• Increase your awareness of security
  
• Interpret/analyze tool output for network mapping/footprinting
  
• Reduce attack surface of systems
  
• Review networking as it applies to security controls
  
• Explore different data protection principles
  
• Examine the role of PKI/certificates in building trusted relationships between devices in a network
  
• Implement login security and other identity management solutions
  
• Reduce attack surface of network devices
  
• Explore current malware threats and anti-malware solutions
  
• Explore social engineering threats, methods, and techniques
  
• Examine software vulnerabilities and security solutions for reducing the risk of exploitation
  
• Explain monitoring capabilities and requirements and how those may raise privacy concerns
  
• Identify physical security controls and the relationship between physical and IT security
  
• Explain incident response capabilities
  
• Identify legal considerations and investigative techniques when it comes to cybersecurity
  
• Research trends in cybersecurity
  

Required Prerequisites:

• Understanding Networking Fundamentals
  
• TCP/IP Networking or equivalent knowledge
  

Follow-on Courses:

• Security+ Certification Prep Course
  
• CND - Certified Network Defender
  

Outline

1. Cybersecurity Awareness

• What is security?
  
• Confidentiality, integrity, and availability
  
• Security baselining
  
• Security concerns: Humans
  
• Types of threats
  
• Security controls
  
• What is hacking?
  
• Risk management
  
• Data in motion vs. data at rest
  
• Module review
  

2. Network Discovery

• Networking review
  
• Discovery, footprinting, and scanning
  
• Common vulnerabilities and exposures
  
• Security policies
  
• Vulnerabilities
  
• Module review
  

3. Systems Hardening

• What is hardening?
  
• Types of systems that can be hardened
  
• Security baselines
  
• How to harden systems
  
• Hardening systems by role
  
• Mobile devices
  
• Hardening on the network
  
• Analysis tools
  
• Authentication, authorization, and accounting
  
• Physical security
  
• Module review
  

4. Security Architecture

• Security architecture
  
• Network devices
  
• Network zones
  
• Network segmentation
  
• Network Address Translation
  
• Network Access Control
  
• Module review
  

5. Data Security

• Cryptography
  
• Principles of permissions
  
• Steganography
  
• Module review
  

6. Public Key Infrastructure

• Public key infrastructure
  
• Certification authorities
  
• Enabling trust
  
• Certificates
  
• CA management
  
• Module review
  

7. Identity Management

• What is identity management?
  
• Personally identifiable information
  
• Authentication factors
  
• Directory services
  
• Kerberos
  
• Windows NT LAN Manager
  
• Password policies
  
• Cracking passwords
  
• Password assessment tools
  
• Password managers
  
• Group accounts
  
• Service accounts
  
• Federated identities
  
• Identity as a Service
  
• Module review
  

8. Network Hardening

• Limiting remote admin access
  
• AAA: Administrative access
  
• Simple Network Management Protocol
  
• Network segmentation
  
• Limiting physical access
  
• Establishing secure access
  
• Network devices
  
• Fundamental device protection summary
  
• Traffic filtering best practices
  
• Module review
  

9. Malware

• What is malware?
  
• Infection methods
  
• Types of malware
  
• Backdoors
  
• Countermeasures
  
• Protection tools
  
• Module review
  

10. Social Engineering

• What is social engineering?
  
• Social engineering targets
  
• Social engineering attacks
  
• Statistical data
  
• Information harvesting
  
• Preventing social engineering
  
• Cyber awareness: Policies and procedures
  
• Social media
  
• Module review
  

11. Software Security

• Software engineering
  
• Security guidelines
  
• Software vulnerabilities
  
• Module review
  

12. Environment Monitoring

• Monitoring
  
• Monitoring vs. logging
  
• Monitoring/logging benefits
  
• Logging
  
• Metrics
  
• Module review
  

13. Physical Security

• What is physical security?
  
• Defense in depth
  
• Types of physical security controls
  
• Device security
  
• Human security
  
• Security policies
  
• Equipment tracking
  
• Module review
  

14. Incident Response

• Disaster types
  
• Incident investigation tips
  
• Business continuity planning
  
• Disaster recovery plan
  
• Forensic incident response
  
• Module review
  

15. Legal Considerations

• Regulatory compliance
  
• Cybercrime
  
• Module review
  

16. Trends in Cybersecurity

• Cybersecurity design constraints
  
• Cyber driving forces
  
• How connected are you?
  
• How reliant on connectivity are you?
  
• Identity management
  
• Cybersecurity standards
  
• Cybersecurity training
  

17. Course Look Around

• Looking back
  
• Looking forward
  
• Planning your journey
  

Labs

Lab 1: Explore HR Security

Lab 2: Interpret Scanning Results

Lab 3: Harden Servers and Workstations

Lab:4 Security Architecture

Lab 5: Protect Data

Lab 6: Configure a PKI

Lab 7: Manage Passwords

Lab 8: Explore Hardening Recommendations and Known Vulnerabilities

Lab 9: Detect Malware

Lab 10: Social Engineering

Lab 11: Privilege Escalation

Lab 12: Monitor a System

Lab 13: Implement Physical Security

Lab 14: Incident Response

Lab 15: Review Legal Considerations