Offered by (ISC)², CISSP is one of the most globally recognized certifications in the field of cybersecurity, focusing on security management practices and principles.

cissp_course_outline

Provided by the EC-Council, CEH certification validates individuals' skills in identifying vulnerabilities and weaknesses in systems and networks, allowing them to use the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner.

ceh_course_outline

This certification covers essential principles for network security and risk management. It is often considered a foundational certification for cybersecurity professionals.

Threats, Attacks, and Vulnerabilities:

Also offered by (ISC)², CISM focuses on information risk management and governance. It's geared towards individuals involved in managing, designing, overseeing, and assessing an enterprise's information security program.

Another (ISC)² certification, CISA is designed for professionals who audit, control, monitor, and assess an organization's information technology and business systems.

Offered by the Global Information Assurance Certification (GIAC), GSEC is an entry-level certification that covers a wide range of security topics, including hands-on experience.

Jointly offered by (ISC)² and Cloud Security Alliance (CSA), CCSP is designed for IT and information security leaders who are involved in architecting, designing, and securing cloud environments.

Offered by Offensive Security, OSCP is a hands-on certification focused on penetration testing and offensive security techniques. It's highly regarded for its practical approach.

This certification is focused on security operations and provides knowledge and skills required to detect and respond to cybersecurity incidents.

Offered by the International Association of Privacy Professionals (IAPP), CIPP is for professionals who work in privacy and data protection. While not strictly a cybersecurity certification, it's highly relevant given the increasing focus on privacy in cybersecurity.

—-

Introduction to the following topics :

Cyber security terminology

25 Cyber Security Terms That Everyone Who Uses A Computer Should Know

Understanding Basic Security Frameworks

Top 10 IT security frameworks and standards explained

Cybersecurity Frameworks 101 – The Complete Guide

What is a Security Framework?

Cyber Security Framework

Security Frameworks

Cybersecurity Framework

Top 10 IT security frameworks and standards explained

Fundamental frameworks, models, and approaches to cyber security including the CIA model.

C.I.A Model | Elements of Security | Confidentiality | Integrity | Availability - Urdu

Purpose of Cyber Security

What is Cyber Security?

Cyber Security

Adversary Types

Most Common Types & Sources of Cyber Threats

Threat Hunting: Six Cyber Adversaries to Pursue

Vulnerability Types

Threat Types

Confidentiality Threat

Integrity Threat

Availability Threat

Fraud Threat

Testing for Vulnerabilities

Attacks

Brute Force vs. Heuristic Attacks

Cryptanalysis

Computer networks

Security policies

Incident response

Passwords

Cryptographic principles

Khawar Nehal’s 4 Layers of cybersecurity.

Physical security penetration testing

Khawar Nehal’s 6 Levels of security for LAN networks.

The Common Seven Layers Of Cybersecurity

Firewalls

Secure Configuration

User Access Control

Cybersecurity Administration

Malware Protection

System Safeguards

Network Defense

Patch Management

The need for cybersecurity

Attacks, concepts and techniques

Protecting your data and privacy

Protecting the organization

PCI-DSS, ISO-27001, NIST, SOC, SOX and HIPAA

Penetration Testing

Examining Cyber Threats More Closely

SQL/ Slammer Worm of 2003

Nachi Worm of 2003

Botnet Design

Botnet Arithmetic

Assets and Infrastructure

Calculating Risk

Making Security and Cost Decisions Based on Risk

Threat Trees and Completeness of Analysis

Threat Trees

Introducing Security Risk Analysis

Basic engineering and analysis methods for managing cyber security risk to valued assets.

Mapping Assets to Threats

Estimating Risk for Threat-Asset Pairs

Mapping Assets, Threats, Vulnerabilities, and Attacks

Course Objectives & Outcome Statements

  • Communicate with confidence regarding information security topics, terms, and concepts

  • Understand and apply the Principles of Least Privilege

  • Understand and apply the Confidentiality, Integrity, and Availability for prioritization of critical security resources

  • Build better passwords that are more secure while also being easier to remember and type

  • Grasp basic cryptographic principles, processes, procedures, and applications

  • Understand how a computer works

  • Understand computer network basics

  • Have a fundamental grasp of any number of technical acronyms: TCP/IP, IP, TCP, UDP, MAC, ARP, NAT, ICMP, and DNS, and more.

  • Utilize built-in Linux tools to see your network settings

  • Recognize and be able to discuss various security technologies, including anti-malware, firewalls, intrusion detection systems, sniffers, ethical hacking, active defense, and threat hunting.

  • Understand wireless technologies including WiFi, Bluetooth, mobile phones and the Internet of Things (IoT)

  • Explain a variety of frequent attacks such as social engineering, drive-by downloads, watering hole attacks, lateral movement, and other attacks

  • Understand different types of malware

  • Understand browser security and the privacy issues associated with web browsing

  • Explain system hardening

  • Discuss system patching

  • Understand virtual machines and cloud computing

  • Understand backups and create a backup plan for your personal life that virtually guarantees you never have to pay ransom to access your data

---

Physical Security

I'll Let Myself In: Tactics of Physical Pen Testers

For implementing a reliable and secure system.

Layer 1 : Physical Security

Layer 2 : Software Reliability

Layer 3 : Configuration Perfection and testing.

Layer 4 : User training for social engineering.

Security as a subset of reliability.

Methods to increase reliability

Separate machines for secure and public data. Can be virtual machines.

Security Level 1

Separate LAN for public networks. WIFI is included here. WIFI can be open or password protected.

Internet connections are at this level. Outside facing web servers are also located at this level.

Auto reset virtual machines which are used for Internet connections, Browsing and Emails. Some machines used for Internet related work shall refresh themselves every time they start. All important data shall is to be stored on the file servers. This shall reduce chances of attacks by malware.

Security Level 2

Company VPN on public networks. Company WAN is included here.

Infra, Intra and Extranets are included here. All data moving from level 2 computers to level 1 computers shall be from Level 2 to Level 1.

The Level 1 computer shall allow access to the level 2 computer to upload data.

Any computer at a higher level shall never allow access to any of its services to a computer at a lower level of security.

Security Level 3

Separate LAN for private network company wide.

A computer on security level 3 can only communicate with other computers on the sale level.

Security Level 4

Internal LAN not available to everyone.

A computer on security level 4 can only communicate with other computers on the sale level.

Security Level 5

Confidential computers not connected to any LAN.

A computer on security level 5 can not communicate with any other computer.

Security Level 6

Vaults. Data stored offline. Not in any computer.

The LANs on different levels are not software configurable. They are not software defined networks. They are not VLANs. They are totally and physically separate switches. Important files and data stored on file servers.

Khawar Nehal’s 4 Layers of cybersecurity. For implementing a reliable and secure system. Layer 1 : Physical Security Layer 2 : Software Reliability Layer 3 : Configuration Perfection and testing. Layer 4 : User training for social engineering.

Security as a subset of reliability. Methods to increase reliability Separate machines for secure and public data. Can be virtual machines.

Firewalls All devices run network services, which create some form of communication with other devices and services. By restricting access to these services, you reduce your exposure to attacks. This can be achieved using firewalls and equivalent network devices. A boundary firewall is a network device which can restrict the inbound and outbound network traffic to services on its network of computers and mobile devices. It can help protect against cyber-attacks by implementing restrictions, known as ‘firewall rules’, which can allow or block traffic according to its source, destination and type of communication protocol. Alternatively, a host-based firewall may be configured on a device. This works in the same way as a boundary firewall but only protects the single device on which it is configured. This approach can provide for more tailored rules and means that the rules apply to the device wherever it is used. However, this increases the administrative overhead of managing firewall rules. Here are few things your I.T Administrator can routinely do, to maintain your security of your business network:

  • change any default administrative password to an alternative that is difficult to guess 
  • prevent access to the administrative interface (used to manage firewall configuration) from the Internet, unless there is a clear and documented business need 
  • block unauthenticated inbound connections by default 
  • ensure inbound firewall rules are approved and documented by an authorised individual 
  • remove or disable permissive firewall rules quickly, when they are no longer needed 

Secure Configuration Computers and network devices are not always secure in their default configurations. Standard, out-of-the-box configurations often include one or more weak points such as:

  • an administrative account with a predetermined, publicly known default password 
  • pre-enabled but unnecessary user accounts (sometimes with special access privileges) 
  • pre-installed but unnecessary applications or services 

Default installations of computers and network devices can provide cyber attackers with a variety of opportunities to gain unauthorised access to an organisation’s sensitive information — often with ease. By applying some simple technical controls when installing computers and network devices you can minimise inherent vulnerabilities and increase protection against common types of cyber attack. Here are few things your I.T Administrator can routinely do, to maintain your security of your business network:

  • Remove and disable unnecessary user accounts (such as guest accounts and administrative accounts that won't be used) 
  • Change any default or guessable account passwords to something non-obvious 
  • Remove or disable unnecessary software 
  • Disable any auto-run feature which allows file execution without user authorisation 
  • Password Based authentication: 
      ◦ protect against brute-force password guessing and the flowing methods can be used: 
          ▪ lock accounts after no more than 10 unsuccessful attempts 
          ▪ limit the number of guesses allowed in a specified time period to no more than 10 guesses within 5 minutes 
      ◦ set a minimum password length of at least 8 characters 
      ◦ change passwords promptly when the Applicant knows or suspects they have been compromised 
      ◦ Use a Password Policy 
          ▪ avoid choosing obvious passwords (such as those based on easy discoverable information like the name of a favourite pet) 
          ▪ not to choose common passwords — this could be implemented by technical means, using a password blacklist 
          ▪ not to use the same password anywhere else, at work or at home 
          ▪ record passwords to store and retrieve them securely — for example, in a sealed envelope in a secure cupboard 
          ▪ which passwords they really must memorise and not record anywhere 

User Access Control

Every active user account in your business facilitates access to devices and applications, and to sensitive business information. By ensuring that only authorised individuals have user accounts, and that they are granted only as much access as they need to perform their role, you reduce the risk of information being stolen or damaged. Compared to normal user accounts, accounts with special access privileges have enhanced access to devices, applications and information. When such accounts are compromised, their greater freedoms can be exploited to facilitate large-scale corruption of information, disruption to business processes and unauthorised access to other devices in the organisation. Administrative accounts are especially highly privileged and can typically allow:

  • execution of software that has the ability to make significant and security relevant changes to the operating system 
  • changes to the operating system for some or all users 
  • creation of new accounts and allocation of their privileges 

All types of Administrator will have such accounts, including Domain Administrators and Local Administrators. Now consider that if a user opens a malicious URL or email attachment, any associated malware is typically executed with the privilege level of the account that user is currently operating. Clearly, you must take special care over the allocation and use of privileged accounts Here are few things your I.T Administrator can routinely do, to maintain your security of your business network:

  • Have a user account creation and approval process 
  • remove or disable user accounts when no longer required (when a user leaves the organisation 
  • use administrative accounts to perform administrative activities only (no emailing, web browsing or other standard user activities that may expose administrative privileges to avoidable risks) 
  • remove or disable special access privileges when no longer required (when a member of staff changes role 

Malware Protection

The execution of software downloaded from the Internet can expose a device to malware infection. Malware, such as computer viruses, worms and spyware, is software that has been written and distributed deliberately to perform malicious actions. Potential sources of malware infection include malicious email attachments, downloads (including those from application stores), and direct installation of unauthorised software. If a system is infected with malware, your organisation is likely to suffer from problems like malfunctioning systems, data loss, or onward infection that goes unseen until it causes harm elsewhere You can avoid the potential harm from malware by:

  • Use Anti-Malware Software which can detect and disable before it causes harm 
      ◦ The software (and all associated malware signature files) should be kept up to date, with signature files updated at least daily. This may be achieved through automated updates, or with a centrally managed deployment. 
      ◦ The software must be configured to scan files automatically upon access. 
      ◦ The software should prevent connections to malicious websites on the Internet (by means of blacklisting) — unless there is a clear, documented business need 

Patch Management Any device that runs software can contain security flaws, known as vulnerabilities. Vulnerabilities are regularly discovered in all sorts of software. Once discovered, malicious individuals or groups move quickly to exploit vulnerabilities to attack computers and networks in organisations with these weaknesses. Product vendors provide fixes for vulnerabilities identified in products that they still support, in the form of software updates known as 'patches'. Patches may be made available to customers immediately or on a regular release schedule. Product vendors do not generally release patches for products they no longer support — not even to fix vulnerabilities

The Common Seven Layers Of Cybersecurity

1. Mission-Critical Assets

This is data that is absolutely critical to protect. Whether businesses would like to admit it or not, they face malicious forces daily. The question is how are leaders dealing with this type of protection? And what measures have they put in place to guard against breaches? An example of mission-critical assets in the Healthcare industry is Electronic Medical Record (EMR) software. In the financial sector, its customer’s financial records.

2. Data Security

Data security is when there are security controls put in place to protect both the transfer and the storage of data. There has to be a backup security measure in place to prevent the loss of data, This will also require the use of encryption and archiving. Data security is an important focus for all businesses as a breach of data can have dire consequences.

3. Endpoint Security

This layer of security makes sure that the endpoints of user devices are not exploited by breaches. This includes the protection of mobile devices, desktops, and laptops. Endpoint security systems enable protection either on a network or in the cloud depending on the needs of a business.

4. Application Security

This involves the security features that control access to an application and that application’s access to your assets. It also includes the internal security of the app itself. Most of the time, applications are designed with security measures that continue to provide protection when the app is in use.

5. Network Security

This is where security controls are put in place to protect the business’s network. The goal is to prevent unauthorized access to the network.   It is crucial to regularly update all systems on the business network with the necessary security patches, including encryption. It’s always best to disable unused interfaces to further guard against any threats.

6. Perimeter Security

This security layer ensures that both the physical and digital security methods protect a business as a whole. It includes things like firewalls that protect the business network against external forces.    7. The Human Layer

Despite being known as the weakest link in the security chain, the human layer is a very necessary layer. It incorporates management controls and phishing simulations as an example.   These human management controls aim to protect that which is most critical to a business in terms of security. This includes the very real threat that humans, cyber attackers, and malicious users pose to a business.

How To Build A Layered Cybersecurity Approach

Building a layered cybersecurity approach is a gradual and daily process. To start, you need to take stock of your inventory to ascertain the number of devices used, systems as well as firewalls. Then, you can add security where necessary in the different layers.  Yes, the world of work has changed and so has the opportunity for attackers to get their hands on sensitive data. 

To protect your business, do regular tests to ensure that your security controls are effective and, most of all, that they work properly.    If you need new security solutions, it’s best to conduct a security analysis to find out what you actually need. Find out whether there are quick wins through which you can achieve compliance with industry regulations.  

Building a layered cybersecurity approach will require a strategy to be effective. The reality is that businesses need to be prepared for an attack, meaning you constantly need to test your security measures and adjust where necessary. 

In A Nutshell

As a business, you need to have backups and a solid incident response plan that relies on technology, people, and processes to make sure that a layered approach works as best as it possibly can.   The company culture needs to be one that takes security seriously. You need to ensure that you and your staff are knowledgeable about the reality of cyberattacks and the importance of protecting data. The best way to approach cybersecurity is to be proactive instead of reactive when threats or breaches take place.

Cryptanalysis is the process of studying cryptographic systems to look for weaknesses or leaks of information.

Cryptanalyzing Caesar Cipher

“Why Cryptosystems Fail,” Ross Anderson https://www.cl.cam.ac.uk/~rja14/Papers/wcf.pdf

Required: “There Be Dragons,” Steve Bellovin https://www.usenix.org/legacy/publications/library/proceedings/sec92/full_papers/bellovin.pdf

Required: “Hackers Remotely Kill a Jeep on the Highway with Me in It,” Andy Greenberg, Wired Magazine Required: “A Hacker’s Evolution: Austin’s HD Moore Grew Up with Cybersecurity Industry,” 512 Tech Suggested: Introduction to Cyber Security (Ch. 5 - 6) Suggested: TCP/IP Illustrated Volume 1 (2nd Edition), (Ch. 5 - 6) Video: “Top Hacker Shows Us How It’s Done,” Pablos Holman, TEDx Midwest Video: “All Your Devices Can be Hacked,” Avi Rubin, TED Talk

Required: “A Man-in-the-Middle Attack on UMTS,” Meyer and Wetzel Required: “Are Computer Hacker Break-Ins Ethical?” Eugene Spafford Video: “What’s Wrong With Your Password,” Lorrie Faith Cranor, TED Talk Video: “Fighting Viruses, Defending the Net,” Mikko Hypponen, TED Talk

Final Quiz - What level of security risk do you estimate for the following threat-asset matrix entries for the ACME Software Company

AAA and Access Controls The candidate will demonstrate an understanding of access controls and effective authentication, authorization and accountability. Every good security practitioner and every good security program begins with the same mantra: learn the fundamentals. This course starts by instilling familiarity with core security terms and principles. By the time you leave the classroom after the first day, you fully understand the Principle of Least Privilege and why it drives all security decisions. You know the Confidentiality, Integrity, and Availability (CIA) method of prioritizing your security program. You understand the fundamentals of risk management, security policy, and authentication/authorization/accountability (AAA).

Application Security The candidate will demonstrate an understanding of securing applications from malware and other common threats. If you are going to secure a computer or a network, you must have at least a basic knowledge of how they work. Every attack uses something that exists for perfectly valid reasons and misuses it in invalid malicious ways. To work in cyber security, you have to understand the valid functions to understand the potential for invalid misuse. The day begins with a discussion of how computers work. We cover the numbering system of decimal, binary, and hexadecimal - vital to understanding computers and networks. We also cover ASCII (the American Standard Code for Information Interchange). We also discuss what an operating system is. We talk about the terms kilobyte, megabyte, gigabyte, and terabyte and what those terms mean. We cover the difference between the hard drive and Random Access Memory (RAM). In short, how a computer works.

While the above description sounds exceptionally technical, rest assured that we present the material in the most non-technical way possible. We cover each topic at a very high-level without getting into the nitty-gritty details.

Lab - Networking: Use a variety of built-in operating system commands to see your IP address, network mask, default gateway, ARP cache, DNS Cache, and see Network Address Translation in action. You will also perform simple network packet analysis with the Wireshark tool.

Computer Math The candidate will demonstrate an understanding of foundational numbering systems. Lab - Computer Number Conversions: Apply the knowledge you learned to convert decimal numbers to binary, binary numbers to hexadecimal, binary and hexadecimal numbers to decimal values, and so on.

Cryptographic Algorithms and Attacks The candidate will demonstrate an understanding of cryptographic algrorithms. Fundamentals of Cryptography The candidate will demonstrate an understanding of cryptography and its application. History of Cryptography The candidate will demonstrate an understanding of cryptography throughout history.. Network Addressing and Protocols The candidate will demonstrate an understanding of network addressing and protcols. From there, we move to a discussion of how information moves from point A to point B across a network without using any technical terminology of any kind. This discussion includes both Internet and Local Area Network (LAN) examples. As we move on through the day, we slowly add the technical aspects of those explanations, including the terms and acronyms of networking. We discuss the origins of the Internet and why that origin matters to modern-day cyber security. We explain what a protocol is, and what both the OSI and TCP/IP stacks are and why they matter. You learn about standard network hardware such as a network interface card, a switch, and a router. We progress to topics such as IP addresses, network masks, default gateways, and routing. We explain, compare, and contrast the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) and why you might want to use one over the other. Eventually, we get to network protocols such as the Dynamic Host Control Protocol (DHCP), Domain Name System (DNS), and Network Address Translation (NAT).

Network Attacks The candidate will demonstrate a foundational understanding of network attacks. Network Communication Fundamentals The candidate will demonstrate an understanding of network concepts and terminology. Network Security Technology The candidate will demonstrate an understanding of countermeasures and technologies employed to minimize the associated risks from attacks. Risk Management Principles and Security Policy The candidate will demonstrate an understanding of fundamental information security and risk management concepts as well as the components of effective policy creation and awareness programs. Systems Security The candidate will demonstrate an understanding of securing systems from common threats. Wireless Security Technology The candidate will demonstrate an understanding of wireless technologies as well as the defenses employed to minimize the associated risks from wireless attacks.

Topics

Exercises

  • 
                  1. Overview

Cryptography is one of the most complex issues faced by security practitioners. It is not a topic you can explain in passing; we spend a full day on it. You do not need a calculator for this day since we do not delve into the math behind crypto. We introduce you to cryptographic terms. We explain what steganography is. We then look at historical examples of cryptography. We do this because even the most advanced cryptographic systems today utilize methods of encrypting data that were used hundreds of years B.C. So we explain the historical examples that are very easy to understand to make it easier to understand modern cryptographic methods and principles. We cover the “work factor” - the length of time necessary to break cryptography and why understanding this concept is so important. We cover some of the potential attacks against crypto and which ones are viable against modern cryptography and which attacks are nonviable. We cover hashing, symmetric & asymmetric cryptography and how each works. We then show real-world examples of how those cryptographic systems work. We cover the secure key exchange mechanism called Diffie-Hellman. We even briefly cover digital certificates and Public Key Infrastructure (PKI). Once we have thoroughly explained how cryptography works, we end the day with a discussion of data encrypting protocols. Things that use cryptography to secure data on our networks and across the Internet. Here we cover email encryption, secure remote administration, secure file transfer, and three examples of Virtual Private Networks (VPNs). Again, we do not spend our time on the mathematics behind cryptography, but instead, we are highly process focused. We explain the steps required to make crypto work, the order those steps must occur in, and which key you must use for each step. Exercises

  • Lab - Crypto by Hand: Apply the knowledge and skills you've learned to encrypt information using mono and poly alphabetic ciphers and gain a better understanding of triple encryption (as used by Triple DES).
  • Lab - Visual Crypto: Observe the encryption process that occurs by turning plaintext (what you can read) into ciphertext (what you cannot read) in real-time. Increase your understanding of what "randomness in ciphertext" truly means. See ciphertext turned back into plaintext. Find out what happens if you edit cyphertext and try to decrypt it. Learn what happens if you attempt to decrypt data with the wrong key. The lab provides visual proof of many definitive statements made by the instructor throughout the lecture. 
                  1. Overview

Our fourth day in the classroom begins our exploration of cyber security technologies. We begin with wireless network security (WiFi and Bluetooth), and mobile device security (i.e., mobile phones & tablets). We compare and contrast the security models of Apple's iPhone and Google's Android phones. We also discuss the almost total lack of security in the Internet of Things (IoT). We follow that with a look at some frequent attacks, including open-source intelligence gathering, social engineering, drive-by download attacks, watering hole attacks, buffer overflow attacks, Denial of Service (DoS), and other frequent attacks. We then move into a discussion of malware. What is a virus versus a worm or a trojan horse? What is ransomware, and what is cryptojacking. We then cover both anti-malware and host firewalls that try to counter these problems. Exercises

  • Lab - Configure a Wireless Access Point (A.K.A. Wireless Router). Students go through the steps of configuring a wireless access point from its default insecure state to a locked-down, far more secure state. Industry best practices dictate the final settings. Students can take these lab instructions home or to work and apply them with some necessary modifications given their device manufacturer.
  • Lab - Run the anti-malware scanner "Malwarebytes" on a virtual machine running within the lab environment. Discover active malware and remove it from the system. Also, discover Potentially Unwanted Programs (PUPs) that are, in reality, authorized software. Whitelist the PUPs, so they stop showing up in the scan results.
                  ◦ Overview
    The final day of our This course journey continues the discussion of Cyber Security Technologies. The day begins by looking at several security technologies, including compartmentalization, firewalls, Intrusion Detection Systems and Intrusion Prevention Systems (IDS/IPS), sniffers, content filters, sinkholes, ethical hacking, active defense, threat hunting and many more. We then take a solid look at Browser and Web security, and the difficulties of securing the web environment. For example, students understand why and how their browser connects to anywhere from 5 to 100+ different Internet locations each time they load a single web page. We end the day with a look at system security to include hardening operating systems, patching, virtual machines, cloud computing, and backup. We include solid real-world examples of how to implement these.
                    Exercises
      ◦ Lab - Firewall Configuration with Firewall Builder. Students utilize an open-source tool called "Firewall Builder" to create a simple yet fully functional firewall configuration. The lab not only explains how to build each of the rules but, more importantly, explains WHY you build each rule. The lab teaches not only the basics of configuring a firewall but also how to read and audit an existing firewall ruleset.
      
      

---

Cyber Security Course Outline
Module 1: “Introduction”
●Welcome
●The information Security Field
●InfoSec Culture
●Career Opportunities
●Information Security Terms
●Cryptography and VPNs
●Wireshark Introduction
●Binary Arithmetic Basics
●Bitwise Operations
●Hexadecimal Arithmetic
Module 2: “Networking”
● Protocols
● IP
● Routing
● Link Layer Devices and Protocols
● TCP and UDP
● Firewalls and Network Defenses
● DNS
● Wireshark
Module 3: “Web Applications”
● Introduction
● HTTP Protocol Basics
● HTTP Cookies
● Sessions
● Same Origin Policy
● Burp Suite
Module 4: “Penetration Testing”
● Introduction
● Lifecycle of Penetration Test
● Engagement
● Information Gathering
● Foot printing and Scanning
● Vulnerability Assessment
● Exploitation
● Reporting
Module 5: “Introduction to Programming”
● What is programming
● Low and high-level languages
● Programming vs. Scripting
● Basic concepts
● Variables
● Functions
● Conditional Statements
● Loops
● Understanding the Code
● Conclusion
Module 6: “Python”
● What is python
● Variables and types
● Input / Output
● Control flow
● Lists
● Dictionaries
● Functions
● Modules
● Scripting for pen testers
● Network sockets
● Port scanning
● Backdoor
● HTTP
● Login brute forcing
● Python assisted hacking
Module 7: “Command Line Scripting”
● Bash shell
● Bash environment
● Bash commands and programs
● Bash output redirectors and special characters
● Bash conditional statements and loops
● Windows command line
● Windows environment
● Windows commands and programs
● Windows output redirectors and special characters
● Windows conditional statements and loops
Module 8: “PENETRATION TESTING”
● Information gathering
● Introduction
● Open-source Intelligence
● Subdomain enumeration
● Importance of information gathering
Module 9: “Footprinting and scanning”
● Mapping network
● OS fingerprinting
● Port Scanning
Module 10: “Vulnerability Assessment”
● Vulnerability assessment
● Nessus
Module 11: “Web Application Attacks”
● Introduction
● HTTP/S Protocol Basics
● Web server fingerprinting
● HTTP Verbs
● Directories and file enumeration
● Google Hacking
● Cross Site Scripting (XSS)
● SQL Injections
● Encoding
● Web application proxies
● Other common web attacks
● File and resource attacks
Module 12: “System Attacks”
● Malware
● Viruses
● Trojan Horses
● Backdoors
● Rootkits
● Bootkits
● Adware
● Spyware
● Greyware
● Dialer
● Keylogger
● Bots
● Ransomware
● Data-stealing malware
● Worms
Module 13: “Password attacks”
● Brute force algorithm
● Brute forcing weaknesses
● John the Ripper
● Dictionary attacks
● Hashcat
● Conclusion
Module 14: “Buffer Overflow Attacks”
● Buffers
● Stack
● The stack in applications
● How buffer overflow attacks work
Module 15: “Network Attacks”
● Authenticating Cracking
● Brute force vs. Dictionary Attacks
● Weak and default credentials
● Authentication cracking tools
● Hydra
Module 16: “Windows shares”
● NetBIOS
● Shares
● UNC Paths
● Administrative shares
● Badly configured shares
Module 17: “Null Sessions”
● Enumerating windows shares
● Checking for Null Sessions
● Exploiting Null sessions
● About null sessions
Module 18: “ARP Poisoning”
● ARP poisoning actors
● Gratuitous ARP replies
● Forwarding and mangling packets
● Local to remote Man in the Middle
● Dsniff Arpspoof
Module 19: “Metasploit”
● MSFConsole
● Identifying a vulnerable service
● Searching
● Configuring an exploit
● Configuring a payload
● Running an exploit
Module 20: “Meterpreter”
● Bind and reverse
● Launching meterpreter
● Sessions
● Information gathering with meterpreter
● Privilege escalation
● Dumping the password database
● Exploring the victim system
● Uploading and downloading files
● Running OS Shell
● Beyond Remote Code Execution
Module 21: “Forensic Investigation”
● Computer Forensics Today
● Computer Forensics Investigation Process
● Hard Disks & File Systems
● Data Acquisition
● Anti-Forensics Techniques
● Operating System Forensics
● Network Forensics
● Web Attack Investigation
● Database Forensics
● Forensics with the Cloud
● Malware
● Email Investigation
● Mobile
● Forensic Reporting
● Course Summary

Security and Risk Management: This domain focuses on establishing and managing security policies, procedures, and frameworks, as well as addressing organizational security issues, legal and regulatory requirements, and risk management concepts.

Security Governance and Principles: This involves understanding and applying security governance principles, establishing security policies, and ensuring alignment with organizational objectives and industry best practices.

Compliance and Legal Requirements: This covers knowledge of applicable laws, regulations, and industry standards related to information security, as well as understanding legal and regulatory compliance requirements.

Professional Ethics: This includes understanding and applying ethical principles and codes of conduct specific to the field of information security.

Security Frameworks and Standards: This involves knowledge of commonly used security frameworks and standards such as ISO 27001, NIST Cybersecurity Framework, and COBIT, and their application in security management.

Risk Management Concepts: This covers understanding risk management principles, risk assessment methodologies, and the ability to apply risk management practices to identify, assess, and mitigate risks.

Security Policies, Procedures, and Guidelines: This involves developing, implementing, and managing security policies, procedures, and guidelines to ensure the confidentiality, integrity, and availability of information assets.

Security Awareness and Training: This includes implementing security awareness programs, training employees on security policies and procedures, and promoting a culture of security within the organization.

Business Continuity Planning and Disaster Recovery Planning: This covers understanding the principles and practices of business continuity planning (BCP) and disaster recovery planning (DRP) to ensure the organization can effectively respond to and recover from disruptive incidents.

Personnel Security: This involves understanding security roles and responsibilities, conducting background checks, and implementing personnel security measures to protect against internal threats.

Vendor and Third-Party Risk Management: This includes assessing and managing risks associated with third-party vendors and service providers, including due diligence, contract negotiation, and ongoing monitoring.

Asset Security: This domain deals with the protection of organizational assets, including information and physical assets. It covers topics such as data classification, data privacy, asset retention, and secure handling requirements.

Information Classification and Ownership: This involves understanding the principles and processes for classifying information assets based on their sensitivity and criticality. It includes defining ownership and custodianship of information assets and ensuring appropriate protection based on their classification.

Data Privacy and Protection: This covers implementing measures to protect the privacy and integrity of personal and sensitive data. It includes knowledge of privacy laws and regulations, data protection controls, data anonymization techniques, and secure data handling practices.

Asset Management: This includes developing and implementing processes for identifying, inventorying, and managing organizational assets, including information assets, hardware, software, and infrastructure. It involves asset valuation, asset lifecycle management, and asset disposal practices.

Media Handling and Security: This involves establishing controls and procedures for the secure handling, storage, transportation, and disposal of physical and digital media, such as hard drives, backup tapes, USB drives, and printed documents.

Physical and Environmental Security: This covers implementing physical security controls to protect physical assets, facilities, and information systems from unauthorized access, theft, vandalism, and environmental hazards. It includes topics such as access control, video surveillance, environmental monitoring, and disaster recovery planning.

Asset Retention and Disposal: This includes defining policies and procedures for the retention and disposal of assets in compliance with legal, regulatory, and contractual requirements. It involves secure data destruction, secure disposal of equipment, and proper handling of electronic waste (e-waste).

Supplier and Third-Party Risk Management: This involves assessing and managing the security risks associated with suppliers, vendors, and third-party service providers. It includes conducting due diligence, contract management, and periodic security assessments to ensure the protection of organizational assets.

Intellectual Property (IP) Protection: This covers implementing measures to protect intellectual property assets, including patents, copyrights, trademarks, and trade secrets. It involves identifying and classifying IP assets, implementing access controls, and enforcing legal protections.

Data Leakage Prevention (DLP): This includes implementing controls and technologies to prevent the unauthorized disclosure or leakage of sensitive information. It involves data loss prevention solutions, encryption, access controls, and employee awareness and training.

Secure Development and Testing Environments: This involves establishing secure development and testing environments to protect sensitive data and intellectual property during the software development lifecycle. It includes secure coding practices, secure configuration management, and secure test data handling.

Security Architecture and Engineering: This domain focuses on the design and architecture of secure systems, as well as the selection and implementation of appropriate security controls. It covers topics such as security models, system components, security capabilities of information systems, and cryptography.

Security Models and Architectures: This involves understanding different security models, such as Bell-LaPadula, Biba, and Clark-Wilson, as well as security architectures, such as layered security architectures and system reference architectures.

System Components: This covers the secure design and implementation of system components, including hardware, firmware, operating systems, and software applications. It includes knowledge of secure coding practices, secure configuration management, and secure system development methodologies.

Security Capabilities of Information Systems: This includes understanding the security features and capabilities of information systems, such as access controls, auditing and logging mechanisms, security event management, intrusion detection and prevention systems (IDS/IPS), and security information and event management (SIEM) systems.

Security Engineering Principles: This covers the application of security engineering principles, such as least privilege, defense-in-depth, fail-safe defaults, separation of duties, and economy of mechanism. It involves integrating security controls into the design and development processes.

Security Architecture for Cloud and Virtualization: This involves understanding the security considerations and best practices for cloud computing and virtualization environments. It covers topics such as shared responsibility models, virtual machine security, hypervisor security, and cloud service provider security assessments.

Cryptography: This includes understanding the principles of cryptography, encryption algorithms, digital signatures, secure key management, and cryptographic protocols. It covers symmetric and asymmetric encryption, hashing algorithms, and cryptographic key infrastructure (PKI).

Secure Network and Communication Protocols: This involves selecting and implementing secure network protocols and communication mechanisms, such as secure sockets layer/transport layer security (SSL/TLS), IPsec, secure email protocols (S/MIME, PGP), and secure file transfer protocols (SFTP, FTPS).

Physical Security Considerations: This covers the physical security measures and controls that should be implemented to protect the physical infrastructure of information systems, such as data centers, server rooms, and communication facilities.

Security Assessments and Testing for Systems: This includes conducting security assessments and testing for systems to identify vulnerabilities and weaknesses. It involves using tools and techniques to assess system security, such as vulnerability scanning, penetration testing, and code review.

Security Architecture Documentation: This involves creating and maintaining documentation related to security architecture, including security policies, standards, procedures, system design documents, and security control specifications.

Communication and Network Security: This domain covers the principles, designs, and secure management of network architecture, as well as the implementation and monitoring of secure communication channels. Topics covered include network protocols, transmission methods, network access control, and network attacks.

Secure Network Architecture Design: This involves understanding the principles and best practices for designing secure network architectures, including segmentation, defense-in-depth, and secure perimeter controls.

Network Components and Protocols: This covers knowledge of different network components, such as routers, switches, firewalls, and intrusion detection systems (IDS), as well as network protocols, including TCP/IP, DNS, DHCP, and VPN protocols.

Secure Communication Channels: This includes implementing secure communication channels, such as encryption, virtual private networks (VPNs), secure sockets layer/transport layer security (SSL/TLS), and secure email protocols (S/MIME, PGP).

Network Access Control: This involves implementing network access control mechanisms to ensure that only authorized individuals and devices have access to network resources. It includes knowledge of technologies such as IEEE 802.1X, Network Access Control (NAC), and Remote Authentication Dial-In User Service (RADIUS).

Network Attacks and Countermeasures: This covers understanding common network attacks, such as denial-of-service (DoS), distributed denial-of-service (DDoS), man-in-the-middle (MitM), and network reconnaissance attacks. It also includes knowledge of countermeasures and mitigation techniques to protect against these attacks.

Wireless Network Security: This involves implementing security controls for wireless networks, including Wi-Fi encryption standards (WEP, WPA, WPA2, WPA3), secure wireless configurations, and wireless intrusion detection and prevention systems (WIDS/WIPS).

Network Security Monitoring and Analysis: This covers implementing network security monitoring tools and techniques to detect and respond to security incidents. It includes knowledge of network traffic analysis, log analysis, and network security event correlation.

Secure Network Lifecycle Management: This involves implementing secure network lifecycle management processes, including network planning, implementation, operation, and maintenance. It includes change management, configuration management, and vulnerability management practices.

Voice and Video Communication Security: This includes securing voice over IP (VoIP) and video communication systems, including encryption, access control, and protection against eavesdropping and tampering.

Internet of Things (IoT) Security: This covers understanding the security challenges and considerations associated with IoT devices and networks, including authentication, encryption, and secure configuration management.

Identity and Access Management (IAM): This domain deals with the management of user identities and their access to information systems and resources. It covers topics such as user provisioning, authentication methods, access control models, and identity management systems.

Identification and Authentication: This involves understanding different methods of identifying and authenticating users, such as passwords, biometrics, smart cards, and multi-factor authentication. It includes knowledge of authentication protocols, factors of authentication, and authentication technologies.

Authorization and Access Control: This covers implementing access control models and mechanisms to control user access to resources. It includes knowledge of access control types (e.g., discretionary, mandatory, role-based), access control models (e.g., Bell-LaPadula, Biba), and access control techniques (e.g., access control lists, capabilities).

Identity as a Service (IDaaS): This includes understanding the concepts and benefits of Identity as a Service (IDaaS) solutions, which provide cloud-based identity and access management services. It covers topics such as single sign-on (SSO), federation, and identity synchronization.

Identity and Access Provisioning: This involves managing the lifecycle of user identities, including user registration, provisioning, deprovisioning, and user account management. It includes knowledge of user roles and responsibilities, entitlements, and workflow processes.

Identity Management Systems: This covers understanding the architecture, components, and functionalities of identity management systems (IDM systems) or identity and access management (IAM) platforms. It includes knowledge of user directories, identity synchronization, and password management.

Identity Federation and Single Sign-On: This includes understanding the concepts and implementation of identity federation, which enables users to access multiple systems using a single set of credentials. It covers protocols such as Security Assertion Markup Language (SAML) and OAuth.

Privilege Management: This involves managing and controlling privileged access to sensitive systems and resources. It covers topics such as privilege escalation, separation of duties, least privilege, and privileged access management (PAM) solutions.

Account and Password Management: This covers best practices for managing user accounts and passwords, including password policies, password complexity, password storage mechanisms, and password reset processes.

Directory Services: This includes understanding directory services, such as Lightweight Directory Access Protocol (LDAP), and their role in managing user identities, authentication, and access control.

User Provisioning and De-provisioning: This covers the processes and procedures for provisioning and deprovisioning user accounts, managing user roles and entitlements, and ensuring timely removal of access for terminated or inactive users.

Security Assessment and Testing: This domain focuses on the process of assessing and testing the effectiveness of security controls, as well as identifying vulnerabilities and weaknesses. Topics covered include security assessment methods, vulnerability assessments, penetration testing, and system auditing.

Security Assessment and Testing Strategies: This involves understanding different security assessment and testing methodologies, such as black-box testing, white-box testing, and gray-box testing. It also includes knowledge of security testing frameworks and tools.

Security Control Testing: This covers testing the effectiveness of security controls implemented within an organization, including technical controls, administrative controls, and physical controls. It involves validating the implementation, functionality, and compliance of these controls.

Vulnerability Assessment: This includes conducting vulnerability assessments to identify vulnerabilities and weaknesses in systems, networks, and applications. It involves using tools and techniques to scan and analyze systems for known vulnerabilities and misconfigurations.

Penetration Testing: This involves conducting penetration tests to simulate real-world attacks and identify vulnerabilities that could be exploited by attackers. It includes knowledge of the different phases of a penetration test, such as reconnaissance, scanning, gaining access, maintaining access, and covering tracks.

Security Audits: This covers planning, conducting, and managing security audits to assess the overall security posture of an organization. It includes evaluating compliance with security policies, procedures, standards, and regulatory requirements.

Security Assessment Tools and Techniques: This involves understanding various security assessment tools and techniques, such as network scanners, vulnerability scanners, web application scanners, and password cracking tools. It includes knowledge of their capabilities, limitations, and how to interpret the results.

Security Testing for Development Processes: This covers integrating security testing into the software development lifecycle (SDLC) and DevOps processes. It includes knowledge of secure coding practices, code review techniques, and security testing during the development stages.

Security Metrics and Reporting: This involves defining and measuring security metrics to assess the effectiveness of security controls and the overall security posture. It includes reporting findings, risks, and recommendations to management and stakeholders.

Security Control Validation and Assurance: This includes validating and ensuring the ongoing effectiveness of security controls through regular monitoring, testing, and audits. It involves evaluating the design, implementation, and operation of security controls.

Security Assessments for Third Parties: This covers conducting security assessments and due diligence for third-party vendors and service providers to ensure that they meet the organization's security requirements and standards.

Security Operations: This domain covers the operational aspects of managing and maintaining secure systems, including incident response, disaster recovery, and business continuity planning. It also includes topics such as logging and monitoring, resource protection, and investigations.

Incident Management and Response: This involves establishing an incident management program, defining incident response procedures, and implementing incident response plans to effectively detect, respond to, and recover from security incidents.

Disaster Recovery Planning (DRP): This covers understanding the principles of disaster recovery planning, conducting business impact analysis, developing recovery strategies, and creating and maintaining disaster recovery plans to ensure business continuity in the event of a disaster.

Business Continuity Planning (BCP): This includes understanding the concepts and practices of business continuity planning, conducting risk assessments, developing business continuity plans, and testing and maintaining those plans to ensure the organization can continue operating during and after disruptive incidents.

Logging and Monitoring: This involves implementing effective logging and monitoring mechanisms to detect security events, analyze system and network activities, and generate audit logs for investigation and compliance purposes.

Resource Protection: This covers implementing measures to protect critical assets, including physical security controls, logical access controls, data backup and restoration, and securing privileged access.

Configuration Management: This includes managing and controlling changes to system configurations to ensure that they are secure and in compliance with organizational policies and standards.

Security Operations Center (SOC): This covers understanding the functions and responsibilities of a Security Operations Center, including security monitoring, threat intelligence analysis, incident response coordination, and vulnerability management.

Investigations: This involves conducting investigations into security incidents, including gathering evidence, analyzing data, and documenting findings to support incident response, legal proceedings, and disciplinary actions.

Physical Security: This includes understanding the principles of physical security, designing and implementing physical security controls, and protecting physical assets from unauthorized access, theft, or damage.

Personnel Security: This involves implementing security measures related to personnel, including security awareness training, access control, background checks, and termination procedures.

Software Development Security: This domain addresses security issues and best practices throughout the software development lifecycle. It covers topics such as secure coding practices, software security controls, and software deployment.

Secure Software Concepts: This covers understanding the fundamental principles and concepts of secure software development, including the importance of security in the software development lifecycle (SDLC).

Security Controls in Development Environments: This includes knowledge of secure development environments, secure coding guidelines, and the use of integrated development environments (IDEs) that support secure coding practices.

Security Requirements in the SDLC: This involves understanding how to identify and define security requirements for software systems, as well as incorporating security into the various phases of the SDLC, such as requirements gathering, design, coding, testing, and deployment.

Secure Coding Practices: This covers knowledge of secure coding techniques, secure coding standards (such as OWASP Top Ten), secure coding languages, and secure coding best practices for different programming languages and frameworks.

Secure Testing: This includes understanding the importance of security testing in the software development process, such as vulnerability assessment, penetration testing, and code review techniques.

Software Security Controls: This involves knowledge of different types of software security controls, such as input validation, access controls, secure session management, encryption, and error handling, and how to incorporate them into software systems.

Secure Software Development Methodologies: This covers different secure software development methodologies, such as Secure SDLC, Agile, DevSecOps, and their application in practice.

Software Security Impact on Operations and Maintenance: This includes understanding how software security issues can impact operations and maintenance activities, including patch management, version control, and incident response.

Database Security in Software Development: This involves understanding database security concepts, secure database design, and the implementation of appropriate access controls and encryption mechanisms.

Software Deployment, Operations, and Maintenance: This covers security considerations during software deployment, configuration management, change management, and ongoing software maintenance activities.