It Security Fundamentals (2024) - Printable Version +- Softwarez.Info - Software's World! (https://softwarez.info) +-- Forum: Library Zone (https://softwarez.info/Forum-Library-Zone) +--- Forum: Video Tutorials (https://softwarez.info/Forum-Video-Tutorials) +--- Thread: It Security Fundamentals (2024) (/Thread-It-Security-Fundamentals-2024--407475) |
It Security Fundamentals (2024) - BaDshaH - 05-15-2024 Published 5/2024 MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz Language: English | Size: 3.33 GB | Duration: 18h 41m Mastering the Principles, Technologies, and Best Practices of Cybersecurity What you'll learn Cybersecurity Principles and Frameworks: Understand the fundamental principles of cybersecurity, including confidentiality, integrity, and availability. Threat Modeling and Risk Assessment: Learn techniques for identifying and analyzing potential threats to an organization's information assets. Cryptography and Secure Communication: Gain knowledge of cryptographic concepts, including encryption, hashing, and digital signatures. Network Security and Firewalls: Understand the fundamentals of network security, including network topologies, protocols, and common vulnerabilities. Access Control and Identity Management: Explore the principles of access control, including authentication, authorization, and accounting. Incident Response and Disaster Recovery: Learn the key components of an effective incident response plan, including detection, containment, and recovery. Ethical Hacking and Penetration Testing: Gain an introduction to ethical hacking techniques, including vulnerability assessment and penetration testing. Cybersecurity Trends and Emerging Technologies: Explore the latest trends and developments in the cybersecurity landscape, such as cloud security. Requirements Basic understanding of computer systems: Learners should have a fundamental knowledge of computer hardware, software, and operating systems. Familiarity with the internet and digital technologies: Students should be familiar with the basic concepts of the internet, web browsing, and common digital devices and applications. Basic problem-solving and analytical skills: The course will require learners to have the ability to analyze and solve problems, as well as think critically about cybersecurity challenges. Basic proficiency in English: The course materials and discussions will be in English, so learners should have a good understanding of the language. Description Cybersecurity Fundamentals: From Basic to Advanced SecurityIn the rapidly evolving digital landscape, cybersecurity has become a critical concern for individuals, businesses, and governments alike. The "Cybersecurity Fundamentals" course is designed to provide learners with a comprehensive introduction to the field of cybersecurity, equipping them with the knowledge and skills necessary to navigate the complex and ever-changing world of information security.This course will take learners on a journey, starting from the basic principles of cybersecurity and progressing to more advanced topics and techniques. The curriculum is structured to ensure that students with varying levels of prior knowledge can engage with the material effectively.Prerequisites:Basic understanding of computer systems and familiarity with the internetNo prior knowledge of cybersecurity is requiredCourse Outline:Module 1: Introduction to CybersecurityImportance of cybersecurity in the digital ageFundamental principles and concepts of information securityModule 2: Threat Landscape AnalysisIdentifying and understanding various cybersecurity threatsAnalyzing the evolving threat landscapeModule 3: Reconnaissance ThreatsExploring techniques used by attackers to gather information about computing and network environmentsDeveloping strategies to mitigate reconnaissance threatsModule 4: Attacks on Computing and Network EnvironmentsAnalyzing common attack vectors and techniquesImplementing countermeasures to protect against various types of attacksModule 5: Post-Attack TechniquesExamining the actions taken by attackers after a successful breachDeveloping incident response and recovery strategiesModule 6: Security Posture EvaluationAssessing an organization's security postureIdentifying vulnerabilities and implementing appropriate security controlsModule 7: Cybersecurity Intelligence CollectionGathering and analyzing relevant cybersecurity informationUtilizing intelligence to enhance an organization's security measuresModule 8: Log Data AnalysisUnderstanding the importance of log data in cybersecurityTechniques for analyzing and interpreting log dataModule 9: Active Asset and Network AnalysisPerforming active monitoring and analysis of assets and network trafficDetecting and responding to anomalies and suspicious activitiesModule 10: Cybersecurity Incident ResponseEstablishing effective incident response proceduresImplementing appropriate measures to mitigate and recover from security incidentsModule 11: Cybersecurity Incident InvestigationConducting thorough investigations of cybersecurity incidentsGathering and analyzing evidence to determine the root cause and impactTarget Audience: This course is designed for a wide range of learners, including:Aspiring IT professionalsSmall business ownersStudents in computer science or related fieldsIT enthusiastsProfessionals seeking a career transition into cybersecurityBy the end of this course, learners will have a solid understanding of cybersecurity fundamentals, the ability to identify and mitigate various security threats, and the skills to implement effective security measures to protect their digital assets. This course serves as a strong foundation for those interested in pursuing a career in the dynamic and rapidly evolving field of cybersecurity. Overview Section 1: Introduction Lecture 1 Introduction Lecture 2 Course Overview Lecture 3 Course Outline Section 2: Assessing Information Security Risk Lecture 4 Module Overview : Assessing Information Security Risk Lecture 5 Endpoint Model Lecture 6 Permieter Model Lecture 7 The Risk Equation Lecture 8 Risk Management Lecture 9 The Importance of Risk Management Lecture 10 Enterprise Risk Management Lecture 11 Reasons to Implement Enterprise Risk Management Lecture 12 Risk Exposure Lecture 13 Risk Analysis Methods Lecture 14 Risks Facing an Enterprise Lecture 15 Lab : Identifying the Importance of Risk Management Lecture 16 Lab : Identifying the Importance of Risk Management (answer) Lecture 17 Enterprise Security Architecture Lecture 18 Enterprise Security Architecture Framework Assessment Process Lecture 19 New and Chaging Business Models Lecture 20 De-Perimeterization Lecture 21 New Products and Technologies Lecture 22 Internal and External Influences Lecture 23 System-Specific Risk Analysis Lecture 24 Risk Determinations: Assessing Threats and Impacts Lecture 25 Documentation of Assessment Results (Questions) Lecture 26 Guidlines for Assessing Risk Lecture 27 Lab : Assessing Risks Lecture 28 Classes of Information Lecture 29 Classification of Information : Types into CIA Levels Lecture 30 Security Control Categories Lecture 31 Aggregate CIA Score Lecture 32 Common Vulnerability Scoring System Lecture 33 Common Vulnerabilities and Exposure (CVE) Lecture 34 CVE Strategies and Scenarios Lecture 35 Risk Response Techniques Lecture 36 Risk Management Strategies Lecture 37 Continuous Monitoring and Improvement Lecture 38 IT Governance Lecture 39 Guidelines for Mitigating Risk Lecture 40 Lab : Mitigating Risk Lecture 41 Lab. : Mitigating Risk (Answer) Lecture 42 From Policy to Procedures Lecture 43 Developing a Comprehensive Security Policy Document Lecture 44 Process and Procedure Document Development Lecture 45 Security Policies and Procedures Lecture 46 Best Practices to Incorporate in Security Policies and Procedures Lecture 47 Best Practices to Incorporate in Security Policies and Procedures (cont.) Lecture 48 Business Documents Lecture 49 Risk Management Documentation Lecture 50 Risk Management Documentation (cont.) Lecture 51 Lab : Risk Management Documentation Section 3: Analyzing the Threat Landscape Lecture 52 Introduction : Analyzing the Threat Landscape Lecture 53 Threat Actors: Understanding the Diverse Landscape Lecture 54 Threat Actors : Understanding the Diverse Motivations and Tactics Lecture 55 Threat Motives: Understanding the Driving Forces Behind Cyber Attacks Lecture 56 Threat Motives: Understanding the Drivers Behind Cyber Attacks (cont.) Lecture 57 Attack Vectors: Understanding the Paths of Cyber Threats Lecture 58 Attack Technique Criteria Lecture 59 Qualitative Threat and Impact Analysis: Cybercriminals Lecture 60 Guidelines for Classifying Threats and Threat Profiles Lecture 61 Constructing Threat Profiles Lecture 62 Ongoing Research for Enterprise Security Professionals Lecture 63 Situational Awareness in Enterprise Security Lecture 64 Commonly Targeted Assets in Enterprise Security Lecture 65 The Latest Vulnerabilities: Addressing Emerging Security Challenges Lecture 66 The Latest Threats and Exploits Lecture 67 The Latest Security Technologies Lecture 68 The Global Cybersecurity Industry and Community Lecture 69 Trend Data and Qualifying Threats Lecture 70 Guidelines for Performing Ongoing Threat Research Lecture 71 Lab : Performing Ongoing Threat Landscape Research Section 4: Analyzing Reconnaissance Threats to Computing and Network Environments Lecture 72 Introduction : Analyzing Threats Lecture 73 The Diverse Nature of Threats Lecture 74 The Anatomy of a Cyber Attack Lecture 75 Threat Modeling Lecture 76 Lab : Implementing a Threat Model Lecture 77 Reasons to Implement Threat Modeling Lecture 78 Threat Modeling Process Lecture 79 Attack Tree Analysis for Instant Message Security Lecture 80 Threat Modeling Tools Lecture 81 Threat Categories: Detailed Explanation Lecture 82 Footprinting, Scanning, and Enumeration Lecture 83 Footprinting Methods Lecture 84 Network and System Scanning Methods Lecture 85 Enumeration Methods Lecture 86 Evasion Techniques for Reconnaissance Lecture 87 Reconnaissance Tools: Footprint, Scanning, and Enumeration Lecture 88 Packet Trace Analysis with Wireshark Lecture 89 Lab : Examining Reconnaissance Incidents Lecture 90 Lab : Capturing and Analyzing Data with WireShark Lecture 91 Lab : Performing Reconnaissance on a Network Lecture 92 Social Engineering Lecture 93 Types of Social Engineering Lecture 94 Phishing and Delivery Media Lecture 95 Phishing and Common Components Lecture 96 Social Engineering for Reconnaissance Lecture 97 Lab : Asessing the Impact of Social Engineering Section 5: Analyzing Attacks on Comptuing and Network Environments Lecture 98 Intoduction : Analyzing Attacks Lecture 99 System Hacking - Step - by - Step Lecture 100 System Hacking : Monitoring Lecture 101 Password Cracking Techniques Explained Lecture 102 Privilege Escalation Lecture 103 Social Engineering for Systems Hacking: A Dangerous Threat Lecture 104 Social Engineering for Systems Hacking Tools Lecture 105 Lab : Assessing the Impact of System Hacking Attacks Lecture 106 Client-Side Attacks vs. Server-Side Attacks Lecture 107 XSS Lecture 108 XSRF Lecture 109 SQL Injection Lecture 110 Directory Traversal Lecture 111 File Inclusion Lecture 112 Web Application Vulnerabilities and Exploits Lecture 113 Web Services Exploits Lecture 114 Web-Based Attack Tools Lecture 115 Lab : Asseessing the Impact of Web-Based Threats Lecture 116 Malware Categories Lecture 117 Trojan Horse Lecture 118 Polymorphic Virus Lecture 119 Spyware Lecture 120 Supply Chain Attack Lecture 121 Malware Tools Lecture 122 Lab : Assessing the Impact of Malware Lecture 123 Spoofing, Impersonation, and Hijacking: Threats to Enterprise Security Lecture 124 ARP Spoofing Lecture 125 DNS Poisoning Lecture 126 ICMP Redirect Attack Lecture 127 DHCP Spoofing Lecture 128 NBNS Spoofing (NetBIOS Name Service Spoofing) Lecture 129 Session Hijacking Lecture 130 Hijacking and Spoofing Tools Lecture 131 Lab : Assessing the Impact of Hijacking and Impersonation Attacks Lecture 132 Denial of Service (DoS) Attacks Lecture 133 Denial of Service (DoS) Attack Techniques Lecture 134 Distributed Denial of Service (DDoS) Attacks Lecture 135 Denial of Service (DoS) Evasion Techniques Lecture 136 DoS Tools Lecture 137 Lab : Assessing the Impact of DoS Incidents Lecture 138 Trends in Mobile Security Lecture 139 Wireless Threats Lecture 140 BYOD (Bring Your Own Device) Threats Lecture 141 Mobile Platform Threats Lecture 142 Mobile Infrastructure Hacking Tools Lecture 143 Lab : Assessing the Impact of Threats to Mobile Devices Lecture 144 Cloud Infrastructure Challenges Lecture 145 Threats to Virtualized Environments Lecture 146 Threats to Big Data Lecture 147 Threats to Big Data and Considerations for Secure Big Data Platforms Lecture 148 Lab : Assessing the Impact of Threats to Cloud Infrastructures Section 6: Analyzing Post-Attack Techniques Lecture 149 Introduction : Analyzing Post - Attack Techniques Lecture 150 Command and Control (C&C) in the Context of Cybersecurity Lecture 151 IRC - IRC (Internet Relay Chat) Lecture 152 HTTP/HTTPS as a Communication Channel for Malicious Activities Lecture 153 DNS Lecture 154 ICMP (Internet Control Message Protocol) Lecture 155 Lab : Assessing Command and Control Techniques Lecture 156 C&C Channel Vectors Lecture 157 Advanced Persistent Threat (APT) Lecture 158 Backdoors: A Significant Security Threat Lecture 159 Logic Bomb Lecture 160 Rogue Accounts: A Significant Security Threat Lecture 161 Lab : Detecting Rootkits Lecture 162 Lateral Movement Lecture 163 Pass the Hash Lecture 164 Golden Ticket Lecture 165 Remote Access Services in Enterprise Security Architecture Lecture 166 WMIC (Windows Management Instrumentation Command-line) Lecture 167 PsExec Tool Lecture 168 Port Forwarding Lecture 169 VPN Pivoting Lecture 170 SSH Pivoting Lecture 171 Routing Tables and Pivoting Lecture 172 Lab : Assessing Lateral Movement and Pivoting Techniques Lecture 173 Data Exfilration Lecture 174 Covert Channels: A Stealthy Means of Data Exfiltration Lecture 175 Steganography Lecture 176 File Sharing Services Lecture 177 Lab : Assessing Data Exfiltration Lecture 178 Anti-Forensics: Disrupting Forensic Investigations Lecture 179 Golden Ticket and Anti - Forensics Lecture 180 Buffer Overflow Attacks in Forensic Tools Lecture 181 Memory Residents Lecture 182 Program Packers Lecture 183 Malware Detection in Virtual Machines and Sandboxes Lecture 184 Alternate Data Streams (ADS) Lecture 185 Covering Tracks Lecture 186 Lab : Assessing Anti-Forensic Techniques Section 7: Evaluating the Organization's Security Posture Lecture 187 Introduction : Evaluating the Organization's Security Posture Lecture 188 Vulnerability Assessment Lecture 189 Penetration Testing Lecture 190 Vulnerability Assessment vs. Penetration Testing Lecture 191 Vulnerability AssessmentImplementation Lecture 192 Vulnerability Assessment Tools Lecture 193 Specific Assessment Tools Lecture 194 Port Scanning and Fingerprinting Lecture 195 Sources of Vulnerability Information Lecture 196 Operating System and Software Patching Lecture 197 Ensuring Systemic Security in Enterprise Architecture Lecture 198 Lab : Conducting Vulnerability Asssessment Lecture 199 ROE (Rules of Engagement) for Security Assessments Lecture 200 Penetration Testing Process Lecture 201 Penetration Test Scope Lecture 202 External vs. Internal Penetration Testing Lecture 203 Pen Testing Techniques Lecture 204 Penetration Testing Tools Lecture 205 Kali Linux Lecture 206 Data Mining for Enterprise Security Assessment Lecture 207 Attack Surface Scanning and Mapping Lecture 208 Packet Manipulation for Enumeration Lecture 209 Simulated Attacks and Firewall Response Explanation Lecture 210 Password Attacks Lecture 211 Penetration Test Considerations Lecture 212 Effective Reporting and Documentation Lecture 213 Target Audiences Lecture 214 Lab : Conducting Penetration Testing on Network Assets Lecture 215 Information Collection Methods Lecture 216 Penetration Test Follow-Up Lecture 217 Report Classification and Distribution Lecture 218 Lab : Analyzing and Reporting Penetration Test Results Section 8: Collecting Cybersecurity Intelligence Lecture 219 Introduction : Collecting Cybersecurity Intelligence Lecture 220 Security Intelligence Lecture 221 The Challenge of Security Intelligence Collection Lecture 222 The Security Intelligence Collection Lifecycle Lecture 223 Security Intelligence Collection Plan Lecture 224 Continuous Security Monitoring (CSM) Lecture 225 Monitor in an enterprise security architecture framework assessment process Lecture 226 Security Monitoring Tools Lecture 227 Effective Data Collection for Enterprise Security Assessments Lecture 228 Potential Sources of Security Intelligence Lecture 229 Guidelines for Determining Which Data to Collect for Security Intelligence Lecture 230 Guidelines for Determining Which Fields You Should Log Lecture 231 Guidelines for Configuring Logging Systems Based on Their Impact Lecture 232 Guidelines for Determining Which Events Should Prompt an Alert Lecture 233 Information Processing in Enterprise Security Assessments Lecture 234 External Data Sources for Enterprise Security Lecture 235 Publicly Available Information Lecture 236 Automation in Security Data Collection and Reporting Lecture 237 Data Retention: Ensuring Compliance and Mitigating Risks Lecture 238 Lab : Deploying a Security Intelligence Collection and Analysis Platform Lecture 239 Network Device Configuration Files: A Crucial Component of Enterprise Security Lecture 240 Network Device State Data Lecture 241 Switch and Router Logs Lecture 242 Wireless Device Logs Lecture 243 Firewall Logs Lecture 244 Web Application Firewall (WAF) Logs Lecture 245 Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) Logging Lecture 246 Proxy Logs Lecture 247 Carrier Provider Logs in Enterprise Security Assessments Lecture 248 Software-Defined Networking (SDN) Lecture 249 Network Traffic and Flow Data Analysis Lecture 250 Log Tuning: Balancing Logging Effectiveness Lecture 251 Lab : Collecting Network-Based Security Intelligence Lecture 252 Operating System Log Data Lecture 253 Windows Event Logs Lecture 254 Syslog Data Lecture 255 Application Logs Lecture 256 DNS (Domain Name System) event logs Lecture 257 SMTP Logs Lecture 258 FTP Logs Lecture 259 SSH Logs Lecture 260 SQL Logs Lecture 261 Lab : Collecting Host-Based Security Intelligence Section 9: Analyzing Log Data Lecture 262 Introduction : Analyzing Log Data Lecture 263 Preparation for Analysis Lecture 264 Guidelines for Preparing Data for Analysis Lecture 265 Log Analysis Tools Lecture 266 The grep Command Lecture 267 The cut Command Lecture 268 The diff Command Lecture 269 The find Command Lecture 270 WMIC (Windows Management Instrumentation Command-line) Lecture 271 Event Viewer Lecture 272 Bash (Bourne-Again SHell) Lecture 273 Windows PowerShell Lecture 274 Log Analysis Tools Lecture 275 Guidelines for Using Windows- and Linux-Based Tools for Log Analysis Lecture 276 Lab : Analyzing Linux Logs for Security Intelligence Lecture 277 Security Intelligence Correlation Lecture 278 SIEM (Security Information and Event Management) Lecture 279 Guidelines for Using SIEMs for Security Intelligence Analysis Lecture 280 Lab : Incorporating SIEMs into Security Intelligence Analysis Lecture 281 Regular Expressions (Regex) Lecture 282 Lab : Parsing Log Files with Regular Expressions Lecture 283 Guidelines for Writing Regular Expression Section 10: Performing Active Asset and Network Analysis Lecture 284 Introduction : Performing Active Asset and Network Analysis Lecture 285 Registry Editor (regedit) Lecture 286 Analysis with Registry Editor Lecture 287 File System Analysis Tools for Windows Lecture 288 Process Explorer Lecture 289 Service Analysis Tools for Windows Lecture 290 Volatile Memory Analysis Tools for Windows Lecture 291 Active Directory Analysis Tools Lecture 292 Network Analysis Tools Lecture 293 Lab : Analyzing Incidents with Windows-Based Tools Lecture 294 File System Analysis Tools for Linux Lecture 295 Process Analysis Tools for Linux Lecture 296 Volatile Memory Analysis Tools for Linux Lecture 297 Session Analysis Tools for Linux Lecture 298 Network Analysis Tools for Linux Lecture 299 Lab : Analyzing Incidents with Linux - Based Tools Lecture 300 Malware Sandboxing Lecture 301 Crowd-Sources Signature Detection Lecture 302 Reverse Engineering Lecture 303 Disassemblers Lecture 304 Malware Strings Lecture 305 Anti - Malware Solutions Lecture 306 MAEC (Malware Attribute Enumeration and Characterization) Lecture 307 Guidelines for Analyzing Malware Lecture 308 Lab : Analyzing Malware Lecture 309 Indicators of Compromise (IOCs) Lecture 310 Suspicious Emails and Potential Indicators of Compromise Lecture 311 Suspicious Registry Entries Lecture 312 Unknown Port and Protocol Usage Lecture 313 Excessive Bandwidth Usage Lecture 314 Service Disruption and Defacement Lecture 315 Rogue Hardware: A Significant Security Threat Lecture 316 Suspicious or Unauthorized Account Usage Lecture 317 Guidelines for Analyzing Indicators of Compromise Lecture 318 Lab : Analyzing Indicators of Compromise Section 11: Responding to Cybersecurity Incidents Lecture 319 Introduction : Responding to Cybersecurity Incidents Lecture 320 Incident Handling and Response Planning Lecture 321 Site Book Lecture 322 Incident Response Process Lecture 323 Security Operations Center (SOC) Lecture 324 CSIRT (Computer Security Incident Response Team) Lecture 325 Incident Indicator Sources Lecture 326 Incident Handling Tools Lecture 327 Lab : Developing an Incident Response System Lecture 328 System Hardening Lecture 329 System and Application Isolation Lecture 330 Lesson Learned Lecture 331 Blacklisting Lecture 332 Whitelisting Lecture 333 DNS Filtering Lecture 334 Black Hole Routing Lecture 335 Mobile Device Management Lecture 336 Lab : Identify and Analyzing an Incident Lecture 337 Lab : Containing, Mitigating, and Recovering from an Incident Lecture 338 Guidelines for Mitigating Incidents Lecture 339 Forensics Analyst Lecture 340 Lab : Preparing for a Forensic Investigation Section 12: Investigating Cybersecurity Incidents Lecture 341 Introduction : Collecting Cybersecurity Intelligence Lecture 342 A Day in the Life of a Forensic Analyst Lecture 343 Forensic Investigation Models Lecture 344 Forensic Investigation Preparation Lecture 345 Maintaining the Appropriate Investigation Scope Lecture 346 Generating and Analyzing Timelines Lecture 347 Authenticating Evidence in Investigations Lecture 348 Chain of Custody: Ensuring the Integrity of Digital Evidence Lecture 349 Communication and Interaction with Third Parties Lecture 350 Forensic Toolkit Lecture 351 Guidelines for Preparing for a Forensic Investigation Aspiring IT professionals: Individuals interested in pursuing a career in the cybersecurity field.,Small business owners: Entrepreneurs and small business owners who need to understand and implement cybersecurity measures.,Students in computer science or related fields: Undergraduate and graduate students looking to gain a solid foundation in cybersecurity.,IT enthusiasts: Individuals with a keen interest in technology and a desire to learn about cybersecurity.,Professionals seeking a career transition: Individuals from other industries who want to transition into the cybersecurity field. Homepage |