Cyber Security Basics

Build a strong foundation in cyber security principles, threat analysis, and fundamental defensive strategies to protect digital assets.

Enroll Now
Cyber Security Basics
Back to Security Courses

Cyber Security Curriculum

  • Core Security Principles: CIA Triad (Confidentiality, Integrity, Availability)
  • Understanding Threat Actors: Script Kiddies, Hacktivists, APTs & Insiders
  • The Cyber Kill Chain: Reconnaissance to Actions on Objectives
  • MITRE ATT&CK Framework: Tactics, Techniques & Procedures (TTPs)
  • Types of Malware: Viruses, Worms, Trojans, Ransomware & Rootkits
  • Social Engineering Attacks: Phishing, Spear-phishing, Vishing & Pretexting
  • Introduction to Security Tools: Kali Linux, Wireshark & Nmap
  • Project: Setting Up a Cybersecurity Lab with Kali Linux on VirtualBox
  • OSI Model & TCP/IP: Understanding Network Layers for Security
  • Network Scanning with Nmap: Host Discovery & Port Scanning
  • Packet Analysis with Wireshark: Capturing & Analyzing Network Traffic
  • Firewalls: Stateful, Stateless & Next-Generation Firewall (NGFW) Configuration
  • Intrusion Detection/Prevention Systems (IDS/IPS): Snort & Suricata
  • Secure Network Design: DMZ, Network Segmentation & Zero Trust Architecture
  • VPN Technologies: IPsec, SSL/TLS & WireGuard for Secure Remote Access
  • Wireless Security: WPA3, Rogue AP Detection & Evil Twin Attacks
  • Project: Detecting Network Intrusions using Snort IDS on a Simulated Network
  • AAA Framework: Authentication, Authorization & Accounting
  • Authentication Methods: Passwords, Biometrics, Smart Cards & FIDO2
  • Multi-Factor Authentication (MFA): TOTP, Push Notifications & Hardware Tokens
  • Single Sign-On (SSO) & Federation: SAML, OAuth 2.0 & OpenID Connect
  • Privileged Access Management (PAM) & Least Privilege Principle
  • Active Directory Security: Group Policies, Kerberos & LDAP
  • Password Attacks: Brute Force, Dictionary, Rainbow Tables & Credential Stuffing
  • Project: Implementing MFA and RBAC in a Simulated Enterprise Environment
  • Symmetric Encryption: AES, DES & 3DES Algorithm Comparison
  • Asymmetric Encryption: RSA, ECC & Diffie-Hellman Key Exchange
  • Cryptographic Hashing: MD5, SHA-256, SHA-3 & Integrity Verification
  • Public Key Infrastructure (PKI): Digital Certificates, CAs & Certificate Chains
  • SSL/TLS Handshake: How HTTPS Works & Perfect Forward Secrecy
  • Encryption at Rest: BitLocker, LUKS & Database-level Encryption
  • Email Encryption: PGP, S/MIME & Digital Signatures
  • Project: Setting Up a PKI Infrastructure with Self-signed Certificates
  • Windows Hardening: Disabling Services, Group Policy & Windows Defender
  • Linux Hardening: iptables, SELinux, AppArmor & Kernel Hardening
  • Endpoint Security: Antivirus vs EDR (Endpoint Detection & Response)
  • OWASP Top 10: SQL Injection, XSS, CSRF & Broken Authentication
  • Web Application Firewall (WAF): Protecting Against Common Web Attacks
  • Patch Management: Vulnerability Scanning with Nessus & OpenVAS
  • Secure Configuration Benchmarks: CIS Benchmarks for OS & Applications
  • Project: Hardening a Linux Server using CIS Benchmark Guidelines
  • Incident Response Lifecycle: NIST SP 800-61 (Preparation → Detection → Containment → Recovery)
  • Building an Incident Response Plan: Roles, Playbooks & Communication
  • Digital Forensics: Evidence Collection, Chain of Custody & Imaging Tools
  • Log Analysis: Centralized Logging with SIEM (Splunk, ELK Stack, Azure Sentinel)
  • Memory Forensics with Volatility: Analyzing RAM Dumps for Malware
  • Disk Forensics: Recovering Deleted Files & Analyzing File Systems
  • Business Continuity (BC) & Disaster Recovery (DR): RTO & RPO Planning
  • Project: Conducting a Simulated Incident Response & Forensic Investigation
  • Security Frameworks: NIST CSF, ISO 27001, CIS Controls & COBIT
  • Risk Assessment: Qualitative vs Quantitative Risk Analysis Methods
  • Regulatory Compliance: GDPR, HIPAA, PCI-DSS & SOC 2 Requirements
  • Security Policies: Developing Acceptable Use, Incident Response & Password Policies
  • Security Auditing: Planning & Conducting Internal vs External Audits
  • Vulnerability Management Lifecycle: Identify, Prioritize, Remediate & Verify
  • Cyber Insurance: Understanding Coverage & Risk Transfer
  • Project: Building a Risk Assessment Report for a Small Business Network
  • Cloud Security: Shared Responsibility Model for AWS, Azure & GCP
  • Securing Cloud Infrastructure: IAM Policies, Security Groups & Encryption
  • IoT Security Challenges: Default Credentials, Firmware Attacks & Shodan
  • OT/ICS Security: SCADA Systems & Industrial Control System Protection
  • AI for Security: Machine Learning-based Anomaly & Threat Detection
  • Adversarial AI: Understanding Poisoning Attacks & Prompt Injection
  • Zero Trust Architecture: Implementing Never Trust, Always Verify
  • Project: Designing a Cloud Security Architecture with Zero Trust Principles