Course curriculum

  • 1

    Introduction to Certified Cybersecurity Expert

    • Introduction to Certified Cybersecurity Expert
  • 2

    Overview of Cybersecurity

    • What is Cybersecurity

    • Differences between Cybersecurity and Information Security

    • Common Cybersecurity terms

    • Physical and logical security

    • Malicious Actors and their goals

    • Why Cybersecurity - overview of cybersecurity threats and risks

    • Role of Cloud Computing in Cybersecurity

    • Principles of design and implementation of security mechanisms
  • 3

    Types of Cybersecurity Attacks and Threats

    • Malware

    • Spyware and Adware

    • Ransomware

    • Social Engineering

    • Phishing

    • Brute Force Attacks

    • Man-in-the-middle Attacks

    • DoS and DDoS Attacks

    • Network Attacks
  • 4

    Cybersecurity Job Functions

    • Players/Stakeholders in Cybersecurity

    • Cybersecurity career opportunities

    • Cybersecurity organization structure

    • Security team composition

    • Role of a Cybersecurity professional in general

    • Role of a Security Analyst

    • Role of a CISO (Chief Information Security Officer)
  • 5

    Types of Security

    • Security layers and vulnerabilities

    • Administrative security

    • Logical security

    • Data security

    • Security Operations (SecOps)

    • Network security

    • Database security

    • Web security

    • Attacks, exploits and preventive methods
  • 6

    Reconnaissance

    • Passive Reconnaissance

    • Active Reconnaissance

    • Identifying and mitigating risks with reconnaissance

    • Legal and ethical considerations of reconnaissance
  • 7

    Defensive Security

    • Need for Defensive Cybersecurity techniques

    • Security controls

    • Data Loss prevention Systems (DLP)

    • Intrusion Detection System (IDS) and Intrusion Prevention System (IPS)

    • Anti-malware and anti-virus software

    • Identifying attack surface

    • Honeypot and DMZ

    • Defensive security by anonymity and pseudonymity

    • Backup as the insurance against attacks
  • 8

    Offensive Security and Reverse Engineering

    • Overview of Offensive Cybersecurity techniques

    • Penetration Testing Overview

    • Threats and Threat Profiling

    • Advanced Persistent Threats

    • Exploitation

    • Reverse Engineering concepts

    • Red Team, Blue Team, Purple Team

    • Metadata Analysis

    • Malware Analysis

    • Phishing Analysis
  • 9

    Cybersecurity Tools and Software

    • Using open-source tools

    • Using commercial off-the-self tools

    • Using virtualization for Cybersecurity work

    • Cybersecurity OS Distributions - Kali Linux, Parrot OS

    • Cybersecurity test environments

    • Licensing considerations
  • 10

    Encryption and Cryptography

    • Basic concepts of cryptography

    • Cryptographic ciphers (Symmetric and Asymmetric)

    • Encryption algorithms

    • Data encryption and key management

    • Attacks against encryption

    • Certificates

    • Public Key Infrastructure (PKI)

    • Certificate management
  • 11

    Identity and Access Management

    • Identity and Access Management overview

    • Authentication and authorization

    • Single sign-on and federated identity

    • Identity Governance and Administration

    • Authentication protocols

    • Single-Factor and multi-factor authentication
  • 12

    Cybersecurity Processes

    • Cybersecurity Management Processes

    • Secure application development and deployment

    • Change and release management

    • Automation for Cybersecurity

    • QA process for Cybersecurity
  • 13

    Cyber Forensics

    • Need for Cyber Forensics

    • Principles of Cyber Forensics

    • Digital Evidence - collection and analysis

    • Fingerprinting

    • Log analysis

    • Mobile Forensics

    • Using Cyber Forensics in law enforcement

    • Ethical Considerations in Cyber Forensics

    • Role of Human Intelligence (HUMINT) in Cyber Forensics
  • 14

    Network Security and System Hardening

    • Network protocols and architecture

    • Network security best practices

    • Network Defense and Countermeasures (NDC)

    • Firewalls, IDS, and IPS for Network Security

    • Reverse proxies

    • Virtual Private Networks (VPN) and secure remote access

    • DMZ and virtual hosts

    • Endpoint Security

    • Network packet analysis

    • System hardening

    • Patch management
  • 15

    Wireless Security

    • Wireless security best practices

    • WAP security - Part 1

    • WAP security - Part 2

    • Wireless live packet capture

    • Wireless packet capture analysis

    • Type of attacks malicious actors do on wireless networks
  • 16

    Cyber Threat Intelligence

    • Understanding the threat landscape

    • Types of Threat Intelligence

    • Gathering and analyzing threat intelligence data

    • Users of Threat Intelligence

    • Using threat intelligence to improve security
  • 17

    Ethical Hacking and Penetration Testing (Pen Test)

    • Purpose of Ethical Hacking

    • White Hat vs Black Hat hackers

    • Phases in Ethical Hacking

    • Exploitation techniques

    • Ethical Hacking for application security

    • Ethical Hacking for hardware security
  • 18

    Advanced Concepts

    • Multi-Layer Security

    • SIEM

    • Attack Vectors

    • Mobile endpoint security

    • Root Cause Analysis

    • Internet of Things (IoT) security

    • Edge Computing and Cybersecurity

    • Cyber Warfare

    • Blockchain Security

    • Incident Response and Disaster Recovery
  • 19

    Ethics, Compliance, and Standards

    • Overview of regulatory compliance

    • Commonly used security standards and frameworks

    • Cyber Laws

    • Ethics for a Cybersecurity Professional
  • 20

    Study Material

    • Study Material