Curriculum
- 24 Sections
- 215 Lessons
- 12 Weeks
Expand all sectionsCollapse all sections
- Week 1Introduction to Risk and Security Management9
- 1.0Introduction to Risk Management60 Minutes
- 1.1Risk Identification and Classification
- 1.2Threats, Vulnerabilities, and Risk Exposure
- 1.3Risk Analysis (Qualitative & Quantitative)
- 1.4Risk Mitigation and Remediation Strategies
- 1.5Introduction to Security Management
- 1.6Security Policies, Standards, and Guidelines
- 1.7Role of Security in Business and IT
- 1.8Security Governance and Compliance
- Week 2Security Frameworks and Management Practices9
- 2.0Security Management Frameworks (ISO 27001, NIST, COBIT)60 Minutes
- 2.1Security Governance vs. IT Governance
- 2.2Security Policies and Procedures Development
- 2.3Security Awareness and Training Programs
- 2.4Role of Security Controls (Preventive, Detective, Corrective)
- 2.5Data Classification and Protection Methods
- 2.6Security Auditing and Monitoring Fundamentals
- 2.7Security Metrics and Performance Measurement
- 2.8Risk-Based Security Decision Making
- Week 3Identity and Authentication Mechanisms9
- 3.0Identification vs. Authentication vs. Authorization60 Minutes
- 3.1Multi-Factor Authentication (MFA) Concepts
- 3.2Biometrics and Behavioral Authentication
- 3.3Password Management Best Practices
- 3.4Single Sign-On (SSO) and Federation Technologies
- 3.5Identity Lifecycle Management (Provisioning & De-provisioning)
- 3.6Privileged Access Management (PAM)
- 3.7Authentication Attacks (Credential Stuffing, Phishing)
- 3.8Mitigation Techniques for Authentication Risks
- week 4Access Control Models and Techniques9
- 4.0Role-Based Access Control (RBAC) vs. Attribute-Based Access Control (ABAC)
- 4.1Discretionary Access Control (DAC) vs. Mandatory Access Control (MAC)
- 4.2Access Control Mechanisms (ACLs, Firewalls, Gateways)
- 4.3Least Privilege and Need-to-Know Principles
- 4.4Secure Identity and Access Management (IAM)
- 4.5Identity Federation and SAML
- 4.6Common Access Control Failures and Mitigations
- 4.7Zero Trust Security Model
- 4.8Case Studies in Access Control
- week 5Security Models and Evaluation9
- 5.0Security Models (Bell-LaPadula, Biba, Clark-Wilson)
- 5.1Information Flow Security Models
- 5.2Trusted Computing and Security Kernel Concepts
- 5.3Security Evaluation Criteria (Common Criteria, TCSEC, ITSEC)
- 5.4Secure System Development Lifecycle (SDLC)
- 5.5Certification and Accreditation Processes
- 5.6Protection Mechanisms (Sandboxing, Isolation)
- 5.7Formal Security Testing Methods
- 5.8Security by Design Principles
- week 6Operations Security and Monitoring9
- 6.0Operations Security (OPSEC) Concepts
- 6.1Secure System Administration Practices
- 6.2Security Logging and Event Monitoring (SIEM)
- 6.3Data Leakage Prevention (DLP) Strategies
- 6.4Patch and Change Management
- 6.5Insider Threat Detection and Prevention
- 6.6Security Automation and Orchestration
- 6.7Endpoint Security and Hardening Techniques
- 6.8Security in IT Service Management
- week 7Vulnerability Management and Penetration Testing9
- 7.0Introduction to Vulnerability Assessments
- 7.1Types of Vulnerability Scans (Network, Host, Application)
- 7.2Penetration Testing vs. Vulnerability Scanning
- 7.3Security Testing Tools and Techniques (Nmap, Nessus, Metasploit)
- 7.4Common Vulnerability Exploits and Attack Vectors
- 7.5Risk-Based Vulnerability Remediation Strategies
- 7.6Compliance and Vulnerability Reporting
- 7.7Red Team vs. Blue Team Exercises
- 7.8Best Practices for Continuous Vulnerability Management
- week 8Fundamentals of Cryptography9
- 8.0Introduction to Cryptography Concepts
- 8.1Symmetric vs. Asymmetric Cryptography
- 8.2Block Ciphers vs. Stream Ciphers
- 8.3Data Encryption Standard (DES) and Advanced Encryption Standard (AES)
- 8.4Cryptographic Hash Functions (SHA, MD5)
- 8.5Public Key Infrastructure (PKI) Basics
- 8.6Digital Signatures and Certificates
- 8.7Key Management Best Practices
- 8.8Real-World Applications of Cryptography
- week 9Cryptographic Protocols and Security Applications9
- 9.0Secure Communication Protocols (TLS, SSL)
- 9.1End-to-End Encryption in Messaging
- 9.2Key Exchange Mechanisms (Diffie-Hellman, RSA)
- 9.3Hashing Functions and Digital Integrity Verification
- 9.4Cryptographic Attacks (Birthday Attack, Man-in-the-Middle)
- 9.5Digital Rights Management (DRM) and Content Protection
- 9.6Cryptographic Implementations in Software Development
- 9.7Best Practices in Cryptographic Deployments
- 9.8Case Studies in Cryptography Failures
- week 10Network Security Basics9
- 10.0Network Security Architecture and Principles
- 10.1TCP/IP Model and Security Considerations
- 10.2Common Network Threats (Sniffing, Spoofing, DoS)
- 10.3Firewalls and Intrusion Detection Systems (IDS/IPS)
- 10.4Network Segmentation and Isolation Strategies
- 10.5Virtual Private Networks (VPNs)
- 10.6Secure Network Design
- 10.7Secure Configuration of Network Devices
- 10.8Best Practices for Network Hardening
- week 11Network Protocols and Secure Communication9
- 11.0Secure Network Protocols (HTTPS, IPsec, SSH)
- 11.1Wireless Security Protocols (WPA, WPA2, WPA3)
- 11.2Secure File Transfers (SFTP, FTPS)
- 11.3DNS Security and Protection Mechanisms
- 11.4Secure Remote Access and Telework Security
- 11.5Zero Trust Network Architecture (ZTNA)
- 11.6Common Network Misconfigurations and Risks
- 11.7Hardening Techniques for Network Infrastructure
- 11.8Secure SDN and Network Virtualization
- week 12Telephony, VPNs, and Wireless Security9
- 12.0VoIP Security Challenges and Solutions
- 12.1VPN Protocols and Secure Configurations
- 12.2Wireless Network Security Risks
- 12.3Mobile Device Security and Endpoint Protection
- 12.4Bluetooth and IoT Security Risks
- 12.5BYOD (Bring Your Own Device) Security Strategies
- 12.6Secure Mobile Application Development
- 12.7Endpoint Detection and Response (EDR)
- 12.8Mobile Security Incident Handling
- week 13Security Architecture and Attack Strategies9
- 13.0Security Architecture Design Best Practices
- 13.1Threat Modeling and Risk Assessment
- 13.2Web Application Security and OWASP Top 10
- 13.3SQL Injection, Cross-Site Scripting (XSS), CSRF Attacks
- 13.4API Security and Secure Coding Practices
- 13.5Cloud Security and Shared Responsibility Model
- 13.6Security in Microservices and Containers
- 13.7Case Studies in Enterprise Security Architecture
- 13.8Future Trends in Cybersecurity
- week 14Secure Software Development9
- 14.0Secure Software Development Lifecycle (SDLC)
- 14.1Secure Coding Guidelines and Best Practices
- 14.2Secure Software Testing Methodologies
- 14.3Software Patch Management and Code Review
- 14.4DevSecOps and CI/CD Pipeline Security
- 14.5Static and Dynamic Application Security Testing
- 14.6Reverse Engineering and Code Obfuscation
- 14.7Common Software Vulnerabilities and Exploits
- 14.7Secure Application Deployment Strategies
- week 15Database Security9
- 15.0Introduction to Database Security Concepts
- 15.1SQL Injection Attacks and Prevention Techniques
- 15.2Data Masking and Tokenization
- 15.3Database Encryption Best Practices
- 15.4Role-Based Access Control for Databases
- 15.5Database Activity Monitoring and Auditing
- 15.6Secure Database Backup and Recovery Strategies
- 15.7Compliance Standards for Database Security
- 15.7Case Studies in Database Breaches
- week 16Malware Analysis and Software Attacks9
- 16.0Types of Malware (Virus, Worm, Trojan, Ransomware)
- 16.1Malware Attack Lifecycle
- 16.2Common Malware Infection Vectors
- 16.3Rootkits and Advanced Persistent Threats (APTs)
- 16.4Endpoint Security and Anti-Malware Solutions
- 16.5Sandboxing and Malware Detonation Techniques
- 16.6Incident Response to Malware Attacks
- 16.7Threat Intelligence for Malware Defense
- 16.8Case Studies in Cyber Attacks
- week 17Business Continuity Planning (BCP) Fundamentals9
- 17.0Introduction to Business Continuity Planning (BCP)
- 17.1Business Impact Analysis (BIA) – Identifying Critical Assets
- 17.2Risk Assessment in Business Continuity
- 17.3Developing a Business Continuity Strategy
- 17.4Business Continuity Frameworks (ISO 22301, NIST 800-34)
- 17.5BCP Documentation and Policy Development
- 17.6Testing and Exercising Business Continuity Plans
- 17.7Crisis Communication and Public Relations During Disruptions
- 17.7Case Studies: Successful BCP Implementations
- week 18Disaster Recovery Planning (DRP) and Strategies9
- 18.0Introduction to Disaster Recovery (DR) Planning
- 18.1Key Differences Between BCP and DRP
- 18.2Disaster Recovery Risk Assessment and Planning
- 18.3Disaster Recovery Site Selection (Hot, Warm, Cold Sites)
- 18.4Data Backup and Recovery Strategies (RAID, Snapshots, Cloud Backups)
- 18.5High Availability (HA) and Redundancy Strategies
- 18.6DR Testing, Drills, and Failover Testing
- 18.7Compliance Requirements for DRP (ISO, NIST, HIPAA, GDPR)
- 18.7Disaster Recovery Case Studies (Failures & Lessons Learned)
- week 19Incident Response and Cybersecurity Operations9
- 19.0Introduction to Incident Response (IR)
- 19.1Incident Response Frameworks (NIST 800-61, SANS)
- 19.2Phases of Incident Response (Preparation, Detection, Containment, Eradication, Recovery, Lessons Learned)
- 19.3Incident Handling Procedures for Cybersecurity Events
- 19.4Incident Escalation and Communication Plans
- 19.5Playbooks for Common Security Incidents (Phishing, Malware, Insider Threats)
- 19.6Security Operations Center (SOC) and Its Role in IR
- 19.7Forensic Data Collection in Incident Handling
- 19.8Tools and Techniques for Incident Detection and Response
- week 20Digital Forensics and Evidence Collection9
- 20.0Introduction to Digital Forensics
- 20.1Digital Evidence Collection and Chain of Custody
- 20.2Forensic Analysis of File Systems and Memory
- 20.3Network Forensics and Packet Analysis
- 20.4Malware Analysis in Digital Forensics
- 20.5Cloud Forensics and Challenges in Cloud Environments
- 20.6Mobile Device Forensics and Data Extraction
- 20.7Legal and Ethical Considerations in Digital Forensics
- 20.8Case Studies: High-Profile Digital Forensic Investigations
- week 21Cybersecurity Laws and Regulatory Compliance9
- 21.0Introduction to Cybersecurity Laws and Regulations
- 21.1General Data Protection Regulation (GDPR)
- 21.2Health Insurance Portability and Accountability Act (HIPAA)
- 21.3Payment Card Industry Data Security Standard (PCI DSS)
- 21.4Cybersecurity Compliance for Financial Institutions (SOX, GLBA)
- 21.5National and International Cybersecurity Frameworks (NIST, ISO, CIS)
- 21.6Legal Responsibilities of Organizations in Data Breaches
- 21.7Industry-Specific Regulations and Compliance Challenges
- 21.8Case Studies: Compliance Violations and Consequences
- week 22Cybersecurity Ethics and Professional Responsibilities9
- 22.0Introduction to Cybersecurity Ethics
- 22.1Ethical Hacking and Penetration Testing Ethics
- 22.2Privacy Rights and Responsibilities in Cybersecurity
- 22.3Intellectual Property Rights in Cybersecurity
- 22.4Ethical Considerations in AI and Cybersecurity
- 22.5Responsibilities of Cybersecurity Professionals (ISC2, ISACA Codes of Ethics)
- 22.6Whistleblowing and Ethical Decision-Making in Security
- 22.7Cybersecurity Ethics in Law Enforcement and Government
- 22.8Case Studies: Ethical Dilemmas in Cybersecurity
- week 23Emerging Threats and Future Trends in Cybersecurity9
- 23.0Current Cybersecurity Threat Landscape
- 23.1Ransomware Trends and Mitigation Strategies
- 23.2Advanced Persistent Threats (APTs) and Nation-State Attacks
- 23.3The Role of Artificial Intelligence (AI) in Cybersecurity
- 23.4Cybersecurity in the Internet of Things (IoT)
- 23.5Blockchain Security and Decentralized Identity
- 23.6Quantum Computing and Cryptographic Challenges
- 23.7Cybersecurity Skills Gap and Career Development
- 23.8Future of Cybersecurity: Predictions and Innovations
- week 24Final Assessment, Case Studies, and Capstone Project8
- 24.0Review of Key Topics from the Course
- 24.1Case Studies on Cybersecurity Incidents and Responses
- 24.2Conducting a Mock Incident Response Drill
- 24.3Ethical Hacking and Penetration Testing Exercise
- 24.4Developing a Personal Cybersecurity Strategy
- 24.5Group Discussions on Emerging Cyber Threats
- 24.6Capstone Project: Designing a Secure Enterprise Architecture
- 24.7Final Assessment and Certification Preparation