11-13-2025, 02:44 PM
Systems & Security — Architecture, Networks, Cyber Defence & Digital Integrity
Modern computing relies on stable systems, fast and reliable networks, and strong security.
This thread introduces the essential foundations of system design, cybersecurity, and digital protection in a clear and beginner-friendly way.
-----------------------------------------------------------------------
1. What Is Computer Security?
Computer security (cybersecurity) focuses on protecting:
• data
• systems
• networks
• users
…from threats such as:
• malware
• hacking
• data breaches
• social engineering
• system failures
Security aims to ensure the “CIA Triad”:
Confidentiality — only authorised users access data
Integrity — data cannot be altered without permission
Availability — systems remain online and functional
-----------------------------------------------------------------------
2. Operating Systems & System Architecture
Understanding systems begins with the OS (Operating System).
Common OS types:
• Windows
• macOS
• Linux
• Mobile OS (iOS / Android)
• Real-Time OS (embedded systems)
Key OS responsibilities:
• managing hardware
• allocating memory
• file system operations
• user permissions
• running processes
• networking
• security controls
System architecture shapes how everything interacts:
• CPU
• RAM
• storage
• buses
• input/output devices
• kernel
• user space
-----------------------------------------------------------------------
3. Networking Fundamentals
Networks allow devices to communicate.
Core concepts:
• IP addresses
• routers and switches
• packets
• ports
• protocols (TCP, UDP, HTTP, FTP, SMTP)
• firewalls
• DNS (domain name → IP address)
• LAN / WAN
Client–server model: most internet services use this structure.
-----------------------------------------------------------------------
4. Cyber Threats & Attack Types
Common attack categories:
Malware: viruses, worms, trojans, ransomware
Phishing: tricking users into revealing information
DDoS attacks: overwhelming a system with traffic
MITM (Man-in-the-Middle): intercepting communication
SQL injection: manipulating databases through insecure input
Brute-force attacks: guessing passwords automatically
Zero-day exploits: unknown or unpatched software flaws
Understanding attack methods helps prevent them.
-----------------------------------------------------------------------
5. Encryption — Protecting Data
Encryption converts readable data into unreadable form.
Symmetric encryption: same key for encrypt & decrypt
(e.g. AES)
Asymmetric encryption: public + private key
(e.g. RSA)
Used in:
• HTTPS websites
• secure messaging
• passwords
• VPNs
• digital signatures
Hashing: one-way transformation of data (e.g., passwords stored as hashes).
-----------------------------------------------------------------------
6. Authentication & Access Control
Security is fundamentally about **who can access what**.
Methods:
• passwords
• 2FA (two-factor authentication)
• biometrics
• security tokens
• SSH keys
Access control models:
RBAC — Role-Based Access (roles determine permissions)
MAC — Mandatory Access Control (strict policies)
DAC — Discretionary Access Control (owners choose)
-----------------------------------------------------------------------
7. Firewalls & Network Defence
Firewalls filter incoming/outgoing traffic.
They block:
• dangerous connections
• suspicious ports
• unauthorised access
Types:
• hardware firewalls
• software firewalls
• cloud-based firewalls
• next-gen firewalls (deep packet inspection)
Other defences:
• IDS (Intrusion Detection System)
• IPS (Intrusion Prevention System)
• VPNs
• network segmentation
-----------------------------------------------------------------------
8. Secure Software Development
Developing secure software involves:
1. Input validation — prevent injection attacks
2. Least privilege — limit access rights
3. Patch management — update software frequently
4. Code reviews — catch logic errors
5. Logging & monitoring — detect unusual behaviour
Security is a process, not a single tool.
-----------------------------------------------------------------------
9. Cybersecurity Best Practices
• Use strong, unique passwords
• Enable 2FA everywhere
• Avoid suspicious emails/links
• Keep systems updated
• Use antivirus software
• Backup important data
• Regularly scan networks
• Never run untrusted code
• Encrypt sensitive files
-----------------------------------------------------------------------
10. Practice Questions
1. Name the three parts of the CIA Triad.
2. What is the purpose of encryption?
3. Explain the difference between symmetric and asymmetric encryption.
4. What is a firewall used for?
5. Describe one common cyber attack and how to prevent it.
-----------------------------------------------------------------------
Summary
This thread covered:
• systems & OS fundamentals
• architecture
• networking
• encryption
• authentication
• firewalls
• cyber threats
• best practices
Systems & Security is the foundation of safe computing — essential for anyone building software, managing servers, or protecting digital environments.
Modern computing relies on stable systems, fast and reliable networks, and strong security.
This thread introduces the essential foundations of system design, cybersecurity, and digital protection in a clear and beginner-friendly way.
-----------------------------------------------------------------------
1. What Is Computer Security?
Computer security (cybersecurity) focuses on protecting:
• data
• systems
• networks
• users
…from threats such as:
• malware
• hacking
• data breaches
• social engineering
• system failures
Security aims to ensure the “CIA Triad”:
Confidentiality — only authorised users access data
Integrity — data cannot be altered without permission
Availability — systems remain online and functional
-----------------------------------------------------------------------
2. Operating Systems & System Architecture
Understanding systems begins with the OS (Operating System).
Common OS types:
• Windows
• macOS
• Linux
• Mobile OS (iOS / Android)
• Real-Time OS (embedded systems)
Key OS responsibilities:
• managing hardware
• allocating memory
• file system operations
• user permissions
• running processes
• networking
• security controls
System architecture shapes how everything interacts:
• CPU
• RAM
• storage
• buses
• input/output devices
• kernel
• user space
-----------------------------------------------------------------------
3. Networking Fundamentals
Networks allow devices to communicate.
Core concepts:
• IP addresses
• routers and switches
• packets
• ports
• protocols (TCP, UDP, HTTP, FTP, SMTP)
• firewalls
• DNS (domain name → IP address)
• LAN / WAN
Client–server model: most internet services use this structure.
-----------------------------------------------------------------------
4. Cyber Threats & Attack Types
Common attack categories:
Malware: viruses, worms, trojans, ransomware
Phishing: tricking users into revealing information
DDoS attacks: overwhelming a system with traffic
MITM (Man-in-the-Middle): intercepting communication
SQL injection: manipulating databases through insecure input
Brute-force attacks: guessing passwords automatically
Zero-day exploits: unknown or unpatched software flaws
Understanding attack methods helps prevent them.
-----------------------------------------------------------------------
5. Encryption — Protecting Data
Encryption converts readable data into unreadable form.
Symmetric encryption: same key for encrypt & decrypt
(e.g. AES)
Asymmetric encryption: public + private key
(e.g. RSA)
Used in:
• HTTPS websites
• secure messaging
• passwords
• VPNs
• digital signatures
Hashing: one-way transformation of data (e.g., passwords stored as hashes).
-----------------------------------------------------------------------
6. Authentication & Access Control
Security is fundamentally about **who can access what**.
Methods:
• passwords
• 2FA (two-factor authentication)
• biometrics
• security tokens
• SSH keys
Access control models:
RBAC — Role-Based Access (roles determine permissions)
MAC — Mandatory Access Control (strict policies)
DAC — Discretionary Access Control (owners choose)
-----------------------------------------------------------------------
7. Firewalls & Network Defence
Firewalls filter incoming/outgoing traffic.
They block:
• dangerous connections
• suspicious ports
• unauthorised access
Types:
• hardware firewalls
• software firewalls
• cloud-based firewalls
• next-gen firewalls (deep packet inspection)
Other defences:
• IDS (Intrusion Detection System)
• IPS (Intrusion Prevention System)
• VPNs
• network segmentation
-----------------------------------------------------------------------
8. Secure Software Development
Developing secure software involves:
1. Input validation — prevent injection attacks
2. Least privilege — limit access rights
3. Patch management — update software frequently
4. Code reviews — catch logic errors
5. Logging & monitoring — detect unusual behaviour
Security is a process, not a single tool.
-----------------------------------------------------------------------
9. Cybersecurity Best Practices
• Use strong, unique passwords
• Enable 2FA everywhere
• Avoid suspicious emails/links
• Keep systems updated
• Use antivirus software
• Backup important data
• Regularly scan networks
• Never run untrusted code
• Encrypt sensitive files
-----------------------------------------------------------------------
10. Practice Questions
1. Name the three parts of the CIA Triad.
2. What is the purpose of encryption?
3. Explain the difference between symmetric and asymmetric encryption.
4. What is a firewall used for?
5. Describe one common cyber attack and how to prevent it.
-----------------------------------------------------------------------
Summary
This thread covered:
• systems & OS fundamentals
• architecture
• networking
• encryption
• authentication
• firewalls
• cyber threats
• best practices
Systems & Security is the foundation of safe computing — essential for anyone building software, managing servers, or protecting digital environments.