+- Softwarez.Info - Software's World! (https://softwarez.info)
+-- Forum: Library Zone (https://softwarez.info/Forum-Library-Zone)
+--- Forum: Video Tutorials (https://softwarez.info/Forum-Video-Tutorials)
+--- Thread: It Security Fundamentals (2024) (/Thread-It-Security-Fundamentals-2024)
It Security Fundamentals (2024) - BaDshaH - 05-15-2024
![[Image: 522a0e3f57404b8b4b6c3fc64345f570.jpg]](https://i123.fastpic.org/big/2024/0515/70/522a0e3f57404b8b4b6c3fc64345f570.jpg)
Published 5/2024
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz
Language: English | Size: 3.33 GB | Duration: 18h 41m
Mastering the Principles, Technologies, and Best Practices of Cybersecurity
What you'll learn
Cybersecurity Principles and Frameworks: Understand the fundamental principles of cybersecurity, including confidentiality, integrity, and availability.
Threat Modeling and Risk Assessment: Learn techniques for identifying and analyzing potential threats to an organization's information assets.
Cryptography and Secure Communication: Gain knowledge of cryptographic concepts, including encryption, hashing, and digital signatures.
Network Security and Firewalls: Understand the fundamentals of network security, including network topologies, protocols, and common vulnerabilities.
Access Control and Identity Management: Explore the principles of access control, including authentication, authorization, and accounting.
Incident Response and Disaster Recovery: Learn the key components of an effective incident response plan, including detection, containment, and recovery.
Ethical Hacking and Penetration Testing: Gain an introduction to ethical hacking techniques, including vulnerability assessment and penetration testing.
Cybersecurity Trends and Emerging Technologies: Explore the latest trends and developments in the cybersecurity landscape, such as cloud security.
Requirements
Basic understanding of computer systems: Learners should have a fundamental knowledge of computer hardware, software, and operating systems.
Familiarity with the internet and digital technologies: Students should be familiar with the basic concepts of the internet, web browsing, and common digital devices and applications.
Basic problem-solving and analytical skills: The course will require learners to have the ability to analyze and solve problems, as well as think critically about cybersecurity challenges.
Basic proficiency in English: The course materials and discussions will be in English, so learners should have a good understanding of the language.
Description
Cybersecurity Fundamentals: From Basic to Advanced SecurityIn the rapidly evolving digital landscape, cybersecurity has become a critical concern for individuals, businesses, and governments alike. The "Cybersecurity Fundamentals" course is designed to provide learners with a comprehensive introduction to the field of cybersecurity, equipping them with the knowledge and skills necessary to navigate the complex and ever-changing world of information security.This course will take learners on a journey, starting from the basic principles of cybersecurity and progressing to more advanced topics and techniques. The curriculum is structured to ensure that students with varying levels of prior knowledge can engage with the material effectively.Prerequisites:Basic understanding of computer systems and familiarity with the internetNo prior knowledge of cybersecurity is requiredCourse Outline:Module 1: Introduction to CybersecurityImportance of cybersecurity in the digital ageFundamental principles and concepts of information securityModule 2: Threat Landscape AnalysisIdentifying and understanding various cybersecurity threatsAnalyzing the evolving threat landscapeModule 3: Reconnaissance ThreatsExploring techniques used by attackers to gather information about computing and network environmentsDeveloping strategies to mitigate reconnaissance threatsModule 4: Attacks on Computing and Network EnvironmentsAnalyzing common attack vectors and techniquesImplementing countermeasures to protect against various types of attacksModule 5: Post-Attack TechniquesExamining the actions taken by attackers after a successful breachDeveloping incident response and recovery strategiesModule 6: Security Posture EvaluationAssessing an organization's security postureIdentifying vulnerabilities and implementing appropriate security controlsModule 7: Cybersecurity Intelligence CollectionGathering and analyzing relevant cybersecurity informationUtilizing intelligence to enhance an organization's security measuresModule 8: Log Data AnalysisUnderstanding the importance of log data in cybersecurityTechniques for analyzing and interpreting log dataModule 9: Active Asset and Network AnalysisPerforming active monitoring and analysis of assets and network trafficDetecting and responding to anomalies and suspicious activitiesModule 10: Cybersecurity Incident ResponseEstablishing effective incident response proceduresImplementing appropriate measures to mitigate and recover from security incidentsModule 11: Cybersecurity Incident InvestigationConducting thorough investigations of cybersecurity incidentsGathering and analyzing evidence to determine the root cause and impactTarget Audience: This course is designed for a wide range of learners, including:Aspiring IT professionalsSmall business ownersStudents in computer science or related fieldsIT enthusiastsProfessionals seeking a career transition into cybersecurityBy the end of this course, learners will have a solid understanding of cybersecurity fundamentals, the ability to identify and mitigate various security threats, and the skills to implement effective security measures to protect their digital assets. This course serves as a strong foundation for those interested in pursuing a career in the dynamic and rapidly evolving field of cybersecurity.
Overview
Section 1: Introduction
Lecture 1 Introduction
Lecture 2 Course Overview
Lecture 3 Course Outline
Section 2: Assessing Information Security Risk
Lecture 4 Module Overview : Assessing Information Security Risk
Lecture 5 Endpoint Model
Lecture 6 Permieter Model
Lecture 7 The Risk Equation
Lecture 8 Risk Management
Lecture 9 The Importance of Risk Management
Lecture 10 Enterprise Risk Management
Lecture 11 Reasons to Implement Enterprise Risk Management
Lecture 12 Risk Exposure
Lecture 13 Risk Analysis Methods
Lecture 14 Risks Facing an Enterprise
Lecture 15 Lab : Identifying the Importance of Risk Management
Lecture 16 Lab : Identifying the Importance of Risk Management (answer)
Lecture 17 Enterprise Security Architecture
Lecture 18 Enterprise Security Architecture Framework Assessment Process
Lecture 19 New and Chaging Business Models
Lecture 20 De-Perimeterization
Lecture 21 New Products and Technologies
Lecture 22 Internal and External Influences
Lecture 23 System-Specific Risk Analysis
Lecture 24 Risk Determinations: Assessing Threats and Impacts
Lecture 25 Documentation of Assessment Results (Questions)
Lecture 26 Guidlines for Assessing Risk
Lecture 27 Lab : Assessing Risks
Lecture 28 Classes of Information
Lecture 29 Classification of Information : Types into CIA Levels
Lecture 30 Security Control Categories
Lecture 31 Aggregate CIA Score
Lecture 32 Common Vulnerability Scoring System
Lecture 33 Common Vulnerabilities and Exposure (CVE)
Lecture 34 CVE Strategies and Scenarios
Lecture 35 Risk Response Techniques
Lecture 36 Risk Management Strategies
Lecture 37 Continuous Monitoring and Improvement
Lecture 38 IT Governance
Lecture 39 Guidelines for Mitigating Risk
Lecture 40 Lab : Mitigating Risk
Lecture 41 Lab. : Mitigating Risk (Answer)
Lecture 42 From Policy to Procedures
Lecture 43 Developing a Comprehensive Security Policy Document
Lecture 44 Process and Procedure Document Development
Lecture 45 Security Policies and Procedures
Lecture 46 Best Practices to Incorporate in Security Policies and Procedures
Lecture 47 Best Practices to Incorporate in Security Policies and Procedures (cont.)
Lecture 48 Business Documents
Lecture 49 Risk Management Documentation
Lecture 50 Risk Management Documentation (cont.)
Lecture 51 Lab : Risk Management Documentation
Section 3: Analyzing the Threat Landscape
Lecture 52 Introduction : Analyzing the Threat Landscape
Lecture 53 Threat Actors: Understanding the Diverse Landscape
Lecture 54 Threat Actors : Understanding the Diverse Motivations and Tactics
Lecture 55 Threat Motives: Understanding the Driving Forces Behind Cyber Attacks
Lecture 56 Threat Motives: Understanding the Drivers Behind Cyber Attacks (cont.)
Lecture 57 Attack Vectors: Understanding the Paths of Cyber Threats
Lecture 58 Attack Technique Criteria
Lecture 59 Qualitative Threat and Impact Analysis: Cybercriminals
Lecture 60 Guidelines for Classifying Threats and Threat Profiles
Lecture 61 Constructing Threat Profiles
Lecture 62 Ongoing Research for Enterprise Security Professionals
Lecture 63 Situational Awareness in Enterprise Security
Lecture 64 Commonly Targeted Assets in Enterprise Security
Lecture 65 The Latest Vulnerabilities: Addressing Emerging Security Challenges
Lecture 66 The Latest Threats and Exploits
Lecture 67 The Latest Security Technologies
Lecture 68 The Global Cybersecurity Industry and Community
Lecture 69 Trend Data and Qualifying Threats
Lecture 70 Guidelines for Performing Ongoing Threat Research
Lecture 71 Lab : Performing Ongoing Threat Landscape Research
Section 4: Analyzing Reconnaissance Threats to Computing and Network Environments
Lecture 72 Introduction : Analyzing Threats
Lecture 73 The Diverse Nature of Threats
Lecture 74 The Anatomy of a Cyber Attack
Lecture 75 Threat Modeling
Lecture 76 Lab : Implementing a Threat Model
Lecture 77 Reasons to Implement Threat Modeling
Lecture 78 Threat Modeling Process
Lecture 79 Attack Tree Analysis for Instant Message Security
Lecture 80 Threat Modeling Tools
Lecture 81 Threat Categories: Detailed Explanation
Lecture 82 Footprinting, Scanning, and Enumeration
Lecture 83 Footprinting Methods
Lecture 84 Network and System Scanning Methods
Lecture 85 Enumeration Methods
Lecture 86 Evasion Techniques for Reconnaissance
Lecture 87 Reconnaissance Tools: Footprint, Scanning, and Enumeration
Lecture 88 Packet Trace Analysis with Wireshark
Lecture 89 Lab : Examining Reconnaissance Incidents
Lecture 90 Lab : Capturing and Analyzing Data with WireShark
Lecture 91 Lab : Performing Reconnaissance on a Network
Lecture 92 Social Engineering
Lecture 93 Types of Social Engineering
Lecture 94 Phishing and Delivery Media
Lecture 95 Phishing and Common Components
Lecture 96 Social Engineering for Reconnaissance
Lecture 97 Lab : Asessing the Impact of Social Engineering
Section 5: Analyzing Attacks on Comptuing and Network Environments
Lecture 98 Intoduction : Analyzing Attacks
Lecture 99 System Hacking - Step - by - Step
Lecture 100 System Hacking : Monitoring
Lecture 101 Password Cracking Techniques Explained
Lecture 102 Privilege Escalation
Lecture 103 Social Engineering for Systems Hacking: A Dangerous Threat
Lecture 104 Social Engineering for Systems Hacking Tools
Lecture 105 Lab : Assessing the Impact of System Hacking Attacks
Lecture 106 Client-Side Attacks vs. Server-Side Attacks
Lecture 107 XSS
Lecture 108 XSRF
Lecture 109 SQL Injection
Lecture 110 Directory Traversal
Lecture 111 File Inclusion
Lecture 112 Web Application Vulnerabilities and Exploits
Lecture 113 Web Services Exploits
Lecture 114 Web-Based Attack Tools
Lecture 115 Lab : Asseessing the Impact of Web-Based Threats
Lecture 116 Malware Categories
Lecture 117 Trojan Horse
Lecture 118 Polymorphic Virus
Lecture 119 Spyware
Lecture 120 Supply Chain Attack
Lecture 121 Malware Tools
Lecture 122 Lab : Assessing the Impact of Malware
Lecture 123 Spoofing, Impersonation, and Hijacking: Threats to Enterprise Security
Lecture 124 ARP Spoofing
Lecture 125 DNS Poisoning
Lecture 126 ICMP Redirect Attack
Lecture 127 DHCP Spoofing
Lecture 128 NBNS Spoofing (NetBIOS Name Service Spoofing)
Lecture 129 Session Hijacking
Lecture 130 Hijacking and Spoofing Tools
Lecture 131 Lab : Assessing the Impact of Hijacking and Impersonation Attacks
Lecture 132 Denial of Service (DoS) Attacks
Lecture 133 Denial of Service (DoS) Attack Techniques
Lecture 134 Distributed Denial of Service (DDoS) Attacks
Lecture 135 Denial of Service (DoS) Evasion Techniques
Lecture 136 DoS Tools
Lecture 137 Lab : Assessing the Impact of DoS Incidents
Lecture 138 Trends in Mobile Security
Lecture 139 Wireless Threats
Lecture 140 BYOD (Bring Your Own Device) Threats
Lecture 141 Mobile Platform Threats
Lecture 142 Mobile Infrastructure Hacking Tools
Lecture 143 Lab : Assessing the Impact of Threats to Mobile Devices
Lecture 144 Cloud Infrastructure Challenges
Lecture 145 Threats to Virtualized Environments
Lecture 146 Threats to Big Data
Lecture 147 Threats to Big Data and Considerations for Secure Big Data Platforms
Lecture 148 Lab : Assessing the Impact of Threats to Cloud Infrastructures
Section 6: Analyzing Post-Attack Techniques
Lecture 149 Introduction : Analyzing Post - Attack Techniques
Lecture 150 Command and Control (C&C) in the Context of Cybersecurity
Lecture 151 IRC - IRC (Internet Relay Chat)
Lecture 152 HTTP/HTTPS as a Communication Channel for Malicious Activities
Lecture 153 DNS
Lecture 154 ICMP (Internet Control Message Protocol)
Lecture 155 Lab : Assessing Command and Control Techniques
Lecture 156 C&C Channel Vectors
Lecture 157 Advanced Persistent Threat (APT)
Lecture 158 Backdoors: A Significant Security Threat
Lecture 159 Logic Bomb
Lecture 160 Rogue Accounts: A Significant Security Threat
Lecture 161 Lab : Detecting Rootkits
Lecture 162 Lateral Movement
Lecture 163 Pass the Hash
Lecture 164 Golden Ticket
Lecture 165 Remote Access Services in Enterprise Security Architecture
Lecture 166 WMIC (Windows Management Instrumentation Command-line)
Lecture 167 PsExec Tool
Lecture 168 Port Forwarding
Lecture 169 VPN Pivoting
Lecture 170 SSH Pivoting
Lecture 171 Routing Tables and Pivoting
Lecture 172 Lab : Assessing Lateral Movement and Pivoting Techniques
Lecture 173 Data Exfilration
Lecture 174 Covert Channels: A Stealthy Means of Data Exfiltration
Lecture 175 Steganography
Lecture 176 File Sharing Services
Lecture 177 Lab : Assessing Data Exfiltration
Lecture 178 Anti-Forensics: Disrupting Forensic Investigations
Lecture 179 Golden Ticket and Anti - Forensics
Lecture 180 Buffer Overflow Attacks in Forensic Tools
Lecture 181 Memory Residents
Lecture 182 Program Packers
Lecture 183 Malware Detection in Virtual Machines and Sandboxes
Lecture 184 Alternate Data Streams (ADS)
Lecture 185 Covering Tracks
Lecture 186 Lab : Assessing Anti-Forensic Techniques
Section 7: Evaluating the Organization's Security Posture
Lecture 187 Introduction : Evaluating the Organization's Security Posture
Lecture 188 Vulnerability Assessment
Lecture 189 Penetration Testing
Lecture 190 Vulnerability Assessment vs. Penetration Testing
Lecture 191 Vulnerability AssessmentImplementation
Lecture 192 Vulnerability Assessment Tools
Lecture 193 Specific Assessment Tools
Lecture 194 Port Scanning and Fingerprinting
Lecture 195 Sources of Vulnerability Information
Lecture 196 Operating System and Software Patching
Lecture 197 Ensuring Systemic Security in Enterprise Architecture
Lecture 198 Lab : Conducting Vulnerability Asssessment
Lecture 199 ROE (Rules of Engagement) for Security Assessments
Lecture 200 Penetration Testing Process
Lecture 201 Penetration Test Scope
Lecture 202 External vs. Internal Penetration Testing
Lecture 203 Pen Testing Techniques
Lecture 204 Penetration Testing Tools
Lecture 205 Kali Linux
Lecture 206 Data Mining for Enterprise Security Assessment
Lecture 207 Attack Surface Scanning and Mapping
Lecture 208 Packet Manipulation for Enumeration
Lecture 209 Simulated Attacks and Firewall Response Explanation
Lecture 210 Password Attacks
Lecture 211 Penetration Test Considerations
Lecture 212 Effective Reporting and Documentation
Lecture 213 Target Audiences
Lecture 214 Lab : Conducting Penetration Testing on Network Assets
Lecture 215 Information Collection Methods
Lecture 216 Penetration Test Follow-Up
Lecture 217 Report Classification and Distribution
Lecture 218 Lab : Analyzing and Reporting Penetration Test Results
Section 8: Collecting Cybersecurity Intelligence
Lecture 219 Introduction : Collecting Cybersecurity Intelligence
Lecture 220 Security Intelligence
Lecture 221 The Challenge of Security Intelligence Collection
Lecture 222 The Security Intelligence Collection Lifecycle
Lecture 223 Security Intelligence Collection Plan
Lecture 224 Continuous Security Monitoring (CSM)
Lecture 225 Monitor in an enterprise security architecture framework assessment process
Lecture 226 Security Monitoring Tools
Lecture 227 Effective Data Collection for Enterprise Security Assessments
Lecture 228 Potential Sources of Security Intelligence
Lecture 229 Guidelines for Determining Which Data to Collect for Security Intelligence
Lecture 230 Guidelines for Determining Which Fields You Should Log
Lecture 231 Guidelines for Configuring Logging Systems Based on Their Impact
Lecture 232 Guidelines for Determining Which Events Should Prompt an Alert
Lecture 233 Information Processing in Enterprise Security Assessments
Lecture 234 External Data Sources for Enterprise Security
Lecture 235 Publicly Available Information
Lecture 236 Automation in Security Data Collection and Reporting
Lecture 237 Data Retention: Ensuring Compliance and Mitigating Risks
Lecture 238 Lab : Deploying a Security Intelligence Collection and Analysis Platform
Lecture 239 Network Device Configuration Files: A Crucial Component of Enterprise Security
Lecture 240 Network Device State Data
Lecture 241 Switch and Router Logs
Lecture 242 Wireless Device Logs
Lecture 243 Firewall Logs
Lecture 244 Web Application Firewall (WAF) Logs
Lecture 245 Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) Logging
Lecture 246 Proxy Logs
Lecture 247 Carrier Provider Logs in Enterprise Security Assessments
Lecture 248 Software-Defined Networking (SDN)
Lecture 249 Network Traffic and Flow Data Analysis
Lecture 250 Log Tuning: Balancing Logging Effectiveness
Lecture 251 Lab : Collecting Network-Based Security Intelligence
Lecture 252 Operating System Log Data
Lecture 253 Windows Event Logs
Lecture 254 Syslog Data
Lecture 255 Application Logs
Lecture 256 DNS (Domain Name System) event logs
Lecture 257 SMTP Logs
Lecture 258 FTP Logs
Lecture 259 SSH Logs
Lecture 260 SQL Logs
Lecture 261 Lab : Collecting Host-Based Security Intelligence
Section 9: Analyzing Log Data
Lecture 262 Introduction : Analyzing Log Data
Lecture 263 Preparation for Analysis
Lecture 264 Guidelines for Preparing Data for Analysis
Lecture 265 Log Analysis Tools
Lecture 266 The grep Command
Lecture 267 The cut Command
Lecture 268 The diff Command
Lecture 269 The find Command
Lecture 270 WMIC (Windows Management Instrumentation Command-line)
Lecture 271 Event Viewer
Lecture 272 Bash (Bourne-Again SHell)
Lecture 273 Windows PowerShell
Lecture 274 Log Analysis Tools
Lecture 275 Guidelines for Using Windows- and Linux-Based Tools for Log Analysis
Lecture 276 Lab : Analyzing Linux Logs for Security Intelligence
Lecture 277 Security Intelligence Correlation
Lecture 278 SIEM (Security Information and Event Management)
Lecture 279 Guidelines for Using SIEMs for Security Intelligence Analysis
Lecture 280 Lab : Incorporating SIEMs into Security Intelligence Analysis
Lecture 281 Regular Expressions (Regex)
Lecture 282 Lab : Parsing Log Files with Regular Expressions
Lecture 283 Guidelines for Writing Regular Expression
Section 10: Performing Active Asset and Network Analysis
Lecture 284 Introduction : Performing Active Asset and Network Analysis
Lecture 285 Registry Editor (regedit)
Lecture 286 Analysis with Registry Editor
Lecture 287 File System Analysis Tools for Windows
Lecture 288 Process Explorer
Lecture 289 Service Analysis Tools for Windows
Lecture 290 Volatile Memory Analysis Tools for Windows
Lecture 291 Active Directory Analysis Tools
Lecture 292 Network Analysis Tools
Lecture 293 Lab : Analyzing Incidents with Windows-Based Tools
Lecture 294 File System Analysis Tools for Linux
Lecture 295 Process Analysis Tools for Linux
Lecture 296 Volatile Memory Analysis Tools for Linux
Lecture 297 Session Analysis Tools for Linux
Lecture 298 Network Analysis Tools for Linux
Lecture 299 Lab : Analyzing Incidents with Linux - Based Tools
Lecture 300 Malware Sandboxing
Lecture 301 Crowd-Sources Signature Detection
Lecture 302 Reverse Engineering
Lecture 303 Disassemblers
Lecture 304 Malware Strings
Lecture 305 Anti - Malware Solutions
Lecture 306 MAEC (Malware Attribute Enumeration and Characterization)
Lecture 307 Guidelines for Analyzing Malware
Lecture 308 Lab : Analyzing Malware
Lecture 309 Indicators of Compromise (IOCs)
Lecture 310 Suspicious Emails and Potential Indicators of Compromise
Lecture 311 Suspicious Registry Entries
Lecture 312 Unknown Port and Protocol Usage
Lecture 313 Excessive Bandwidth Usage
Lecture 314 Service Disruption and Defacement
Lecture 315 Rogue Hardware: A Significant Security Threat
Lecture 316 Suspicious or Unauthorized Account Usage
Lecture 317 Guidelines for Analyzing Indicators of Compromise
Lecture 318 Lab : Analyzing Indicators of Compromise
Section 11: Responding to Cybersecurity Incidents
Lecture 319 Introduction : Responding to Cybersecurity Incidents
Lecture 320 Incident Handling and Response Planning
Lecture 321 Site Book
Lecture 322 Incident Response Process
Lecture 323 Security Operations Center (SOC)
Lecture 324 CSIRT (Computer Security Incident Response Team)
Lecture 325 Incident Indicator Sources
Lecture 326 Incident Handling Tools
Lecture 327 Lab : Developing an Incident Response System
Lecture 328 System Hardening
Lecture 329 System and Application Isolation
Lecture 330 Lesson Learned
Lecture 331 Blacklisting
Lecture 332 Whitelisting
Lecture 333 DNS Filtering
Lecture 334 Black Hole Routing
Lecture 335 Mobile Device Management
Lecture 336 Lab : Identify and Analyzing an Incident
Lecture 337 Lab : Containing, Mitigating, and Recovering from an Incident
Lecture 338 Guidelines for Mitigating Incidents
Lecture 339 Forensics Analyst
Lecture 340 Lab : Preparing for a Forensic Investigation
Section 12: Investigating Cybersecurity Incidents
Lecture 341 Introduction : Collecting Cybersecurity Intelligence
Lecture 342 A Day in the Life of a Forensic Analyst
Lecture 343 Forensic Investigation Models
Lecture 344 Forensic Investigation Preparation
Lecture 345 Maintaining the Appropriate Investigation Scope
Lecture 346 Generating and Analyzing Timelines
Lecture 347 Authenticating Evidence in Investigations
Lecture 348 Chain of Custody: Ensuring the Integrity of Digital Evidence
Lecture 349 Communication and Interaction with Third Parties
Lecture 350 Forensic Toolkit
Lecture 351 Guidelines for Preparing for a Forensic Investigation
Aspiring IT professionals: Individuals interested in pursuing a career in the cybersecurity field.,Small business owners: Entrepreneurs and small business owners who need to understand and implement cybersecurity measures.,Students in computer science or related fields: Undergraduate and graduate students looking to gain a solid foundation in cybersecurity.,IT enthusiasts: Individuals with a keen interest in technology and a desire to learn about cybersecurity.,Professionals seeking a career transition: Individuals from other industries who want to transition into the cybersecurity field.
Homepage