://www.youtube.com/watch?v=FDFxGLnZtoY", + "title": "What is a Zero-day Attack?", + "url": "https://www.kaspersky.com/resource-center/definitions/zero-day-exploit", + "type": "article" + }, + { + "title": "What is a Zero Day Threat?", + "url": "https://www.youtube.com/watch?v=w5MV1Jeo76g", "type": "video" } ] @@ -2843,6 +3947,11 @@ "title": "What Is Social Engineering?", "url": "https://www.cisco.com/c/en/us/products/security/what-is-social-engineering.html", "type": "article" + }, + { + "title": "Social Engineering Explained", + "url": "https://www.youtube.com/shorts/DdCSraNCxhs", + "type": "video" } ] }, @@ -2876,6 +3985,11 @@ "title": "What is a watering hole attack?", "url": "https://www.techtarget.com/searchsecurity/definition/watering-hole-attack", "type": "article" + }, + { + "title": "Watering Hole Attacks", + "url": "https://www.youtube.com/watch?v=uBoVWqkfZjk", + "type": "video" } ] }, @@ -2967,6 +4081,11 @@ "title": "Definition and Explanation of Spoofing", "url": "https://www.kaspersky.com/resource-center/definitions/spoofing", "type": "article" + }, + { + "title": "What is spoofing?", + "url": "https://www.youtube.com/watch?v=jIS9XUC4TB4", + "type": "video" } ] }, @@ -3015,6 +4134,11 @@ "title": "What is VLAN Hopping?", "url": "https://www.packetlabs.net/posts/what-is-vlan-hopping/", "type": "article" + }, + { + "title": "VLAN Hopping", + "url": "https://www.youtube.com/watch?v=pDumMKDK4Wc", + "type": "video" } ] }, @@ -3063,7 +4187,7 @@ }, "2jo1r9O_rCnDwRv1_4Wo-": { "title": "XSS", - "description": "Cross-site scripting (XSS) is a security vulnerability that affects web applications, allowing attackers to inject malicious scripts into web pages viewed by other users. These scripts can then be executed by the browsers of unsuspecting users who visit the compromised web page. The danger of XSS lies in its ability to access cookies, session tokens, and other sensitive information that the user's browser handles, potentially leading to unauthorized actions being performed on behalf of the user.\n\nTypes of XSS\n------------\n\n* **Stored XSS**: occurs when a malicious script is permanently stored on a target server, such as in a database, message forum, visitor log, or comment field.\n \n* **Reflected XSS**: The attack is called \"reflected\" because the malicious script is reflected off the web server, such as in an error message or search result, rather than being stored on the server.\n \n* **DOM-based XSS** is a type of attack where the vulnerability exists in the client-side script itself rather than the server-side code.\n \n\nHow to prevent XSS\n------------------\n\nPrevention strategies involve a combination of validating and sanitizing input, employing security features of web frameworks, and implementing Content Security Policies (CSP). Techniques such as output encoding and HTML sanitization are essential to ensure that user-supplied data does not execute as code in browsers, thus mitigating potential attacks.\n\nVisit the following resources to learn more:", + "description": "Cross-Site Scripting (XSS) is a common web application vulnerability where attackers inject malicious scripts into content from trusted websites. These scripts execute in victims' browsers, potentially stealing sensitive data, hijacking user sessions, or defacing websites. XSS attacks come in three main types: stored (persistent), reflected (non-persistent), and DOM-based. Stored XSS permanently embeds malicious code in a server, while reflected XSS occurs when user input is immediately returned by a web application. DOM-based XSS manipulates the Document Object Model in the browser. Prevention strategies include input validation, output encoding, and implementing Content Security Policy headers to mitigate the risk of XSS vulnerabilities.\n\nVisit the following resources to learn more:", "links": [ { "title": "Cross Site Scripting (XSS) - OWASP", @@ -3090,6 +4214,11 @@ "title": "PortSwigger - SQL Injection", "url": "https://portswigger.net/web-security/sql-injection", "type": "article" + }, + { + "title": "SQL Injections are scary", + "url": "https://www.youtube.com/watch?v=2OPVViV-GQk", + "type": "video" } ] }, @@ -3169,7 +4298,7 @@ }, "lv6fI3WeJawuCbwKtMRIh": { "title": "Stakeholders", - "description": "Stakeholders are individuals or organizations with a right, share, claim, or interest in a system or its characteristics that meet their needs and expectations.\n\n### External Stakeholders:\n\n* Government agencies\n* Policy regulators\n* Partners\n* Suppliers\n\n### Internal Stakeholders:\n\n* Subject matter experts\n* Legal\n* Compliance\n* Senior management\n\nStakeholders vary based on the organization, making their identification essential. They must be notified according to the organization's playbook for escalating problems and providing updates. Not all stakeholders are equal, some may require a less technical report highlighting the main points, while others will need a full technical report.\n\nVisit the following resources to learn more:", + "description": "Stakeholders are individuals, groups, or organizations with an interest or concern in a project, business, or initiative. They can affect or be affected by the organization's actions, objectives, and policies. In a business context, stakeholders typically include shareholders, employees, customers, suppliers, government agencies, local communities, and sometimes competitors. Effective stakeholder management involves identifying key stakeholders, understanding their needs and expectations, communicating effectively with them, and balancing their often competing interests. Stakeholder engagement is crucial for project success, risk management, and organizational reputation. In IT and cybersecurity projects, stakeholders might include end-users, IT staff, management, compliance officers, and external regulators, each with distinct concerns regarding system functionality, security, and compliance.\n\nVisit the following resources to learn more:", "links": [ { "title": "TryHackMe room on Cyber Governance and regulation", @@ -3270,38 +4399,110 @@ }, "ThLsXkqLw--uddHz0spCH": { "title": "Understand the Concept of Security in the Cloud", - "description": "In this section, we will explore some key security concepts in the cloud to help you better understand and apply best practices for securing your cloud environment. This knowledge will enable you to maintain the confidentiality, integrity, and availability of your data and applications, while ensuring compliance with industry standards and regulations.\n\nShared Responsibility Model\n---------------------------\n\nOne of the fundamental concepts to grasp when dealing with cloud security is the _Shared Responsibility Model_. This means that securing the cloud environment is a joint effort between the cloud service provider (CSP) and the customer.\n\n* **CSP Responsibilities**: The cloud service provider is responsible for securing the underlying infrastructure that supports the cloud services, including data centers, networks, hardware, and software.\n* **Customer Responsibilities**: Customers are responsible for securing their data, applications, and user access within the cloud environment. This includes data encryption, patch management, and access control.\n\nIdentity and Access Management (IAM)\n------------------------------------\n\nIAM is an essential security concept in the cloud, as it helps enforce the principle of least privilege by only granting the necessary permissions to users, applications, and services.\n\n* **User Management**: Creation and management of user accounts, roles, and groups to ensure that only authorized personnel can access and manage the cloud environment.\n* **Access Control**: Implementing policies and rules to control access to cloud resources, such as virtual machines, storage accounts, and databases.\n\nData Protection\n---------------\n\nKeeping your data secure in the cloud is crucial, and multiple methods can be employed to achieve this goal.\n\n* **Encryption**: Encrypting data at rest (stored in the cloud) and in transit (transmitted over the internet) to protect it from unauthorized access.\n* **Backup and Recovery**: Regularly creating backups of your data to ensure its availability in case of data loss or corruption, and implementing a disaster recovery plan to quickly restore lost or compromised data.\n\nNetwork Security\n----------------\n\nNetwork security in the cloud encompasses various strategies aimed at protecting the integrity and availability of the network.\n\n* **Firewalls**: Deploying firewalls to protect against unauthorized access to your cloud environment, using both standard and next-generation firewall features.\n* **Intrusion Detection and Prevention Systems (IDPS)**: Implementing IDPS solutions to monitor network traffic for malicious activity and automatically block suspected threats.\n* **VPC and Network Segmentation**: Creating virtual private clouds (VPCs) and segmenting networks to isolate resources, limiting the potential blast radius in case of a security incident.\n\nSecurity Monitoring and Incident Response\n-----------------------------------------\n\nContinuously monitoring your cloud environment helps identify and respond to security incidents in a timely manner.\n\n* **Security Information and Event Management (SIEM)**: Deploying SIEM solutions to collect, analyze, and correlate security events and logs in real-time, enabling the detection of suspicious activities.\n* **Incident Response Plan**: Developing and maintaining a well-documented incident response plan to guide your organization through the process of identifying, containing, and remediating security incidents.\n\nBy understanding and implementing these cloud security concepts, you will be better equipped to protect your cloud environment and ensure the safety of your data and applications.", - "links": [] + "description": "Cloud security encompasses the measures, controls, policies, and technologies implemented to protect data, applications, and infrastructure associated with cloud computing environments. It involves securing data both in transit and at rest, managing access controls, ensuring compliance with regulations, and protecting against threats like data breaches, account hijacking, and DDoS attacks. Cloud security strategies often include encryption, multi-factor authentication, regular security audits, and shared responsibility models between cloud providers and customers. While cloud platforms offer advanced security features, organizations must also adapt their security practices to address the unique challenges of cloud environments, such as data sovereignty issues, shared infrastructure risks, and the need for continuous monitoring across distributed systems.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is cloud security", + "url": "https://www.checkpoint.com/cyber-hub/cloud-security/what-is-cloud-security/", + "type": "article" + }, + { + "title": "What is cloud security", + "url": "https://www.youtube.com/watch?v=jI8IKpjiCSM", + "type": "video" + } + ] }, "XL3FVeGFDhAl_gSol6Tjt": { "title": "Understand the basics and general flow of deploying in the cloud", - "description": "Cloud deployment flow refers to the process of deploying applications, data, and services onto the cloud infrastructure. It is a critical aspect of cloud computing, as it ensures that resources are utilized efficiently, and applications and services run seamlessly on the cloud environment. In this section, we will discuss the key aspects of cloud deployment flow, including the types of cloud deployment models and the steps involved in the process.\n\nTypes of Cloud Deployment Models\n--------------------------------\n\nThere are four main types of cloud deployment models, which are:\n\n* **Public Cloud**: The resources are owned, managed, and operated by a third-party service provider and are made available to the general public.\n* **Private Cloud**: The cloud infrastructure is owned, managed, and operated for a single organization, and resources are allocated based on the organization's needs.\n* **Hybrid Cloud**: A combination of private and public clouds that allows for data and application portability between the two environments.\n* **Community Cloud**: The cloud infrastructure is shared by multiple organizations with similar requirements and goals.\n\nCloud Deployment Process\n------------------------\n\n* **Select a Cloud Deployment Model**: Choose the type of cloud deployment model that best meets your organization's needs and requirements.\n \n* **Define Your Infrastructure**: Identify the cloud services you need, such as computing resources, storage, networking, and other applications or services.\n \n* **Choose a Cloud Service Provider**: Research and compare different cloud service providers to determine which one best aligns with your organization's needs, budget, and goals.\n \n* **Configure and Migrate**: Set up and configure your cloud environment, including network configuration, security settings, and user access levels. Additionally, migrate your data and applications to the cloud.\n \n* **Test and Optimize**: Test your cloud deployment to ensure that it meets your performance and functionality requirements. Monitor and optimize your cloud environment to ensure that resources are being used efficiently and cost-effectively.\n \n* **Monitor, Manage, and Maintain**: Regularly monitor your cloud environment to check for performance issues, security risks, and other potential concerns. Perform regular maintenance tasks, such as updating software and patching security vulnerabilities, to ensure the continuous, reliable operation of your cloud deployment.\n \n\nBy understanding the cloud deployment flow and following the steps mentioned above, you can seamlessly deploy your applications, data, and services on the cloud infrastructure, improving the overall efficiency and performance of your organization's IT systems.", - "links": [] + "description": "Deploying to the cloud involves the process of making applications, services, or infrastructure available in cloud computing environments. It typically includes selecting a cloud provider (e.g., AWS, Azure, Google Cloud), configuring necessary resources (compute, storage, networking), and using deployment tools to push code or infrastructure definitions. Modern cloud deployments often leverage containerization, orchestration platforms like Kubernetes, and CI/CD pipelines for automated, consistent releases. Key considerations include scalability, security, cost optimization, and maintaining high availability. Cloud-native approaches, such as microservices architecture and serverless computing, are frequently employed to maximize cloud benefits. Effective cloud deployment strategies balance performance, reliability, and cost-efficiency while ensuring compliance with relevant regulations and organizational policies.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is cloud deployment?", + "url": "https://www.cognizant.com/us/en/glossary/cloud-deployment", + "type": "article" + }, + { + "title": "Deploying a Website to AWS in Under 1 Minute", + "url": "https://www.youtube.com/watch?v=goiW0g7A0WE", + "type": "video" + } + ] }, "KGjYM4Onr5GQf1Yv9IabI": { "title": "Understand the differences between cloud and on-premises", - "description": "When it comes to managing your organization's data and applications, there are mainly two options: **Cloud** and **On-premises**. Choosing between these two options can be crucial for the way your organization handles its cyber security. In this section, we will discuss the key differences and advantages of both options.\n\nCloud\n-----\n\nCloud computing allows you to store and access data and applications over the internet, rather than housing them within your own organization's infrastructure. Some key advantages of cloud computing include:\n\n* **Scalability:** Cloud service providers can easily scale resources up or down based on your organization's needs.\n* **Cost savings:** You only pay for what you actually use, and you can avoid high upfront costs associated with building and maintaining your own infrastructure.\n* **Flexibility:** Cloud services enable users to access data and applications from any device and location with an internet connection\n\nHowever, cloud-based solutions also come with their own set of challenges:\n\n* **Security and privacy:** When your data is stored with a third-party provider, you may have concerns about how your information is being protected and who has access to it.\n* **Data control and sovereignty:** Cloud service providers may store your data in servers located in various countries, which might raise concerns about data privacy and legal compliance.\n* **Performance:** Some applications might suffer from network latency when hosted in the cloud, impacting their responsiveness and efficiency.\n\nOn-premises\n-----------\n\nOn-premises solutions are those that are deployed within your own organization's infrastructure. Key advantages of on-premises solutions include:\n\n* **Control:** With an on-premises solution, your organization maintains full control over its data and the infrastructure it resides on.\n* **Data protection:** On-premises environments may offer increased data security due to physical access restrictions and the ability to implement stringent security policies.\n* **Customization:** On-premises solutions can be tailored to the specific needs and resources of your organization.\n\nHowever, on-premises solutions are not without their own set of challenges:\n\n* **Upfront costs:** Building and maintaining an on-premises infrastructure can be expensive and might require significant capital investments.\n* **Maintenance:** Your organization will be responsible for regularly updating hardware and software components, which can be time-consuming and costly.\n* **Limited scalability:** Scaling an on-premises infrastructure can be a complex and expensive process, and it may take more time compared to the flexibility provided by cloud solutions.\n\nConclusion\n----------\n\nIn conclusion, both cloud and on-premises solutions have their own set of advantages and challenges. The choice between the two depends on factors such as cost, security, control, and performance requirements. As an organization's cyber security expert, you must thoroughly evaluate these factors to make an informed decision that best suits your organization's needs.", - "links": [] + "description": "Cloud computing involves using remote servers hosted on the internet to store, manage, and process data, rather than a local server or personal computer. It offers scalability, flexibility, and often lower upfront costs. Users can access resources on-demand and pay for what they use. Cloud solutions provide easier remote access and automatic updates but may raise data security and compliance concerns. On-premises (or on-prem) refers to installing and running software on computers and servers located within an organization's physical premises. This approach offers more direct control over data and systems, potentially better performance for certain applications, and can address specific regulatory requirements. However, it typically requires higher upfront investment, ongoing maintenance, and may be less scalable than cloud solutions. Many organizations now adopt hybrid approaches, combining both cloud and on-premises solutions to balance their specific needs for control, cost-efficiency, and flexibility.\n\nLearn more of the following resources:", + "links": [ + { + "title": "What is On-Premises Data Centers vs. Cloud Computing?", + "url": "https://www.hpe.com/uk/en/what-is/on-premises-vs-cloud.html", + "type": "article" + }, + { + "title": "On Premise vs Cloud : Is Cloud Computing the future?", + "url": "https://www.youtube.com/watch?v=FuPh2o-GMDA", + "type": "video" + } + ] }, "RJctUpvlUJGAdwBNtDSXw": { "title": "Understand the concept of Infrastructure as Cloud", - "description": "Infrastructure as Code (IaC) is a key concept in the world of cloud computing and cybersecurity. It refers to the practice of defining, provisioning, and managing IT infrastructure through code rather than manual processes. IaC is a fundamental shift in the way we manage and operate infrastructure resources, introducing automation, consistency, and scalability benefits.\n\nKey Benefits of Infrastructure as Code\n--------------------------------------\n\n* **Consistency**: IaC ensures that your infrastructure is consistent across different environments (development, staging, and production). This eliminates manual errors and guarantees that the infrastructure is provisioned in the same way every time.\n \n* **Version Control**: By managing your infrastructure as code, it allows you to track changes to the infrastructure, just like you would with application code. This makes it easier to identify issues and rollback to a previous state if needed.\n \n* **Collaboration**: IaC allows multiple members of your team to collaborate on defining and managing the infrastructure, enabling better communication and visibility into the state of the infrastructure.\n \n* **Automation**: IaC enables you to automate the provisioning, configuration, and management of infrastructure resources. This reduces the time and effort required to provision resources and enables you to quickly scale your infrastructure to meet demand.\n \n\nCommon IaC Tools\n----------------\n\nThere are several popular IaC tools available today, each with their strengths and weaknesses. Some of the most widely used include:\n\n* **Terraform**: An open-source IaC tool developed by HashiCorp that allows you to define and provide data center infrastructure using a declarative configuration language. Terraform is platform-agnostic and can be used with various cloud providers.\n \n* **AWS CloudFormation**: A service by Amazon Web Services (AWS) that enables you to manage and provision infrastructure resources using JSON or YAML templates. CloudFormation is specifically designed for use with AWS resources.\n \n* **Azure Resource Manager (ARM) Templates**: A native IaC solution provided by Microsoft Azure that enables you to define, deploy, and manage Azure infrastructure using JSON templates.\n \n* **Google Cloud Deployment Manager**: A service offered by Google Cloud Platform (GCP) that allows you to create and manage cloud resources using YAML configuration files.\n \n\nBest Practices for Implementing Infrastructure as Code\n------------------------------------------------------\n\n* **Use Version Control**: Keep your IaC files in a version control system (e.g., Git) to track changes and enable collaboration among team members.\n \n* **Modularize Your Code**: Break down your infrastructure code into smaller, reusable modules that can be shared and combined to create more complex infrastructure configurations.\n \n* **Validate and Test**: Use tools and practices such as unit tests and static analysis to verify the correctness and security of your infrastructure code before deploying it.\n \n* **Continuously Monitor and Update**: Keep your IaC code up-to-date with the latest security patches and best practices, and constantly monitor the state of your infrastructure to detect and remediate potential issues.", - "links": [] + "description": "Infrastructure as Code (IaC) is a practice of managing and provisioning computing infrastructure through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. It treats infrastructure configuration as software, allowing it to be version-controlled, tested, and automatically deployed. IaC enables consistent, repeatable environment setups, reduces manual errors, facilitates rapid scaling and disaster recovery, and improves collaboration between development and operations teams. Popular IaC tools include Terraform, AWS CloudFormation, and Ansible, which use declarative or imperative approaches to define infrastructure states. This approach is fundamental to DevOps practices, cloud computing, and the efficient management of complex, dynamic IT environments.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Terraform Roadmap", + "url": "https://roadmap.sh/terraform", + "type": "article" + } + ] }, "-83ltMEl3le3yD68OFnTM": { "title": "Understand the Concept of Serverless", - "description": "Serverless computing is an innovative approach to application development that has changed the way developers build and deploy applications. In traditional application development, developers have to spend valuable time setting up, maintaining, and scaling servers to run their applications. Serverless computing removes this additional infrastructure overhead, allowing developers to focus solely on the application logic while the cloud provider takes care of the underlying infrastructure.\n\nHow does serverless work?\n-------------------------\n\nServerless computing works by executing your application code in short-lived stateless compute containers that are automatically provisioned and scaled by the cloud provider. In simple terms, it means that you only pay for the actual compute resources consumed when your application is running, rather than paying for pre-allocated or reserved resources. This ensures high flexibility, cost-effectiveness, and scalability.\n\nSome common characteristics of serverless computing include:\n\n* _No server management:_ Developers don't need to manage any servers, taking the burden of infrastructure management off their shoulders.\n* _Auto-scaling:_ The cloud provider automatically scales the compute resources as per the incoming requests or events.\n* _Cost optimization:_ Pay-as-you-go pricing model ensures that you only pay for the compute resources consumed by your application.\n* _Event-driven:_ Serverless applications are often designed to be triggered by events, such as API calls or data updates, ensuring efficient use of resources.\n\nPopular Serverless platforms\n----------------------------\n\nMany cloud providers offer serverless computing services, with the most popular options being:\n\n* **AWS Lambda:** Amazon Web Services (AWS) offers one of the most popular serverless computing services called Lambda. Developers can build and deploy applications using various programming languages, with AWS taking care of the infrastructure requirements.\n* **Google Cloud Functions:** Google Cloud Platform (GCP) offers Cloud Functions, a serverless computing service for executing your application code in response to events.\n* **Azure Functions:** Microsoft's Azure Functions allow you to run stateless applications in a fully managed environment, complete with auto-scaling capabilities and numerous integrations with other Azure services.\n\nAdvantages of Serverless Computing\n----------------------------------\n\nAdopting serverless computing can benefit organizations in several ways, such as:\n\n* **Reduced operational costs:** With serverless, you only pay for what you use, reducing the overall infrastructure costs.\n* **Faster deployment:** Serverless applications can be deployed quickly, allowing businesses to reach the market faster and respond to changes more effectively.\n* **Scalability:** The automatic scaling provided by the serverless platform ensures high availability and performance of your application.\n* **Focus on business logic:** Developers can concentrate exclusively on writing application code without worrying about infrastructure management.\n\nIt's important to note that serverless computing isn't a one-size-fits-all solution. There are times when traditional server-based architectures might be more suitable, depending on the use case and requirements. However, understanding the concept of serverless computing and leveraging its benefits can go a long way in enhancing cloud skills and knowledge in the ever-evolving cyber security domain.", - "links": [] + "description": "Serverless computing is a cloud execution model where the cloud provider dynamically manages server allocation, allowing developers to focus solely on writing code. It offers automatic scaling, pay-per-use billing based on actual compute time, and typically operates through event-driven, stateless functions designed for quick execution. Popular platforms include AWS Lambda, Azure Functions, and Google Cloud Functions. While serverless computing provides reduced operational complexity and cost efficiency, particularly for microservices and event-driven applications, it may face challenges with long-running tasks, cold starts, and potential vendor lock-in. Despite its name, servers are still involved, but their management is abstracted away from the developer, simplifying the deployment and scaling of applications.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is serverless computing?", + "url": "https://www.cloudflare.com/en-gb/learning/serverless/what-is-serverless/", + "type": "article" + }, + { + "title": "What is serverless?", + "url": "https://www.youtube.com/watch?v=vxJobGtqKVM", + "type": "video" + } + ] }, "sVw5KVNxPEatBRKb2ZbS_": { "title": "SaaS", - "description": "**Software as a Service**, often abbreviated as **SaaS**, is a cloud-based software delivery model where applications are provided over the internet. Instead of installing and maintaining software locally on individual computers or servers, users can access the software and its features through a web browser.\n\nFeatures\n--------\n\nSaaS offers various benefits and features that make it an attractive option for individuals and businesses alike. Some key features include:\n\n* **Accessibility**: SaaS applications can be accessed from anywhere with an internet connection.\n* **Lower Costs**: As a user, you only pay for what you use, reducing upfront costs such as licences and infrastructure investments.\n* **Automatic Updates**: The SaaS provider is responsible for software updates, bug fixes, and patches. This means the latest version of the software is available to users without any manual intervention.\n* **Scalability**: SaaS applications can easily scale to accommodate a growing user base, making it an ideal choice for businesses of all sizes.\n* **Customization**: SaaS applications often come with various modules or add-ons that offer additional functionality and professional services for customization.\n\nSecurity Considerations\n-----------------------\n\nWhile SaaS offers numerous benefits, there are some potential concerns related to data security and privacy. Here are some key security considerations:\n\n* **Data Storage**: In a SaaS environment, your data is stored in the cloud, which means you need to trust the provider to properly secure it. Make sure the provider complies with relevant industry standards and regulations.\n* **Data Transmission**: It is crucial to verify that your data is encrypted when transmitted between your systems and the SaaS application. This can help protect your information from unauthorized access during transmission.\n* **Access Control**: Establish strong access control policies and procedures to ensure that only authorized users can access sensitive data within the SaaS application.\n* **Service Availability**: In case of a SaaS provider experiencing downtime or going out of business, make sure to have contingency plans in place, such as regular data backups and alternative software options.\n\nChoosing a SaaS Provider\n------------------------\n\nBefore committing to a SaaS provider, it is essential to undertake a thorough evaluation to ensure that it can meet your security and business requirements. Some aspects to consider include:\n\n* **Compliance**: Check if the provider adheres to legal and regulatory requirements in your industry.\n* **Service Level Agreements (SLAs)**: Review the provider's SLAs to understand their uptime guarantees, performance standards and penalties in case of SLA breaches.\n* **Data Management**: Make sure the provider offers tools and features to manage your data, such as importing, exporting, and data backup/restoration capabilities.\n* **Support**: Verify if the provider offers adequate support resources, like a 24/7 help desk and comprehensive documentation.\n\nBy keeping these aspects in mind, you can make an informed decision about whether SaaS is the right solution for your business, and select the best SaaS provider to meet your unique needs.", - "links": [] + "description": "Software as a Service (SaaS) is a cloud-based model where software applications are delivered to users over the internet, eliminating the need for local installation or maintenance. SaaS providers manage infrastructure, security, and updates, allowing users to access the software on a subscription basis from any device with an internet connection. This model offers scalability, reduced upfront costs, and easy integration with other cloud services, making it a popular choice for businesses looking for flexibility and efficiency in software deployment.\n\nLearn more from the following resources:", + "links": [ + { + "title": "iWhat is SaaS? Microsoft", + "url": "https://azure.microsoft.com/en-us/resources/cloud-computing-dictionary/what-is-saas", + "type": "article" + }, + { + "title": "What is SaaS?", + "url": "https://www.youtube.com/watch?v=UEHdYNXiIUU", + "type": "video" + } + ] }, "PQ_np6O-4PK2V-r5lywQg": { "title": "PaaS", - "description": "Platform as a Service, or **PaaS**, is a type of cloud computing service that provides a platform for developers to create, deploy, and maintain software applications. PaaS combines the software development platform and the underlying infrastructure, such as servers, storage, and networking resources. This enables developers to focus on writing and managing their applications, without worrying about the underlying infrastructure's setup, maintenance, and scalability.\n\nKey Features of PaaS\n--------------------\n\n* **Scalability:** PaaS allows for easily scaling applications to handle increased load and demand, without the need for manual intervention.\n* **Development Tools:** PaaS providers offer a collection of integrated development tools, such as programming languages, libraries, and APIs (Application Programming Interfaces) that enable developers to build and deploy applications.\n* **Automated Management:** PaaS platforms automate the management of underlying resources and provide seamless updates to ensure the applications are always running on the latest and most secure software versions.\n* **Cost-Effective:** PaaS can be more cost-effective than managing an on-premises infrastructure, since the provider manages the underlying resources, thus reducing the need for dedicated IT staff.\n\nCommon Use Cases for PaaS\n-------------------------\n\n* **Application Development:** Developers can use PaaS platforms to develop, test, and launch applications quickly and efficiently.\n* **Web Hosting:** PaaS platforms often include tools for hosting and managing web applications, reducing the effort needed to configure and maintain web servers.\n* **Data Analytics:** PaaS platforms typically offer data processing and analytics tools, making it easy for organizations to analyze and gain insights from their data.\n* **IoT Development:** PaaS platforms may include IoT (Internet of Things) services, simplifying the development and management of IoT applications and devices.\n\nIn conclusion, PaaS simplifies the application development and deployment process by providing a platform and its associated tools, saving developers time and resources. By leveraging PaaS, organizations can focus on their core competencies and build innovative applications without worrying about infrastructure management.", - "links": [] + "description": "Platform as a Service, or **PaaS**, is a type of cloud computing service that provides a platform for developers to create, deploy, and maintain software applications. PaaS combines the software development platform and the underlying infrastructure, such as servers, storage, and networking resources. This enables developers to focus on writing and managing their applications, without worrying about the underlying infrastructure's setup, maintenance, and scalability. PaaS simplifies the application development and deployment process by providing a platform and its associated tools, saving developers time and resources. By leveraging PaaS, organizations can focus on their core competencies and build innovative applications without worrying about infrastructure management.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is PaaS?", + "url": "https://azure.microsoft.com/en-us/resources/cloud-computing-dictionary/what-is-paas", + "type": "article" + }, + { + "title": "PaaS Explained", + "url": "https://www.youtube.com/watch?v=QAbqJzd0PEE", + "type": "video" + } + ] }, "1nPifNUm-udLChIqLC_uK": { "title": "IaaS", @@ -3321,13 +4522,35 @@ }, "ecpMKP1cQXXsfKETDUrSf": { "title": "Private", - "description": "A **Private Cloud** is a cloud computing model that is solely dedicated to a single organization. In this model, the organization's data and applications are hosted and managed either within the organization's premises or in a privately-owned data center. This cloud model provides enhanced security and control, as the resources are not shared with other organizations, ensuring that your data remains private and secure.\n\nBenefits of Private Cloud\n-------------------------\n\n* **Enhanced Security:** As the resources and infrastructure are dedicated to one organization, the risk of unauthorized access, data leaks, or security breaches is minimal.\n \n* **Customization and Control:** The organization has complete control over their cloud environment, enabling them to customize their infrastructure and applications according to their specific needs.\n \n* **Compliance:** Private clouds can be tailored to meet strict regulatory and compliance requirements, ensuring that sensitive data is protected.\n \n* **Dedicated Resources:** Organizations have access to dedicated resources, ensuring high performance and availability for their applications.\n \n\nDrawbacks of Private Cloud\n--------------------------\n\n* **Higher Costs:** Building and maintaining a private cloud can be expensive, as organizations are responsible for purchasing and managing their own hardware, software, and infrastructure.\n \n* **Limited Scalability:** As resources are dedicated to one organization, private clouds may have limited scalability, requiring additional investments in infrastructure upgrades to accommodate growth.\n \n* **Responsibility for Management and Maintenance:** Unlike public clouds, where the cloud provider handles management and maintenance, the organization is responsible for these tasks in a private cloud, which can be time-consuming and resource-intensive.\n \n\nIn summary, a private cloud model is ideal for organizations that require a high level of security, control, and customization. It is especially suitable for organizations with strict compliance requirements or sensitive data to protect. However, this model comes with higher costs and management responsibilities, which should be considered when choosing a cloud model for your organization.", - "links": [] + "description": "A **private cloud** is a cloud computing environment dedicated to a single organization, offering the same benefits as public clouds, such as scalability and self-service, but with greater control and customization. It is hosted either on-premises or by a third-party provider, and it ensures that the organization's data and applications are isolated from other entities. This setup enhances security and compliance, making it ideal for businesses with specific regulatory requirements or high-security needs.\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is a private cloud?", + "url": "https://aws.amazon.com/what-is/private-cloud/", + "type": "article" + }, + { + "title": "Private cloud rules", + "url": "https://www.youtube.com/watch?v=Tzqy8lW0bk4", + "type": "video" + } + ] }, "ZDj7KBuyZsKyEMZViMoXW": { "title": "Public", - "description": "A **public cloud** is a cloud service that is available for use by the general public. In this cloud model, a cloud service provider owns and manages the cloud infrastructure, which is shared among multiple users or organizations. These users can access the cloud services via the internet and pay as they use, taking advantage of economies of scale.\n\nKey Features\n------------\n\n* **Shared Infrastructure**: The public cloud is built on a shared infrastructure, where multiple users or organizations leverage the same hardware and resources to store their data or run their applications.\n* **Scalability**: Public clouds offer greater scalability than private clouds, as they can quickly allocate additional resources to users who need them.\n* **Cost-effective**: Since public clouds operate on a pay-as-you-go model, users only pay for the resources they consume, making it more cost-effective for organizations with fluctuating resource requirements.\n\nBenefits of Public Cloud\n------------------------\n\n* **Lower costs**: There is no need to invest in on-premises hardware, and ongoing costs are usually lower due to economies of scale and the pay-as-you-go model.\n* **Ease of access**: Users can access the cloud services from anywhere using an internet connection.\n* **Updates and maintenance**: The cloud service provider is responsible for maintaining and updating the cloud infrastructure, ensuring that the latest security patches and features are applied.\n* **Reliability**: Public cloud providers have multiple data centers and robust redundancy measures, which can lead to improved service reliability and uptime.\n\nDrawback and Concerns\n---------------------\n\n* **Security**: Since public clouds are shared by multiple users, there is an increased risk of threats and vulnerabilities, especially if the cloud provider does not have stringent security measures in place.\n* **Privacy and Compliance**: Organizations with strict data privacy and regulatory compliance requirements may find it difficult to use public cloud services, as data may be shared or stored in locations based on the provider's data center locations.\n* **Control**: Users have less direct control over the management and configuration of the cloud infrastructure compared to a private cloud.\n\nDespite these concerns, many businesses and organizations successfully use public clouds to host non-sensitive data or run applications that do not require stringent compliance requirements.\n\nExamples of popular public cloud service providers include Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).", - "links": [] + "description": "A **public cloud** is a computing service offered by third-party providers over the internet, where resources such as servers, storage, and applications are shared among multiple users or organizations. It is typically managed by the cloud service provider and offers scalability, cost-effectiveness, and ease of access, with users paying only for the resources they consume. Public clouds are ideal for businesses and individuals who need flexible, on-demand computing resources without the overhead of managing physical infrastructure. Popular examples include Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).\n\nLearn more from the following resources:", + "links": [ + { + "title": "What is a public cloud? Microsoft", + "url": "https://azure.microsoft.com/en-gb/resources/cloud-computing-dictionary/what-is-a-public-cloud", + "type": "article" + }, + { + "title": "What is a public cloud?", + "url": "https://www.youtube.com/watch?v=KaCyfQ7luVY", + "type": "video" + } + ] }, "ywRlTuTfh5-NHnv4ZyW1t": { "title": "Hybrid", @@ -3353,6 +4576,26 @@ "title": "AWS Complete Tutorial", "url": "https://www.youtube.com/watch?v=B8i49C8fC3E", "type": "course" + }, + { + "title": "AWS Roadmap", + "url": "https://roadmap.sh/aws", + "type": "article" + }, + { + "title": "AWS Website", + "url": "https://aws.amazon.com", + "type": "article" + }, + { + "title": "How to create an AWS account", + "url": "https://grapplingdev.com/tutorials/how-to-create-aws-account", + "type": "article" + }, + { + "title": "AWS Overview", + "url": "https://www.youtube.com/watch?v=a9__D53WsUs", + "type": "video" } ] }, @@ -3374,13 +4617,40 @@ }, "GklBi7Qx1akN_cS9UMrha": { "title": "Azure", - "description": "Microsoft Azure, often referred to simply as \"Azure\", is a cloud computing platform and service offered by Microsoft. Azure provides a wide range of cloud services, tools, and resources for organizations and developers to build, deploy, and manage applications on a global scale. With support for multiple programming languages and frameworks, Azure makes it easier to move existing applications or create new ones for the cloud environment.\n\nKey Features\n------------\n\n* **Compute Power**: Azure offers a variety of virtual machines, containers, and serverless computing options to execute and scale applications.\n \n* **Storage**: Azure provides several storage options - Blob Storage for unstructured data, File Storage for file shares, and Disk Storage for block storage.\n \n* **Databases**: Azure offers managed relational databases, NoSQL databases, and in-memory databases for different needs and workloads.\n \n* **Analytics**: Azure provides tools and services for big data and advanced analytics, including Azure Data Lake, Azure Machine Learning, and Power BI.\n \n* **Networking**: Azure supports various networking services, such as Virtual Networks, Load Balancers, and Content Delivery Networks, to ensure secure and reliable connectivity to applications.\n \n* **Security**: Azure provides a range of security services and features to help protect your applications and data, including Advanced Threat Protection, Azure Active Directory, and Azure Firewall.\n \n* **Identity & Access Management**: Azure Active Directory (AD) provides identity and access management services, enabling secure sign-on and multi-factor authentication for applications and users.\n \n* **Hybrid Cloud**: Azure supports hybrid cloud deployment, meaning you can run some parts of your infrastructure on-premises and some on Azure.\n \n\nPros and Cons\n-------------\n\n**Pros**:\n\n* Wide range of services and features\n* Integration with other Microsoft products\n* Strong support for hybrid cloud\n* Good for large enterprises already using Microsoft technologies\n\n**Cons**:\n\n* Can be complex to navigate and manage\n* Potentially costly depending on usage and services\n\nAzure is an excellent choice for those looking to leverage a vast array of cloud services, particularly if you're already invested in the Microsoft ecosystem. It's important to keep in mind, though, that the platform's complexity can lead to a steeper learning curve, and managing costs can be challenging as usage scales.", - "links": [] + "description": "Azure is Microsoft's comprehensive cloud computing platform that offers a wide range of services for building, deploying, and managing applications. It provides infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS) solutions, supporting various programming languages, tools, and frameworks. Azure's services include virtual machines, storage, databases, AI and machine learning, IoT, and more. It offers global data center coverage, integrated DevOps tools, and robust security features, making it a versatile platform for businesses of all sizes to innovate, scale, and transform their operations in the cloud.\n\nLearn more from the following resources:", + "links": [ + { + "title": "Azure Website", + "url": "https://azure.microsoft.com", + "type": "article" + }, + { + "title": "daily.dev Azure Feed", + "url": "https://app.daily.dev/tags/azure", + "type": "article" + }, + { + "title": "Azure DevOps Tutorial for Beginners", + "url": "https://www.youtube.com/watch?v=4BibQ69MD8c", + "type": "video" + } + ] }, "2jsTgT7k8MeaDtx6RJhOP": { "title": "S3", - "description": "Amazon Simple Storage Service (S3) is a scalable, high-speed, low-latency object storage service designed and managed by Amazon Web Services (AWS). It offers a simple web service interface that allows developers and businesses to store and retrieve almost any amount or type of data, from anywhere on the internet.\n\nKey Features\n------------\n\n* **Scalable Storage**: Amazon S3 offers virtually unlimited storage capacity, making it perfect for applications that require large amounts of data storage or rapid scaling.\n \n* **High Durability**: S3 automatically stores your data redundantly across multiple devices in multiple geographically dispersed data centers, ensuring 99.999999999% durability of your data.\n \n* **Easy Data Management**: With S3's simple web interface, you can easily create, delete, and manage buckets (storage containers) and objects (files). You can also configure fine-tuned access controls to grant specific permissions to users or groups.\n \n* **Data Transfer**: Amazon S3 supports seamless data transfer using various methods like the AWS Management Console, AWS SDKs, and the REST API. You can also enable data transfers between S3 and other AWS services.\n \n* **Object Versioning**: S3 supports versioning of objects, allowing you to preserve, retrieve, and restore every version of an object in a bucket.\n \n* **Security**: S3 provides secure access to your data by integrating with AWS Identity and Access Management (IAM) and supporting encryption in transit and at rest.\n \n\nUse cases\n---------\n\n* _Backup and Archiving_: Amazon S3 is an ideal solution for backing up and archiving your critical data, ensuring it's durably stored and immediately available when needed.\n \n* _Big Data Analytics_: With its scalable and data-agnostic design, S3 can support big data applications by consistently delivering low latency and high throughput access to vast amounts of data.\n \n* _Content Distribution_: S3 can be easily integrated with Amazon CloudFront, a content delivery network (CDN), to distribute large files, like videos or software packages, quickly and efficiently.\n \n* _Static Website Hosting_: You can host an entire static website on Amazon S3 by simply enabling the website hosting feature on your bucket and uploading the static files.\n \n\nIn summary, Amazon S3 is an essential component of the AWS ecosystem that offers a reliable, scalable, and secure storage solution for businesses and applications of all sizes. By leveraging its powerful features and integrations, you can implement a robust cybersecurity strategy for your cloud storage needs.", - "links": [] + "description": "Amazon Simple Storage Service (S3) is a scalable, object-based cloud storage service provided by AWS. It allows users to store and retrieve large amounts of data, such as files, backups, or media content, with high durability and availability. S3 is designed for flexibility, enabling users to access data from anywhere via the internet while offering security features like encryption and access controls. It is widely used for data storage, content distribution, disaster recovery, and big data analytics, providing cost-effective, scalable storage for a variety of applications.\n\nLearn more from the following resources:", + "links": [ + { + "title": "AWS S3 Website", + "url": "https://aws.amazon.com/pm/serv-s3/?gclid=Cj0KCQjwrp-3BhDgARIsAEWJ6SyhAtgc3NJbsxaAXVbWEOW5gG-XFH51jIc8SxahYSxNJ501l9soUA0aAnEjEALw_wcB&trk=777b3ec4-de01-41fb-aa63-cde3d034a89e&sc_channel=ps&ef_id=Cj0KCQjwrp-3BhDgARIsAEWJ6SyhAtgc3NJbsxaAXVbWEOW5gG-XFH51jIc8SxahYSxNJ501l9soUA0aAnEjEALw_wcB:G:s&s_kwcid=AL!4422!3!638364429346!e!!g!!aws%20s3!19096959014!142655567183", + "type": "article" + }, + { + "title": "Getting started with AWS S3", + "url": "https://www.youtube.com/watch?v=e6w9LwZJFIA", + "type": "video" + } + ] }, "9OastXVfiG1YRMm68ecnn": { "title": "Dropbox", @@ -3401,13 +4671,29 @@ "title": "Box Website", "url": "https://www.box.com/en-gb/home", "type": "article" + }, + { + "title": "Box Cloud Storage Review 2024", + "url": "https://www.youtube.com/watch?v=ktNDLO1T96c", + "type": "video" } ] }, "MWqnhDKm9jXvDDjkeVNxm": { "title": "OneDrive", - "description": "OneDrive is a popular cloud storage service provided by Microsoft. Part of the Microsoft 365 suite, OneDrive offers a seamless and secure solution for storing and accessing your files from any device, anytime, and anywhere. Below, we'll discuss some of its features and why it's important to consider for your cloud storage needs.\n\nFeatures\n--------\n\n* **Ease of Access**: OneDrive can be accessed through a web browser, or by using its desktop and mobile apps. It comes integrated with Windows 10 and can also be used on Mac, Android, and iOS devices.\n \n* **Storage Space**: OneDrive offers 5GB free storage for new users, and additional storage can be purchased through its subscription plans. Microsoft 365 subscribers receive 1TB of OneDrive storage with their plan.\n \n* **File Syncing**: OneDrive allows you to sync your files across different devices using the same account. This makes it easier to access your files and work on the same document from different locations.\n \n* **Security and Privacy**: Microsoft ensures that your data is encrypted both at rest and in transit. OneDrive also offers security measures such as two-factor authentication and the ability to recover files from the recycle bin.\n \n* **Collaboration**: OneDrive is integrated with Microsoft Office. This enables you to collaborate on Word, Excel, and PowerPoint files in real-time, and also view and edit files using Office Online.\n \n* **Automatic Backup**: OneDrive offers built-in automatic backup features. It can be configured to backup your files, including documents, pictures, and other files on your computer or device.\n \n* **Version History**: OneDrive keeps version history for your files, allowing you to restore previous versions if needed. This is useful, especially when working on collaborative documents, to ensure no work is lost.\n \n\nImportance\n----------\n\nOneDrive is an excellent cloud storage solution, fitting the needs of individuals and businesses alike. It offers various features, such as syncing across devices, real-time collaboration, and robust security measures. Whether you need a personal or professional cloud storage solution, OneDrive is worth considering for its versatility and integration with Microsoft's suite of productivity tools.", - "links": [] + "description": "**OneDrive** is a cloud storage service provided by Microsoft that allows users to store, sync, and share files and folders online. It integrates seamlessly with Windows and Microsoft 365 applications, enabling users to access their data from any device with an internet connection. OneDrive offers features such as real-time collaboration, file versioning, and automatic backup, making it convenient for personal and professional use. It also provides options for sharing files with others and controlling access permissions, enhancing productivity and data management.\n\nLearn more from the following resources:", + "links": [ + { + "title": "OneDrive Website", + "url": "https://onedrive.live.com", + "type": "article" + }, + { + "title": "Microsoft OneDrive Tutorial", + "url": "https://www.youtube.com/watch?v=qgw01w0iYjA", + "type": "video" + } + ] }, "fTZ4PqH-AMhYA_65w4wFO": { "title": "Google Drive", @@ -3433,32 +4719,27 @@ }, "_RnuQ7952N8GWZfPD60sJ": { "title": "Programming Skills", - "description": "Programming knowledge is a fundamental skill for professionals in the cybersecurity field, as it enables them to build, assess, and defend computer systems, networks, and applications. Having a strong foundation in programming languages, concepts, and techniques is essential for identifying potential security threats, writing secure code, and implementing robust security measures.\n\nKey Programming Languages\n-------------------------\n\nIt's important to learn multiple programming languages relevant to cybersecurity, as different languages cater to different types of tasks and environments. Here are some of the most widely used programming languages in the cybersecurity field:\n\n* **Python**: As an easy-to-learn high-level language, Python is commonly used for tasks like automation, scripting, and data analysis. It also contains a plethora of libraries and frameworks for cybersecurity, making it highly valuable for security professionals.\n* **C/C++**: These two languages are foundational for understanding system and application-level vulnerabilities since most operating systems are written in C and C++. Knowledge of these languages allows cybersecurity experts to analyze source code, identify potential exploits, and create secure software.\n* **Java**: As a popular and versatile programming language, Java is often used in web applications and enterprise environments. Java knowledge equips cybersecurity professionals to understand and mitigate potential security flaws in Java-based applications.\n* **JavaScript**: With its ubiquity in modern web browsers, JavaScript is crucial for understanding and protecting against web security vulnerabilities, such as Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) attacks.\n* **Ruby**: Ruby has a strong foothold in web application development and is utilized for scripting and automation, just like Python. Familiarity with Ruby may give cybersecurity professionals an edge in certain environments.\n\nConcepts and Techniques\n-----------------------\n\nTo apply programming knowledge effectively in cybersecurity, you should ground yourself in key concepts and techniques, such as:\n\n* **Cryptography**: Learn about encryption, decryption, encoding, and hashing techniques, as well as fundamental cryptographic algorithms and protocols used to secure data transmission and storage.\n* **Secure coding practices**: Understand concepts like input validation, output encoding, and error handling, which help prevent security vulnerabilities in programs.\n* **Reverse engineering**: Master the art of deconstructing software and analyzing it without access to the original source code, which is crucial for dissecting malware, identifying vulnerabilities, and developing security patches.\n* **Scripting and automation**: Develop skills in writing scripts and automating tasks, as it can save time and enhance efficiency in cybersecurity workflows.\n* **Data analysis**: Learn to analyze and visualize data relevant to cybersecurity, such as network traffic logs, patterns, and trends, to make informed decisions and implement appropriate defense strategies.\n\nAcquiring programming knowledge in cybersecurity can help you stay on top of the latest threats, develop secure software, and implement effective countermeasures. As you progress in your cybersecurity career, you'll find that your programming skills will continually evolve and your understanding of various languages, concepts, and techniques will expand.", + "description": "Programming knowledge is a fundamental skill for professionals in the cybersecurity field, as it enables them to build, assess, and defend computer systems, networks, and applications. Having a strong foundation in programming languages, concepts, and techniques is essential for identifying potential security threats, writing secure code, and implementing robust security measures.\n\n* **Python**: As an easy-to-learn high-level language, Python is commonly used for tasks like automation, scripting, and data analysis. It also contains a plethora of libraries and frameworks for cybersecurity, making it highly valuable for security professionals.\n* **C/C++**: These two languages are foundational for understanding system and application-level vulnerabilities since most operating systems are written in C and C++. Knowledge of these languages allows cybersecurity experts to analyze source code, identify potential exploits, and create secure software.\n* **Java**: As a popular and versatile programming language, Java is often used in web applications and enterprise environments. Java knowledge equips cybersecurity professionals to understand and mitigate potential security flaws in Java-based applications.\n* **JavaScript**: With its ubiquity in modern web browsers, JavaScript is crucial for understanding and protecting against web security vulnerabilities, such as Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) attacks.\n* **Ruby**: Ruby has a strong foothold in web application development and is utilized for scripting and automation, just like Python. Familiarity with Ruby may give cybersecurity professionals an edge in certain environments.\n\nAcquiring programming knowledge in cybersecurity can help you stay on top of the latest threats, develop secure software, and implement effective countermeasures. As you progress in your cybersecurity career, you'll find that your programming skills will continually evolve and your understanding of various languages, concepts, and techniques will expand.", "links": [] }, "XiHvGy--OkPFfJeKA6-LP": { "title": "Python", - "description": "Python is a versatile, high-level programming language that is widely used in various fields, such as web development, data analysis, artificial intelligence, and cyber security. It is known for its simplicity, readability, and extensive library support, making it a popular choice for beginners as well as experts.\n\nKey Features:\n-------------\n\n* **Easy to learn and read**: Python features a clean and simple syntax, which makes it easy for beginners to start coding quickly and minimizes the chance of errors.\n* **Platform independent**: Python can run on any platform, including Windows, Linux, and macOS, making it suitable for cross-platform development.\n* **Large ecosystem**: Python has a vast ecosystem of libraries and frameworks, including popular ones like Django, Flask, and Scikit-learn, which can help speed up the development process.\n* **Strong community support**: Python has a large and active community, which provides a wealth of resources, such as tutorials, sample code, and expert assistance when needed.\n\nPython in Cyber Security:\n-------------------------\n\nPython is particularly valuable in the field of cyber security for several reasons:\n\n* **Scripting and Automation**: Python is excellent for creating scripts and automating tasks, which is useful for managing security tasks such as log analysis, scanning networks, and penetration testing.\n* **Exploit Development**: Python's readability and simplicity make it suitable for developing exploits and writing proof-of-concept code, essential tasks in cyber security.\n* **Analysis and Visualization**: With powerful libraries like Pandas, NumPy, and Matplotlib, Python can help security analysts process, analyze, and visualize large data sets, making it easier to identify patterns and detect security threats.\n\nLearning Python:\n----------------\n\nTo start learning Python, here are some useful resources:\n\nRemember, practice is key, and the more you work with Python, the more you'll appreciate its utility in the world of cyber security.", + "description": "**Python** is a high-level, interpreted programming language known for its readability, simplicity, and versatility. It supports multiple programming paradigms, including procedural, object-oriented, and functional programming. Python's extensive standard library and a rich ecosystem of third-party packages make it suitable for a wide range of applications, from web development and data analysis to machine learning and automation. Its straightforward syntax and dynamic typing facilitate rapid development and prototyping, making it popular among beginners and experienced developers alike.\n\nLearn more from the following resources:", "links": [ { - "title": "Python.org", - "url": "https://www.python.org/", - "type": "article" - }, - { - "title": "Real Python", - "url": "https://realpython.com/", - "type": "article" + "title": "Python Full Course 2024", + "url": "https://www.youtube.com/watch?v=ix9cRaBkVe0", + "type": "course" }, { - "title": "Automate the Boring Stuff with Python", - "url": "https://automatetheboringstuff.com/", + "title": "Python Roadmap", + "url": "https://roadmap.sh/python", "type": "article" }, { - "title": "Explore top posts about Python", - "url": "https://app.daily.dev/tags/python?ref=roadmapsh", - "type": "article" + "title": "Python in 100 Seconds", + "url": "https://www.youtube.com/watch?v=x7X9w_GIm1s", + "type": "video" } ] }, @@ -3543,32 +4824,27 @@ }, "paY9x2VJA98FNGBFGRXp2": { "title": "Power Shell", - "description": "PowerShell is a powerful command-line shell and scripting language developed by Microsoft primarily for the purpose of automating tasks and managing system configuration. PowerShell is designed specifically for Windows but has been made available for other platforms as well, such as macOS and Linux.\n\nWhy PowerShell?\n---------------\n\n* **Automation:** PowerShell scripts allow users to automate tasks, helping to save time and reduce the likelihood of introducing errors during manual processes.\n \n* **Command discovery:** PowerShell's built-in `Get-Command` cmdlet allows users to easily find and learn about the commands available to them.\n \n* **Consistency:** The consistency of the PowerShell syntax makes it easy to learn and use the scripting language, allowing users to create complex scripts with minimal investment in time and effort.\n \n* **Cross-platform compatibility:** PowerShell is now available across various platforms, making it even more valuable to learn and implement in your daily work.\n \n\nBasic Concepts\n--------------\n\nHere are some essential concepts to understand while working with PowerShell:\n\n* **Cmdlet:** A cmdlet is a lightweight command that performs a specific action, such as creating a new folder or listing the files in a directory. Cmdlets follow the 'Verb-Noun' syntax (e.g., `Get-Process`, `New-Item`).\n \n* **Pipeline:** A pipeline is a method of passing the output of one cmdlet as input to another cmdlet. It's represented using the '|' symbol. (e.g., `Get-Process | Stop-Process`)\n \n* **Aliases:** Aliases are alternate names for cmdlets, created to provide a more intuitive, shorthand way to call the original cmdlet (e.g., `ls` is an alias for `Get-ChildItem`).\n \n* **Variables:** Variables in PowerShell use the `$` symbol for storing values. (e.g., `$myVariable = \"Hello, World!\"`)\n \n* **Operators:** PowerShell supports various operators, such as arithmetic operators, comparison operators, logical operators, etc., for performing calculations, comparisons, and transformations on variables and values.\n \n* **Scripting:** PowerShell scripts are saved as `.ps1` files and executed using command line or Integrated Scripting Environment (ISE).\n \n\nLearning PowerShell\n-------------------\n\nTo get started with PowerShell, begin by learning about the available cmdlets, syntax, and features. Useful resources for learning PowerShell include:\n\nIn conclusion, PowerShell is an essential tool for anyone working with Windows systems and can greatly benefit those in the cybersecurity field. The ability to automate tasks and manage configurations using PowerShell will provide a significant advantage, allowing for more efficient and accurate work.", + "description": "**PowerShell** is a task automation and configuration management framework from Microsoft, consisting of a command-line shell and an associated scripting language. It is widely used for system administration, enabling administrators to automate tasks, manage systems, and configure services both on-premises and in cloud environments. PowerShell supports complex scripting with its access to .NET libraries, making it powerful for automating processes, managing network configurations, and interacting with APIs. It also plays a critical role in cybersecurity, as attackers can use PowerShell for malicious purposes, while defenders use it for forensic analysis and system management.\n\nLearn more from the following resources:", "links": [ { "title": "Learning PowerShell GitHub Repository", "url": "https://github.com/PowerShell/PowerShell/tree/master/docs/learning-powershell", "type": "opensource" }, - { - "title": "Microsoft's Official PowerShell Documentation", - "url": "https://docs.microsoft.com/en-us/powershell/", - "type": "article" - }, { "title": "PowerShell.org", "url": "https://powershell.org/", "type": "article" }, { - "title": "Stack Overflow", - "url": "https://stackoverflow.com/questions/tagged/powershell", + "title": "Microsoft's Official PowerShell Documentation", + "url": "https://docs.microsoft.com/en-us/powershell/", "type": "article" }, { - "title": "Reddit's r/PowerShell", - "url": "https://www.reddit.com/r/PowerShell/", - "type": "article" + "title": "PowerShell Course", + "url": "https://www.youtube.com/watch?v=ZOoCaWyifmI", + "type": "video" } ] }, diff --git a/public/roadmap-content/data-analyst.json b/public/roadmap-content/data-analyst.json index 42361dece..84f7760f5 100644 --- a/public/roadmap-content/data-analyst.json +++ b/public/roadmap-content/data-analyst.json @@ -1563,4 +1563,4 @@ } ] } -} +} \ No newline at end of file diff --git a/public/roadmap-content/devops.json b/public/roadmap-content/devops.json index 864edbb4a..c4d0439d2 100644 --- a/public/roadmap-content/devops.json +++ b/public/roadmap-content/devops.json @@ -12,7 +12,7 @@ }, "TwVfCYMS9jSaJ6UyYmC-K": { "title": "Python", - "description": "Python is a multi-paradigm language. Being an interpreted language, code is executed as soon as it is written and the Python syntax allows for writing code in functional, procedural or object-oriented programmatic ways. Python is frequently recommended as the first language new coders should learn, because of its focus on readability, consistency, and ease of use. This comes with some downsides, as the language is not especially performant in most production tasks.\n\nVisit the following resources to learn more:", + "description": "Python is a high-level, interpreted programming language known for its simplicity, readability, and versatility. It supports multiple programming paradigms, including procedural, object-oriented, and functional programming. Python's extensive standard library and vast ecosystem of third-party packages make it suitable for a wide range of applications, from web development and data analysis to artificial intelligence and scientific computing. Its clean syntax and dynamic typing allow for rapid development and prototyping. Python's \"batteries included\" philosophy provides rich built-in functionalities, while its cross-platform compatibility ensures code portability. With strong community support and continuous development, Python has become one of the most popular programming languages, widely used in academia, industry, and open-source projects for tasks ranging from simple scripting to complex software development.\n\nVisit the following resources to learn more:", "links": [ { "title": "Visit Dedicated Python Roadmap", @@ -24,21 +24,11 @@ "url": "https://www.python.org/", "type": "article" }, - { - "title": "Python Getting Started", - "url": "https://www.python.org/about/gettingstarted/", - "type": "article" - }, { "title": "Automate the Boring Stuff", "url": "https://automatetheboringstuff.com/", "type": "article" }, - { - "title": "W3Schools - Python Tutorial", - "url": "https://www.w3schools.com/python/", - "type": "article" - }, { "title": "Python Crash Course", "url": "https://ehmatthes.github.io/pcc/", @@ -48,12 +38,17 @@ "title": "Explore top posts about Python", "url": "https://app.daily.dev/tags/python?ref=roadmapsh", "type": "article" + }, + { + "title": "Python Full Course for free", + "url": "https://www.youtube.com/watch?v=ix9cRaBkVe0", + "type": "video" } ] }, "PuXAPYA0bsMgwcnlwJxQn": { "title": "Ruby", - "description": "Ruby is a high-level, interpreted programming language that blends Perl, Smalltalk, Eiffel, Ada, and Lisp. Ruby focuses on simplicity and productivity along with a syntax that reads and writes naturally. Ruby supports procedural, object-oriented and functional programming and is dynamically typed.\n\nVisit the following resources to learn more:", + "description": "Ruby is a dynamic, object-oriented programming language known for its simplicity and productivity. Created by Yukihiro Matsumoto, Ruby emphasizes the principle of \"least astonishment,\" aiming for natural, easy-to-read syntax. It features automatic memory management, dynamic typing, and support for multiple programming paradigms including functional and imperative programming. Ruby's flexibility and expressive nature make it popular for web development, particularly with the Ruby on Rails framework. It excels in text processing, scripting, and rapid prototyping. Ruby's extensive standard library and package manager (RubyGems) provide a rich ecosystem of third-party libraries. While not as performant as some compiled languages, Ruby's focus on developer happiness and productivity has made it a favorite in startups and for building web applications quickly.\n\nVisit the following resources to learn more:", "links": [ { "title": "Ruby Website", @@ -69,12 +64,17 @@ "title": "Explore top posts about Ruby", "url": "https://app.daily.dev/tags/ruby?ref=roadmapsh", "type": "article" + }, + { + "title": "Ruby Programming Crash Course", + "url": "https://www.youtube.com/watch?v=w9yNsTAp-Mg", + "type": "video" } ] }, "npnMwSDEK2aLGgnuZZ4dO": { "title": "Go", - "description": "Go is an open source programming language supported by Google. Go can be used to write cloud services, CLI tools, used for API development, and much more.\n\nVisit the following resources to learn more:", + "description": "Go, also known as Golang, is a statically typed, compiled programming language developed by Google. It emphasizes simplicity, efficiency, and built-in concurrency support. Go features fast compilation, garbage collection, and a robust standard library. Its syntax is clean and concise, promoting easy readability and maintainability. Go's goroutines and channels provide powerful tools for concurrent programming. The language is particularly well-suited for system programming, network services, and cloud-native applications. Go's efficient memory usage and quick execution make it popular for building scalable server-side applications and microservices. With its focus on simplicity and performance, Go has gained significant adoption in DevOps tooling, containerization technologies, and cloud infrastructure projects.\n\nVisit the following resources to learn more:", "links": [ { "title": "Visit Dedicated Go Roadmap", @@ -96,11 +96,6 @@ "url": "https://gobyexample.com/", "type": "article" }, - { - "title": "W3Schools Go Tutorial", - "url": "https://www.w3schools.com/go/", - "type": "article" - }, { "title": "Making a RESTful JSON API in Go", "url": "https://thenewstack.io/make-a-restful-json-api-go/", @@ -110,38 +105,28 @@ "title": "Explore top posts about Golang", "url": "https://app.daily.dev/tags/golang?ref=roadmapsh", "type": "article" + }, + { + "title": "Go in 100 Seconds", + "url": "https://www.youtube.com/watch?v=446E-r0rXHI", + "type": "video" } ] }, "eL62bKAoJCMsu7zPlgyhy": { "title": "Rust", - "description": "Rust is a modern systems programming language focusing on safety, speed, and concurrency. It accomplishes these goals by being memory safe without using garbage collection.\n\nVisit the following resources to learn more:", + "description": "Rust is a systems programming language that focuses on safety, concurrency, and performance. Developed by Mozilla Research, Rust combines low-level control over system resources with high-level abstractions, preventing common programming errors like null or dangling pointer references at compile-time. It features a borrow checker for managing memory and preventing data races, making it ideal for building reliable and efficient software. Rust's zero-cost abstractions, pattern matching, and trait-based generics offer powerful tools for expressing complex ideas clearly. While primarily used for systems programming, web assembly, and game development, Rust's growing ecosystem supports various domains. Its emphasis on memory safety without sacrificing performance makes it increasingly popular for developing secure, high-performance applications in fields ranging from operating systems to web services.\n\nVisit the following resources to learn more:", "links": [ { "title": "The Rust Programming Language - online book", "url": "https://doc.rust-lang.org/book/", "type": "article" }, - { - "title": "Rust by Example - collection of runnable examples", - "url": "https://doc.rust-lang.org/stable/rust-by-example/index.html", - "type": "article" - }, { "title": "Comprehensive Rust by Google - Learn Rust in 4 Days", "url": "https://google.github.io/comprehensive-rust/", "type": "article" }, - { - "title": "Microsoft Learn Course", - "url": "https://learn.microsoft.com/en-us/training/paths/rust-first-steps/", - "type": "article" - }, - { - "title": "Quick Rust Guide", - "url": "https://sivanaikk.github.io/rust/", - "type": "article" - }, { "title": "Rust Katas - Small, interactive Rust exercises", "url": "https://rustlings.cool/", @@ -156,12 +141,17 @@ "title": "The Rust Programming Book - Video Version", "url": "https://youtube.com/playlist?list=PLai5B987bZ9CoVR-QEIN9foz4QCJ0H2Y8", "type": "video" + }, + { + "title": "Full Crash Rust Tutorial for Beginners", + "url": "https://www.youtube.com/watch?v=R33h77nrMqc&list=PLPoSdR46FgI412aItyJhj2bF66cudB6Qs", + "type": "video" } ] }, "QCdemtWa2mE78poNXeqzr": { "title": "JavaScript / Node.js", - "description": "JavaScript allows you to add interactivity to your pages. Common examples that you may have seen on the websites are sliders, click interactions, popups and so on. Apart from being used on the frontend in browsers, there is Node.js which is an open-source, cross-platform, back-end JavaScript runtime environment that runs on the V8 engine and executes JavaScript code outside a web browser.\n\nVisit the following resources to learn more:", + "description": "JavaScript is a high-level, interpreted programming language primarily used for client-side web development. It enables interactive and dynamic content on web pages, allowing developers to create responsive user interfaces and complex web applications. JavaScript is a core technology of the World Wide Web, alongside HTML and CSS. It supports object-oriented, imperative, and functional programming paradigms. With the advent of Node.js, JavaScript has also become popular for server-side development. The language features dynamic typing, first-class functions, and prototype-based object-orientation. JavaScript's ubiquity in web browsers, extensive ecosystem of libraries and frameworks (like React, Angular, and Vue.js), and its versatility across front-end and back-end development have made it one of the most widely used programming languages in modern software development.\n\nVisit the following resources to learn more:", "links": [ { "title": "Visit Dedicated JavaScript Roadmap", @@ -178,21 +168,11 @@ "url": "https://javascript.info/", "type": "article" }, - { - "title": "W3Schools – Node.js Tutorial", - "url": "https://www.w3schools.com/nodejs/", - "type": "article" - }, { "title": "What is NPM?", "url": "https://www.w3schools.com/nodejs/nodejs_npm.asp", "type": "article" }, - { - "title": "Official Documentation", - "url": "https://nodejs.org/en/learn/getting-started/introduction-to-nodejs", - "type": "article" - }, { "title": "Explore top posts about JavaScript", "url": "https://app.daily.dev/tags/javascript?ref=roadmapsh", @@ -202,22 +182,12 @@ "title": "JavaScript Crash Course for Beginners", "url": "https://youtu.be/hdI2bqOjy3c", "type": "video" - }, - { - "title": "Node.js Crash Course", - "url": "https://www.youtube.com/watch?v=fBNz5xF-Kx4", - "type": "video" - }, - { - "title": "Node.js Tutorial for Beginners", - "url": "https://www.youtube.com/watch?v=TlB_eWDSMt4", - "type": "video" } ] }, "qe84v529VbCyydl0BKFk2": { "title": "Operating System", - "description": "**An Operating system serves as a bridge between a computer's user and its hardware. An operating system's function is to offer a setting in which a user can conveniently and effectively run programmes.** In simple terms we can say that and Operating System (OS) is an interface between a computer user and computer hardware. An OS permits software programmes to communicate with a computer's hardware, The **kernel** is the name of Piece of software that houses the fundamental elements of **Operating System.**\n\nVisit the following resources to learn more:", + "description": "Operating systems (OS) are fundamental software that manage computer hardware and software resources, providing common services for computer programs. They act as an intermediary between applications and hardware, handling tasks like memory management, process scheduling, file system management, and device control. Common desktop operating systems include Microsoft Windows, macOS, and various Linux distributions. Mobile devices typically run iOS or Android. Server environments often use Linux distributions like Ubuntu Server, Red Hat Enterprise Linux, or Windows Server. Each OS type offers distinct features, user interfaces, and compatibility with different software and hardware. Operating systems play a crucial role in system security, performance optimization, and providing a consistent user experience across diverse computing devices and environments.\n\nVisit the following resources to learn more:", "links": [ { "title": "All you need to know about OS.", @@ -243,7 +213,7 @@ }, "cTqVab0VbVcn3W7i0wBrX": { "title": "Ubuntu / Debian", - "description": "Debian is a free and open-source Linux distribution developed by the Debian Project, an all volunteer software community organization. Debian is the upstream distribution of Ubuntu.\n\nUbuntu is a free and open-source Linux distribution based on Debian. Ubuntu is available in three versions Desktop, Server and Core.\n\nVisit the following resources to learn more:", + "description": "Ubuntu and Debian are both popular Linux distributions, with Debian serving as the upstream base for Ubuntu. Debian is known for its stability, extensive package repository, and rigorous testing process, making it a favored choice for servers and systems requiring long-term support. Ubuntu, derived from Debian, aims to provide a more user-friendly experience with regular releases, a focus on ease of use, and commercial support options. It features a more streamlined installation process, extensive documentation, and an active community. Both distributions use the Debian package management system (APT) and share many underlying technologies, but Ubuntu emphasizes a more polished desktop experience and rapid release cycle.\n\nVisit the following resources to learn more:", "links": [ { "title": "Practice Linux Commands with Hands-on Labs\"", @@ -260,46 +230,26 @@ "url": "https://ubuntu.com/", "type": "article" }, - { - "title": "Learn the ways of Linux-fu, for free", - "url": "https://linuxjourney.com/", - "type": "article" - }, - { - "title": "The Linux Command Line by William Shotts", - "url": "https://linuxcommand.org/tlcl.php", - "type": "article" - }, - { - "title": "Linux Upskill Challenge", - "url": "https://linuxupskillchallenge.org/", - "type": "article" - }, - { - "title": "Linux Fundamentals", - "url": "https://academy.hackthebox.com/course/preview/linux-fundamentals", - "type": "article" - }, { "title": "Explore top posts about Ubuntu", "url": "https://app.daily.dev/tags/ubuntu?ref=roadmapsh", "type": "article" }, { - "title": "Linux Operating System - Crash Course for Beginners", - "url": "https://www.youtube.com/watch?v=ROjZy1WbCIA", + "title": "How to use Ubuntu", + "url": "https://www.youtube.com/watch?v=lmeDvSgN6zY", "type": "video" }, { - "title": "Introduction to Linux - Full Course for Beginners", - "url": "https://www.youtube.com/watch?v=sWbUDq4S6Y8&pp=ygUTVWJ1bnR1IGNyYXNoIGNvdXJzZQ%3D%3D", + "title": "Debian 12 Tutorial for Beginners", + "url": "https://www.youtube.com/watch?v=zOZEkzwhThc", "type": "video" } ] }, "zhNUK953p6tjREndk3yQZ": { "title": "SUSE Linux", - "description": "openSUSE is a free to use Linux distribution aimed to promote the use of Linux everywhere. openSUSE is released in two versions Leap and Tumbleweed\n\nVisit the following resources to learn more:", + "description": "openSUSE is a Linux-based operating system known for its stability, versatility, and focus on user-friendly system management. It offers two main distributions: openSUSE Leap, a stable, enterprise-grade version with regular point releases, and openSUSE Tumbleweed, a rolling release version with the latest software updates. OpenSUSE is widely used by developers, system administrators, and enterprise environments due to its robust package management via Zypper and YaST (Yet another Setup Tool), which simplifies system configuration. It also supports a wide range of hardware and offers strong community-driven support.\n\nVisit the following resources to learn more:", "links": [ { "title": "openSUSE Linux Website", @@ -320,12 +270,17 @@ "title": "Explore top posts about Linux", "url": "https://app.daily.dev/tags/linux?ref=roadmapsh", "type": "article" + }, + { + "title": "OpenSuSE - You Should Try It", + "url": "https://www.youtube.com/watch?v=CZwAgf3f8CM", + "type": "video" } ] }, "7mS6Y_BOAHNgM3OjyFtZ9": { "title": "RHEL / Derivatives", - "description": "Red Hat Enterprise Linux (RHEL) is a popular distribution of the Linux operating system that is designed for enterprise-level use. It is developed and maintained by Red Hat, Inc., and it is available under a subscription-based model.\n\nThere are several distributions of Linux that are based on RHEL, or that have been derived from RHEL in some way. These distributions are known as RHEL derivatives. Some examples of RHEL derivatives include: AlmaLinux, CentOS, CloudLinux, Oracle Linux, and Scientific Linux.\n\nRHEL derivatives are often used in enterprise environments because they offer the stability and reliability of RHEL, but with the added benefit of being free or lower-cost alternatives.\n\nVisit the following resources to learn more:", + "description": "Red Hat Enterprise Linux (RHEL) is a popular distribution of the Linux operating system that is designed for enterprise-level use. It is developed and maintained by Red Hat, Inc., and it is available under a subscription-based model. There are several distributions of Linux that are based on RHEL, or that have been derived from RHEL in some way. These distributions are known as RHEL derivatives. Some examples of RHEL derivatives include: AlmaLinux, CentOS, CloudLinux, Oracle Linux, and Scientific Linux. RHEL derivatives are often used in enterprise environments because they offer the stability and reliability of RHEL, but with the added benefit of being free or lower-cost alternatives.\n\nVisit the following resources to learn more:", "links": [ { "title": "Red Hat Enterprise Linux Website", @@ -337,32 +292,32 @@ "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/", "type": "article" }, - { - "title": "RHEL Getting Started Guides", - "url": "https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux/get-started", - "type": "article" - }, - { - "title": "What is Red Hat Enterprise Linux (RHEL) - Red Hat", - "url": "https://www.redhat.com/en/topics/linux/what-is-rhel", - "type": "article" - }, { "title": "Learn Linux 101", "url": "https://developer.ibm.com/series/learn-linux-101/", "type": "article" + }, + { + "title": "What is Red Hat Enterprise Linux?", + "url": "https://www.youtube.com/watch?v=HEBvdSI0wGQ", + "type": "video" } ] }, "PiPHFimToormOPl1EtEe8": { "title": "FreeBSD", - "description": "FreeBSD is a free and open-source Unix-like operating system including many features such as preemptive multitasking, memory protection, virtual memory, and multi-user facilities.\n\nVisit the following resources to learn more:", + "description": "FreeBSD is a free, open-source Unix-like operating system descended from the Berkeley Software Distribution (BSD). Known for its stability, performance, and advanced networking capabilities, FreeBSD is popular for server environments, embedded systems, and as a basis for network appliances. It features a monolithic kernel, a comprehensive set of userland utilities, and a ports collection for easy software installation. FreeBSD supports a wide range of architectures and includes advanced features like the ZFS file system, jails for containerization, and the pf packet filter. While less common in desktop environments, it's widely used in internet infrastructure, storage systems, and by companies requiring a robust, customizable OS with a permissive license.\n\nVisit the following resources to learn more:", "links": [ { "title": "FreeBSD Website", "url": "https://www.freebsd.org/", "type": "article" }, + { + "title": "FreeBSD Resources for Newbies", + "url": "https://www.freebsd.org/projects/newbies/", + "type": "article" + }, { "title": "Official FreeBSD Documentation", "url": "https://docs.freebsd.org/en/", @@ -374,15 +329,15 @@ "type": "article" }, { - "title": "FreeBSD Resources for Newbies", - "url": "https://www.freebsd.org/projects/newbies/", - "type": "article" + "title": "FreeBSD in 100 Seconds", + "url": "https://www.youtube.com/watch?v=NKHzcXwTdB4", + "type": "video" } ] }, "97cJYKqv7CPPUXkKNwM4x": { "title": "OpenBSD", - "description": "OpenBSD is a free and open-source Unix-like operating system, focussed on portability, standardization, correctness, proactive security and integrated cryptography. The popular software application [OpenSSH](https://www.openssh.com/) is developed by from OpenBSD\n\nVisit the following resources to learn more:", + "description": "OpenBSD is a free, open-source Unix-like operating system known for its strong focus on security, code correctness, and proactive approach to eliminating vulnerabilities. It's renowned for its stringent code review process, integrated cryptography, and default security features like stack protection and memory safeguards. OpenBSD pioneered many security innovations, including OpenSSH, and maintains a \"secure by default\" philosophy. The system is prized for its comprehensive documentation, clean and consistent codebase, and adherence to standards. While primarily used in server environments, especially for firewalls and network appliances, OpenBSD also supports desktop use. Its emphasis on security and stability makes it popular in high-security environments and among developers focused on system-level programming and network security.\n\nVisit the following resources to learn more:", "links": [ { "title": "OpenBSD Website", @@ -390,25 +345,15 @@ "type": "article" }, { - "title": "Official OpenBSD Documentation", - "url": "https://man.openbsd.org/search", - "type": "article" - }, - { - "title": "OpenBSD Handbook", - "url": "https://www.openbsdhandbook.com/", - "type": "article" - }, - { - "title": "OpenBSD Installation Guide", - "url": "https://www.openbsd.org/faq/faq4.html", - "type": "article" + "title": "Installing OpenBSD on the Fastest iMac G3", + "url": "https://www.youtube.com/watch?v=-7gSMEsF3Q0", + "type": "video" } ] }, "haiYSwNt3rjiiwCDszPk1": { "title": "NetBSD", - "description": "NetBSD is a free, fast, secure, and highly portable Unix-like Open Source operating system. It is available for a wide range of platforms, from large-scale servers and powerful desktop systems to handheld and embedded devices.\n\nVisit the following resources to learn more:", + "description": "NetBSD is a free, open-source Unix-like operating system descended from Berkeley Software Distribution (BSD). It's known for its high portability, supporting a wide range of hardware platforms from large-scale servers to embedded devices. NetBSD emphasizes clean design, well-written code, and adherence to standards. It features a modular kernel architecture, making it adaptable to various environments. NetBSD includes advanced features like kernel ASLR (Address Space Layout Randomization) for enhanced security. It's particularly popular in research environments, embedded systems, and among users who value system consistency across different hardware. While less common in desktop environments, NetBSD's focus on portability and clean code makes it a favorite for cross-platform development and specialized computing applications.\n\nVisit the following resources to learn more:", "links": [ { "title": "NetBSD Website", @@ -429,7 +374,7 @@ }, "UOQimp7QkM3sxmFvk5d3i": { "title": "Windows", - "description": "Windows is a graphical user interface (GUI) based operating system developed by Microsoft. It is a hybrid kernel-based proprietary operating system. According to a survey, till April 2022, windows is the most popular operating system in the world with a 75% market share.\n\nVisit the following resources to learn more:", + "description": "Windows is a series of operating systems developed by Microsoft, widely used across personal, business, and server environments. It provides a graphical user interface (GUI) that simplifies interaction with the computer, featuring a desktop environment with icons, windows, and menus. Key versions include Windows 10, known for its user-friendly interface and support for modern applications, and Windows 11, which introduces a refreshed design and new features like improved virtual desktops and enhanced security. Windows supports a wide range of software applications and hardware devices, making it a versatile and popular choice for many users and organizations.\n\nVisit the following resources to learn more:", "links": [ { "title": "Microsoft Windows", @@ -445,6 +390,11 @@ "title": "Explore top posts about Windows", "url": "https://app.daily.dev/tags/windows?ref=roadmapsh", "type": "article" + }, + { + "title": "40 Windows Commands you NEED to know", + "url": "https://www.youtube.com/watch?v=Jfvg3CS1X3A&", + "type": "video" } ] }, @@ -461,7 +411,7 @@ }, "x-JWvG1iw86ULL9KrQmRu": { "title": "Process Monitoring", - "description": "A process is an instance of a computer program that is being executed. Each process is identified by a unique number called a process ID (PID). A process is a running program. The operating system tracks processes through the use of process identifiers. A process identifier (PID) is a unique number that identifies a specific process. A PID is automatically assigned to each process when it is created on the system.\n\nThere are several linux commands that can be used to monitor processes. The most common ones are:\n\n* `ps` - report a snapshot of the current processes.\n* `top` - display Linux processes.\n* `htop` - interactive process viewer.\n* `atop` - advanced interactive monitor to view the load on a Linux system.\n* `lsof` - list open files.\n\nThe `ps` utility displays a header line, followed by lines containing information about all of your processes that have controlling terminals.\n\n* [@article@ps Documentation](https://man7.org/linux/man-pages/man1/ps.1.html)\n* [@article@ps Cheat Sheet](https://www.sysadmin.md/ps-cheatsheet.html)\n* [@video@Linux Crash Course - The ps Command](https://www.youtube.com/watch?v=wYwGNgsfN3I)\n\nThe `top` program periodically displays a sorted list of system processes. The default sorting key is pid, but other keys can be used instead. Various output options are available.\n\n* [@article@top Documentation](https://man7.org/linux/man-pages/man1/top.1.html)\n* [@article@top Cheat Sheet](https://gist.github.com/ericandrewlewis/4983670c508b2f6b181703df43438c37)\n\nhtop is a cross-platform ncurses-based process. It is similar to top, but allows you to scroll vertically and horizontally, and interact using a pointing device (mouse). You can observe all processes running on the system, along with their command line arguments, as well as view them in a tree format, select multiple processes and act on them all at once.\n\n* [@article@htop Documentation](https://www.man7.org/linux/man-pages/man1/htop.1.html)\n* [@article@htop Cheat Sheet](https://www.maketecheasier.com/power-user-guide-htop/)\n\nLsof lists on its standard output file information about files opened by processes.", + "description": "Process monitoring is the continuous observation and analysis of processes within an IT system or organization to ensure optimal performance, efficiency, and compliance. It involves tracking key metrics, resource utilization, and behaviors of individual processes or applications running on a system. This practice helps identify anomalies, bottlenecks, or potential issues before they impact overall system performance or user experience. Process monitoring tools typically provide real-time data on CPU usage, memory consumption, I/O operations, and thread activity. They often include features for alerting, logging, and visualization of process data. In modern IT environments, process monitoring is crucial for maintaining system stability, optimizing resource allocation, troubleshooting performance issues, and supporting capacity planning in complex, distributed systems.\n\nLsof lists on its standard output file information about files opened by processes.", "links": [ { "title": "lsof Cheat Sheet", @@ -487,7 +437,7 @@ }, "gIEQDgKOsoEnSv8mpEzGH": { "title": "Performance Monitoring", - "description": "There are many tools available to monitor the performance of your application. Some of the most popular are:\n\n* `nmon` - A system monitor tool for Linux and AIX systems.\n* `iostat` - A tool that reports CPU statistics and input/output statistics for devices, partitions and network filesystems.\n* `sar` - A system monitor command used to report on various system loads, including CPU activity, memory/paging, device load, network.\n* `vmstat` - A tool that reports virtual memory statistics.\n\nNmon is a fully interactive performance monitoring command-line utility tool for Linux. It is a benchmark tool that displays performance about the cpu, memory, network, disks, file system, nfs, top processes, resources, and power micro-partition.\n\n* [@article@nmon Documentation](https://www.ibm.com/docs/en/aix/7.2?topic=n-nmon-command)\n\nThe iostat command in Linux is used for monitoring system input/output statistics for devices and partitions. It monitors system input/output by observing the time the devices are active in relation to their average transfer rates. The iostat produce reports may be used to change the system configuration to raised balance the input/output between the physical disks.\n\n* [@article@iostat Documentation](https://man7.org/linux/man-pages/man1/iostat.1.html)\n\nShort for **S**ystem **A**ctivity **R**eport, `sar` is a command line tool for Unix and Unix-like operating systems that shows a report of different information about the usage and activity of resources in the operating system.\n\n* [@article@SAR Man Page](https://man7.org/linux/man-pages/man1/sar.1.html)\n* [@article@SAR Man Page 2](https://linux.die.net/man/1/sar)\n* [@article@Sar tutorial for beginners](https://linuxhint.com/sar_linux_tutorial/)\n\nShort for **V**irtual **m**emory **stat**istic reporter, `vmstat` is a command line tool for Unix and Unix-like operating systems that reports various information about the operating system such as memory, paging, processes, I/O, CPU and disk usage.\n\nLearn more from the following resources:", + "description": "Performance monitoring is the systematic observation and measurement of an IT system's operational efficiency and effectiveness. It involves collecting, analyzing, and reporting on key performance indicators (KPIs) across various components including applications, networks, servers, and databases. This process uses specialized tools to track metrics such as response time, throughput, resource utilization, and error rates. Performance monitoring helps identify bottlenecks, predict potential issues, and optimize system resources. It's crucial for maintaining service level agreements (SLAs), ensuring user satisfaction, and supporting capacity planning. In modern IT environments, performance monitoring often incorporates real-time analytics, AI-driven insights, and automated alerting systems, enabling proactive management of complex, distributed systems and supporting continuous improvement in IT operations and service delivery.\n\nLearn more from the following resources:", "links": [ { "title": "Linux commands: exploring virtual memory with vmstat", @@ -513,7 +463,7 @@ }, "OaqKLZe-XnngcDhDzCtRt": { "title": "Networking Tools", - "description": "Networking tools are used to troubleshoot network issues. They are also used to monitor network traffic and to test network connectivity. Some of the most common networking tools are:\n\n* `traceroute` - Traces the route taken by packets over an IP network.\n* `ping` - sends echo request packets to a host to test the Internet connection.\n* `mtr` - Combines the functionality of `traceroute` and `ping` into a single diagnostic tool.\n* `nmap` - Scans hosts for open ports.\n* `netstat` - Displays network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.\n* `ufw` and `firewalld` - Firewall management tools.\n* `iptables` and `nftables` - Firewall management tools.\n* `tcpdump` - Dumps traffic on a network.\n* `dig` - DNS lookup utility.\n* `scp` - Secure copy.\n\n`traceroute` command is a command in Linux that prints the route a network packet takes from its source (e.g. your computer) to the destination host (e.g., [roadmap.sh](http://roadmap.sh)). It is quite valuable in investigating slow network connections as it can help us spot the slow leg of the network packet journey through the internet.\n\n* [How to Run Traceroute in Linux](https://linuxhint.com/run_traceroute_linux/)\n\n`ping` (**P**acket **In**ternet **G**roper) command is used to check the network connectivity between host and server/host. This command takes as input the IP address or hostname and sends a data packet to the specified address with the message “PING” and get a response from the server/host this time is recorded which is called latency.\n\n* [What is ping command?](https://linuxize.com/post/linux-ping-command/)\n\n`mtr` combines the functionality of the traceroute and ping programs in a single network diagnostic tool.\n\n* [Javatpoint: Linux mtr Command](https://www.javatpoint.com/linux-mtr)\n* [mtr Linux command](https://www.tutorialspoint.com/unix_commands/mtr.htm)\n* [How to traceroute use mtr command in Linux](https://www.devopsroles.com/how-to-traceroute-use-mtr-command-in-linux/)\n\nNMAP stands for Network Mapper and is an open-source tool used to explore and audit the network's security, such as checking firewalls and scanning ports.\n\n* [NMAP Official Manual Book](https://nmap.org/book/man.html)\n\nNetstat is a command line utility to display all the network connections on a system. It displays all the tcp, udp and unix socket connections. Apart from connected sockets it also displays listening sockets that are waiting for incoming connections.\n\n* [netstat command in Linux with Examples](https://www.tutorialspoint.com/unix_commands/netstat.htm)\n* [Netstat Tutorial](http://www.c-jump.com/CIS24/Slides/Networking/html_utils/netstat.html)\n* [Netstat Commands - Network Administration Tutorial](https://www.youtube.com/watch?v=bxFwpm4IobU)\n* [Linux Command Line Tutorial For Beginners - netstat command](https://www.youtube.com/watch?v=zGNcvBaN5wE)\n\nUFW, or _uncomplicated firewall_, is command-line based utility for managing firewall rules in Arch Linux, Debian and Ubuntu. It's aim is to make firewall configuration as simple as possible. It is a frontend for the `iptables` firewalling tool.\n\n* [ufw Documentation](https://manpages.ubuntu.com/manpages/trusty/man8/ufw.8.html)\n* [Basic Introduction to UFW](https://www.linux.com/training-tutorials/introduction-uncomplicated-firewall-ufw/)\n* [UFW Essentials](https://www.digitalocean.com/community/tutorials/ufw-essentials-common-firewall-rules-and-commands)\n\nIPtables is a command-line firewall utility that uses policy chains to allow or block traffic that will be enforced by the linux kernel’s netfilter framework. Iptables packet filtering mechanism is organized into three different kinds of structures: tables, chains and targets.\n\n* [Iptables tutorial](https://www.hostinger.in/tutorials/iptables-tutorial)\n* [Beginners to Advanced Guide Iptables](https://erravindrapawadia.medium.com/iptables-tutorial-beginners-to-advanced-guide-to-linux-firewall-839e10501759)\n\n`tcpdump` is a command line tool used for analysing network traffic passing through your system. It can be used to capture and filter packets and display them in a human-readable format. The captured information can be analysed at a later date as well.\n\n* [tcpdump Documentation](https://www.tcpdump.org/manpages/tcpdump.1.html)\n* [Basic Introduction to Tcpdump](https://opensource.com/article/18/10/introduction-tcpdump)\n* [50 ways to isolate traffic with Tcpdump](https://danielmiessler.com/study/tcpdump/)\n* [Interpreting Tcpdump output and data](https://www.youtube.com/watch?v=7bsQP9sKHrs)\n\n`dig` command stands for **D**omain **I**nformation **G**roper. It is used for retrieving information about DNS name servers. It is mostly used by network administrators for verifying and troubleshooting DNS problems and to perform DNS lookups. It replaces older tools such as `nslookup` and the `host`.\n\n* [More on dig](https://linuxize.com/post/how-to-use-dig-command-to-query-dns-in-linux/)\n* [What is DNS?](https://www.cloudflare.com/en-gb/learning/dns/what-is-dns/)\n\n`SCP` is an acronym for Secure Copy [Protocol.It](http://Protocol.It) is a command line utility that allows the user to securely copy files and directories between two locations usually between unix or linux systems.The protocol ensures the transmission of files is encrypted to prevent anyone with suspicious intentions from getting sensitive information.`SCP` uses encryption over an `SSH` (Secure Shell) connection, this ensures that the data being transferred is protected from suspicious attacks.\n\nLearn more from the following resources:", + "description": "Networking tools are essential software utilities used for monitoring, analyzing, troubleshooting, and managing computer networks. They include a wide range of applications such as Wireshark for deep packet analysis, Nmap for network scanning and security auditing, Ping for testing basic connectivity, Traceroute for visualizing network paths, Netstat for displaying network connections, Tcpdump for command-line packet capture, Iperf for performance testing, Netcat for various network operations, Nslookup/Dig for DNS queries, and PuTTY for remote access via SSH or telnet. These tools collectively enable network administrators and security professionals to diagnose issues, optimize performance, conduct security assessments, and maintain the overall health and efficiency of network infrastructures, ranging from small local networks to large-scale enterprise environments.\n\nLearn more from the following resources:", "links": [ { "title": "10 SCP command examples", @@ -524,29 +474,44 @@ "title": "SCP command explained", "url": "https://phoenixnap.com/kb/linux-scp-command", "type": "article" + }, + { + "title": "Top 5 Linux Networking Commands", + "url": "https://www.youtube.com/watch?v=MT85eMsMN6o", + "type": "video" + }, + { + "title": "60 Linux Commands you NEED to know", + "url": "https://www.youtube.com/watch?v=gd7BXuUQ91w", + "type": "video" } ] }, "cUifrP7v55psTb20IZndf": { "title": "Text Manipulation", - "description": "Some of the most common commands you will use in the terminal are text manipulation commands. These commands allow you to search, replace, and manipulate text in files and streams. Here are some of the most common commands you will use:\n\n* `awk` - A programming language designed for text processing and typically used as a data extraction and reporting tool.\n* `sed` - A stream editor for filtering and transforming text.\n* `grep` - A command-line utility for searching plain-text data sets for lines that match a regular expression.\n* `sort` - A command-line utility for sorting lines of text files.\n* `cut` - A command-line utility for cutting sections from each line of files.\n* `uniq` - A command-line utility for reporting or omitting repeated lines.\n* `cat` - A command-line utility for concatenating files and printing on the standard output.\n* `echo` - A command-line utility for displaying a line of text.\n* `fmt` - A command-line utility for simple optimal text formatting.\n* `tr` - A command-line utility for translating or deleting characters.\n* `nl` - A command-line utility for numbering lines of files.\n* `wc` - A command-line utility for printing newline, word, and byte counts for files.\n\n`awk` is a general-purpose scripting language used for manipulating data or text and generating reports in the Linux world. It is mostly used for pattern scanning and processing. It searches one or more files to see if they contain lines that match the specified patterns and then performs the associated actions.\n\n* [@article@How AWK works?](https://linuxize.com/post/awk-command/)\n* [@video@Linux Crash Course - awk](https://www.youtube.com/watch?v=oPEnvuj9QrI)\n\n`sed`(**S**tream **Ed**itor) command in UNIX can perform lots of functions on file like searching, finding and replacing, insertion or deletion. By using SED you can edit files even without opening them in editors like [VI Editor](https://www.redhat.com/sysadmin/introduction-vi-editor).\n\n* [@article@Detailed Manual](https://www.gnu.org/software/sed/manual/sed.html)\n* [@video@Linux Crash Course - The sed Command](https://www.youtube.com/watch?v=nXLnx8ncZyE&t=218s)\n\nThe `grep` command (**g**lobal search for **r**egular **e**xpression and **p**rint out) searches file(s) for a particular pattern of characters, and displays all lines that contain that pattern. It can be used with other commands like `ps` making it more useful.\n\n* [@article@Detailed Manual](https://www.gnu.org/software/grep/manual/grep.html)\n* [@video@Linux Crash Course - The grep Command](https://www.youtube.com/watch?v=Tc_jntovCM0)\n\n`sort` command is used to sort the contents of a file in a particular order. By default, it sorts a file assuming the contents are in ASCII. But it also can also be used to sort numerically by using appropriate options.\n\n* [@article@Options](https://en.wikipedia.org/wiki/Sort_\\(Unix\\))\n\nThe cut utility cuts out selected portions of each line (as specified by list) from each file and writes them to the standard output.\n\n* [@article@cut Documentation](https://man7.org/linux/man-pages/man1/cut.1.html)\n* [@article@cut Cheat Sheet](https://bencane.com/2012/10/22/cheat-sheet-cutting-text-with-cut/)\n\nThe uniq utility reads the specified input\\_file comparing adjacent lines, and writes a copy of each unique input line to the output\\_file.\n\n* [@article@uniq Documentation](https://man7.org/linux/man-pages/man1/uniq.1.html)\n\n`cat` (concatenate) command is very frequently used in Linux. It reads data from the file and gives its content as output. It helps us to create, view, and concatenate files.\n\n* [@article@Cat Command with examples](https://www.tecmint.com/13-basic-cat-command-examples-in-linux/)\n* [@article@Options](https://en.wikipedia.org/wiki/Cat_\\(Unix\\))\n\n`echo` is a built-in command in Linux used to display lines of text/string that are passed as an argument. It is mostly used in shell scripts and batch files to output status text or `ENV` variables to the screen or a file.\n\n* [@article@Echo command with Examples](https://www.tecmint.com/echo-command-in-linux/)\n* [@video@Linux Crash Course - The echo Command](https://www.youtube.com/watch?v=S_ySzMHxMjw)\n\n`fmt` command is for formatting and optimizing contents in text files. It will be really useful when it comes to beautify large text files by setting uniform column width and spaces.\n\n* [@article@Fmt command with Examples](https://www.devopsroles.com/fmt-command-in-linux-with-example/)\n\nThe tr utility copies the standard input to the standard output with substitution or deletion of selected characters.\n\n* [@article@tr Documentation](https://linuxcommand.org/lc3_man_pages/tr1.html)\n* [@article@tr Cheat Sheet](https://linuxopsys.com/topics/tr-command-in-linux)\n\nThe nl utility reads lines from the named file or the standard input if the file argument is omitted, applies a configurable line numbering filter operation and writes the result to the standard output.\n\n* [@article@nl Documentation](https://man7.org/linux/man-pages/man1/nl.1.html)\n\nThe wc utility displays the number of lines, words, and bytes contained in each input file, or standard input (if no file is specified) to the standard output.", + "description": "Text manipulation tools are utilities or software that enable users to modify, process, and transform text data efficiently. These tools are often used in scripting, data cleaning, and automation tasks. Common text manipulation tools include `sed` (stream editor) for search and replace, `awk` for pattern scanning and data extraction, and `grep` for searching text using regular expressions. Other popular tools include `cut`, `sort`, `tr`, and `uniq` for various text processing functions. These command-line tools are commonly used in UNIX/Linux environments to handle large text files, automate workflows, and perform complex text transformations.\n\nLearn more from the following resources:", "links": [ { - "title": "wc Documentation", - "url": "https://linux.die.net/man/1/wc", + "title": "Linux Text Processing Command", + "url": "https://earthly.dev/blog/linux-text-processing-commands/", "type": "article" }, { - "title": "wc Cheat Sheet", - "url": "https://onecompiler.com/cheatsheets/wc", - "type": "article" + "title": "Learning Awk Is Essential For Linux Users", + "url": "https://www.youtube.com/watch?v=9YOZmI-zWok", + "type": "video" } ] }, "syBIAL1mHbJLnTBoSxXI7": { "title": "Bash", - "description": "Bash scripts are a type of shell script that uses the Bash shell command language. Bash, which stands for \"Bourne-Again SHell\", is a Unix shell and command-line interpreter written by Brian Fox for the GNU Project.\n\nA Bash script is a text file that contains a series of commands that are executed in order when the script is run. These commands can be a combination of Bash built-in commands, external commands, and shell functions. Bash scripts are typically used to automate repetitive tasks, simplify complex commands, and perform system administration tasks.\n\nBash scripts usually have a .sh extension and are executable files. To run a Bash script, you need to give it execute permissions using the chmod command, and then you can run it by typing `./script_name.sh` in the terminal.\n\nVisit the following resources to learn more:", + "description": "Bash (Bourne Again Shell) is a powerful Unix shell and command language interpreter, serving as the default shell for most Linux distributions and macOS. It provides a command-line interface for interacting with the operating system, executing commands, and automating tasks through shell scripts. Bash supports variables, control structures, functions, and command substitution, making it versatile for system administration, DevOps tasks, and general-purpose scripting. Its ability to pipe commands, redirect input/output, and utilize a vast array of built-in commands and utilities makes it an essential tool for developers and system administrators in managing and automating workflows in Unix-like environments.\n\nVisit the following resources to learn more:", "links": [ + { + "title": "Bash Scripting Tutorial for Beginners", + "url": "https://www.youtube.com/watch?v=tK9Oc6AEnR4", + "type": "course" + }, { "title": "Interactive Shell Scripting Tutorial", "url": "https://www.learnshell.org/en/Welcome", @@ -561,12 +526,17 @@ "title": "Explore top posts about Bash", "url": "https://app.daily.dev/tags/bash?ref=roadmapsh", "type": "article" + }, + { + "title": "Bash in 100 Seconds", + "url": "https://www.youtube.com/watch?v=I4EWvMFj37g", + "type": "video" } ] }, "z6IBekR8Xl-6f8WEb05Nw": { "title": "Power Shell", - "description": "Windows PowerShell is a command-line shell and scripting language designed specifically for system administration. Its counterpart in Linux is called Bash Scripting. Built on the .NET Framework, Windows PowerShell enables IT professionals to control and automate the administration of the Windows operating system and applications that run in a Windows Server environment.\n\nLearn more from the following resources:", + "description": "PowerShell is a task automation and configuration management framework from Microsoft, consisting of a command-line shell and associated scripting language. Built on the .NET framework, PowerShell provides full access to COM and WMI, enabling administrators to perform administrative tasks on both local and remote Windows systems. It uses cmdlets (pronounced \"command-lets\") for performing actions, and a pipe system for chaining these commands together. PowerShell's object-based nature, as opposed to text-based output, allows for more efficient data manipulation. With its extensive scripting capabilities, support for aliases, and integration with various Microsoft and third-party products, PowerShell has become a powerful tool for automating system administration tasks, managing cloud resources, and developing DevOps practices in Windows-centric environments.\n\nLearn more from the following resources:", "links": [ { "title": "PowerShell Documentation", @@ -577,28 +547,23 @@ "title": "Explore top posts about PowerShell", "url": "https://app.daily.dev/tags/powershell?ref=roadmapsh", "type": "article" + }, + { + "title": "Learn PowerShell in Less Than 2 Hours", + "url": "https://www.youtube.com/watch?v=ZOoCaWyifmI", + "type": "video" } ] }, "Jt8BmtLUH6fHT2pGKoJs3": { "title": "Vim / Nano / Emacs", - "description": "Editors are tools that allow you to create or edit files on your file system.\n\nVim\n---\n\nVim is a highly configurable text editor built to make creating and changing any kind of text very efficient. It is included as \"vi\" with most UNIX systems and with macOS X.\n\nVim ships with `vimtutor` that is a tutor designed to describe enough of the Vim commands that you will be able to easily use Vim as an all-purpose editor.\n\nVisit the following resources to learn more:", + "description": "Text editors are software tools used for creating, editing, and managing text files. They range from simple editors with basic features to complex Integrated Development Environments (IDEs). Popular text editors include:\n\n* **Notepad**: A basic editor for Windows, suitable for simple text files.\n* **Vim**: A highly configurable and powerful editor known for its efficiency and modal interface.\n* **Emacs**: A versatile editor with extensive customization options and a wide range of plugins.\n* **Sublime Text**: A feature-rich editor with a focus on speed and a user-friendly interface.\n* **Visual Studio Code**: A modern, open-source editor with built-in support for debugging, extensions, and integration with various development tools.\n\nEach editor offers different features, such as syntax highlighting, code completion, and version control integration, catering to diverse needs in programming and text processing. Visit the following resources to learn more:", "links": [ { "title": "Vim", "url": "https://www.vim.org", "type": "article" }, - { - "title": "Vim help files", - "url": "https://vimhelp.org/", - "type": "article" - }, - { - "title": "Vim Tips Wiki", - "url": "https://vim.fandom.com/wiki/Vim_Tips_Wiki", - "type": "article" - }, { "title": "Vim Adventures", "url": "https://vim-adventures.com/", @@ -610,47 +575,72 @@ "type": "article" }, { - "title": "GNU Nano Manual", - "url": "https://www.nano-editor.org/dist/latest/nano.html", + "title": "GNU Emacs", + "url": "https://www.gnu.org/software/emacs/", "type": "article" }, { - "title": "PowerShell Documentation", - "url": "https://learn.microsoft.com/en-us/powershell/", - "type": "article" + "title": "Vim Tutorial for Beginners", + "url": "https://www.youtube.com/watch?v=RZ4p-saaQkc", + "type": "video" }, { - "title": "GNU Emacs", - "url": "https://www.gnu.org/software/emacs/", - "type": "article" + "title": "Linux Crash Course - nano", + "url": "https://www.youtube.com/watch?v=DLeATFgGM-A", + "type": "video" }, { - "title": "GNU Emacs Documentation", - "url": "https://www.gnu.org/software/emacs/documentation.html", - "type": "article" + "title": "The Absolute Beginner's Guide to Emacs", + "url": "https://www.youtube.com/watch?v=48JlgiBpw_I", + "type": "video" } ] }, "LvhFmlxz5uIy7k_nzx2Bv": { "title": "Version Control Systems", - "description": "Version control/source control systems allow developers to track and control changes to code over time. These services often include the ability to make atomic revisions to code, branch/fork off of specific points, and to compare versions of code. They are useful in determining the who, what, when, and why code changes were made.\n\nVisit the following resources to learn more:", + "description": "Version control systems (VCS) are tools that track changes to code and files over time, enabling multiple users to collaborate on projects, maintain history, and manage different versions of codebases. They help in tracking modifications, merging changes, and resolving conflicts. There are two main types of VCS: centralized and distributed. Centralized systems (like Subversion and CVS) rely on a single central repository, while distributed systems (like Git and Mercurial) allow each user to have a complete copy of the repository, including its history. Distributed VCSs, such as Git, are particularly popular for their flexibility, branching capabilities, and robust support for collaborative workflows.\n\nVisit the following resources to learn more:", "links": [ + { + "title": "Learn Git & GitHub", + "url": "https://roadmap.sh/git-github", + "type": "article" + }, { "title": "Git", "url": "https://git-scm.com/", "type": "article" }, + { + "title": "Mecurial", + "url": "https://www.mercurial-scm.org/", + "type": "article" + }, + { + "title": "Subversion", + "url": "https://subversion.apache.org/", + "type": "article" + }, { "title": "What is Version Control?", "url": "https://www.atlassian.com/git/tutorials/what-is-version-control", "type": "article" + }, + { + "title": "Version Control System (VCS)", + "url": "https://www.youtube.com/watch?v=SVkuliabq4g", + "type": "video" } ] }, "uyDm1SpOQdpHjq9zBAdck": { "title": "Git", - "description": "[Git](https://git-scm.com/) is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency.\n\nVisit the following resources to learn more:", + "description": "Git is a distributed version control system designed to track changes in source code during software development. It allows multiple developers to work on the same project simultaneously, maintaining a complete history of modifications. Git features local repositories on each developer's machine, enabling offline work and fast operations. It supports non-linear development through branching and merging, facilitating parallel work streams. Git's distributed nature enhances collaboration, backup, and experimentation. Key concepts include commits, branches, merges, and remote repositories. With its speed, flexibility, and robust branching and merging capabilities, Git has become the standard for version control in modern software development, powering platforms like GitHub and GitLab.\n\nVisit the following resources to learn more:", "links": [ + { + "title": "Learn Git & GitHub", + "url": "https://roadmap.sh/git-github", + "type": "article" + }, { "title": "Learn Git with Tutorials, News and Tips - Atlassian", "url": "https://www.atlassian.com/git", @@ -679,8 +669,8 @@ "links": [ { "title": "GitHub", - "url": "https://github.com/features/", - "type": "opensource" + "url": "https://github.com", + "type": "article" }, { "title": "GitLab", @@ -693,24 +683,24 @@ "type": "article" }, { - "title": "How to choose the best source code repository", - "url": "https://bitbucket.org/product/code-repository", - "type": "article" + "title": "Github vs Gitlab vs Bitbucket - Which Is Better?", + "url": "https://www.youtube.com/watch?v=FQGXIIqziQg", + "type": "video" } ] }, "ot9I_IHdnq2yAMffrSrbN": { "title": "GitHub", - "description": "GitHub is a provider of Internet hosting for software development and version control using Git. It offers the distributed version control and source code management functionality of Git, plus its own features.\n\nVisit the following resources to learn more:", + "description": "GitHub is a web-based platform for version control and collaboration using Git. It provides cloud-based Git repository hosting, offering features like bug tracking, task management, and project wikis. GitHub facilitates code review through pull requests, supports issue tracking, and enables social coding with features like forking and starring repositories. It offers both public and private repositories, making it popular for open-source projects and private development. GitHub's ecosystem includes integrations with various development tools and CI/CD platforms. With features like GitHub Actions for automation, GitHub Packages for package management, and GitHub Pages for web hosting, it serves as a comprehensive platform for software development workflows, fostering collaboration among developers worldwide. Visit the following resources to learn more:", "links": [ { - "title": "GitHub Website", - "url": "https://github.com", - "type": "opensource" + "title": "Learn Git & GitHub", + "url": "https://roadmap.sh/git-github", + "type": "article" }, { - "title": "GitHub Documentation", - "url": "https://docs.github.com/en/get-started/quickstart", + "title": "GitHub Website", + "url": "https://github.com", "type": "article" }, { @@ -725,29 +715,14 @@ }, { "title": "What is GitHub?", - "url": "https://www.youtube.com/watch?v=w3jLJU7DT5E", - "type": "video" - }, - { - "title": "Git vs. GitHub: Whats the difference?", - "url": "https://www.youtube.com/watch?v=wpISo9TNjfU", - "type": "video" - }, - { - "title": "Git and GitHub for Beginners", - "url": "https://www.youtube.com/watch?v=RGOj5yH7evk", - "type": "video" - }, - { - "title": "Git and GitHub - CS50 Beyond 2019", - "url": "https://www.youtube.com/watch?v=eulnSXkhE7I", + "url": "https://www.youtube.com/watch?v=pBy1zgt0XPc", "type": "video" } ] }, "oQIB0KE0BibjIYmxrpPZS": { "title": "GitLab", - "description": "GitLab is a provider of internet hosting for software development and version control using Git. It offers the distributed version control and source code management functionality of Git, plus its own features.\n\nVisit the following resources to learn more:", + "description": "GitLab is a web-based DevOps lifecycle tool that provides a Git repository manager with wiki, issue tracking, and CI/CD pipeline features. It offers a complete DevOps platform, delivered as a single application, covering the entire software development lifecycle from planning to monitoring. GitLab supports both cloud-hosted and self-hosted options, catering to various organizational needs. Key features include integrated CI/CD, container registry, package registry, and security scanning tools. It emphasizes innersource methodologies, allowing teams to collaborate more effectively within an organization. GitLab's built-in DevOps capabilities, coupled with its focus on a single, integrated platform, make it popular for organizations seeking to streamline their development processes and implement DevOps practices efficiently.\n\nVisit the following resources to learn more:", "links": [ { "title": "GitLab Website", @@ -763,31 +738,26 @@ "title": "Explore top posts about GitLab", "url": "https://app.daily.dev/tags/gitlab?ref=roadmapsh", "type": "article" + }, + { + "title": "Gitlab Explained: What is Gitlab and Why Use It?", + "url": "https://www.youtube.com/watch?v=bnF7f1zGpo4", + "type": "video" } ] }, "Z7SsBWgluZWr9iWb2e9XO": { "title": "Bitbucket", - "description": "Bitbucket is a Git based hosting and source code repository service that is Atlassian's alternative to other products like GitHub, GitLab etc\n\nBitbucket offers hosting options via Bitbucket Cloud (Atlassian's servers), Bitbucket Server (customer's on-premise) or Bitbucket Data Centre (number of servers in customers on-premise or cloud environment)\n\nVisit the following resources to learn more:", + "description": "Bitbucket is a web-based version control repository hosting service owned by Atlassian, primarily used for source code and development projects that use Git or Mercurial revision control systems. It offers both cloud-based and self-hosted options, integrating seamlessly with other Atlassian tools like Jira and Trello. Bitbucket provides features such as pull requests, code reviews, CI/CD pipelines through Bitbucket Pipelines, and built-in wikis for documentation. It supports private repositories for free, making it popular among small teams and enterprises alike. With its focus on team collaboration, project management, and deployment automation, Bitbucket serves as a comprehensive platform for the entire software development lifecycle.\n\nVisit the following resources to learn more:", "links": [ { "title": "Bitbucket Website", - "url": "https://bitbucket.org/product", + "url": "https://bitbucket.org", "type": "article" }, { - "title": "A brief overview of Bitbucket", - "url": "https://bitbucket.org/product/guides/getting-started/overview#a-brief-overview-of-bitbucket", - "type": "article" - }, - { - "title": "Getting started with Bitbucket", - "url": "https://bitbucket.org/product/guides/basics/bitbucket-interface", - "type": "article" - }, - { - "title": "Using Git with Bitbucket Cloud", - "url": "https://www.atlassian.com/git/tutorials/learn-git-with-bitbucket-cloud", + "title": "Git and Bitbucket Introduction", + "url": "https://www.w3schools.com/git/git_intro.asp?remote=bitbucket", "type": "article" }, { @@ -799,11 +769,6 @@ "title": "Bitbucket tutorial | How to use Bitbucket Cloud", "url": "https://www.youtube.com/watch?v=M44nEyd_5To", "type": "video" - }, - { - "title": "Bitbucket Tutorial | Bitbucket for Beginners", - "url": "https://www.youtube.com/watch?v=i5T-DB8tb4A", - "type": "video" } ] }, @@ -814,7 +779,7 @@ }, "F93XnRj0BLswJkzyRggLS": { "title": "Forward Proxy", - "description": "Forward Proxy, often called proxy server is a server that sits in front of a group of **client machines**. When those computers make requests to sites and services on the Internet, the proxy server intercepts those requests and then communicates with web servers on behalf of those clients, like a middleman.\n\n**Common Uses:**\n\n* To block access to certain content\n* To protect client identity online\n* To provide restricted internet to organizations\n\nVisit the following resources to learn more:", + "description": "A forward proxy, often simply called a proxy, is a server that sits between client devices and the internet, forwarding requests from clients to web servers. It acts on behalf of clients, potentially providing benefits like anonymity, security, and access control. Forward proxies can cache frequently requested content, filter web traffic, bypass geographical restrictions, and log user activity. They're commonly used in corporate networks to enforce internet usage policies, enhance security by hiding internal network details, and improve performance through caching. Unlike reverse proxies, which serve resources on behalf of servers, forward proxies primarily serve client-side needs, acting as an intermediary for outbound requests to the wider internet.\n\nVisit the following resources to learn more:", "links": [ { "title": "What is Forward Proxy?", @@ -825,6 +790,11 @@ "title": "Forward vs Reverse Proxy", "url": "https://oxylabs.io/blog/reverse-proxy-vs-forward-proxy", "type": "article" + }, + { + "title": "Understanding Proxy, Forward Proxy, and Reverse Proxy", + "url": "https://www.youtube.com/watch?v=HrG0MHkSsCA", + "type": "video" } ] }, @@ -861,7 +831,7 @@ }, "ukOrSeyK1ElOt9tTjCkfO": { "title": "Nginx", - "description": "NGINX is a powerful web server and uses a non-threaded, event-driven architecture that enables it to outperform Apache if configured correctly. It can also do other important things, such as load balancing, HTTP caching, or be used as a reverse proxy.\n\nVisit the following resources to learn more:", + "description": "NGINX is a high-performance, open-source web server, reverse proxy, and load balancer. Known for its efficiency in handling concurrent connections, NGINX uses an event-driven, asynchronous architecture that consumes minimal resources. It excels at serving static content, proxying requests to application servers, and load balancing across multiple backends. NGINX is widely used for its ability to improve website performance, scalability, and security. It supports various protocols including HTTP, HTTPS, SMTP, and WebSocket, and offers features like SSL/TLS termination, caching, and content compression. Popular in both small-scale and enterprise environments, NGINX is a key component in many modern web architectures, particularly in microservices and containerized deployments.\n\nVisit the following resources to learn more:", "links": [ { "title": "Official Website", @@ -882,7 +852,7 @@ }, "dF3otkMMN09tgCzci8Jyv": { "title": "Tomcat", - "description": "Tomcat is an open source implementation of the Jakarta Servlet, Jakarta Server Pages, Jakarta Expression Language, Jakarta WebSocket, Jakarta Annotations and Jakarta Authentication specifications. These specifications are part of the Jakarta EE platform.\n\nVisit the following resources to learn more:", + "description": "Apache Tomcat is an open-source web server and servlet container that implements Java Servlet, JavaServer Pages (JSP), and Java Expression Language (EL) specifications. It is widely used to deploy and manage Java-based web applications. Tomcat provides a robust platform for running Java web applications with features like request handling, session management, and resource pooling. It is known for its performance, scalability, and ease of integration with other Java technologies, making it a popular choice for developers seeking to run Java applications in a production environment.\n\nVisit the following resources to learn more:", "links": [ { "title": "Tomcat Website", @@ -895,15 +865,15 @@ "type": "article" }, { - "title": "Apache Tomcat", - "url": "https://www.youtube.com/c/ApacheTomcatOfficial", + "title": "Apache Tomcat Full Tutorial", + "url": "https://www.youtube.com/watch?v=rElJIPRw5iM", "type": "video" } ] }, "0_GMTcMeZv3A8dYkHRoW7": { "title": "Apache", - "description": "Apache is a free, open-source HTTP server, available on many operating systems, but mainly used on Linux distributions. It is one of the most popular options for web developers, as it accounts for over 30% of all the websites, as estimated by W3Techs.\n\nVisit the following resources to learn more:", + "description": "Apache HTTP Server, commonly known as Apache, is an open-source web server software that serves web content and applications over the internet. It is one of the oldest and most widely used web servers, known for its robustness, flexibility, and extensive feature set. Apache supports various modules that enhance its functionality, such as authentication, URL rewriting, and SSL/TLS encryption. It is highly configurable through its `.conf` files, allowing administrators to tailor the server's behavior to meet specific needs. Apache is compatible with multiple operating systems and integrates with other technologies, making it a popular choice for hosting websites and web applications.\n\nVisit the following resources to learn more:", "links": [ { "title": "Apache Server Website", @@ -919,23 +889,38 @@ "title": "What is Apache Web Server?", "url": "https://www.youtube.com/watch?v=kaaenHXO4t4", "type": "video" + }, + { + "title": "Apache Web Server Setup on Ubuntu 22.04 (with SSL)", + "url": "https://www.youtube.com/watch?v=VXSgEvZKp-8", + "type": "video" } ] }, "54UZNO2q8M5FiA_XbcU_D": { "title": "Caddy", - "description": "Caddy is an open-source web server with automatic HTTPS written in Go. It is easy to configure and use, and it is a great choice for small to medium-sized projects.\n\nVisit the following resources to learn more:", + "description": "Caddy is a modern, open-source web server written in Go, designed to be easy to use, secure, and performant out of the box. It features automatic HTTPS with Let's Encrypt certificate provisioning and renewal, HTTP/2 and HTTP/3 support, and a simple configuration syntax. Caddy can serve static files, reverse proxy to other services, and handle various web hosting tasks with minimal setup. Its modular architecture allows for easy extension through plugins, making it versatile for different deployment scenarios. Caddy's emphasis on simplicity and security makes it popular for both small projects and production environments, particularly among developers looking for a straightforward, feature-rich web server solution.\n\nVisit the following resources to learn more:", "links": [ + { + "title": "caddyserver/caddy", + "url": "https://github.com/caddyserver/caddy", + "type": "opensource" + }, { "title": "Caddy Website", "url": "https://caddyserver.com/", "type": "article" + }, + { + "title": "Exploring Caddy, An Open Source Web Server", + "url": "https://www.youtube.com/watch?v=tqXL5QLvPRQ", + "type": "video" } ] }, "5iJOE1QxMvf8BQ_8ssiI8": { "title": "IIS", - "description": "Internet Information Services (IIS) for Windows® Server is a flexible, secure and manageable Web server for hosting anything on the Web.\n\nVisit the following resources to learn more:", + "description": "Microsoft Internet Information Services (IIS) is a flexible, secure and manageable Web server for hosting anything on the Web. It's an extensible web server created by Microsoft for use with Windows NT family. IIS supports HTTP, HTTPS, FTP, FTPS, SMTP and NNTP. It's been an integral part of the Windows NT family since Windows NT 4.0, and is included with Windows Server versions. IIS features a modular architecture, allowing administrators to customize server functionality. It supports various programming languages and frameworks, particularly [ASP.NET](http://ASP.NET). IIS provides tools for web application deployment, security management, and performance optimization, making it a popular choice for hosting Windows-based web applications in enterprise environments.\n\nVisit the following resources to learn more:", "links": [ { "title": "Official Website", @@ -956,7 +941,7 @@ }, "R4XSY4TSjU1M7cW66zUqJ": { "title": "Caching Server", - "description": "A cache server is a **dedicated network server** or service acting as a server that saves Web pages or other Internet content locally. By placing previously requested information in temporary storage, or cache, a cache server both speeds up access to data and reduces demand on an enterprise's bandwidth.\n\nVisit the following resources to learn more:", + "description": "A caching server, also known as a proxy server or cache server, is a dedicated network server that saves web pages and other Internet content locally to reduce bandwidth usage, server load, and perceived lag. It works by intercepting requests from clients, saving the responses from web servers, and serving cached content to subsequent requests for the same information. Caching servers can significantly improve response times and reduce network traffic, especially for frequently accessed content. They are commonly used in content delivery networks (CDNs), enterprise networks, and Internet service providers to optimize performance, reduce costs, and enhance user experience by serving content from a location closer to the end-user.\n\nVisit the following resources to learn more:", "links": [ { "title": "What is Caching?", @@ -970,8 +955,13 @@ }, { "title": "Site Cache vs Browser Cache vs Server Cache", - "url": "https://wp-rocket.me/blog/different-types-of-caching/", + "url": "https://nordvpn.com/cybersecurity/glossary/caching-server/", "type": "article" + }, + { + "title": "Cache Systems Every Developer Should Know", + "url": "https://www.youtube.com/watch?v=dGAgxozNWFE", + "type": "video" } ] }, @@ -988,12 +978,17 @@ "title": "Load Balancing concepts and algorithms", "url": "https://www.cloudflare.com/en-gb/learning/performance/what-is-load-balancing/", "type": "article" + }, + { + "title": "What is a Load Balancer?", + "url": "https://www.youtube.com/watch?v=sCR3SAVdyCc", + "type": "video" } ] }, "eGF7iyigl57myx2ejpmNC": { "title": "Reverse Proxy", - "description": "A Reverse Proxy server is a type of proxy server that typically sits behind the firewall in a private network and directs client requests to the appropriate backend server. It provides an additional level of security by hiding the server related details like `IP Address` to clients. It is also known as **server side proxy**.\n\n**Common Uses:**\n\n* Load balancing\n* Web acceleration\n* Security and anonymity\n\nVisit the following resources to learn more:", + "description": "A reverse proxy is a server that sits between client devices and backend servers, intercepting requests from clients and forwarding them to appropriate backend servers. It acts on behalf of the servers, providing benefits such as load balancing, caching, SSL termination, and security. Reverse proxies can distribute incoming traffic across multiple servers to improve performance and reliability, cache frequently requested content to reduce server load, handle SSL encryption and decryption to offload this task from backend servers, and provide an additional layer of security by hiding server details. Common uses include improving web application performance, enabling microservices architectures, and enhancing security in web hosting environments. Popular reverse proxy software includes NGINX, HAProxy, and Apache with mod\\_proxy.\n\nVisit the following resources to learn more:", "links": [ { "title": "What is Reverse Proxy?", @@ -1004,12 +999,17 @@ "title": "NGINX documentation", "url": "https://www.nginx.com/resources/glossary/reverse-proxy-server/", "type": "article" + }, + { + "title": "Proxy vs Reverse Proxy (Real-world Examples)", + "url": "https://www.youtube.com/watch?v=4NB0NDtOwIQ", + "type": "video" } ] }, "CQhUflAcv1lhBnmDY0gaz": { "title": "Containers", - "description": "Containers are a construct in which [cgroups](https://en.wikipedia.org/wiki/Cgroups), [namespaces](https://en.wikipedia.org/wiki/Linux_namespaces), and [chroot](https://en.wikipedia.org/wiki/Chroot) are used to fully encapsulate and isolate a process. This encapsulated process, called a container image, shares the kernel of the host with other containers, allowing containers to be significantly smaller and faster than virtual machines.\n\nThese images are designed for portability, allowing for full local testing of a static image, and easy deployment to a container management platform.\n\nVisit the following resources to learn more:", + "description": "Containers are lightweight, portable, and isolated environments that package applications and their dependencies, enabling consistent deployment across different computing environments. They encapsulate software code, runtime, system tools, libraries, and settings, ensuring that the application runs the same regardless of where it's deployed. Containers share the host operating system's kernel, making them more efficient than traditional virtual machines. Popular containerization platforms like Docker provide tools for creating, distributing, and running containers. This technology supports microservices architectures, simplifies application deployment, improves scalability, and enhances DevOps practices by streamlining the development-to-production pipeline and enabling more efficient resource utilization.\n\nVisit the following resources to learn more:", "links": [ { "title": "What are Containers?", @@ -1040,7 +1040,7 @@ }, "P0acFNZ413MSKElHqCxr3": { "title": "Docker", - "description": "Docker is a platform for working with containerized applications. Among its features are a daemon and client for managing and interacting with containers, registries for storing images, and a desktop application to package all these features together. Containers are lightweight and portable, providing a consistent and reliable way to deploy applications across different environments.\n\nHistory\n-------\n\nDocker was founded in 2010 by _Solomon Hykes_, and the first version of Docker was released in 2013. Docker became an open-source project in 2014, and since then, it has gained massive popularity in the software development industry.\n\nKey Features\n------------\n\nDocker provides several key features that make it an attractive choice for developers:\n\n* **Lightweight**: Containers are much lighter than virtual machines, making them faster to spin up and down.\n* **Portable**: Containers are portable across different environments, including Windows, Linux, and macOS.\n* **Isolated**: Containers provide a high level of isolation between applications, ensuring that each application runs independently without interfering with others.\n* **Efficient**: Containers use fewer resources than virtual machines, making them more efficient.\n\nVisit the following resources to learn more:", + "description": "Docker is an open-source platform that automates the deployment, scaling, and management of applications using containerization technology. It enables developers to package applications with all their dependencies into standardized units called containers, ensuring consistent behavior across different environments. Docker provides a lightweight alternative to full machine virtualization, using OS-level virtualization to run multiple isolated systems on a single host. Its ecosystem includes tools for building, sharing, and running containers, such as Docker Engine, Docker Hub, and Docker Compose. Docker has become integral to modern DevOps practices, facilitating microservices architectures, continuous integration/deployment pipelines, and efficient resource utilization in both development and production environments.\n\nVisit the following resources to learn more:", "links": [ { "title": "Visit Dedicated Docker Roadmap", @@ -1071,7 +1071,7 @@ }, "qYRJYIZsmf-inMqKECRkI": { "title": "LXC", - "description": "LXC is a well-known Linux container runtime that consists of tools, templates, and library and language bindings. It's pretty low level, very flexible and covers just about every containment feature supported by the upstream kernel.\n\nVisit the following resources to learn more:", + "description": "LXC (Linux Containers) is an operating system-level virtualization method for running multiple isolated Linux systems on a single host using a single Linux kernel. It provides a lightweight alternative to full machine virtualization, offering near-native performance and density. LXC uses Linux kernel features like cgroups and namespaces to create containers that have their own process and network space, while sharing the same kernel as the host system. This technology allows for efficient resource utilization and rapid deployment of applications. LXC is often used for creating development environments, testing, and running multiple isolated services on a single machine. While similar in concept to Docker, LXC provides a more system-container approach compared to Docker's application-container focus.\n\nVisit the following resources to learn more:", "links": [ { "title": "LXC Website", @@ -1087,6 +1087,11 @@ "title": "Getting started with LXC containers", "url": "https://www.youtube.com/watch?v=CWmkSj_B-wo", "type": "video" + }, + { + "title": "LXC - Guide to building a LXC Lab", + "url": "https://www.youtube.com/watch?v=cqOtksmsxfg", + "type": "video" } ] }, @@ -1113,16 +1118,11 @@ }, "1ieK6B_oqW8qOC6bdmiJe": { "title": "AWS", - "description": "Amazon Web Services has been the market leading cloud computing platform since 2011, ahead of Azure and Google Cloud. AWS offers over 200 services with data centers located all over the globe.\n\nAWS service is an online platform that provides scalable and cost-effective cloud computing solutions. It is broadly adopted cloud platform that offers several on-demand operations like compute power, database storage, content delivery and so on.\n\nVisit the following resources to learn more:", + "description": "Amazon Web Services has been the market leading cloud computing platform since 2011, ahead of Azure and Google Cloud. AWS offers over 200 services with data centers located all over the globe. AWS service is an online platform that provides scalable and cost-effective cloud computing solutions. It is broadly adopted cloud platform that offers several on-demand operations like compute power, database storage, content delivery and so on.\n\nVisit the following resources to learn more:", "links": [ { - "title": "AWS Course for Beginners", - "url": "https://www.coursera.org/learn/aws-cloud-technical-essentials?specialization=aws-devops", - "type": "course" - }, - { - "title": "DevOps on AWS Course", - "url": "https://www.coursera.org/specializations/aws-devops?#courses", + "title": "100 hour AWS Complete Course 2024", + "url": "https://www.youtube.com/watch?v=zA8guDqfv40", "type": "course" }, { @@ -1130,11 +1130,6 @@ "url": "https://aws.amazon.com/", "type": "article" }, - { - "title": "AWS Documentation", - "url": "https://docs.aws.amazon.com/", - "type": "article" - }, { "title": "AWS Cloud Essentials", "url": "https://aws.amazon.com/getting-started/cloud-essentials/", @@ -1146,75 +1141,40 @@ "type": "article" }, { - "title": "Sign up for AWS", - "url": "https://portal.aws.amazon.com/billing/signup", - "type": "article" - }, - { - "title": "How to learn AWS", - "url": "https://cs.fyi/guide/how-to-learn-aws/", - "type": "article" - }, - { - "title": "AWS Ramp Up Guide", - "url": "https://d1.awsstatic.com/training-and-certification/ramp-up_guides/Ramp-Up_Guide_CloudPractitioner.pdf", - "type": "article" - }, - { - "title": "Cloud Practitioner Essentials", - "url": "https://explore.skillbuilder.aws/learn/course/external/view/elearning/134/aws-cloud-practitioner-essentials", - "type": "article" - }, - { - "title": "AWS Guide by SimpliLearn", - "url": "https://www.simplilearn.com/tutorials/aws-tutorial/what-is-aws", + "title": "Create an AWS account", + "url": "https://grapplingdev.com/tutorials/how-to-create-aws-account", "type": "article" }, { "title": "Explore top posts about AWS", "url": "https://app.daily.dev/tags/aws?ref=roadmapsh", "type": "article" - }, - { - "title": "AWS Tutorial for Beginners", - "url": "https://www.youtube.com/watch?v=k1RI5locZE4&t=129s", - "type": "video" - }, - { - "title": "AWS Practitioner", - "url": "https://youtu.be/SOTamWNgDKc", - "type": "video" } ] }, "ctor79Vd7EXDMdrLyUcu_": { "title": "Azure", - "description": "Microsoft Azure is a cloud computing service operated by Microsoft. Azure currently provides more than 200 products and cloud services.\n\nVisit the following resources to learn more:", + "description": "Microsoft Azure is a comprehensive cloud computing platform offering a wide array of services for building, deploying, and managing applications through Microsoft-managed data centers. It provides Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) solutions, supporting various programming languages, tools, and frameworks, including both Microsoft-specific and third-party systems. Azure's services span computing, analytics, storage, networking, and more, enabling businesses to scale and transform their operations, leverage AI and machine learning, and implement robust security measures, all while potentially reducing IT costs through its pay-as-you-go pricing model.\n\nVisit the following resources to learn more:", "links": [ { - "title": "Azure Website", - "url": "https://azure.microsoft.com/en-us/", - "type": "article" - }, - { - "title": "Official Documentation", - "url": "https://docs.microsoft.com/en-us/azure/", - "type": "article" - }, - { - "title": "Azure Get Started Guide", - "url": "https://azure.microsoft.com/en-ca/get-started/#explore-azure", - "type": "article" + "title": "Microsoft Azure Guide", + "url": "https://github.com/mikeroyal/Azure-Guide", + "type": "opensource" }, { - "title": "Get to know Azure", - "url": "https://azure.microsoft.com/en-us/explore/", + "title": "Azure Website", + "url": "https://azure.microsoft.com/en-us/", "type": "article" }, { "title": "Explore top posts about Azure", "url": "https://app.daily.dev/tags/azure?ref=roadmapsh", "type": "article" + }, + { + "title": "Microsoft Azure Fundamentals Certification Course (AZ-900)", + "url": "https://www.youtube.com/watch?v=5abffC-K40c", + "type": "video" } ] }, @@ -1222,26 +1182,11 @@ "title": "Google Cloud", "description": "Google Cloud is Google's cloud computing service offering, providing over 150 products/services to choose from. It consists of a set of physical assets, such as computers and hard disk drives, and virtual resources, such as virtual machines(VMs), that are contained in Google's data centers. It runs on the same infrastructure that Google uses internally for its end-user products, such as Search, Gmail, Google Drive, and YouTube.\n\nVisit the following resources to learn more:", "links": [ - { - "title": "Coursera Complete Course for Google Cloud", - "url": "https://www.coursera.org/professional-certificates/cloud-engineering-gcp#courses", - "type": "course" - }, { "title": "Google Cloud Website", "url": "https://cloud.google.com/", "type": "article" }, - { - "title": "Official Documentation", - "url": "https://cloud.google.com/docs", - "type": "article" - }, - { - "title": "Google Cloud Get Started Guide", - "url": "https://cloud.google.com/docs/get-started/", - "type": "article" - }, { "title": "5 Tips to Become a Google Cloud Certified Professional Architect", "url": "https://thenewstack.io/5-tips-to-become-a-google-cloud-certified-professional-architect/", @@ -1253,15 +1198,15 @@ "type": "article" }, { - "title": "Google Cloud by Edureka on You-Tube", - "url": "https://www.youtube.com/watch?v=IUU6OR8yHCc", + "title": "Google Cloud Platform Full Course 2023", + "url": "https://www.youtube.com/watch?v=fZOz13joN0o", "type": "video" } ] }, "-h-kNVDNzZYnQAR_4lfXc": { "title": "Digital Ocean", - "description": "DigitalOcean is a cloud computing service offering products and services in Compute, Storage, Managed Databases, Containers & Images and Networking.\n\nVisit the following resources to learn more:", + "description": "DigitalOcean is a cloud infrastructure provider that offers simple, affordable, and developer-friendly virtual private servers, known as \"Droplets.\" It focuses on providing straightforward cloud computing services, including virtual machines, managed databases, object storage, and Kubernetes clusters. DigitalOcean is known for its user-friendly interface, transparent pricing, and extensive documentation, making it popular among developers, startups, and small to medium-sized businesses. The platform emphasizes simplicity and performance, offering features like one-click applications, team management, and a robust API for automation. While not as feature-rich as some larger cloud providers, DigitalOcean's streamlined approach and competitive pricing make it an attractive option for those seeking uncomplicated cloud infrastructure solutions.\n\nVisit the following resources to learn more:", "links": [ { "title": "DigitalOcean Website", @@ -1269,36 +1214,31 @@ "type": "article" }, { - "title": "Official Documentation", - "url": "https://docs.digitalocean.com/products/", - "type": "article" - }, - { - "title": "DigitalOcean Get Started Guide", - "url": "https://docs.digitalocean.com/products/getting-started/", + "title": "DigitalOcean Hacktoberfest", + "url": "https://hacktoberfest.com/", "type": "article" }, { "title": "Explore top posts about DigitalOcean", "url": "https://app.daily.dev/tags/digitalocean?ref=roadmapsh", "type": "article" + }, + { + "title": "Getting Started With Kubernetes on DigitalOcean", + "url": "https://www.youtube.com/watch?v=cJKdo-glRD0", + "type": "video" } ] }, "YUJf-6ccHvYjL_RzufQ-G": { "title": "Alibaba Cloud", - "description": "Alibaba Cloud is a cloud computing service, offering over 100 products and services with data centers in 24 regions and 74 availability zones around the world.\n\nVisit the following resources to learn more:", + "description": "Alibaba Cloud is the cloud computing arm of Alibaba Group, offering a broad range of cloud services and solutions designed to support enterprise IT infrastructure and digital transformation. It provides scalable and flexible cloud computing resources, including virtual machines, storage, databases, and networking. Alibaba Cloud’s services also encompass big data analytics, artificial intelligence, machine learning, and security solutions. Known for its global data center network, it supports businesses with high availability, disaster recovery, and compliance needs. Alibaba Cloud is a key player in the cloud market, particularly in Asia, providing comprehensive tools for businesses to build, deploy, and manage applications and services in the cloud.\n\nVisit the following resources to learn more:", "links": [ { "title": "Alibaba Cloud Website", "url": "https://www.alibabacloud.com/", "type": "article" }, - { - "title": "Official Documentation", - "url": "https://www.alibabacloud.com/help/en/", - "type": "article" - }, { "title": "Alibaba Cloud Getting Started Guide", "url": "https://www.alibabacloud.com/getting-started", @@ -1313,44 +1253,49 @@ }, "I327qPYGMcdayRR5WT0Ek": { "title": "Hetzner", - "description": "Hetzner is a German hosting provider that offers a wide range of services, including dedicated servers, cloud servers, and colocation. They are known for their high-quality hardware, competitive pricing, and excellent customer support.\n\nVisit the following resources to learn more about Hetzner:", + "description": "Hetzner is a German web hosting company and data center operator known for offering high-quality, cost-effective dedicated servers, virtual private servers (VPS), and cloud solutions. They provide a range of hosting services including shared hosting, managed servers, and colocation. Hetzner is particularly popular among developers and small to medium-sized businesses for its competitive pricing on powerful hardware. Their cloud platform offers flexible, scalable resources with a straightforward pricing model. Hetzner is recognized for its robust infrastructure, reliable network connectivity, and customer-friendly approach. While not as feature-rich as some larger cloud providers, Hetzner's focus on providing high-performance hardware at affordable prices has earned it a strong reputation in the hosting community.\n\nVisit the following resources to learn more about Hetzner:", "links": [ { "title": "Hetzner Website", "url": "https://www.hetzner.com/", "type": "article" - } - ] + }, + { + "title": "How To Setup Hetzner Cloud Server To Host Your Websites", + "url": "https://runcloud.io/blog/hetzner", + "type": "article" + }, + { + "title": "Coolify Crash Course | Self Host 101", + "url": "https://www.youtube.com/watch?v=taJlPG82Ucw", + "type": "video" + } + ] }, "FaPf567JGRAg1MBlFj9Tk": { "title": "Heroku ", - "description": "Heroku is a cloud platform as a service subsidiary of Salesforce. Heroku officially supports Node.js, Ruby, Java, PHP, Python, Go, Scala and Clojure, along with any language that runs on Linux via a third-party build pack.\n\nVisit the following resources to learn more:", + "description": "Heroku is a cloud platform as a service (PaaS) that enables developers to build, run, and operate applications entirely in the cloud. It supports several programming languages and offers a simple, streamlined deployment process using Git. Heroku abstracts away much of the infrastructure management, allowing developers to focus on code rather than server maintenance. It provides features like automatic scaling, continuous integration/deployment pipelines, and add-ons for databases and other services. Heroku's dyno-based architecture allows for easy scaling of applications. While particularly popular among startups and for rapid prototyping due to its ease of use, Heroku also serves larger applications. Its ecosystem includes a marketplace of third-party add-ons, enhancing functionality for various development needs.\n\nVisit the following resources to learn more:", "links": [ { "title": "Heroku Website", "url": "https://www.heroku.com/", "type": "article" }, - { - "title": "Official Documentation", - "url": "https://devcenter.heroku.com/", - "type": "article" - }, - { - "title": "Heroku Get Started Guide", - "url": "https://devcenter.heroku.com/start", - "type": "article" - }, { "title": "Explore top posts about Heroku", "url": "https://app.daily.dev/tags/heroku?ref=roadmapsh", "type": "article" + }, + { + "title": "What is Heroku?", + "url": "https://www.youtube.com/watch?v=IB0V8wWsCsc", + "type": "video" } ] }, "eJZdjheptmiwKsVokt7Io": { "title": "Contabo", - "description": "Contabo offers a wide range of hosting services, from VPS to dedicated servers. They are known for their low prices and high performance.\n\nVisit the following link to learn more:", + "description": "Contabo is a German web hosting and dedicated server provider known for offering affordable virtual private servers (VPS) and dedicated servers with high performance specifications. They provide a range of hosting solutions, including shared hosting, VPS, dedicated servers, and storage solutions, catering to both individual developers and businesses. Contabo is particularly popular among budget-conscious users for its competitive pricing on high-resource VPS plans. Their services include features like SSD storage, DDoS protection, and data centers in multiple locations. While not as well-known as some larger cloud providers, Contabo has gained a reputation in the hosting community for offering good value for money, especially for users requiring substantial computing resources at lower costs.\n\nVisit the following link to learn more:", "links": [ { "title": "Contabo - Official Website", @@ -1361,18 +1306,23 @@ }, "RDLmML_HS2c8J4D_U_KYe": { "title": "FTP / SFTP", - "description": "File Transfer Protocol(FTP) is `TCP/IP` based application layer communication protocol that helps transferring files between local and remote file systems over the network. To transfer a file, 2 TCP connections(control connection and data connection) are used in parallel.\n\nVisit the following resources to learn more:", + "description": "FTP (File Transfer Protocol) is a standard network protocol used for transferring files between a client and a server on a computer network. It operates on a client-server model, typically using separate control and data connections between the client and server. FTP allows users to upload, download, and manage files on remote systems, supporting both authenticated and anonymous access. While widely used for its simplicity and compatibility, FTP has security limitations as it transmits data and credentials in plain text. As a result, more secure alternatives like SFTP (SSH File Transfer Protocol) and FTPS (FTP Secure) have gained popularity for sensitive data transfers. Despite its age, FTP remains in use for various file transfer needs, especially in legacy systems and where security is less critical.\n\nSFTP (SSH File Transfer Protocol) is a secure file transfer protocol that provides file access, transfer, and management functionalities over a secure shell (SSH) data stream. It's designed as an extension of SSH to offer secure file transfer capabilities. SFTP encrypts both commands and data in transit, protecting against eavesdropping and man-in-the-middle attacks. Unlike traditional FTP, SFTP uses a single connection and doesn't separate control and data channels. It supports features like resuming interrupted transfers, directory listings, and remote file removal. SFTP is widely used in enterprise environments for secure file transfers, automated scripts, and as a more secure alternative to FTP. Its integration with SSH makes it a preferred choice for system administrators and developers working with remote systems securely.\n\nVisit the following resources to learn more:", "links": [ { "title": "FTP vs SFTP vs FTPS", "url": "https://www.fortinet.com/resources/cyberglossary/file-transfer-protocol-ftp-meaning", "type": "article" + }, + { + "title": "What is SFTP?", + "url": "https://www.kiteworks.com/risk-compliance-glossary/sftp/", + "type": "article" } ] }, "Vu955vdsYerCG8G6suqml": { "title": "DNS", - "description": "DNS (Domain Name System) is the phonebook of the Internet. Humans access information online through domain names, like `nytimes.com` or `espn.com.` Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.\n\nVisit the following resources to learn more:", + "description": "DNS (Domain Name System) is a hierarchical, decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It translates human-readable domain names (like [www.example.com](http://www.example.com)) into IP addresses (like 192.0.2.1) that computers use to identify each other on the network. DNS serves as the internet's phone book, enabling users to access websites using easy-to-remember names instead of numerical IP addresses. The system comprises DNS servers, resolvers, and records (like A, CNAME, MX), working together to route internet traffic efficiently. DNS is crucial for internet functionality, affecting everything from web browsing and email to load balancing and service discovery in modern cloud architectures.\n\nVisit the following resources to learn more:", "links": [ { "title": "What is DNS?", @@ -1393,17 +1343,12 @@ "title": "DNS and How does it Work?", "url": "https://www.youtube.com/watch?v=Wj0od2ag5sk", "type": "video" - }, - { - "title": "DNS Records", - "url": "https://www.youtube.com/watch?v=7lxgpKh_fRY", - "type": "video" } ] }, "ke-8MeuLx7AS2XjSsPhxe": { "title": "HTTP", - "description": "HTTP is the `TCP/IP` based application layer communication protocol which standardizes how the client and server communicate with each other. It defines how the content is requested and transmitted across the internet.\n\nVisit the following resources to learn more:", + "description": "HTTP (Hypertext Transfer Protocol) is the foundation of data communication on the World Wide Web. It's an application-layer protocol that enables the transfer of various types of data, primarily web pages and their components, between clients (usually web browsers) and servers. HTTP operates on a request-response model, where clients send requests for resources, and servers respond with the requested data or error messages. It's stateless by design, meaning each request is independent of previous ones. HTTP supports various methods (GET, POST, PUT, DELETE, etc.) for different types of operations. While originally designed for plain-text transmission, HTTPS, its secure version using encryption, is now widely adopted to protect data in transit.\n\nVisit the following resources to learn more:", "links": [ { "title": "Everything you need to know about HTTP", @@ -1421,9 +1366,9 @@ "type": "article" }, { - "title": "HTTP/3 From A To Z: Core Concepts", - "url": "https://www.smashingmagazine.com/2021/08/http3-core-concepts-part1/", - "type": "article" + "title": "HTTP/1 to HTTP/2 to HTTP/3", + "url": "https://www.youtube.com/watch?v=a-sBfyiXysI", + "type": "video" }, { "title": "HTTP Crash Course & Exploration", @@ -1434,7 +1379,7 @@ }, "AJO3jtHvIICj8YKaSXl0U": { "title": "HTTPS", - "description": "HTTPS (**H**ypertext **T**ransfer **P**rotocol **S**ecure) is the secure version of HTTP, which is the primary protocol used to send data between a web browser and a website.\n\n`HTTPS = HTTP + SSL/TLS`\n\nVisit the following resources to learn more:", + "description": "HTTPS (Hypertext Transfer Protocol Secure) is the secure version of HTTP, encrypting data exchanged between a client and a server. It uses SSL/TLS protocols to provide authentication, data integrity, and confidentiality. HTTPS prevents eavesdropping, tampering, and man-in-the-middle attacks by encrypting all communications. It uses digital certificates to verify the identity of websites, enhancing trust and security. HTTPS is crucial for protecting sensitive information like login credentials and financial data. It has become the standard for secure web communication, with major browsers marking non-HTTPS sites as \"not secure.\" HTTPS also provides SEO benefits and is essential for many modern web features and progressive web applications.\n\nVisit the following resources to learn more:", "links": [ { "title": "What is HTTPS?", @@ -1455,6 +1400,11 @@ "title": "How HTTPS works (comic)", "url": "https://howhttps.works/", "type": "article" + }, + { + "title": "Does HTTPS REALLY Keep You Safe?", + "url": "https://www.youtube.com/watch?v=25mXesOV9-8", + "type": "video" } ] }, @@ -1481,12 +1431,17 @@ "title": "SSH vs SSL vs TLS", "url": "https://www.youtube.com/watch?v=k3rFFLmQCuY", "type": "video" + }, + { + "title": "SSL/TLS Explained in 7 Minutes", + "url": "https://www.youtube.com/watch?v=67Kfsmy_frM", + "type": "video" } ] }, "wcIRMLVm3SdEJWF9RPfn7": { "title": "SSH", - "description": "The SSH (**S**ecure **Sh**ell) is a network communication protocol that enables two computers to communicate over an insecure network. It is a secure alternative to the non-protected login protocols (such as telnet, rlogin) and insecure file transfer methods (such as FTP). It is mostly used for secure Remote Login and File Transfer.\n\n`SFTP = FTP + SSH`\n\nVisit the following resources to learn more:", + "description": "SSH (Secure Shell) is a cryptographic network protocol used to securely access and manage remote machines over an unsecured network. It provides encrypted communication, ensuring confidentiality and integrity, and allows for secure file transfers, command execution, and tunneling. SSH is widely used for remote administration of servers, cloud infrastructure, and networking devices, typically employing key-based authentication or passwords. Tools like OpenSSH are commonly used to establish SSH connections, providing a secure alternative to older, less secure protocols like Telnet.\n\nVisit the following resources to learn more:", "links": [ { "title": "SSH Intro", @@ -1507,12 +1462,17 @@ "title": "Explore top posts about SSH", "url": "https://app.daily.dev/tags/ssh?ref=roadmapsh", "type": "article" + }, + { + "title": "How SSH Works", + "url": "https://www.youtube.com/watch?v=5JvLV2-ngCI", + "type": "video" } ] }, "E-lSLGzgOPrz-25ER2Hk7": { "title": "White / Grey Listing", - "description": "White listing is a process of adding an email to an approved sender list, so emails from that sender are never moved to the spam folder. This tells an email server to move messages to the inbox directly.\n\n`Greylisting` is a method of protecting e-mail users against spam. A mail transfer agent (MTA) using greylisting will \"temporarily reject\" any email from a sender it does not recognize. If the mail is legitimate, the originating server will try again after a delay, and the email will be accepted if sufficient time has elapsed.\n\nVisit the following resources to learn more:", + "description": "Whitelisting involves creating a list of trusted entities (such as IP addresses, email addresses, or applications) that are explicitly allowed to access a system or send messages. Anything not on the whitelist is denied by default. Whitelisting offers a high level of security by limiting access to only known and approved entities, but it can be inflexible and require frequent updates to accommodate legitimate changes. Greylisting is a more flexible approach used primarily in email filtering. When an email is received from an unknown sender, the server temporarily rejects it with a \"try again later\" response. Legitimate mail servers will retry sending the email after a short delay, while spammers, which often do not retry, are blocked. This method reduces spam by taking advantage of the fact that spammers usually do not follow retry mechanisms. Greylisting can be less intrusive than whitelisting, but it may introduce slight delays in email delivery for first-time senders.\n\nVisit the following resources to learn more:", "links": [ { "title": "Basic Introduction to whitelisting", @@ -1523,16 +1483,26 @@ "title": "Detailed Introduction to greylisting", "url": "https://en.wikipedia.org/wiki/Greylisting_(email)", "type": "article" + }, + { + "title": "Greylisting", + "url": "https://www.youtube.com/watch?v=ljtU6I0sIiw", + "type": "video" + }, + { + "title": "How to Whitelist an Email Address?", + "url": "https://www.youtube.com/watch?v=NqQIBtY7ySw", + "type": "video" } ] }, "zJy9dOynWgLTDKI1iBluG": { "title": "SMTP", - "description": "Email is emerging as one of the most valuable services on the internet today. Most internet systems use SMTP as a method to transfer mail from one user to another. SMTP is a push protocol and is used to send the mail whereas POP (post office protocol) or IMAP (internet message access protocol) are used to retrieve those emails at the receiver’s side.\n\nSMTP is an application layer protocol. The client who wants to send the mail opens a TCP connection to the SMTP server and then sends the mail across the connection. The SMTP server is an always-on listening mode. As soon as it listens for a TCP connection from any client, the SMTP process initiates a connection through port 25. After successfully establishing a TCP connection the client process sends the mail instantly.\n\nVisit the following resources to learn more:", + "description": "Email is emerging as one of the most valuable services on the internet today. Most internet systems use SMTP as a method to transfer mail from one user to another. SMTP is a push protocol and is used to send the mail whereas POP (post office protocol) or IMAP (internet message access protocol) are used to retrieve those emails at the receiver’s side. SMTP is an application layer protocol. The client who wants to send the mail opens a TCP connection to the SMTP server and then sends the mail across the connection. The SMTP server is an always-on listening mode. As soon as it listens for a TCP connection from any client, the SMTP process initiates a connection through port 25. After successfully establishing a TCP connection the client process sends the mail instantly.\n\nVisit the following resources to learn more:", "links": [ { "title": "What is SMTP? - Cloudflare", - "url": "https://www.cloudflare.com/learning/email-security/what-is-smtp/#:~:text=The%20Simple%20Mail%20Transfer%20Protocol%20(SMTP)%20is%20a%20technical%20standard,their%20underlying%20hardware%20or%20software.", + "url": "https://www.cloudflare.com/learning/email-security/what-is-smtp", "type": "article" }, { @@ -1544,12 +1514,17 @@ "title": "Explore top posts about Serverless", "url": "https://app.daily.dev/tags/serverless?ref=roadmapsh", "type": "article" + }, + { + "title": "What is SMTP and how does it work?", + "url": "https://www.youtube.com/watch?v=iUhDT3ZtWS0", + "type": "video" } ] }, "5vUKHuItQfkarp7LtACvX": { "title": "DMARC", - "description": "DMARC stands for Domain-based Message Authentication, Reporting, and Conformance, is an authentication method on the email that is built to protect domain email from invalid email addresses or commonly known as email spoofing, email attacks, phishing, scams, and other threat activities.\n\nVisit the following resources to learn more:", + "description": "DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol that builds upon SPF and DKIM to protect against email spoofing and phishing attacks. It allows domain owners to specify how email receivers should handle messages that fail authentication checks. DMARC provides a feedback mechanism for domain owners to receive reports on email authentication results, helping them monitor and improve their email security. By implementing DMARC policies, organizations can enhance their email deliverability, protect their brand reputation, and reduce the likelihood of their domain being used in fraudulent email campaigns. DMARC is widely adopted by major email providers and is considered a crucial component of modern email security strategies.\n\nVisit the following resources to learn more:", "links": [ { "title": "DMARC Official Website", @@ -1560,12 +1535,17 @@ "title": "Explore top posts about Security", "url": "https://app.daily.dev/tags/security?ref=roadmapsh", "type": "article" + }, + { + "title": "What is DMARC: Email Security You Need to Know About", + "url": "https://www.youtube.com/watch?v=zLxJLKf-ua8", + "type": "video" } ] }, "WMuXqa4b5wyRuYAQKQJRj": { "title": "IMAPS", - "description": "IMAP (port 143) or IMAPS (port 993) allows you to access your email wherever you are, from any device. When you read an email message using IMAP, you aren't actually downloading or storing it on your computer; instead, you're reading it from the email service. As a result, you can check your email from different devices, anywhere in the world: your phone, a computer, a friend's computer.\n\nIMAP only downloads a message when you click on it, and attachments aren't automatically downloaded. This way you're able to check your messages a lot more quickly than POP.\n\nVisit the following resources to learn more:", + "description": "IMAP (Internet Message Access Protocol) is a standard email protocol that allows email clients to access messages stored on a mail server. Unlike POP3, IMAP keeps emails on the server, enabling access from multiple devices while maintaining synchronization. It supports folder structures, message flagging, and partial message retrieval, making it efficient for managing large volumes of emails. IMAP allows users to search server-side, reducing bandwidth usage. It's designed for long-term mail storage on the server, ideal for users who need to access their email from various devices or locations. IMAP's synchronization capabilities and server-side management features make it the preferred protocol for most modern email systems, especially in mobile and multi-device environments.\n\nVisit the following resources to learn more:", "links": [ { "title": "Wikipedia: Internet Message Access Protocol", @@ -1573,8 +1553,8 @@ "type": "article" }, { - "title": "What is IMAP and How To Use It | Email Tutorial", - "url": "https://www.youtube.com/watch?v=cfXabGOA2s8", + "title": "What are POP3, IMAP, and SMTP?", + "url": "https://www.youtube.com/watch?v=gLNOVbcyWbI", "type": "video" } ] @@ -1589,37 +1569,47 @@ "type": "article" }, { - "title": "SPF Overview", - "url": "https://www.youtube.com/watch?v=WFPYrAr1boU", + "title": "What is SPF? Sender Policy Framework Explained", + "url": "https://www.youtube.com/watch?v=5HG8xJ2lWuc", "type": "video" } ] }, "fzO6xVTBxliu24f3W5zaU": { "title": "POP3S", - "description": "POP3 (port 110) or POP3s (port 995) stands for The Post Office Protocol. It's an Internet standard protocol used by local email software clients to retrieve emails from a remote mail server over a TCP/IP connection.\n\nEmail servers hosted by Internet service providers also use POP3 to receive and hold emails intended for their subscribers. Periodically, these subscribers will use email client software to check their mailbox on the remote server and download any emails addressed to them.\n\nOnce the email client has downloaded the emails, they are usually deleted from the server, although some email clients allow users to specify that mails be copied or saved on the server for a period of time.\n\nVisit the following resources to learn more:", + "description": "POP3 (port 110) or POP3s (port 995) stands for The Post Office Protocol. It's an Internet standard protocol used by local email software clients to retrieve emails from a remote mail server over a TCP/IP connection. Email servers hosted by Internet service providers also use POP3 to receive and hold emails intended for their subscribers. Periodically, these subscribers will use email client software to check their mailbox on the remote server and download any emails addressed to them. Once the email client has downloaded the emails, they are usually deleted from the server, although some email clients allow users to specify that mails be copied or saved on the server for a period of time.\n\nVisit the following resources to learn more:", "links": [ { "title": "What is POP3?", "url": "https://www.techtarget.com/whatis/definition/POP3-Post-Office-Protocol-3", "type": "article" + }, + { + "title": "What are POP3, IMAP, and SMTP?", + "url": "https://www.youtube.com/watch?v=gLNOVbcyWbI", + "type": "video" } ] }, "RYCD78msIR2BPJoIP71aj": { "title": "Domain Keys", - "description": "DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect forged sender addresses in email (email spoofing), a technique often used in phishing and email spam.\n\nVisit the following resources to learn more:", + "description": "DomainKeys is an email authentication method designed to verify the domain of an email sender and ensure message integrity. Developed by Yahoo, it was a precursor to DKIM (DomainKeys Identified Mail). DomainKeys uses public key cryptography to allow email systems to verify that a message was sent by an authorized sender and hasn't been tampered with in transit. The sending server signs outgoing emails with a private key, and receiving servers can verify the signature using a public key published in the sender's DNS records. While largely superseded by DKIM, DomainKeys played a crucial role in the evolution of email authentication techniques aimed at combating email spoofing and phishing attacks.\n\nVisit the following resources to learn more:", "links": [ { "title": "DomainKeys Identified Mail", "url": "https://www.brainkart.com/article/DomainKeys-Identified-Mail_8493/", "type": "article" + }, + { + "title": "What is DKIM? DomainKeys Identified Mail", + "url": "https://www.youtube.com/watch?v=IBhO0akhMlQ", + "type": "video" } ] }, "QZ7bkY-MaEgxYoPDP3nma": { "title": "OSI Model", - "description": "Open Systems Interconnection (OSI) model is a **conceptual** model consists of 7 layers, that was proposed to standardize the communication between devices over the network. It was the first standard model for network communications, adopted by all major computer and telecommunication companies in the early 1980s.\n\nVisit the following resources to learn more:", + "description": "The OSI (Open Systems Interconnection) model is a conceptual framework that standardizes the functions of a telecommunication or computing system into seven abstraction layers. These layers, from bottom to top, are: Physical, Data Link, Network, Transport, Session, Presentation, and Application. Each layer serves a specific purpose in the process of data communication, with lower layers handling more hardware-oriented tasks and upper layers dealing with software and user-interface aspects. The model helps in understanding how data moves through a network, troubleshooting network issues, and designing network protocols and hardware. While not strictly adhered to in real-world implementations, the OSI model remains a valuable educational tool and reference point for network engineers and developers, providing a common language for discussing network operations and architecture.\n\nVisit the following resources to learn more:", "links": [ { "title": "What is OSI Model?", @@ -1640,7 +1630,7 @@ }, "w5d24Sf8GDkLDLGUPxzS9": { "title": "Networking & Protocols", - "description": "As a DevOps engineer you will need to understand the basics of networking protocols, how they work, and how they are used in the real world. To get you started, you should learn about, [TCP/IP](https://en.wikipedia.org/wiki/Internet_protocol_suite), [HTTP](https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol), [HTTPS](https://en.wikipedia.org/wiki/HTTPS), [FTP](https://en.wikipedia.org/wiki/File_Transfer_Protocol), [SSH](https://en.wikipedia.org/wiki/Secure_Shell), [SMTP](https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol), [DNS](https://en.wikipedia.org/wiki/Domain_Name_System), [DHCP](https://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol), [NTP](https://en.wikipedia.org/wiki/Network_Time_Protocol).\n\nHere are some of the resources to learn about SSH:", + "description": "Networking protocols are standardized rules and procedures that govern how data is transmitted, received, and interpreted across computer networks. They define the format, timing, sequencing, and error control in data communication. Key protocols include:\n\n1. TCP/IP (Transmission Control Protocol/Internet Protocol): The fundamental suite for Internet communication.\n2. HTTP/HTTPS: For web browsing and secure data transfer on the web.\n3. FTP/SFTP: File transfer protocols.\n4. SMTP/POP3/IMAP: Email communication protocols.\n5. DNS: For domain name resolution.\n6. DHCP: For automatic IP address assignment.\n7. SSL/TLS: For secure, encrypted communication.\n8. UDP: For fast, connectionless data transmission.\n\nHere are some of the resources to learn about SSH:", "links": [ { "title": "Cloudflare - What is SSL?", @@ -1673,30 +1663,30 @@ "type": "article" }, { - "title": "OpenSSH Full Guide", - "url": "https://www.youtube.com/watch?v=YS5Zh7KExvE", + "title": "DNS and How does it Work?", + "url": "https://www.youtube.com/watch?v=Wj0od2ag5sk", "type": "video" }, { - "title": "SSH vs SSL vs TLS", - "url": "https://www.youtube.com/watch?v=k3rFFLmQCuY", + "title": "DNS Records", + "url": "https://www.youtube.com/watch?v=7lxgpKh_fRY", "type": "video" }, { - "title": "DNS and How does it Work?", - "url": "https://www.youtube.com/watch?v=Wj0od2ag5sk", + "title": "SSH vs SSL vs TLS", + "url": "https://www.youtube.com/watch?v=k3rFFLmQCuY", "type": "video" }, { - "title": "DNS Records", - "url": "https://www.youtube.com/watch?v=7lxgpKh_fRY", + "title": "OpenSSH Full Guide", + "url": "https://www.youtube.com/watch?v=YS5Zh7KExvE", "type": "video" } ] }, "9p_ufPj6QH9gHbWBQUmGw": { "title": "Serverless", - "description": "Serverless computing, also known as Function-as-a-Service (FaaS), is a cloud computing model in which a cloud provider manages the infrastructure and dynamically allocates computing resources as needed. This allows developers to write and deploy code without worrying about the underlying infrastructure.\n\nVisit the following resources to learn more:", + "description": "Serverless is a cloud-computing execution model where the cloud provider dynamically manages the infrastructure, allowing developers to focus solely on writing code. In this model, resources are automatically allocated and scaled based on demand, and billing is based on actual usage rather than pre-purchased capacity. Serverless architectures are often used for event-driven workloads and microservices, improving development efficiency and reducing operational overhead. Popular platforms for serverless computing include AWS Lambda, Azure Functions, and Google Cloud Functions.\n\nVisit the following resources to learn more:", "links": [ { "title": "What is Serverless?", @@ -1707,6 +1697,11 @@ "title": "Explore top posts about Serverless", "url": "https://app.daily.dev/tags/serverless?ref=roadmapsh", "type": "article" + }, + { + "title": "What is Serverless?", + "url": "https://www.youtube.com/watch?v=vxJobGtqKVM", + "type": "video" } ] }, @@ -1738,28 +1733,28 @@ }, "l8VAewSEXzoyqYFhoplJj": { "title": "Cloudflare", - "description": "Cloudflare is a company that provides a range of services to help protect and accelerate websites and applications. At its core, Cloudflare is a content delivery network (CDN) and a reverse proxy cloud provider. This means that it acts as an intermediary between a website's origin server and its visitors, caching content and filtering out malicious traffic.\n\nCloudflare was founded in July 2009 by Matthew Prince, Lee Holloway, and Michelle Zatlyn. The company was venture-capital funded and submitted its S-1 filing for IPO on the New York Stock Exchange in August 2019. It opened for public trading on September 13, 2019, at $15 per share.\n\nVisit the following resources to learn more:", + "description": "Cloudflare is a company that provides a range of services to help protect and accelerate websites and applications. At its core, Cloudflare is a content delivery network (CDN) and a reverse proxy cloud provider. This means that it acts as an intermediary between a website's origin server and its visitors, caching content and filtering out malicious traffic. Cloudflare was founded in July 2009 by Matthew Prince, Lee Holloway, and Michelle Zatlyn. The company was venture-capital funded and submitted its S-1 filing for IPO on the New York Stock Exchange in August 2019. It opened for public trading on September 13, 2019, at $15 per share.\n\nVisit the following resources to learn more:", "links": [ { "title": "Cloudflare", "url": "https://cloudflare.com/", "type": "article" }, - { - "title": "Cloudflare Documentation", - "url": "https://developers.cloudflare.com/", - "type": "article" - }, { "title": "Explore top posts about Cloudflare", "url": "https://app.daily.dev/tags/cloudflare?ref=roadmapsh", "type": "article" + }, + { + "title": "Introduction to Cloudflare", + "url": "https://www.youtube.com/watch?v=24cml1rKGBs", + "type": "video" } ] }, "mlrlf2McMI7IBhyEdq0Nf": { "title": "Azure Functions", - "description": "Azure Functions is a serverless solution that allows you to write less code, maintain less infrastructure, and save on costs. Instead of worrying about deploying and maintaining servers, the cloud infrastructure provides all the up-to-date resources needed to keep your applications running.\n\nVisit the following resources to learn more:", + "description": "Azure Functions is a serverless compute service in Microsoft Azure that enables developers to run event-triggered code without managing infrastructure. It supports multiple programming languages and integrates seamlessly with other Azure services, allowing for scalable, on-demand execution of small, focused pieces of code. Azure Functions automatically scales based on demand, charges only for actual compute time used, and can be triggered by various events such as HTTP requests, timers, or changes in cloud services, making it ideal for microservices, data processing, and workflow automation tasks.\n\nVisit the following resources to learn more:", "links": [ { "title": "Azure Functions - Serverless Computing", @@ -1775,18 +1770,18 @@ "title": "Explore top posts about Azure", "url": "https://app.daily.dev/tags/azure?ref=roadmapsh", "type": "article" + }, + { + "title": "Getting Started With Azure Functions", + "url": "https://www.youtube.com/watch?v=l3beXs3o-0w", + "type": "video" } ] }, "UfQrIJ-uMNJt9H_VM_Q5q": { "title": "AWS Lambda", - "description": "AWS Lambda is an event-driven, serverless Function as a Service provided by Amazon as a part of Amazon Web Services. It is designed to enable developers to run code without provisioning or managing servers. It executes code in response to events and automatically manages the computing resources required by that code.\n\nVisit the following resources to learn more:", + "description": "AWS Lambda is a serverless compute service that allows you to run code without provisioning or managing servers. It automatically scales, executes code in response to triggers, and charges only for the compute time consumed. Lambda supports multiple programming languages and integrates seamlessly with other AWS services, making it ideal for building microservices, automating tasks, and processing data streams with minimal operational overhead.\n\nVisit the following resources to learn more:", "links": [ - { - "title": "AWS Lambda", - "url": "https://aws.amazon.com/lambda/", - "type": "article" - }, { "title": "AWS Lambda Introduction", "url": "https://docs.aws.amazon.com/lambda/latest/operatorguide/intro.html", @@ -1796,6 +1791,11 @@ "title": "Explore top posts about AWS", "url": "https://app.daily.dev/tags/aws?ref=roadmapsh", "type": "article" + }, + { + "title": "AWS Lambda Tutorial: Getting Started with Serverless Computing", + "url": "https://www.youtube.com/watch?v=RtiWU1DrMaM", + "type": "video" } ] }, @@ -1812,22 +1812,37 @@ "title": "Introducing Netlify Functions 2.0", "url": "https://www.netlify.com/blog/introducing-netlify-functions-2-0/", "type": "article" + }, + { + "title": "Daily.dev Netlify Feed", + "url": "https://app.daily.dev/tags/netlify", + "type": "article" + }, + { + "title": "How to Deploy a Website on Netlify", + "url": "https://www.youtube.com/watch?v=0P53S34zm44", + "type": "video" } ] }, "1oYvpFG8LKT1JD6a_9J0m": { "title": "Provisioning", - "description": "Tools in this category are used to provision infrastructure in cloud providers. This includes DNS, networking, security policies, servers, containers, and a whole host of vendor-specific constructs. In this category, the use of cloud provider-agnostic tooling is strongly encouraged. These skills can be applied across most cloud providers, and the more specific domain-specific languages tend to have less reach.\n\nLearn more from the following resources:", + "description": "Prometheus is an open-source systems monitoring and alerting toolkit designed for reliability and scalability. It features a multi-dimensional data model, a flexible query language (PromQL), and an efficient time series database. Prometheus collects metrics from configured targets at given intervals, evaluates rule expressions, displays results, and can trigger alerts when specified conditions are observed. It operates on a pull model, scraping metrics from HTTP endpoints, and supports service discovery for dynamic environments. Prometheus is particularly well-suited for monitoring microservices and containerized environments, integrating seamlessly with systems like Kubernetes. Its ecosystem includes various exporters for third-party systems and a built-in alert manager. Widely adopted in cloud-native architectures, Prometheus is a core component of modern observability stacks, often used alongside tools like Grafana for visualization.\n\nVisit the following resources to learn more:", "links": [ { - "title": "Terraform Website", - "url": "https://www.terraform.io/", + "title": "Prometheus Website", + "url": "https://prometheus.io/", "type": "article" }, { - "title": "Azure Resource Manager Documentation", - "url": "https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/overview", + "title": "Explore top posts about Prometheus", + "url": "https://app.daily.dev/tags/prometheus?ref=roadmapsh", "type": "article" + }, + { + "title": "Introduction to the Prometheus Monitoring System | Key Concepts and Features", + "url": "https://www.youtube.com/watch?v=STVMGrYIlfg", + "type": "video" } ] }, @@ -1835,6 +1850,11 @@ "title": "AWS CDK", "description": "The AWS Cloud Development Kit (AWS CDK) is an open-source software development framework used to provision cloud infrastructure resources in a safe, repeatable manner through AWS CloudFormation. AWS CDK offers the flexibility to write infrastructure as code in popular languages like JavaScript, TypeScript, Python, Java, C#, and Go.\n\nVisit the following resources to learn more:", "links": [ + { + "title": "AWS CDK Crash Course for Beginners", + "url": "https://www.youtube.com/watch?v=D4Asp5g4fp8", + "type": "course" + }, { "title": "AWS CDK Examples", "url": "https://github.com/aws-samples/aws-cdk-examples", @@ -1850,16 +1870,6 @@ "url": "https://docs.aws.amazon.com/cdk/index.html", "type": "article" }, - { - "title": "What is the AWS CDK?", - "url": "https://docs.aws.amazon.com/cdk/v2/guide/home.html", - "type": "article" - }, - { - "title": "AWS SDK Getting Started Guide", - "url": "https://docs.aws.amazon.com/cdk/v2/guide/getting_started.html", - "type": "article" - }, { "title": "Explore top posts about AWS", "url": "https://app.daily.dev/tags/aws?ref=roadmapsh", @@ -1869,68 +1879,58 @@ }, "TgBb4aL_9UkyU36CN4qvS": { "title": "CloudFormation", - "description": "CloudFormation is the AWS service that helps to define collections of AWS resources. CloudFormation lets you model, provision, and manage AWS and third-party resources by treating infrastructure as code.\n\nVisit the following resources to learn more:", + "description": "AWS CloudFormation is a infrastructure-as-code service that allows users to define and provision AWS infrastructure resources using templates. These templates, written in JSON or YAML, describe the desired AWS resources and their properties. CloudFormation automates the creation, update, and deletion of resources, ensuring consistent and repeatable deployments across multiple environments. It supports a wide range of AWS services and can manage complex interdependencies between resources. CloudFormation also provides features like change sets for previewing changes, nested stacks for modular designs, and drift detection to identify manual changes. This service enables teams to version control their infrastructure, implement best practices, and streamline the management of AWS resources throughout their lifecycle.\n\nVisit the following resources to learn more:", "links": [ { "title": "AWS CloudFormation Website", "url": "https://aws.amazon.com/cloudformation/", "type": "article" }, - { - "title": "Official Documentation", - "url": "https://docs.aws.amazon.com/cloudformation/index.html", - "type": "article" - }, - { - "title": "AWS CloudFormation Getting Started Guide", - "url": "https://aws.amazon.com/cloudformation/getting-started/", - "type": "article" - }, - { - "title": "CloudFormation Sample Templates", - "url": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-sample-templates.html", - "type": "article" - }, { "title": "Explore top posts about AWS CloudFormation", "url": "https://app.daily.dev/tags/aws-cloudformation?ref=roadmapsh", "type": "article" + }, + { + "title": "Create and Delete an AWS CloudFormation Stack", + "url": "https://www.youtube.com/watch?v=fmDG-W5TFp4", + "type": "video" } ] }, "O0xZ3dy2zIDbOetVrgna6": { "title": "Pulumi", - "description": "Pulumi is an open source Infrastructure as Code tool that can be written in TypeScript, JavaScript, Python, Go, .NET, Java, and YAML to model cloud infrastructure.\n\nVisit the following resources to learn more:", + "description": "Pulumi is an open-source infrastructure as code (IaC) platform that allows developers to define and manage cloud resources using familiar programming languages like JavaScript, TypeScript, Python, Go, and .NET languages. It supports multiple cloud providers including AWS, Azure, Google Cloud, and Kubernetes. Pulumi's approach enables developers to use standard programming constructs such as loops, functions, and classes to create reusable and modular infrastructure code. It provides a unified workflow for deploying and managing resources across different cloud environments, offering features like state management, drift detection, and preview of changes before deployment. Pulumi's ecosystem includes a registry of pre-built components and integrations with CI/CD systems, making it a powerful tool for teams adopting DevOps practices and managing complex, multi-cloud infrastructures.\n\nVisit the following resources to learn more:", "links": [ { "title": "Pulumi Website", "url": "https://www.pulumi.com/", "type": "article" }, - { - "title": "Official Documentation", - "url": "https://www.pulumi.com/docs/", - "type": "article" - }, - { - "title": "Pulumi Getting Started Guide", - "url": "https://www.pulumi.com/docs/get-started/", - "type": "article" - }, { "title": "Explore top posts about Pulumi", "url": "https://app.daily.dev/tags/pulumi?ref=roadmapsh", "type": "article" + }, + { + "title": "Pulumi in Three Minutes", + "url": "https://www.youtube.com/watch?v=Q8tw6YTD3ac", + "type": "video" } ] }, "nUBGf1rp9GK_pbagWCP9g": { "title": "Terraform", - "description": "Terraform is an extremely popular open source Infrastructure as Code (IaC) tool that can be used with many different cloud and service provider APIs. Terraform focuses on an immutable approach to infrastructure, with a terraform state file center to tracking the status of your real world infrastructure.\n\nVisit the following resources to learn more:", + "description": "Terraform is an open-source infrastructure as code (IaC) tool developed by HashiCorp, used to define, provision, and manage cloud and on-premises infrastructure using declarative configuration files. It supports multiple cloud providers like AWS, Azure, and Google Cloud, as well as various services and platforms, enabling infrastructure automation across diverse environments. Terraform's state management and modular structure allow for efficient scaling, reusability, and version control of infrastructure. It is widely used for automating infrastructure provisioning, reducing manual errors, and improving infrastructure consistency and repeatability.\n\nVisit the following resources to learn more:", "links": [ { - "title": "Terraform Website", - "url": "https://www.terraform.io/", + "title": "Complete Terraform Course", + "url": "https://www.youtube.com/watch?v=7xngnjfIlK4", + "type": "course" + }, + { + "title": "Terraform Roadmap", + "url": "https://roadmap.sh/terraform", "type": "article" }, { @@ -1943,26 +1943,6 @@ "url": "https://learn.hashicorp.com/terraform", "type": "article" }, - { - "title": "Terraform CDK Website", - "url": "https://www.terraform.io/cdktf", - "type": "article" - }, - { - "title": "What is the CDKTF?", - "url": "https://www.terraform.io/cdktf/concepts/cdktf-architecture", - "type": "article" - }, - { - "title": "CDKTF Getting Started Guide", - "url": "https://learn.hashicorp.com/tutorials/terraform/cdktf-install?in=terraform/cdktf", - "type": "article" - }, - { - "title": "CDKTF Examples", - "url": "https://www.terraform.io/cdktf/examples", - "type": "article" - }, { "title": "How to Scale Your Terraform Infrastructure", "url": "https://thenewstack.io/how-to-scale-your-terraform-infrastructure/", @@ -1972,42 +1952,42 @@ "title": "Explore top posts about Terraform", "url": "https://app.daily.dev/tags/terraform?ref=roadmapsh", "type": "article" - }, - { - "title": "Intro to Terraform Video", - "url": "https://www.youtube.com/watch?v=h970ZBgKINg&ab_channel=HashiCorp", - "type": "video" } ] }, "V9sOxlNOyRp0Mghl7zudv": { "title": "Configuration Management", - "description": "Configuration management is a systems engineering process for establishing consistency of a product’s attributes throughout its life. In the technology world, configuration management is an IT management process that tracks individual configuration items of an IT system. IT systems are composed of IT assets that vary in granularity. An IT asset may represent a piece of software, or a server, or a cluster of servers. The following focuses on configuration management as it directly applies to IT software assets and software asset CI/CD.\n\nSoftware configuration management is a systems engineering process that tracks and monitors changes to a software systems configuration metadata. In software development, configuration management is commonly used alongside version control and CI/CD infrastructure. This post focuses on its modern application and use in agile CI/CD software environments.\n\nVisit the following resources to learn more:", + "description": "Configuration management is a systems engineering process for establishing consistency of a product’s attributes throughout its life. In the technology world, configuration management is an IT management process that tracks individual configuration items of an IT system. IT systems are composed of IT assets that vary in granularity. An IT asset may represent a piece of software, or a server, or a cluster of servers. The following focuses on configuration management as it directly applies to IT software assets and software asset CI/CD. Software configuration management is a systems engineering process that tracks and monitors changes to a software systems configuration metadata. In software development, configuration management is commonly used alongside version control and CI/CD infrastructure. This post focuses on its modern application and use in agile CI/CD software environments.\n\nVisit the following resources to learn more:", "links": [ { "title": "What is Configuration Management?", "url": "https://www.atlassian.com/microservices/microservices-architecture/configuration-management", "type": "article" + }, + { + "title": "What is configuration management? - RedHat", + "url": "https://www.redhat.com/en/topics/automation/what-is-configuration-management", + "type": "article" + }, + { + "title": "Why You Need to Learn Configuration Management", + "url": "https://www.youtube.com/watch?v=9In7ysQJGBs", + "type": "video" } ] }, "h9vVPOmdUSeEGVQQaSTH5": { "title": "Ansible", - "description": "Ansible is an open-source configuration management, application deployment and provisioning tool that uses its own declarative language in YAML. Ansible is agentless, meaning you only need remote connections via SSH or Windows Remote Management via Powershell in order to function\n\nVisit the following resources to learn more:", + "description": "Ansible is an open-source automation tool used for configuration management, application deployment, and task automation. It simplifies the process of managing and orchestrating infrastructure by using a declarative language to define desired states and configurations. Ansible operates using YAML files, called playbooks, which describe the tasks to be executed on remote systems. It employs an agentless architecture, meaning it uses SSH or other remote protocols to execute tasks on target machines without requiring additional software to be installed. Ansible is widely used for automating repetitive tasks, ensuring consistency, and managing large-scale deployments across various environments.\n\nVisit the following resources to learn more:", "links": [ { - "title": "Ansible Website", - "url": "https://www.ansible.com/", - "type": "article" - }, - { - "title": "Official Documentation", - "url": "https://docs.ansible.com/", - "type": "article" + "title": "Ansible Full Course for Beginners", + "url": "https://www.youtube.com/watch?v=9Ua2b06oAr4", + "type": "course" }, { - "title": "Ansible Getting Started Guide", - "url": "https://www.ansible.com/resources/get-started", + "title": "Ansible Website", + "url": "https://www.ansible.com/", "type": "article" }, { @@ -2016,15 +1996,15 @@ "type": "article" }, { - "title": "Ansible Full Course for Beginners", - "url": "https://www.youtube.com/watch?v=9Ua2b06oAr4", + "title": "Ansible in 100 Seconds", + "url": "https://www.youtube.com/watch?v=xRMPKQweySE", "type": "video" } ] }, "kv508kxzUj_CjZRb-TeRv": { "title": "Chef", - "description": "Emerging in 2009, [Chef](https://en.wikipedia.org/wiki/Progress_Chef) (now known as Progress Chef) is one of the earliest configuration management tools to gain popularity. Chef \"Recipes\" are written in Ruby, in a primarily [declarative](https://en.wikipedia.org/wiki/Declarative_programming) style.\n\nChef requires that a client is installed on a server being managed. This client polls a Chef-Server regularly, to determine what its configuration should be. Chef-Solo is also available, a version of Chef that allows provisioning of a single node by running chef locally.\n\nA key tenet of Chef recipe design is the concept of [idempotence](https://en.wikipedia.org/wiki/Idempotence). All Chef recipes should be runnable multiple times and produce the same result - this is especially necessary in cases where the client/server model listed above is in use. This pattern of configuration management is highly influential for future declarative tools like Terraform and Cloud Formation.\n\nVisit the following resources to learn more:", + "description": "Emerging in 2009, Chef (now known as Progress Chef) is one of the earliest configuration management tools to gain popularity. Chef \"Recipes\" are written in Ruby, in a primarily declarative style. Chef requires that a client is installed on a server being managed. This client polls a Chef-Server regularly, to determine what its configuration should be. Chef-Solo is also available, a version of Chef that allows provisioning of a single node by running chef locally. A key tenet of Chef recipe design is the concept of idempotence. All Chef recipes should be runnable multiple times and produce the same result - this is especially necessary in cases where the client/server model listed above is in use. This pattern of configuration management is highly influential for future declarative tools like Terraform and Cloud Formation.\n\nVisit the following resources to learn more:", "links": [ { "title": "Chef Website", @@ -2040,26 +2020,26 @@ "title": "Explore top posts about Chef", "url": "https://app.daily.dev/tags/chef?ref=roadmapsh", "type": "article" + }, + { + "title": "chef/chef", + "url": "https://github.com/chef/chef", + "type": "video" } ] }, "yP1y8U3eblpzbaLiCGliU": { "title": "Puppet", - "description": "Puppet, an automated administrative engine for your Linux, Unix, and Windows systems, performs administrative tasks (such as adding users, installing packages, and updating server configurations) based on a centralized specification.\n\nVisit the following resources to learn more:", + "description": "Puppet is an open-source configuration management tool that automates the provisioning, configuration, and management of servers and applications across infrastructure. It uses a declarative, model-based approach where administrators define the desired state of systems using Puppet's domain-specific language or Ruby. Puppet agents running on managed nodes periodically check with a central Puppet server, applying necessary changes to reach the defined state. This ensures consistency across environments and facilitates scalable infrastructure management. Puppet supports a wide range of operating systems and cloud platforms, offering modules for common services and applications. With features like reporting, role-based access control, and integration with other DevOps tools, Puppet helps organizations implement infrastructure as code, enforce compliance, and streamline IT operations across diverse and complex environments.\n\nVisit the following resources to learn more:", "links": [ { - "title": "Puppet Website", - "url": "https://puppet.com/", - "type": "article" - }, - { - "title": "Official Documentation", - "url": "https://puppet.com/docs", - "type": "article" + "title": "Puppet Full Course | Learn Puppet Training", + "url": "https://www.youtube.com/watch?v=Ns_tRKD20c4", + "type": "course" }, { - "title": "Introduction to Puppet", - "url": "https://puppet.com/docs/puppet/6/puppet_overview.html", + "title": "Puppet Website", + "url": "https://puppet.com/", "type": "article" }, { @@ -2071,7 +2051,7 @@ }, "aQJaouIaxIJChM-40M3HQ": { "title": "CI / CD Tools", - "description": "CI/CD is a method to frequently deliver apps to customers by introducing automation into the stages of app development. The main concepts attributed to CI/CD are continuous integration, continuous delivery, and continuous deployment. CI/CD is a solution to the problems integrating new code can cause for development and operations teams.\n\nSpecifically, CI/CD introduces ongoing automation and continuous monitoring throughout the lifecycle of apps, from integration and testing phases to delivery and deployment. Taken together, these connected practices are often referred to as a \"CI/CD pipeline\" and are supported by development and operations teams working together in an agile way with either a DevOps or site reliability engineering (SRE) approach.\n\nVisit the following resources to learn more:", + "description": "CI/CD is a method to frequently deliver apps to customers by introducing automation into the stages of app development. The main concepts attributed to CI/CD are continuous integration, continuous delivery, and continuous deployment. CI/CD is a solution to the problems integrating new code can cause for development and operations teams. Specifically, CI/CD introduces ongoing automation and continuous monitoring throughout the lifecycle of apps, from integration and testing phases to delivery and deployment. Taken together, these connected practices are often referred to as a \"CI/CD pipeline\" and are supported by development and operations teams working together in an agile way with either a DevOps or site reliability engineering (SRE) approach.\n\nVisit the following resources to learn more:", "links": [ { "title": "CI vs CD", @@ -2083,11 +2063,6 @@ "url": "https://www.redhat.com/en/topics/devops/what-is-ci-cd", "type": "article" }, - { - "title": "CI/CD Pipeline: A Gentle Introduction", - "url": "https://semaphoreci.com/blog/cicd-pipeline", - "type": "article" - }, { "title": "Explore top posts about CI/CD", "url": "https://app.daily.dev/tags/cicd?ref=roadmapsh", @@ -2097,16 +2072,21 @@ "title": "DevOps CI/CD Explained in 100 Seconds", "url": "https://www.youtube.com/watch?v=scEDHsr3APg", "type": "video" + }, + { + "title": "CI/CD In 5 Minutes", + "url": "https://www.youtube.com/watch?v=42UP1fxi2SY", + "type": "video" } ] }, "JnWVCS1HbAyfCJzGt-WOH": { "title": "GitHub Actions", - "description": "Automate, customize, and execute your software development workflows right in your repository with GitHub Actions. You can discover, create, and share actions to perform any job you'd like, including CI/CD, and combine actions in a completely customized workflow.\n\nVisit the following resources to learn more:", + "description": "GitHub Actions is a continuous integration and continuous delivery (CI/CD) platform integrated directly into GitHub repositories. It allows developers to automate software workflows, including building, testing, and deploying applications. Actions are defined in YAML files and triggered by various GitHub events such as pushes, pull requests, or scheduled tasks. The platform provides a marketplace of pre-built actions and supports custom actions. GitHub Actions offers matrix builds, parallel job execution, and supports multiple operating systems and languages. It integrates seamlessly with GitHub's ecosystem, facilitating automated code review, issue tracking, and project management. This tool enables developers to implement DevOps practices efficiently within their GitHub workflow, enhancing productivity and code quality.\n\nVisit the following resources to learn more:", "links": [ { - "title": "Github Actions", - "url": "https://github.com/features/actions", + "title": "Learn Git & GitHub", + "url": "https://roadmap.sh/git-github", "type": "article" }, { @@ -2114,19 +2094,14 @@ "url": "https://docs.github.com/en/actions", "type": "article" }, - { - "title": "Learn GitHub Actions", - "url": "https://docs.github.com/en/actions/learn-github-actions", - "type": "article" - }, { "title": "Explore top posts about GitHub", "url": "https://app.daily.dev/tags/github?ref=roadmapsh", "type": "article" }, { - "title": "GitHub Actions - Supercharge your GitHub Flow", - "url": "https://youtu.be/cP0I9w2coGU", + "title": "What is GitHub Actions?", + "url": "https://www.youtube.com/watch?v=URmeTqglS58", "type": "video" }, { @@ -2138,54 +2113,39 @@ }, "2KjSLLVTvl2G2KValw7S7": { "title": "GitLab CI", - "description": "GitLab offers a CI/CD service that can be used as a SaaS offering or self-managed using your own resources. You can use GitLab CI with any GitLab hosted repository, or any BitBucket Cloud or GitHub repository in the GitLab Premium self-managed, GitLab Premium SaaS and higher tiers.\n\nVisit the following resources to learn more:", + "description": "GitLab CI is an integrated continuous integration and delivery platform within the GitLab ecosystem. It automates the process of building, testing, and deploying code changes through pipelines defined in YAML files. GitLab CI offers features like parallel execution, container registry integration, and auto-DevOps, enabling teams to implement robust CI/CD workflows directly from their GitLab repositories without additional tools or infrastructure.\n\nVisit the following resources to learn more:", "links": [ { "title": "GitLab Website", "url": "https://gitlab.com/", - "type": "opensource" + "type": "article" }, { "title": "GitLab Documentation", "url": "https://docs.gitlab.com/", "type": "article" }, - { - "title": "Get Started with GitLab CI", - "url": "https://docs.gitlab.com/ee/ci/quick_start/", - "type": "article" - }, - { - "title": "Learn GitLab Tutorials", - "url": "https://docs.gitlab.com/ee/tutorials/", - "type": "article" - }, - { - "title": "GitLab CI/CD Examples", - "url": "https://docs.gitlab.com/ee/ci/examples/", - "type": "article" - }, { "title": "Explore top posts about GitLab", "url": "https://app.daily.dev/tags/gitlab?ref=roadmapsh", "type": "article" + }, + { + "title": "GitLab CI/CD Pipeline Tutorial for Beginners (2024)", + "url": "https://www.youtube.com/watch?v=z7nLsJvEyMY", + "type": "video" } ] }, "dUapFp3f0Rum-rf_Vk_b-": { "title": "Jenkins", - "description": "Jenkins is an open-source CI/CD automation server. Jenkins is primarily used for building projects, running tests, static code analysis and deployments.\n\nVisit the following resources to learn more:", + "description": "Jenkins is an open-source automation server widely used for building, testing, and deploying software. It facilitates continuous integration and continuous delivery (CI/CD) by automating various stages of the development pipeline. Jenkins supports numerous plugins, allowing integration with virtually any tool in the software development lifecycle. It features a web interface for configuration and monitoring, supports distributed builds across multiple machines, and offers extensibility through a plugin architecture. Jenkins can be used to create complex workflows, automate repetitive tasks, and orchestrate job sequences. Its flexibility, broad community support, and ability to integrate with a wide range of tools make it a popular choice for implementing DevOps practices in organizations of all sizes.\n\nVisit the following resources to learn more:", "links": [ { "title": "Jenkins Website", "url": "https://www.jenkins.io/", "type": "article" }, - { - "title": "Official Jenkins Handbook", - "url": "https://www.jenkins.io/doc/book/", - "type": "article" - }, { "title": "Jenkins Getting Started Guide", "url": "https://www.jenkins.io/doc/pipeline/tour/getting-started/", @@ -2195,18 +2155,18 @@ "title": "Explore top posts about Jenkins", "url": "https://app.daily.dev/tags/jenkins?ref=roadmapsh", "type": "article" + }, + { + "title": "Learn Jenkins! Complete Jenkins Course - Zero to Hero", + "url": "https://www.youtube.com/watch?v=6YZvp2GwT0A", + "type": "video" } ] }, "-pGF3soruWWxwE4LxE5Vk": { "title": "Travis CI", - "description": "Travis CI is a CI/CD service that is primarily used for building and testing projects that are hosted on BitBucket and GitHub. Open source projects can utilize Travis CI for free.\n\nVisit the following resources to learn more:", + "description": "Travis CI is a cloud-based continuous integration (CI) service that automatically builds and tests code changes in GitHub repositories. It helps streamline the software development process by automatically running tests and building applications whenever code is pushed or a pull request is made. Travis CI supports a variety of programming languages and provides integration with other tools and services, offering features like build matrix configurations, deployment pipelines, and notifications. Its ease of setup and integration with GitHub makes it a popular choice for open-source and private projects looking to implement CI/CD practices.\n\nVisit the following resources to learn more:", "links": [ - { - "title": "Travis CI Website", - "url": "https://www.travis-ci.com/", - "type": "article" - }, { "title": "Travis CI Documentation", "url": "https://docs.travis-ci.com/", @@ -2221,38 +2181,38 @@ "title": "Explore top posts about CI/CD", "url": "https://app.daily.dev/tags/cicd?ref=roadmapsh", "type": "article" + }, + { + "title": "Travis CI Complete Tutorial for DevOps Engineers", + "url": "https://www.youtube.com/watch?v=xLWDOLhTH38", + "type": "video" } ] }, "1-JneOQeGhox-CKrdiquq": { "title": "Circle CI", - "description": "CircleCI is a CI/CD service that can be integrated with GitHub, BitBucket and GitLab repositories. The service that can be used as a SaaS offering or self-managed using your own resources.\n\nVisit the following resources to learn more:", + "description": "CircleCI is a popular continuous integration and continuous delivery (CI/CD) platform that automates the build, test, and deployment processes of software projects. It supports a wide range of programming languages and integrates with various version control systems, primarily GitHub and Bitbucket. CircleCI uses a YAML configuration file to define pipelines, allowing developers to specify complex workflows, parallel job execution, and custom environments. It offers features like caching, artifact storage, and Docker layer caching to speed up builds. With its cloud-based and self-hosted options, CircleCI provides scalable solutions for projects of all sizes, helping teams improve code quality, accelerate release cycles, and streamline their development workflows.\n\nVisit the following resources to learn more:", "links": [ { "title": "CircleCI Website", "url": "https://circleci.com/", "type": "article" }, - { - "title": "CircleCI Documentation", - "url": "https://circleci.com/docs", - "type": "article" - }, - { - "title": "Configuration Tutorial", - "url": "https://circleci.com/docs/config-intro", - "type": "article" - }, { "title": "Explore top posts about CI/CD", "url": "https://app.daily.dev/tags/cicd?ref=roadmapsh", "type": "article" + }, + { + "title": "CircleCI Tutorial for Beginners", + "url": "https://www.youtube.com/watch?v=_XaYv9zvHUk", + "type": "video" } ] }, "TsXFx1wWikVBVoFUUDAMx": { "title": "Drone", - "description": "Drone is a CI/CD service offering by [Harness](https://harness.io/). Each build runs on an isolated Docker container, and Drone integrates with many popular source code management repositories like GitHub, BitBucket and GitLab\n\nVisit the following resources to learn more:", + "description": "Drone is an open-source continuous integration (CI) platform built on container technology. It automates building, testing, and deploying code using a simple, YAML-based pipeline configuration stored alongside the source code. Drone executes each step of the CI/CD process in isolated Docker containers, ensuring consistency and reproducibility. It supports multiple version control systems, offers parallel execution of pipeline steps, and provides plugins for integrating with various tools and services. Drone's lightweight, scalable architecture makes it suitable for projects of all sizes, from small teams to large enterprises. Its focus on simplicity and containerization aligns well with modern DevOps practices and microservices architectures.\n\nVisit the following resources to learn more:", "links": [ { "title": "Drone Website", @@ -2265,21 +2225,16 @@ "type": "article" }, { - "title": "Drone Getting Started Guide", - "url": "https://docs.drone.io/server/overview/", - "type": "article" + "title": "Drone CI Quickstart", + "url": "https://www.youtube.com/watch?v=Qf8EHRzAgHQ", + "type": "video" } ] }, "L000AbzF3oLcn4B1eUIYX": { "title": "TeamCity", - "description": "TeamCity is a CI/CD service provided by JetBrains. TeamCity can be used as a SaaS offering or self-managed using your own resources.\n\nVisit the following resources to learn more:", + "description": "TeamCity is a continuous integration (CI) and continuous delivery (CD) server developed by JetBrains, designed to automate the build, test, and deployment processes in software development. It supports multiple languages and frameworks, offering a flexible and scalable environment for managing pipelines. TeamCity provides powerful features like version control integration, build chaining, parallel execution, and detailed reporting. It also offers a user-friendly web interface, customizable build configurations, and extensive plugin support, making it a popular choice for teams aiming to streamline their CI/CD workflows.\n\nVisit the following resources to learn more:", "links": [ - { - "title": "TeamCity Website", - "url": "https://www.jetbrains.com/teamcity/", - "type": "article" - }, { "title": "Official Documentation", "url": "https://www.jetbrains.com/help/teamcity/teamcity-documentation.html", @@ -2290,21 +2245,21 @@ "url": "https://www.jetbrains.com/teamcity/tutorials/", "type": "article" }, - { - "title": "TeamCity Learning Portal", - "url": "https://www.jetbrains.com/teamcity/learn/", - "type": "article" - }, { "title": "Explore top posts about CI/CD", "url": "https://app.daily.dev/tags/cicd?ref=roadmapsh", "type": "article" + }, + { + "title": "CI/CD with JetBrains TeamCity", + "url": "https://www.youtube.com/watch?v=zqi4fDF-S60", + "type": "video" } ] }, "hcrPpjFxPi_iLiMdLKJrO": { "title": "Secret Management", - "description": "Secret management is an important aspect of DevOps, as it involves securely storing and managing sensitive information, such as passwords, API keys, and other secrets, that are used by applications and infrastructure.\n\nThere are several ways to manage secrets in a cloud environment:\n\n* Secret stores: A secret store is a specialized database or service that is designed to securely store and manage secrets. Examples of secret stores include Hashicorp Vault, AWS Secrets Manager, and Google Cloud Secret Manager.\n* Encryption: Secrets can be encrypted using a variety of encryption algorithms and protocols, such as AES, RSA, and PGP. Encrypted secrets can be stored in a variety of locations, such as a file system, a database, or a cloud storage service.\n* Access controls: Access to secrets should be restricted to only those users or systems that need them, using techniques such as role-based access controls, multi-factor authentication, and least privilege principles.\n\nEffective secret management is essential for maintaining the security and integrity of a DevOps environment. It is important to regularly review and update secret management practices to ensure that secrets are being stored and managed securely.\n\nVisit the following resources to learn more:", + "description": "Secret management refers to the secure handling, storage, and distribution of sensitive information such as passwords, API keys, and certificates within an organization's IT infrastructure. It involves using specialized tools and practices to protect secrets from unauthorized access while ensuring they are available to authorized systems and users when needed. Secret management solutions typically offer features like encryption at rest and in transit, access controls, auditing, rotation policies, and integration with various platforms and services. These systems aim to centralize secret storage, reduce the risk of exposure, automate secret lifecycle management, and provide seamless integration with applications and DevOps workflows. Effective secret management is crucial for maintaining security, compliance, and operational efficiency in modern, complex IT environments.\n\nVisit the following resources to learn more:", "links": [ { "title": "How to Manage Secrets in Web Applications?", @@ -2312,31 +2267,36 @@ "type": "article" }, { - "title": "Secrets management guide — approaches, open source tools, commercial products, challenges and questions", - "url": "https://medium.com/@burshteyn/secrets-management-guide-approaches-open-source-tools-commercial-products-challenges-db560fd0584d", + "title": "Why DevSecOps Teams Need Secrets Management", + "url": "https://www.keepersecurity.com/blog/2023/01/26/why-devsecops-teams-need-secrets-management/", "type": "article" }, { - "title": "Secret Management Architectures: Finding the balance between security and complexity", - "url": "https://medium.com/slalom-technology/secret-management-architectures-finding-the-balance-between-security-and-complexity-9e56f2078e54", - "type": "article" + "title": "DevOps Tricks for Managing Secrets in Production", + "url": "https://www.youtube.com/watch?v=u_L-f7Th_7o", + "type": "video" } ] }, "ZWq23Q9ZNxLNti68oltxA": { "title": "Sealed Secrets", - "description": "Sealed Secrets is a tool for securely storing and managing secrets in a Kubernetes environment. It is developed and maintained by Bitnami and is available as open-source software.\n\nIn a Sealed Secrets workflow, secrets are encrypted using a public key and stored as sealed secrets in a Git repository. The sealed secrets can then be deployed to a Kubernetes cluster, where they are decrypted using a private key and made available to the applications and infrastructure that need them.\n\nSealed Secrets is designed to be highly secure and easy to use, with a range of features for managing secrets, including:\n\n* Encryption: Sealed Secrets uses encryption algorithms and protocols, such as RSA, to securely store secrets.\n* Access controls: Sealed Secrets supports role-based access controls and multi-factor authentication to ensure that only authorized users or systems can access secrets.\n* Secret rotation: Sealed Secrets supports automatic secret rotation, allowing secrets to be regularly rotated to reduce the risk of unauthorized access.\n* Auditing: Sealed Secrets provides auditing capabilities, allowing administrators to track and monitor access to secrets.\n\nSealed Secrets is commonly used in Kubernetes environments to securely store and manage secrets, and it is often used in conjunction with other tools, such as Helm, to automate the deployment and management of cloud-native applications.\n\nVisit the following resources to learn more:", + "description": "Sealed Secrets is a Kubernetes controller and tool that allows users to encrypt their Kubernetes Secrets into encrypted \"SealedSecrets\" that can be safely stored in public repositories or insecure environments. Developed by Bitnami, it addresses the challenge of managing sensitive information in Git-based workflows and cluster management. The controller running in the cluster decrypts SealedSecrets into regular Secrets, ensuring that the original, sensitive data never leaves the cluster. This approach enables secure, declarative management of secrets in Kubernetes environments, aligning with GitOps practices. Sealed Secrets uses asymmetric cryptography, where only the controller in the cluster has the private key to decrypt the secrets. This tool enhances security in Kubernetes deployments by allowing secrets to be version-controlled and managed alongside other Kubernetes resources without exposing sensitive data.\n\nVisit the following resources to learn more:", "links": [ { - "title": "Sealed Secrets - Bitnami", + "title": "bitname/sealed-secrets", "url": "https://github.com/bitnami-labs/sealed-secrets", "type": "opensource" + }, + { + "title": "Sealed Secrets", + "url": "https://fluxcd.io/flux/guides/sealed-secrets/", + "type": "article" } ] }, "yQ4d2uiROZYr950cjYnQE": { "title": "Cloud Specific Tools", - "description": "There are several cloud-specific tools for securely storing and managing secrets, such as:\n\n* AWS Secrets Manager: AWS Secrets Manager is a service provided by Amazon Web Services (AWS) for securely storing and managing secrets. It provides features such as automatic secret rotation and integration with other AWS services.\n* Google Cloud Secret Manager: Google Cloud Secret Manager is a service provided by Google Cloud for securely storing and managing secrets. It provides features such as automatic secret rotation and integration with other Google Cloud services.\n* Azure Key Vault: Azure Key Vault is a service provided by Microsoft Azure for securely storing and managing secrets. It provides features such as automatic secret rotation and integration with other Azure services.\n\nThese cloud-specific tools are designed to be used in conjunction with cloud-based applications and infrastructure and are typically integrated with other cloud services, such as container orchestration platforms and continuous delivery pipelines.\n\nVisit the following resources to learn more:", + "description": "There are several cloud-specific tools for securely storing and managing secrets, such as:\n\n* AWS Secrets Manager: AWS Secrets Manager is a service provided by Amazon Web Services (AWS) for securely storing and managing secrets. It provides features such as automatic secret rotation and integration with other AWS services.\n* Google Cloud Secret Manager: Google Cloud Secret Manager is a service provided by Google Cloud for securely storing and managing secrets. It provides features such as automatic secret rotation and integration with other Google Cloud services.\n* Azure Key Vault: Azure Key Vault is a service provided by Microsoft Azure for securely storing and managing secrets. It provides features such as automatic secret rotation and integration with other Azure services.\n\nVisit the following resources to learn more:", "links": [ { "title": "AWS Secrets Manager - Amazon Web Services", @@ -2357,34 +2317,69 @@ "title": "Explore top posts about Cloud", "url": "https://app.daily.dev/tags/cloud?ref=roadmapsh", "type": "article" + }, + { + "title": "AWS Secrets Manager Service Overview with Demo", + "url": "https://www.youtube.com/watch?v=GwVWWn2ZKj0", + "type": "video" + }, + { + "title": "Google Cloud Secret Manager", + "url": "https://www.youtube.com/watch?v=nsrADMrp4BI", + "type": "video" + }, + { + "title": "What is Azure Key Vault Used For?", + "url": "https://www.youtube.com/watch?v=pnOFP_oijxw", + "type": "video" } ] }, "tZzvs80KzqT8aDvEyjack": { "title": "Vault", - "description": "Vault is a tool for securely storing and managing secrets, such as passwords, API keys, and other sensitive information. It is developed and maintained by Hashicorp and is available as open-source software.\n\nVault is designed to be highly scalable and flexible, with a wide range of features for managing secrets, including:\n\n* Encryption: Vault uses encryption algorithms and protocols, such as AES and RSA, to securely store secrets.\n* Access controls: Vault supports role-based access controls and multi-factor authentication to ensure that only authorized users or systems can access secrets.\n* Secret rotation: Vault supports automatic secret rotation, allowing secrets to be regularly rotated to reduce the risk of unauthorized access.\n* Auditing: Vault provides auditing capabilities, allowing administrators to track and monitor access to secrets.\n\nVault is commonly used in DevOps environments to securely store and manage secrets, and it is often used in conjunction with other tools, such as Kubernetes and Helm, to automate the deployment and management of cloud-native applications.\n\nVisit the following resources to learn more:", + "description": "HashiCorp Vault is a tool designed for securely managing secrets and protecting sensitive data, such as passwords, API keys, and encryption keys. It provides centralized secrets management, access control, and auditing features. Vault supports various authentication methods and dynamic secrets, allowing it to generate secrets on-the-fly and manage their lifecycle. It also offers robust encryption capabilities, both for data at rest and in transit. Vault is widely used in DevOps environments to ensure secure and scalable management of sensitive information, integrating with various infrastructure and application platforms.\n\nVisit the following resources to learn more:", "links": [ + { + "title": "hashicorp/vault", + "url": "https://github.com/hashicorp/vault", + "type": "opensource" + }, { "title": "Vault - Official Website", "url": "https://www.vaultproject.io/", "type": "article" + }, + { + "title": "HashiCorp Vault Explained in 180 seconds", + "url": "https://www.youtube.com/watch?v=nG8fCdWkLzc", + "type": "video" + }, + { + "title": "HashiCorp Vault Tutorial for Beginners", + "url": "https://www.youtube.com/watch?v=ae72pKpXe-s", + "type": "video" } ] }, "GHQWHLxsO40kJ6z_YCinJ": { "title": "SOPs", - "description": "SOPS (Secrets OPerationS) is an open-source tool for securely storing and managing secrets, such as passwords, API keys, and other sensitive information. It is developed and maintained by Mozilla and is available as a command-line tool and as a library for integration into other applications.\n\nSOPS is designed to be easy to use and highly secure, with a range of features for managing secrets, including:\n\n* Encryption: SOPS uses encryption algorithms and protocols, such as AES and RSA, to securely store secrets.\n* Access controls: SOPS supports role-based access controls and multi-factor authentication to ensure that only authorized users or systems can access secrets.\n* Secret rotation: SOPS supports automatic secret rotation, allowing secrets to be regularly rotated to reduce the risk of unauthorized access.\n* Auditing: SOPS provides auditing capabilities, allowing administrators to track and monitor access to secrets.\n\nSOPS is commonly used in DevOps environments to securely store and manage secrets, and it is often used in conjunction with other tools, such as Kubernetes and Helm, to automate the deployment and management of cloud-native applications.\n\nVisit the following resources to learn more:", + "description": "SOPS (Secrets OPerationS) is an open-source tool for managing and encrypting sensitive data such as passwords, API keys, and certificates. It allows developers to store secrets securely in version-controlled files by encrypting specific parts of files, typically using AWS KMS, GCP KMS, Azure Key Vault, or PGP. SOPS integrates seamlessly with infrastructure-as-code workflows, ensuring that secrets remain secure throughout the development lifecycle while allowing decryption only in trusted environments. It strikes a balance between security and usability in secret management.\n\nVisit the following resources to learn more:", "links": [ { - "title": "Mozilla SOPS - Official Website", - "url": "https://github.com/mozilla/sops", + "title": "getsops/sops", + "url": "https://github.com/getsops/sops", "type": "opensource" + }, + { + "title": "SOPs Website", + "url": "https://getsops.io", + "type": "article" } ] }, "qqRLeTpuoW64H9LvY0U_w": { "title": "Infrastructure Monitoring", - "description": "Monitoring refers to the practice of making the performance and status of infrastructure visible. This section contains common tools used for monitoring.\n\nThis is a very vendor-heavy space - use caution when studying materials exclusively from a given product or project, as there are many conflicting opinions and strategies in use. There is no single solution for the most substantially complex internet-facing applications, so understanding the pros and cons of these tools will be useful in helping you plan how to monitor a system for a given goal.\n\nVisit the following resources to learn more:", + "description": "Monitoring refers to the practice of making the performance and status of infrastructure visible. This section contains common tools used for monitoring. This is a very vendor-heavy space - use caution when studying materials exclusively from a given product or project, as there are many conflicting opinions and strategies in use. There is no single solution for the most substantially complex internet-facing applications, so understanding the pros and cons of these tools will be useful in helping you plan how to monitor a system for a given goal.\n\nVisit the following resources to learn more:", "links": [ { "title": "Best Practices to Optimize Infrastructure Monitoring within DevOps Teams", @@ -2400,12 +2395,17 @@ "title": "Explore top posts about Infrastructure", "url": "https://app.daily.dev/tags/infrastructure?ref=roadmapsh", "type": "article" + }, + { + "title": "Infrastructure Monitoring Basics with Telegraf, Grafana and InfluxDB", + "url": "https://www.youtube.com/watch?v=ESub4SAKouI", + "type": "video" } ] }, "W9sKEoDlR8LzocQkqSv82": { "title": "Zabbix", - "description": "Zabbix is an enterprise-class open source monitoring solution for network monitoring and application monitoring of millions of metrics.\n\nVisit the following resources to learn more:", + "description": "Zabbix is an open-source monitoring solution designed for tracking the performance, availability, and health of IT infrastructure. It provides comprehensive monitoring capabilities for servers, networks, applications, and services through a centralized platform. Zabbix supports a wide range of data collection methods, including agent-based monitoring, SNMP, IPMI, and custom scripts. It offers features such as real-time alerting, visualizations with customizable dashboards, and detailed reporting. Its scalability and flexibility make it suitable for environments of varying sizes, from small networks to large enterprise systems.\n\nVisit the following resources to learn more:", "links": [ { "title": "Zabbix Website", @@ -2418,35 +2418,30 @@ "type": "article" }, { - "title": "Zabbix Roadmap", - "url": "https://www.zabbix.com/roadmap", - "type": "article" + "title": "How to Monitor EVERYTHING in your HomeLab for free - Zabbix Overview", + "url": "https://www.youtube.com/watch?v=R_EQzBkz4sE", + "type": "video" } ] }, "NiVvRbCOCDpVvif48poCo": { "title": "Prometheus", - "description": "Prometheus is a free software application used for event monitoring and alerting. It records real-time metrics in a time series database built using a HTTP pull model, with flexible queries and real-time alerting.\n\nVisit the following resources to learn more:", + "description": "Prometheus is an open-source systems monitoring and alerting toolkit designed for reliability and scalability. It features a multi-dimensional data model, a flexible query language (PromQL), and an efficient time series database. Prometheus collects metrics from configured targets at given intervals, evaluates rule expressions, displays results, and can trigger alerts when specified conditions are observed. It operates on a pull model, scraping metrics from HTTP endpoints, and supports service discovery for dynamic environments. Prometheus is particularly well-suited for monitoring microservices and containerized environments, integrating seamlessly with systems like Kubernetes. Its ecosystem includes various exporters for third-party systems and a built-in alert manager. Widely adopted in cloud-native architectures, Prometheus is a core component of modern observability stacks, often used alongside tools like Grafana for visualization.\n\nVisit the following resources to learn more:", "links": [ { "title": "Prometheus Website", "url": "https://prometheus.io/", "type": "article" }, - { - "title": "Official Documentation", - "url": "https://prometheus.io/docs/introduction/overview/", - "type": "article" - }, - { - "title": "Getting Started with Prometheus", - "url": "https://prometheus.io/docs/tutorials/getting_started/", - "type": "article" - }, { "title": "Explore top posts about Prometheus", "url": "https://app.daily.dev/tags/prometheus?ref=roadmapsh", "type": "article" + }, + { + "title": "Introduction to the Prometheus Monitoring System | Key Concepts and Features", + "url": "https://www.youtube.com/watch?v=STVMGrYIlfg", + "type": "video" } ] }, @@ -2473,23 +2468,13 @@ }, "niA_96yR7uQ0sc6S_OStf": { "title": "Grafana", - "description": "Grafana is the open-source platform for monitoring and observability. It allows you to query, visualize, alert on and understand your metrics no matter where they are stored.\n\nVisit the following resources to learn more:", + "description": "Grafana is an open-source analytics and interactive visualization web application. It connects to various data sources, including time-series databases, relational databases, and cloud services, to create customizable dashboards. Grafana excels at visualizing time-series data for infrastructure and application analytics, supporting a wide range of chart types and plugins. It features alerting capabilities, user authentication, and role-based access control. Grafana is commonly used for monitoring system metrics, application performance, and business analytics. Its flexibility and ability to combine data from multiple sources make it popular in DevOps environments for creating comprehensive monitoring solutions. Grafana's user-friendly interface and extensive customization options enable users to create visually appealing and informative dashboards for real-time data visualization and analysis.\n\nVisit the following resources to learn more:", "links": [ { "title": "Grafana Website", "url": "https://grafana.com/", "type": "article" }, - { - "title": "Grafana Official Documentation", - "url": "https://grafana.com/docs/", - "type": "article" - }, - { - "title": "Grafana Community", - "url": "https://community.grafana.com/", - "type": "article" - }, { "title": "Grafana Webinars and Videos", "url": "https://grafana.com/videos/", @@ -2499,6 +2484,11 @@ "title": "Explore top posts about Grafana", "url": "https://app.daily.dev/tags/grafana?ref=roadmapsh", "type": "article" + }, + { + "title": "Server Monitoring // Prometheus and Grafana Tutorial", + "url": "https://www.youtube.com/watch?v=9TJx7QTrTyo", + "type": "video" } ] }, @@ -2525,23 +2515,13 @@ }, "K_qLhK2kKN_uCq7iVjqph": { "title": "Elastic Stack", - "description": "Elastic Stack is a group of open source products comprised of Elasticsearch, Kibana, Beats, and Logstash and more that help store, search, analyze, and visualize data from various source, in different format, in real-time.\n\n* `Elastic Search` - Search and analytics engine\n* `Logstash/fluentd` - Data processing pipeline\n* `Kibana` - Dashboard to visualize data\n\nVisit the following resources to learn more:", + "description": "The Elastic Stack, formerly known as ELK Stack, is a set of open-source tools for searching, analyzing, and visualizing data in real-time. It consists of four main components: Elasticsearch (a distributed search and analytics engine), Logstash (a data processing pipeline), Kibana (a data visualization and management tool), and Beats (lightweight data shippers). Together, these tools enable users to collect data from various sources, process and enrich it, store it in a searchable format, and create interactive visualizations and dashboards. The Elastic Stack is widely used for log analytics, application performance monitoring, security information and event management (SIEM), and business intelligence applications, offering scalability and flexibility for handling large volumes of diverse data.\n\nVisit the following resources to learn more:", "links": [ { "title": "Elastic Stack Website", "url": "https://www.elastic.co/elastic-stack/", "type": "article" }, - { - "title": "Official Docs", - "url": "https://www.elastic.co/guide/index.html", - "type": "article" - }, - { - "title": "Elastic Stack features", - "url": "https://www.elastic.co/elastic-stack/features", - "type": "article" - }, { "title": "Logstash vs Fluentd", "url": "https://logz.io/blog/fluentd-logstash/", @@ -2551,21 +2531,26 @@ "title": "Explore top posts about ELK", "url": "https://app.daily.dev/tags/elk?ref=roadmapsh", "type": "article" + }, + { + "title": "Master the Elastic Stack: Elastic Stack Overview", + "url": "https://www.youtube.com/watch?v=CfCTWVAwFbQ", + "type": "video" } ] }, "s_kss4FJ2KyZRdcKNHK2v": { "title": "Graylog", - "description": "Graylog is a leading centralized log management solution for capturing, storing, and enabling real-time analysis of terabytes of machine data.\n\nVisit the following resources to learn more:", + "description": "Graylog is an open-source log management platform designed to collect, index, and analyze log data from various sources in real-time. It provides a centralized system for log aggregation, search, and analysis, making it easier to troubleshoot issues, monitor system health, and ensure security compliance. Graylog features a scalable architecture, supporting high-volume log processing, and offers a web interface for log exploration and dashboard creation. It includes features like alerting, role-based access control, and data retention policies. Graylog supports multiple input types, including syslog, GELF, and raw TCP/UDP, and can integrate with various external systems. Its flexibility and powerful search capabilities make it popular for IT operations, security monitoring, and compliance management in diverse environments.\n\nVisit the following resources to learn more:", "links": [ { - "title": "Graylog Website", - "url": "https://www.graylog.org/", - "type": "article" + "title": "Graylog2/graylog2-server", + "url": "https://github.com/Graylog2/graylog2-server", + "type": "opensource" }, { - "title": "Official Documentation", - "url": "https://docs.graylog.org/", + "title": "Graylog Website", + "url": "https://www.graylog.org/", "type": "article" }, { @@ -2577,7 +2562,7 @@ }, "dZID_Y_uRTF8JlfDCqeqs": { "title": "Splunk", - "description": "The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.\n\nVisit the following resources to learn more:", + "description": "Splunk is a powerful platform for searching, monitoring, and analyzing machine-generated data in real-time. It collects log data from various sources such as servers, applications, networks, and devices, and transforms it into actionable insights through dashboards, alerts, and visualizations. Widely used in IT operations, security, and business analytics, Splunk helps teams detect issues, troubleshoot problems, and ensure compliance by providing deep visibility into system and application behavior. Its ability to handle large volumes of data makes it a popular choice for observability and log management.\n\nVisit the following resources to learn more:", "links": [ { "title": "Splunk Website", @@ -2598,12 +2583,17 @@ "title": "Explore top posts about Logging", "url": "https://app.daily.dev/tags/logging?ref=roadmapsh", "type": "article" + }, + { + "title": "Splunk Tutorial for Beginners", + "url": "https://www.youtube.com/watch?v=3CiRs6WaWaU", + "type": "video" } ] }, "cjjMZdyLgakyVkImVQTza": { "title": "Papertrail", - "description": "Papertrail is a leading centralized log management solution for capturing, storing, and enabling real-time analysis of terabytes of machine data.\n\nVisit the following resources to learn more:", + "description": "Papertrail is a cloud-hosted log management service that simplifies the collection, analysis, and monitoring of log data from various sources. It offers real-time log aggregation, search, and alerting capabilities, making it easier for developers and system administrators to troubleshoot issues and gain insights into their applications and infrastructure. Papertrail supports a wide range of log types and integrates with numerous platforms and services, allowing users to centralize logs from servers, databases, applications, and network devices. Its user-friendly interface provides powerful search functionality, live tail features, and customizable dashboards. With features like saved searches, configurable alerts, and team collaboration tools, Papertrail enables efficient log analysis and helps organizations maintain system reliability, security, and compliance in diverse IT environments.\n\nVisit the following resources to learn more:", "links": [ { "title": "Papertrail Website", @@ -2619,12 +2609,17 @@ "title": "Official Blog", "url": "https://www.papertrail.com/blog/", "type": "article" + }, + { + "title": "SolarWinds Papertrail Overview", + "url": "https://www.youtube.com/watch?v=gFFtrzoQEfI", + "type": "video" } ] }, "Yq8kVoRf20aL_o4VZU5--": { "title": "Container Orchestration", - "description": "Containers are a construct in which [cgroups](https://en.wikipedia.org/wiki/Cgroups), [namespaces](https://en.wikipedia.org/wiki/Linux_namespaces), and [chroot](https://en.wikipedia.org/wiki/Chroot) are used to fully encapsulate and isolate a process. This encapsulated process, called a container image, shares the kernel of the host with other containers, allowing containers to be significantly smaller and faster than virtual machines.\n\nThese images are designed for portability, allowing for full local testing of a static image, and easy deployment to a container management platform.\n\nVisit the following resources to learn more:", + "description": "Containers are a construct in which cgroups, namespaces, and chroot are used to fully encapsulate and isolate a process. This encapsulated process, called a container image, shares the kernel of the host with other containers, allowing containers to be significantly smaller and faster than virtual machines, These images are designed for portability, allowing for full local testing of a static image, and easy deployment to a container management platform.\n\nVisit the following resources to learn more:", "links": [ { "title": "What are Containers?", @@ -2655,7 +2650,7 @@ }, "XbrWlTyH4z8crSHkki2lp": { "title": "GKE / EKS / AKS", - "description": "GKE - Google Kubernetes Engine\n------------------------------\n\nGKE is a managed Kubernetes service that lets you deploy, manage, and scale containerized applications on Google Cloud.\n\nEKS - Amazon Elastic Kubernetes Service\n---------------------------------------\n\nAmazon Elastic Kubernetes Service (Amazon EKS) is a fully managed Kubernetes service from AWS.\n\nAKS - Azure Kubernetes Service\n------------------------------\n\nAzure Kubernetes Service (AKS) manages your hosted Kubernetes environment, making it quick and easy to deploy and manage containerized applications without container orchestration expertise.\n\nVisit the following resources to learn more:", + "description": "GKE - Google Kubernetes Engine\n------------------------------\n\nGoogle Kubernetes Engine (GKE) is a managed Kubernetes service provided by Google Cloud Platform. It allows organizations to deploy, manage, and scale containerized applications using Kubernetes orchestration. GKE automates cluster management tasks, including upgrades, scaling, and security patches, while providing integration with Google Cloud services. It offers features like auto-scaling, load balancing, and private clusters, enabling developers to focus on application development rather than infrastructure management.\n\nEKS - Amazon Elastic Kubernetes Service\n---------------------------------------\n\nAmazon Elastic Kubernetes Service (EKS) is a managed Kubernetes platform provided by AWS. It simplifies the deployment, management, and scaling of containerized applications using Kubernetes. EKS automatically handles the Kubernetes control plane, ensuring high availability and security patches. It integrates seamlessly with other AWS services, supports both EC2 and Fargate launch types, and offers features like managed node groups and cluster autoscaling, enabling organizations to run Kubernetes workloads efficiently without the operational overhead of managing the Kubernetes infrastructure.\n\nAKS - Azure Kubernetes Service\n------------------------------\n\nAzure Kubernetes Service (AKS) is Microsoft's managed Kubernetes offering in the Azure cloud platform. It simplifies the deployment, management, and scaling of containerized applications using Kubernetes. AKS handles critical tasks such as health monitoring and maintenance of the Kubernetes control plane, while providing seamless integration with Azure services like Azure Active Directory, Azure Monitor, and Azure Container Registry. It offers features such as automatic scaling, Azure DevOps integration, and support for Windows containers, enabling organizations to focus on application development and innovation rather than cluster management.\n\nVisit the following resources to learn more:", "links": [ { "title": "GKE", @@ -2671,22 +2666,47 @@ "title": "AKS", "url": "https://azure.microsoft.com/en-us/products/kubernetes-service/", "type": "article" + }, + { + "title": "AWS EKS Tutorial", + "url": "https://www.youtube.com/watch?v=CukYk43agA4", + "type": "video" + }, + { + "title": "What is Google Kubernetes Engine (GKE)?", + "url": "https://www.youtube.com/watch?v=Rl5M1CzgEH4", + "type": "video" + }, + { + "title": "AWS EKS Tutorial", + "url": "https://www.youtube.com/watch?v=CukYk43agA4", + "type": "video" } ] }, "FE2h-uQy6qli3rKERci1j": { "title": "AWS ECS / Fargate", - "description": "ECS is a container orchestration service that allows you to run Docker containers on a cluster of EC2 instances. ECS is a good choice if you want to run Docker containers on EC2 instances and have full control over the underlying infrastructure.\n\nFargate is a serverless container orchestration service that allows you to run Docker containers without having to manage servers, clusters, or any other infrastructure. Fargate is a good choice if you want to run Docker containers without having to manage servers or clusters.\n\nVisit the following resources to learn more:", + "description": "ECS is a container orchestration service that allows you to run Docker containers on a cluster of EC2 instances. ECS is a good choice if you want to run Docker containers on EC2 instances and have full control over the underlying infrastructure. Fargate is a serverless container orchestration service that allows you to run Docker containers without having to manage servers, clusters, or any other infrastructure. Fargate is a good choice if you want to run Docker containers without having to manage servers or clusters.\n\nVisit the following resources to learn more:", "links": [ { - "title": "AWS - Fargate", - "url": "https://aws.amazon.com/fargate/", + "title": "AWS - Fargate Docs", + "url": "https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS_Fargate.html", "type": "article" }, { - "title": "AWS - Fargate Docs", - "url": "https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS_Fargate.html", + "title": "AWS - ECS Docs", + "url": "https://docs.aws.amazon.com/ecs/", "type": "article" + }, + { + "title": "Amazon ECS: AWS Fargate Overview", + "url": "https://www.youtube.com/watch?v=yi22xrvPnPk", + "type": "video" + }, + { + "title": "AWS ECS Tutorial", + "url": "https://www.youtube.com/watch?v=esISkPlnxL0", + "type": "video" } ] }, @@ -2694,11 +2714,6 @@ "title": "Docker Swarm", "description": "A Docker Swarm is a group of either physical or virtual machines that are running the Docker application and that have been configured to join together in a cluster. Once a group of machines have been clustered together, you can still run the Docker commands that you're used to, but they will now be carried out by the machines in your cluster. The activities of the cluster are controlled by a swarm manager, and machines that have joined the cluster are referred to as nodes.\n\nVisit the following resources to learn more:", "links": [ - { - "title": "Official Website", - "url": "https://www.docker.com/", - "type": "article" - }, { "title": "Docker Swarm Documentation", "url": "https://docs.docker.com/engine/swarm/", @@ -2720,15 +2735,15 @@ "type": "article" }, { - "title": "Docker Swarm Tutorial for Beginners", - "url": "https://www.youtube.com/watch?v=Tm0Q5zr3FL4", + "title": "Docker Swarm | Introduction | Step By Step Examples", + "url": "https://www.youtube.com/watch?v=Xaea-XnJTJU", "type": "video" } ] }, "zuBAjrqQPjj-0DHGjCaqT": { "title": "Artifact Management", - "description": "Artifacts refer to the output of a build process, typically generated by a Continuous Integration (CI) tool. These outputs can be executable files, libraries, documents, or any other type of file that is produced as a result of building, compiling, or packaging code.\n\nArtifacts can include\n---------------------\n\n* Compiled binaries (e.g., .exe, .dll, .jar)\n* Libraries (e.g., .so, .dll)\n* Packages (e.g., .zip, .tar.gz, .rpm)\n* Documents (e.g., .pdf, .docx)\n* Configuration files (e.g., .properties, .yaml)\n* Images (e.g., Docker images)\n\nVisit the following resources to learn more:", + "description": "In software development, artifacts are various outputs produced throughout the development lifecycle, including source code, binaries, documentation, configuration files, build outputs, and test results. These artifacts are essential for managing, deploying, and maintaining applications, as they provide the necessary resources and documentation for development, testing, and production environments. They help track the progress of a project, ensure consistency, and facilitate the efficient delivery and operation of software systems.\n\nVisit the following resources to learn more:", "links": [ { "title": "What are Artifacts - Oracle", @@ -2737,29 +2752,34 @@ }, { "title": "What is an Artifact - Atlassian", - "url": "https://support.atlassian.com/bitbucket-cloud/docs/use-artifacts-in-steps/#:~:text=Artifacts%20are%20files%20that%20are,in%20a%20later%20deployment%20step.", + "url": "https://support.atlassian.com/bitbucket-cloud/docs/use-artifacts-in-steps/", "type": "article" + }, + { + "title": "Learn about GitLab Artifacts and Cache", + "url": "https://www.youtube.com/watch?v=gEfsCU-Sj1g", + "type": "video" } ] }, "C_sFyIsIIpriZlovvcbSE": { "title": "Artifactory", - "description": "Artifactory is a universal DevOps solution for hosting, managing, and distributing binaries and artifacts. Any type of software in binary form – such as application installers, container images, libraries, configuration files, etc. – can be curated, secured, stored, and delivered using Artifactory.\n\nThe name “Artifactory” reflects the fact that it can host any type of “artifact” needed in your software development “factory.” In software development, an artifact is any object produced during the software development and delivery process. Artifacts include the files used to install and run applications, as well as any complementary information necessary to configure or manage software.\n\nArtifactory serves as the central hub for your DevOps processes. All artifacts, dependencies, packages, etc. ultimately get put into and pulled from Artifactory.\n\nVisit the following resources to learn more:", + "description": "Artifactory is a universal DevOps solution for hosting, managing, and distributing binaries and artifacts. Any type of software in binary form – such as application installers, container images, libraries, configuration files, etc. – can be curated, secured, stored, and delivered using Artifactory. The name “Artifactory” reflects the fact that it can host any type of “artifact” needed in your software development “factory.” In software development, an artifact is any object produced during the software development and delivery process. Artifacts include the files used to install and run applications, as well as any complementary information necessary to configure or manage software. Artifactory serves as the central hub for your DevOps processes. All artifacts, dependencies, packages, etc. ultimately get put into and pulled from Artifactory.\n\nVisit the following resources to learn more:", "links": [ { "title": "Artifactory Website", "url": "https://jfrog.com/artifactory/", "type": "article" }, - { - "title": "About - Artifactory", - "url": "https://jfrog.com/blog/what-is-artifactory-jfrog/", - "type": "article" - }, { "title": "Explore top posts about Artifactory", "url": "https://app.daily.dev/tags/artifactory?ref=roadmapsh", "type": "article" + }, + { + "title": "Key Features of JFrog Artifactory in 5 Minutes", + "url": "https://www.youtube.com/watch?v=ZCNOtVj7bow", + "type": "video" } ] }, @@ -2772,16 +2792,6 @@ "url": "https://learn.sonatype.com/courses/nxrm-admin-100/", "type": "article" }, - { - "title": "Nexus Installation and Configuration", - "url": "https://learn.sonatype.com/courses/nxrm-config-100/", - "type": "article" - }, - { - "title": "Nexus Repository Security Essentials", - "url": "https://learn.sonatype.com/courses/nxrm-sec-100/", - "type": "article" - }, { "title": "Nexus Best Practices", "url": "https://help.sonatype.com/repomanager3/nexus-repository-best-practices", @@ -2791,7 +2801,7 @@ }, "vsmE6EpCc2DFGk1YTbkHS": { "title": "Cloud Smith", - "description": "Cloudsmith is a cloud-native package management platform that enables organizations to manage and distribute software packages across their infrastructure. It provides a centralized repository for storing, managing, and deploying packages, making it easier to manage complex software dependencies and ensure consistency across environments.\n\nCloudsmith supports a wide range of package formats, including Docker, Helm, npm, pip, and more. It also integrates with popular development tools like Jenkins, GitLab, and CircleCI, making it easy to automate package management and deployment workflows.\n\nVisit the following resources to learn more:", + "description": "Cloudsmith is a cloud-native package management platform that enables organizations to manage and distribute software packages across their infrastructure. It provides a centralized repository for storing, managing, and deploying packages, making it easier to manage complex software dependencies and ensure consistency across environments. Cloudsmith supports a wide range of package formats, including Docker, Helm, npm, pip, and more. It also integrates with popular development tools like Jenkins, GitLab, and CircleCI, making it easy to automate package management and deployment workflows.\n\nVisit the following resources to learn more:", "links": [ { "title": "Cloud Smith", @@ -2802,12 +2812,17 @@ "title": "Cloud Smith Product Overview", "url": "https://cloudsmith.com/product/", "type": "article" + }, + { + "title": "Intro to Cloud Smith", + "url": "https://www.youtube.com/watch?v=wVtRfpjKqBM", + "type": "video" } ] }, "-INN1qTMLimrZgaSPCcHj": { "title": "GitOps", - "description": "GitOps is a methodology for managing cloud-native applications and infrastructure using Git as the source of truth. It is based on the idea that all changes to the system, whether they are related to code, configuration, or infrastructure, should be made using Git and that Git should be used to automate the deployment and management of those changes.\n\nIn a GitOps workflow, changes to the system are made by committing code or configuration changes to a Git repository. These changes are then automatically deployed to the production environment using a continuous delivery pipeline. The pipeline is triggered by changes to the Git repository and is responsible for building, testing, and deploying the changes to the production environment.\n\nGitOps is designed to be a more efficient and agile way of managing cloud-native environments, as it allows developers to make changes to the system using familiar tools and processes and it provides a clear and auditable history of all changes to the system. It is often used in conjunction with tools such as Kubernetes and Helm to automate the deployment and management of cloud-native applications.\n\nVisit the following resources to learn more:", + "description": "GitOps is a paradigm for managing infrastructure and application deployments using Git as the single source of truth. It extends DevOps practices by using Git repositories to store declarative descriptions of infrastructure and applications. Changes to the desired state are made through pull requests, which trigger automated processes to align the actual state with the desired state. GitOps relies on continuous deployment tools that automatically reconcile the live system with the desired state defined in Git. This approach provides benefits such as version control for infrastructure, improved auditability, easier rollbacks, and enhanced collaboration. GitOps is particularly well-suited for cloud-native applications and Kubernetes environments, offering a streamlined method for managing complex, distributed systems.\n\nVisit the following resources to learn more:", "links": [ { "title": "Guide to GitOps", @@ -2818,12 +2833,17 @@ "title": "Explore top posts about GitOps", "url": "https://app.daily.dev/tags/gitops?ref=roadmapsh", "type": "article" + }, + { + "title": "What is GitOps, How GitOps works and Why it's so useful", + "url": "https://www.youtube.com/watch?v=f5EpcWp0THw", + "type": "video" } ] }, "i-DLwNXdCUUug6lfjkPSy": { "title": "ArgoCD", - "description": "Argo CD is a continuous delivery tool for Kubernetes that is based on the GitOps methodology. It is used to automate the deployment and management of cloud-native applications by continuously synchronizing the desired application state with the actual application state in the production environment.\n\nIn an Argo CD workflow, changes to the application are made by committing code or configuration changes to a Git repository. Argo CD monitors the repository and automatically deploys the changes to the production environment using a continuous delivery pipeline. The pipeline is triggered by changes to the Git repository and is responsible for building, testing, and deploying the changes to the production environment.\n\nArgo CD is designed to be a simple and efficient way to manage cloud-native applications, as it allows developers to make changes to the system using familiar tools and processes and it provides a clear and auditable history of all changes to the system. It is often used in conjunction with tools such as Helm to automate the deployment and management of cloud-native applications.\n\nVisit the following resources to learn more:", + "description": "Argo CD is a continuous delivery tool for Kubernetes that is based on the GitOps methodology. It is used to automate the deployment and management of cloud-native applications by continuously synchronizing the desired application state with the actual application state in the production environment. In an Argo CD workflow, changes to the application are made by committing code or configuration changes to a Git repository. Argo CD monitors the repository and automatically deploys the changes to the production environment using a continuous delivery pipeline. The pipeline is triggered by changes to the Git repository and is responsible for building, testing, and deploying the changes to the production environment.Argo CD is designed to be a simple and efficient way to manage cloud-native applications, as it allows developers to make changes to the system using familiar tools and processes and it provides a clear and auditable history of all changes to the system. It is often used in conjunction with tools such as Helm to automate the deployment and management of cloud-native applications.\n\nVisit the following resources to learn more:", "links": [ { "title": "Argo CD - Argo Project", @@ -2839,12 +2859,17 @@ "title": "ArgoCD Tutorial for Beginners", "url": "https://www.youtube.com/watch?v=MeU5_k9ssrs", "type": "video" + }, + { + "title": "What is ArgoCD", + "url": "https://www.youtube.com/watch?v=p-kAqxuJNik", + "type": "video" } ] }, "6gVV_JUgKgwJb4C8tHZn7": { "title": "FluxCD", - "description": "Flux CD is a continuous delivery tool for Kubernetes that is based on the GitOps methodology. It is used to automate the deployment and management of cloud-native applications by continuously synchronizing the desired application state with the actual application state in the production environment.\n\nIn a Flux CD workflow, changes to the application are made by committing code or configuration changes to a Git repository. Flux CD monitors the repository and automatically deploys the changes to the production environment using a continuous delivery pipeline. The pipeline is triggered by changes to the Git repository and is responsible for building, testing, and deploying the changes to the production environment.\n\nFlux CD is designed to be a simple and efficient way to manage cloud-native applications, as it allows developers to make changes to the system using familiar tools and processes and it provides a clear and auditable history of all changes to the system. It is often used in conjunction with tools such as Helm to automate the deployment and management of cloud-native applications.\n\nVisit the following resources to learn more:", + "description": "FluxCD is a GitOps-based continuous delivery tool for Kubernetes. It automates the deployment of applications by using Git repositories as the source of truth for defining the desired state of a system. FluxCD continuously monitors these repositories and automatically applies changes to the cluster when differences are detected. It supports multi-tenancy, Helm releases, and provides features like automated image updates and notifications. FluxCD enables declarative, version-controlled infrastructure and application management, promoting consistency across environments and simplifying the deployment process. Its integration with Kubernetes makes it particularly useful for cloud-native applications, allowing teams to implement efficient, automated, and auditable deployment workflows.\n\nVisit the following resources to learn more:", "links": [ { "title": "Flux CD Docs", @@ -2855,12 +2880,17 @@ "title": "Explore top posts about Flux", "url": "https://app.daily.dev/tags/flux?ref=roadmapsh", "type": "article" + }, + { + "title": "Introduction to Flux CD on Kubernetes", + "url": "https://www.youtube.com/watch?v=X5W_706-jSY", + "type": "video" } ] }, "EeWsihH9ehbFKebYoB5i9": { "title": "Service Mesh", - "description": "A service mesh, like the open source project Istio, is a way to control how different parts of an application share data with one another. Unlike other systems for managing this communication, a service mesh is a dedicated infrastructure layer built right into an app. This visible infrastructure layer can document how well (or not) different parts of an app interact, so it becomes easier to optimize communication and avoid downtime as an app grows.\n\nVisit the following resources to learn more:", + "description": "A service mesh is a dedicated infrastructure layer that manages communication between microservices in a distributed application. It provides features like load balancing, service discovery, encryption, observability, and traffic management, allowing services to communicate securely and efficiently. By abstracting network-related concerns from the application code, a service mesh enhances reliability and security while simplifying the management of microservice interactions. Popular service mesh implementations include Istio, Linkerd, and Consul.\n\nVisit the following resources to learn more:", "links": [ { "title": "Whats a service mesh?", @@ -2876,6 +2906,11 @@ "title": "Explore top posts about Service Mesh", "url": "https://app.daily.dev/tags/service-mesh?ref=roadmapsh", "type": "article" + }, + { + "title": "Istio & Service Mesh - simply explained in 15 mins", + "url": "https://www.youtube.com/watch?v=16fgzklcF7Y", + "type": "video" } ] }, @@ -2892,6 +2927,11 @@ "title": "Explore top posts about Istio", "url": "https://app.daily.dev/tags/istio?ref=roadmapsh", "type": "article" + }, + { + "title": "Istio Service Mesh Explained", + "url": "https://www.youtube.com/watch?v=6zDrLvpfCK4", + "type": "video" } ] }, @@ -2899,6 +2939,11 @@ "title": "Consul", "description": "Consul is a service mesh solution providing a full featured control plane with service discovery, configuration, and segmentation functionality. Each of these features can be used individually as needed, or they can be used together to build a full service mesh. Consul requires a data plane and supports both a proxy and native integration model. Consul ships with a simple built-in proxy so that everything works out of the box, but also supports 3rd party proxy integrations such as Envoy.\n\nVisit the following resources to learn more:", "links": [ + { + "title": "Consul Guides", + "url": "https://github.com/hashicorp/consul-guides", + "type": "opensource" + }, { "title": "What is Consul?", "url": "https://www.consul.io/docs/intro", @@ -2908,6 +2953,11 @@ "title": "Explore top posts about HashiCorp", "url": "https://app.daily.dev/tags/hashicorp?ref=roadmapsh", "type": "article" + }, + { + "title": "Consul Service Mesh Tutorial for Beginners", + "url": "https://www.youtube.com/watch?v=s3I1kKKfjtQ", + "type": "video" } ] }, @@ -2920,11 +2970,6 @@ "url": "https://linkerd.io/", "type": "article" }, - { - "title": "Linkerd Documentation", - "url": "https://linkerd.io/2.11/overview/", - "type": "article" - }, { "title": "What is Linkerd?", "url": "https://www.techtarget.com/searchitoperations/definition/Linkerd", @@ -2934,6 +2979,11 @@ "title": "Explore top posts about Infrastructure", "url": "https://app.daily.dev/tags/infrastructure?ref=roadmapsh", "type": "article" + }, + { + "title": "What is the Linkerd service mesh?", + "url": "https://www.youtube.com/watch?v=up3fKwXdEgc", + "type": "video" } ] }, @@ -2947,8 +2997,8 @@ "type": "article" }, { - "title": "Envoy Documentation", - "url": "https://www.envoyproxy.io/docs/envoy/latest/start/start", + "title": "envoyproxy/envoy", + "url": "https://github.com/envoyproxy/envoy", "type": "article" }, { @@ -2965,39 +3015,49 @@ }, "Qc0MGR5bMG9eeM5Zb9PMk": { "title": "Cloud Design Patterns", - "description": "Cloud Design Patterns are a set of reusable, proven solutions to common problems that arise when designing and building applications for the cloud. These patterns provide guidance on how to design and implement cloud-based systems that are scalable, resilient, and efficient.\n\nVisit the following resources to learn more:", + "description": "Cloud design patterns are reusable solutions to common problems encountered in cloud computing architectures. These patterns address challenges related to scalability, reliability, security, and performance in distributed systems. They provide best practices for designing and implementing cloud-native applications, covering aspects such as data management, messaging, resiliency, and deployment. Examples include the Circuit Breaker pattern for handling faults, the CQRS pattern for separating read and write operations, and the Sidecar pattern for deploying components of an application into a separate process or container. By leveraging these patterns, developers can create more robust, efficient, and maintainable cloud applications that better utilize the benefits of cloud platforms.\n\nVisit the following resources to learn more:", "links": [ + { + "title": "30 Cloud Design Patterns in depth", + "url": "https://www.youtube.com/watch?v=cxYHugyNTP0", + "type": "course" + }, { "title": "", "url": "https://learn.microsoft.com/en-us/azure/architecture/patterns/", "type": "article" }, { - "title": "What is CI/CD?", - "url": "https://www.redhat.com/en/topics/devops/what-is-ci-cd", + "title": "Cloud design patterns, architectures, and implementations", + "url": "https://docs.aws.amazon.com/prescriptive-guidance/latest/cloud-design-patterns/introduction.html", "type": "article" } ] }, "JCe3fcOf-sokTJURyX1oI": { "title": "Availability", - "description": "Availability is the percentage of time that a system is functional and working as intended, generally referred to as uptime. Availability can be affected by hardware or software errors, infrastructure problems, malicious attacks, and system load. Many cloud providers typically offer their users a service level agreement (SLA) that specifies the exact percentages of promised uptime/downtime. Availability is related to reliability in this sense. For example, a company might promise 99.99% uptime for their services.\n\nTo achieve high levels of uptime, it is important to eliminate single points of failure so that a single device failure does not disrupt the entire service. High availability in the cloud is often achieved by creating clusters. Clusters are groups of devices (such as servers) that all have access to the same shared storage and function as one single server to provide uninterrupted availability. This way, if one server goes down, the others are able to pick up the load until it comes back online. Clusters can range from two servers to even multiple buildings of servers.\n\nVisit the following resources to learn more:", + "description": "Availability is the percentage of time that a system is functional and working as intended, generally referred to as uptime. Availability can be affected by hardware or software errors, infrastructure problems, malicious attacks, and system load. Many cloud providers typically offer their users a service level agreement (SLA) that specifies the exact percentages of promised uptime/downtime. Availability is related to reliability in this sense. For example, a company might promise 99.99% uptime for their services.\n\nVisit the following resources to learn more:", "links": [ { - "title": "How High Availability Works in the Cloud", - "url": "https://codster.io/en/blog/high-availability-in-the-cloud/", + "title": "Defining Availability, Maintainability and Reliability in SRE", + "url": "https://devops.com/defining-availability-maintainability-and-reliability-in-sre/", "type": "article" }, { "title": "Techniques for Achieving High Availability", "url": "https://www.sqlservercentral.com/articles/cloud-computing-basics-achieving-high-availability-2", "type": "article" + }, + { + "title": "SLIs, SLOs, SLAs, oh my! (class SRE implements DevOps)", + "url": "https://www.youtube.com/watch?v=tEylFyxbDLE", + "type": "video" } ] }, "5FN7iva4DW_lv-r1tijd8": { "title": "Data Management", - "description": "Data management is the key element of cloud applications, and influences most of the quality attributes. Data is typically hosted in different locations and across multiple servers for reasons such as performance, scalability or availability, and this can present a range of challenges. For example, data consistency must be maintained, and data will typically need to be synchronized across different locations.\n\nAdditionally data should be protected at rest, in transit, and via authorized access mechanisms to maintain security assurances of confidentiality, integrity, and availability. Refer to the Azure Security Benchmark Data Protection Control for more information.\n\nVisit the following resources to learn more:", + "description": "Data management is the key element of cloud applications, and influences most of the quality attributes. Data is typically hosted in different locations and across multiple servers for reasons such as performance, scalability or availability, and this can present a range of challenges. For example, data consistency must be maintained, and data will typically need to be synchronized across different locations.Additionally data should be protected at rest, in transit, and via authorized access mechanisms to maintain security assurances of confidentiality, integrity, and availability. Refer to the Azure Security Benchmark Data Protection Control for more information.\n\nVisit the following resources to learn more:", "links": [ { "title": "Data management patterns", @@ -3008,6 +3068,11 @@ "title": "Explore top posts about Data Management", "url": "https://app.daily.dev/tags/data-management?ref=roadmapsh", "type": "article" + }, + { + "title": "What is Master Data Management", + "url": "https://www.youtube.com/watch?v=l83bkKJh1wM", + "type": "video" } ] }, @@ -3040,7 +3105,7 @@ }, "w2eCgBC-ydMHSxh7LMti8": { "title": "Loki", - "description": "Loki is a horizontally scalable, highly available, multi-tenant log aggregation system inspired by Prometheus. It is designed to be very cost-effective and easy to operate. It does not index the contents of the logs, but rather a set of labels for each log stream.\n\nVisit the following resources to learn more:", + "description": "Loki is a horizontally-scalable, highly-available, multi-tenant log aggregation system designed by Grafana Labs. It's purpose-built to be cost-effective and easy to operate, making it particularly well-suited for storing and querying logs from Kubernetes clusters. Loki indexes metadata about logs rather than the full text, which allows it to be more resource-efficient than traditional log management systems. It uses the same querying language as Prometheus (LogQL), making it easier for users familiar with Prometheus to adopt. Loki integrates seamlessly with Grafana for visualization and is often used alongside Prometheus and Grafana in cloud-native observability stacks. Its design focuses on simplicity, making it an attractive option for organizations looking for efficient log management in containerized environments.\n\nVisit the following resources to learn more:", "links": [ { "title": "Loki Website", @@ -3056,21 +3121,26 @@ "title": "Explore top posts about Grafana", "url": "https://app.daily.dev/tags/grafana?ref=roadmapsh", "type": "article" + }, + { + "title": "Meet Grafana LOKI, a Log Aggregation System for EVERYTHING", + "url": "https://www.youtube.com/watch?v=h_GGd7HfKQ8", + "type": "video" } ] }, "hIBeTUiAI3zwUY6NgAO-A": { "title": "Kubernetes", - "description": "Kubernetes is an [open source](https://github.com/kubernetes/kubernetes) container management platform, and the dominant product in this space. Using Kubernetes, teams can deploy images across multiple underlying hosts, defining their desired availability, deployment logic, and scaling logic in YAML. Kubernetes evolved from Borg, an internal Google platform used to provision and allocate compute resources (similar to the Autopilot and Aquaman systems of Microsoft Azure).\n\nThe popularity of Kubernetes has made it an increasingly important skill for the DevOps Engineer and has triggered the creation of Platform teams across the industry. These Platform engineering teams often exist with the sole purpose of making Kubernetes approachable and usable for their product development colleagues.\n\nVisit the following resources to learn more:", + "description": "Kubernetes is an open source container management platform, and the dominant product in this space. Using Kubernetes, teams can deploy images across multiple underlying hosts, defining their desired availability, deployment logic, and scaling logic in YAML. Kubernetes evolved from Borg, an internal Google platform used to provision and allocate compute resources (similar to the Autopilot and Aquaman systems of Microsoft Azure). The popularity of Kubernetes has made it an increasingly important skill for the DevOps Engineer and has triggered the creation of Platform teams across the industry. These Platform engineering teams often exist with the sole purpose of making Kubernetes approachable and usable for their product development colleagues.\n\nVisit the following resources to learn more:", "links": [ { - "title": "Kubernetes Website", - "url": "https://kubernetes.io/", - "type": "article" + "title": "kubernetes/kubernetes", + "url": "https://github.com/kubernetes/kubernetes", + "type": "opensource" }, { - "title": "Kubernetes Documentation", - "url": "https://kubernetes.io/docs/home/", + "title": "Kubernetes Website", + "url": "https://kubernetes.io/", "type": "article" }, { @@ -3089,15 +3159,15 @@ "type": "article" }, { - "title": "Kubernetes Crash Course for Absolute Beginners", - "url": "https://www.youtube.com/watch?v=s_o8dwzRlu4", + "title": " Complete Kubernetes Course - From BEGINNER to PRO ", + "url": "https://www.youtube.com/watch?v=2T86xAtR6Fo", "type": "video" } ] }, "JXsctlXUUS1ie8nNEgIk9": { "title": "GCP Functions", - "description": "Cloud Functions are the serverless \"Function-as-a-Service\" offer of Google Cloud Platform.", + "description": "Google Cloud Functions is a serverless execution environment for building and connecting cloud services. It allows developers to write single-purpose, standalone functions that respond to cloud events without the need to manage a server or runtime environment. These functions can be triggered by various events from Google Cloud services, HTTP requests, or Firebase features. Cloud Functions automatically scale based on the workload, and users are charged only for the compute time used. They support multiple programming languages including Node.js, Python, and Go. Cloud Functions are commonly used for real-time data processing, webhooks, lightweight APIs, and integrating systems in a microservices architecture. This service enables rapid development and deployment of code in the Google Cloud ecosystem.", "links": [ { "title": "GCP Cloud Functions Overview", @@ -3113,12 +3183,17 @@ "title": "Explore top posts about Google Cloud Platform", "url": "https://app.daily.dev/tags/gcp?ref=roadmapsh", "type": "article" + }, + { + "title": "Cloud Functions in a minute", + "url": "https://www.youtube.com/watch?v=BL4ZlPEamDo", + "type": "video" } ] }, "wNguM6-YEznduz3MgBCYo": { "title": "Application Monitoring", - "description": "Application monitoring refers to the practice of making the status and performance of a given _application_ visible. This may include details such as stacktraces, error logs, and the line of code implicated in a given failure. When combined with Infrastructure monitoring, this can provide a complete picture of what is happening in your system, and why.\n\nVisit the following resources to learn more:", + "description": "Application monitoring involves the continuous observation and analysis of software applications to ensure they perform optimally, identify issues, and provide insights into their operation. This process includes tracking metrics such as response times, error rates, resource utilization (CPU, memory, and disk), and transaction performance. Application monitoring tools collect and analyze data to detect anomalies, provide alerts for potential problems, and offer detailed insights into application behavior and performance. By monitoring applications, organizations can proactively address issues, optimize performance, and improve user experience, ultimately ensuring reliability and efficiency in their software systems.\n\nVisit the following resources to learn more:", "links": [ { "title": "Applying Basic vs. Advanced Monitoring Techniques", @@ -3134,13 +3209,23 @@ "title": "Explore top posts about Monitoring", "url": "https://app.daily.dev/tags/monitoring?ref=roadmapsh", "type": "article" + }, + { + "title": "Application Monitoring - 4 Golden Signals", + "url": "https://www.youtube.com/watch?v=PHcnmTdVPT0", + "type": "video" } ] }, "8rd7T5ahK2I_zh5co-IF-": { "title": "Jaeger", - "description": "Jaeger is an open source, end-to-end distributed tracing system that enables us to monitor and troubleshoot transactions in complex distributed systems.\n\nVisit the following resources to learn more:", + "description": "Jaeger is an open-source, end-to-end distributed tracing system developed by Uber Technologies. It's designed to monitor and troubleshoot microservices-based distributed systems. Jaeger helps to track requests as they flow through complex distributed systems, identifying performance bottlenecks and understanding system behavior. It supports OpenTracing standards, allowing for vendor-neutral instrumentation of applications. Jaeger features include distributed context propagation, dependency analysis, and root cause analysis. It offers a web UI for visualizing traces and a flexible architecture supporting various storage backends. Jaeger is particularly useful in cloud-native environments, helping developers and operators understand latency issues, optimize performance, and debug problems in microservices architectures.\n\nVisit the following resources to learn more:", "links": [ + { + "title": "jaegertracing/jaeger", + "url": "https://github.com/jaegertracing/jaeger", + "type": "opensource" + }, { "title": "Jaeger Website", "url": "https://www.jaegertracing.io/", @@ -3155,7 +3240,7 @@ }, "pk76Us6z8LoX3f0mhnCyR": { "title": "New Relic", - "description": "New Relic is where dev, ops, security and business teams solve software–performance problems with data.\n\nVisit the following resources to learn more:", + "description": "New Relic is a cloud-based observability platform that provides full-stack visibility into software applications and infrastructure. It offers real-time performance monitoring, analytics, and alerting across various environments, including web, mobile, and cloud applications. New Relic's suite includes tools for application performance monitoring (APM), infrastructure monitoring, log management, and digital customer experience tracking. It uses distributed tracing and AI-powered analytics to help developers and operations teams identify and resolve issues quickly. New Relic's platform supports a wide range of programming languages and integrates with many popular development and deployment tools, making it a comprehensive solution for modern software observability and performance optimization in DevOps environments. Visit the following resources to learn more:", "links": [ { "title": "New Relic Website", @@ -3163,13 +3248,29 @@ "type": "article" }, { - "title": "Official Documentation", - "url": "https://docs.newrelic.com/", + "title": "Explore top posts about DevOps", + "url": "https://app.daily.dev/tags/devops?ref=roadmapsh", "type": "article" }, { - "title": "New Relic Developer Hub", - "url": "https://developer.newrelic.com/", + "title": "New Relic Platform Demo", + "url": "https://www.youtube.com/watch?v=8kx7nRGVJRg", + "type": "video" + } + ] + }, + "BHny2Emf96suhAlltiEro": { + "title": "Datadog", + "description": "Datadog is a monitoring and analytics platform for large-scale applications. It encompasses infrastructure monitoring, application performance monitoring, log management, and user-experience monitoring. Datadog aggregates data across your entire stack with 400+ integrations for troubleshooting, alerting, and graphing.\n\nVisit the following resources to learn more:", + "links": [ + { + "title": "Datadog Website", + "url": "https://www.datadoghq.com/", + "type": "article" + }, + { + "title": "Official Documentation", + "url": "https://docs.datadoghq.com/", "type": "article" }, { @@ -3179,11 +3280,6 @@ } ] }, - "datadog@BHny2Emf96suhAlltiEro.md": { - "title": "Datadog", - "description": "", - "links": [] - }, "eOyu4wmKOrcMlhD8pUGGh": { "title": "Prometheus", "description": "Prometheus is a free software application used for event monitoring and alerting. It records real-time metrics in a time series database built using a HTTP pull model, with flexible queries and real-time alerting.\n\nVisit the following resources to learn more:", @@ -3212,7 +3308,7 @@ }, "K81bmtgnB1gfhYdi3TB5a": { "title": "OpenTelemetry", - "description": "OpenTelemetry is a collection of tools, APIs, and SDKs. Use it to instrument, generate, collect, and export telemetry data (metrics, logs, and traces) to help you analyze your software’s performance and behavior.\n\nVisit the following resources to learn more:", + "description": "OpenTelemetry is an open-source observability framework for cloud-native software, providing a standardized way to collect and export telemetry data such as metrics, logs, and traces. It aims to make observability a built-in feature of cloud-native applications by offering a vendor-neutral, unified set of APIs, libraries, agents, and instrumentation. OpenTelemetry simplifies the implementation of observability across different languages and platforms, enabling developers to instrument their code once and send data to multiple backends. It supports automatic instrumentation for many popular frameworks and libraries, reducing the effort required to add observability to applications. By providing a consistent approach to data collection and export, OpenTelemetry facilitates better interoperability between observability tools and platforms in modern, distributed software environments.\n\nVisit the following resources to learn more:", "links": [ { "title": "OpenTelemetry Website", @@ -3223,6 +3319,16 @@ "title": "Official Documentation", "url": "https://opentelemetry.io/docs/", "type": "article" + }, + { + "title": "What is OpenTelemetry?", + "url": "https://www.youtube.com/watch?v=mUA-uzk94ro", + "type": "video" + }, + { + "title": "OpenTelemetry Course - Understand Software Performance", + "url": "https://www.youtube.com/watch?v=r8UvWSX3KA8", + "type": "video" } ] } diff --git a/public/roadmap-content/frontend.json b/public/roadmap-content/frontend.json index 59ffe8694..00286be0f 100644 --- a/public/roadmap-content/frontend.json +++ b/public/roadmap-content/frontend.json @@ -137,6 +137,11 @@ "title": "What is hosting?", "description": "Web hosting is an online service that allows you to publish your website files onto the internet. So, anyone who has access to the internet has access to your website.\n\nVisit the following resources to learn more:", "links": [ + { + "title": "Web Hosting Explained for Beginners", + "url": "https://www.hostinger.com/tutorials/what-is-web-hosting/", + "type": "article" + }, { "title": "What Is Web Hosting? Explained", "url": "https://www.youtube.com/watch?v=htbY9-yggB0", diff --git a/public/roadmap-content/postgresql-dba.json b/public/roadmap-content/postgresql-dba.json index 4b7427c36..9c4d23915 100644 --- a/public/roadmap-content/postgresql-dba.json +++ b/public/roadmap-content/postgresql-dba.json @@ -866,7 +866,7 @@ "type": "article" }, { - "title": "Query Planning@", + "title": "Query Planning", "url": "https://www.postgresql.org/docs/current/runtime-config-query.html", "type": "article" } diff --git a/public/roadmap-content/sql.json b/public/roadmap-content/sql.json index 29545d9a6..18d90a4f2 100644 --- a/public/roadmap-content/sql.json +++ b/public/roadmap-content/sql.json @@ -1258,7 +1258,7 @@ "links": [ { "title": "SQL Server Indexes", - "url": "https://www.sqlservercentral.com/articles/sql-server-indexes", + "url": "https://www.sqlservercentral.com/articles/introduction-to-indexes", "type": "article" }, {