Pre-work (Optional)
This course is suitable for individuals with limited experience in IT and Technology or those outside these fields. It provides the essential fundamentals needed for the program, enabling a streamlined learning journey.
Module 1: Introduction to Cybersecurity -2 weeks
Acquire essential knowledge in Risk Management, Cryptography, and emerging trends in cybersecurity.
- Careers in Cybersecurity
- Introduction to CIA triad
- Basics of Authentication
- Risk Management
- Emerging trends - Artificial Intelligence & Cybersecurity, Operations Technology & Internet Of Things,
- Global Cyber warfare
- Understanding Cryptography
- Cryptocurrency & blockchain
- Gain insights on Importance of Cybersecurity
- Develop the ability to choose the appropriate authentication methods
- Identify & assess different types of Risks
- Gain hands-on experience or practical exercises using AI-driven tools for cybersecurity use cases
- Discover the different patterns in the Cyber Attacks going on as a part of Global Cyber Warfare
- Familiarize yourself with the cryptocurrency transactions & the crypto payment ecosystem in today's cyber world.
Module 2:Network Security & Firewall essentials - 3 Weeks
Skill yourself with Network security concepts and experience network security tools such as firewall for safeguarding your assets.
- Networking basics - OSI Model, IP addressing, TCP/IP, Network services, Public/ Private IP, load balancing, Proxy
- Wireshark
- Network segmentation
- Virtual Private Network (VPN)
- Next Generation Firewall (NGFW)
- Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)
- Develop the most in demand skills in a majority of IT job roles such as Networking & Network security
- Practice the skill of capturing and analyzing network traffic for cyber investigations & troubleshooting
- Understand the implementation of VPN for securing the remote workforce
- Explore the Next Generation Firewall (NGFW) for network security
- Distinguish between security technologies like IDS & IPS and their usage
Module 3 : Understanding Modern Cyber Attacks - 2 Weeks
Discover the cyber attack methodology and learn to view attacks from the lens of an attacker.
- MITRE ATT&CK
- Cyber Kill Chain
- APT (Advanced Persistent Threats)
- Ransomware Attacks & Cyber Insurance
- Attacks on Cryptography
- Attacks on Users
- Attacks on Networks
- Attacks on Endpoint
- Attacks on Applications
- Attacks on Data
- Attacks on Cloud
- Understand adversary Tactics,Techniques and Procedures to enhance threat detection and response strategies.
- Identify and disrupt cyber threats by understanding the different stages of a cyber attack
- Recognize and defend against highly skilled and motivated attackers with persistent access
- Mitigate financial risks from ransomware incidents through effective cyber insurance strategies
- Secure cryptographic systems by identifying and mitigating vulnerabilities and weaknesses
- Develop comprehensive security strategies to protect critical components against various attack vectors.
Module 4: Designing Security Controls - 3 Weeks
Discover effective methods for recognizing and applying appropriate cybersecurity strategies to combat diverse cyber threats.
- Types of security controls
- Endpoint security controls- Antivirus, Endpoint Detection and Response (EDR), Extended Detection and Response (XDR)
- Identity and Access Management (IDAM)
- Security Awareness
- Data Security Controls - Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), Data Encryption, Masking
- Authentication Implementation
- Deep dive into Security Information and Event Management (SIEM)
- Threat Intelligence
- Incident Response
- Incident Response Playbooks
- Differentiate between the types of security controls & their implementation
- Delve deeper into the protection mechanisms for endpoints such as Laptops, Desktops & Servers
- Identify & classify different types of Data. Configure policies for preventing data leakage from enterprise networks
- Monitor the signs of ongoing cyber attacks within a network with alerts from authentication servers
- Learn about continuous security monitoring with advanced threat detection
- Learn to proactively gather actionable intelligence & stay informed about the threat landscape
- Plan to respond to incidents and understand the incident response lifecycle
Module 5: Governance, Risk and Compliance -2 weeks
Gain understanding of various standards, regulations and frameworks to help build a strong organizational security posture.
- ISO 27001:2022
- Regulations, standards, and legislation
- General Data Protection Regulation (GDPR)
- Digital Data Protection Act (DPDP)
- Payment Card Industry Data Security Standard (PCI DSS)
- Digital Operational Resilience Act (DORA)
- Understanding Audit Process
- Conducting an internal audit
- Certification Audits
- Third-party risk management
- Comprehend the compliance requirements in relation to the security standards such as ISO 27001
- Have technical expertise in documenting the requirements for dat protection standards & laws such as GDPR, and DPDP
- Recognize the need for security specific to Financial sector by studying the intricacies of DORA
- Practice the preparation of internal audits and how to conduct them yourself confidently
- Recognize and treat the risks associated with supply chain management
Module 6: Cloud Security -2 weeks
Delve deeper into cloud security controls and understand the methodology behind securing data on cloud.
- Cloud Security in different platforms
- Cloud platform and Infrastructure Security
- Securing Data on Cloud
- Incident Detection and Response in Cloud
- Implement robust security measures tailored to Microsoft Azure for enhanced protection
- Safeguard cloud infrastructure against cyber threats and vulnerabilities through effective security controls.
- Ensure the confidentiality, integrity, and availability of data stored on cloud platforms through encryption, access controls, and data loss prevention measures.
- Detect and respond to security incidents in cloud environments promptly to minimize impact and protect sensitive assets
Module 7: Penetration Testing -4 weeks
Equip yourself with a solid grasp of penetration testing methodologies and gain hands-on experience through interactive video and workbooks, ensuring industry readiness.
- Introduction to Penetration Testing
- Techniques of Penetration Testing
- Infrastructure Penetration Testing
- OWASP Top 10 & Application Security
- Web Application Penetration Testing
- Practice the fundamental skills of penetration testing
- Differentiate between different methods used while performing the penetration tests
- Scanning the internal infrastructure and exploiting vulnerabilities to secure the network
- Have an understanding of application security vulnerabilities such as OWASP Top 10
- Understand how pentesting of a web application differs from Infrastructure penetration testing
Optional: Capstone Project -2 weeks
Test your knowledge from the cybersecurity program.
- Setting up Security Operations & Monitoring using SIEM
- Planning Security Operations & Monitoring using Risk Control mapping
- Research and Prepare your analysis whether ChatGPT or Gemini should be allowed by an organization
Additional Self Paced: CompTIA Security+
Get ready for the CompTIA Security+ certification exam.
- General Security Concepts
- Threats, Vulnerabilities, and Mitigations
- Security Architecture
- Security Operations
- Security Program Management
- Prepare for the Security+ exam by learning about the key concepts.
- Get complete coverage of the domains measured in the Security+ examination.
- Recap the concepts learned in the mandatory modules with a specific focus on the Security+ certification exam
- Utilize the question bank to practice important concepts
Additional Self Paced Module: Python for Cybersecurity Professionals
Learn to use Python for cybersecurity
- Introduction to Python
- Network analysis with Python
- Cracking passwords with Python
- Encryption with Python
- Learn to use python to perform and automate tasks.
- Understand the usage of python programming for network analysis, password cracking and encryption.