Curriculum
- 12 Sections
- 94 Lessons
- 12 Weeks
Expand all sectionsCollapse all sections
- Week 1Introduction to Information Security10
- 2.1Overview of Information Security60 Minutes
- 2.2Information Security vs. Cybersecurity
- 2.3Elements of Information Security: Confidentiality, Integrity, Availability, Non-Repudiation
- 2.4Security Controls: Managerial, Technical, Operational
- 2.5Introduction to Cybersecurity Frameworks: NIST, MITRE ATT&CK, ISO
- 2.6Identity & Access Management (IAM)
- 2.7Encryption & Data Protection
- 2.8Secure Software Development & Application Security
- 2.9Incident Response & Disaster Recovery
- 2.10Emerging Trends & Future of Information Security
- Week 2Security Operations Center (SOC) Foundations11
- 3.1Introduction to Security Management60 Minutes
- 3.2Introduction to the Security Operations
- 3.3Center (SOC)
- 3.4Why Do We Need a SOC?
- 3.5Role of a SOC Analyst in Modern Cybersecurity
- 3.6SOC Tiers and Responsibilities: Tier 1, Tier 2, Tier 3
- 3.7Key SOC Technologies and Terminologies
- 3.8SOC Workflow
- 3.9SOC Infrastructure & Deployment Models
- 3.10SOC & Threat Intelligence Integration
- 3.11SOC Incident Handling & Response
- Week 3Threat Landscape & Cyber Attacks7
- 4.1Types of Cyber Threats: Malware, Ransomware, Phishing, Insider, Threats
- 4.2Overview of Advanced Persistent Threats (APTs)
- 4.3Understanding Attacks and Their Patterns Case Studies: MOVEit Data Breach, SolarWinds Supply Chain Attack
- 4.4Real-World Case Studies & Lessons Learned
- 4.5Emerging & Next-Gen Cyber Threats
- 4.6Defending Against Cyber Threats
- 4.7Attack Patterns & Techniques
- Week 4Vulnerability Management & Risk Assessment8
- 5.1Understanding Vulnerability Assessment
- 5.2Types of Vulnerability Assessment
- 5.3Vulnerability Management Lifecycle: Asset Identification, Vulnerability Assessment Risk, Assessment Remediation, Verification Monitoring
- 5.4Common Vulnerabilities & Exploits
- 5.5Vulnerability Exploit Techniques & Real-World Examples
- 5.6Risk Assessment & Governance
- 5.7Vulnerability & Patch Management Best Practices
- 5.8Hands-On Labs & Practical Exercises
- Week 5Log Management & Analysis8
- 6.1Understanding Log Sources: Firewalls, IDS/IPS, Web Servers, Endpoints
- 6.2Hands-On with Centralized Logging Tool (Splunk)
- 6.3Identifying Anomalies in Logs
- 6.4Lab: Analyzing Apache Server Logs for Intrusion Attempts
- 6.5Security Log Analysis & Threat Detection
- 6.6Log Retention, Storage, & Compliance
- 6.7Advanced Log Analytics & Automation
- 6.8Lab: Log Analysis for Security Incidents
- Week 6Threat Intelligence & IoCs8
- 7.1What is Threat Intelligence?
- 7.2Why Do We Need Intelligence?
- 7.3Threats, Threat Actors, APTs, and Global Campaigns
- 7.4Types of Threats: Network-Level, Web Application-Level, Host-Level
- 7.5Indicators of Compromise (IoCs) vs. Indicators of Attack (IoAs) vs. Precursors
- 7.6Traffic Light Protocol (TLP)
- 7.7Understanding the Pyramid of Pain
- 7.8Practical Labs: Collecting IoCs, Exploring Threat Intelligence Platforms (e.g., Maltego, MISP), Checking IP/Domain Reputations, Analyzing Malicious Files
- Week 7Threat Hunting Essentials9
- 8.1Introduction to Threat Hunting
- 8.2Threat Hunting vs. Threat Detection
- 8.3Relationship Between Incident Response and Threat Hunting
- 8.4Threat Hunting Models: Hypotheses and Methodologies, Diamond Model of Intrusion Analysis, MITRE ATT&CK Framework
- 8.5Practical Labs: Network Traffic Analysis (Wireshark, Network Miner), Endpoint Process Analysis, Memory Hunt – Volatility Framework, Monitoring and Detecting USB drives in Windows
- 8.6Process Injection Lab in Wazuh
- 8.7Data Sources for Threat Hunting
- 8.8Threat Hunting Tools & Techniques
- 8.9Advanced Threat Hunting Strategies
- Week 8Security Information and Event Management (SIEM)7
- 9.1What is SIEM and Why Do We Need It?
- 9.2SIEM Components: Security Information Management (SIM), Security Event Management (SEM)
- 9.3SIEM Capabilities: Aggregation, Correlation, Alerts, Reporting
- 9.4Hands-On with Splunk: Installation, Rule Writing & Alert Creation, Event Analysis
- 9.5SIEM Use Cases & Threat Detection Scenarios
- 9.6SIEM Integration & Automation
- 9.7Advanced SIEM Concepts & Future Trends
- Week 9Malware Analysis - Basics & Hands-On Labs7
- 10.1Malware Analysis Basics
- 10.2Static vs. Dynamic Analysis
- 10.3Practical Labs: PE Analysis, YARA Rules, Traffic Analysis (Using Wireshark), Setting Up a Malware Lab, Anti-Sandboxing Techniques
- 10.4Anti-Sandboxing & Evasion Techniques
- 10.5Memory Forensics for Malware Analysis
- 10.6Reverse Engineering Malware
- 10.7Malware Detection & Threat Intelligence
- Week 10Digital Forensics & Incident8
- 11.1Response (DFIR) – Part 1
- 11.2Phases of Incident Response: Preparation, Detection, Containment, Eradication, Recovery
- 11.3Incident Playbook Overview
- 11.4Ticketing System
- 11.5Dissecting Phishing Emails (Practical): Identifying Red Flags in Phishing Emails, URL Reputation Analysis, File Reputation Analysis
- 11.6Hands-On Labs: Phishing & Email Forensics
- 11.7Advanced Topics & Additional Labs
- 11.8Real-World Case Studies & Simulation Exercises
- Week 11Authentication Mechanisms & Practical Labs7
- 12.1Authentication Mechanisms: SPF, DKIM, DMARC
- 12.2Hands-On Labs: Email Header Analysis, Analyzing Phishing Email Attachments, Extracting IoCs from Malicious Emails, Digital Forensics Case Study
- 12.3Certification & Career Guidance
- 12.4Advanced Access Control Mechanisms
- 12.5Common Authentication & Access Control Attacks
- 12.6Real-World Case Studies & Incident Analysis
- 12.7Resume Building & Job Interview Preparation
- Week 12Capstone Project & Final Assessment4