Overview
This course will equip leaners with knowledge of cyber security essentials, threats and vulnerabilities, various security technology products, security operations, and incident response.
Prerequisite
Basic knowledge of how computers and the Internet work
Who can take this course?
- Cyber Enthusiasts
- IT Professionals
- Students & Graduates
- Cybersecurity Internship Seekers
This course includes
- Self-paced; over 10 hours of on-demand video
- 60 days of access to training videos
- 1 lab exercise
- Anytime access (from computer, tablet or mobile phone)
Learning Objectives
At the end of this course, learners will be able to
✓ Discuss different types of cyber threats and their relevance in today’s threat landscape
✓ Categorize cyber threat actors based on their objectives
✓ Discuss threat modelling and its importance to cyber defense
✓ Demonstrate good understanding of vulnerabilities in general and their important elements
✓ Derive a unique identifier for any particular vulnerability based on its published date
✓ Remember how vulnerabilities are rated
✓ Understand the role of vulnerability in cyber attacks
✓ Recall common types of vulnerabilities
✓ Understand and remember common sources of vulnerabilities intelligence
✓ Explain the vulnerability management lifecycle
✓ Discuss cyber-attack tactics, techniques, and procedures
✓ Briefly explain the cyber kill chain model
✓ Briefly explain the Mandiant attack lifecycle
✓ Discuss the MITRE ATT&CK framework while recalling its key tactics and techniques
✓ Discuss each of the data breach incidents covered in terms of what happened, how it happened, why it happened, the business impact, and how it could have been prevented
✓ Discuss the NIST cybersecurity framework and recall its functions and major categories
✓ Describe each of the five functional areas of the framework and the respective key categories
✓ Categorize various cyber security vendors in accordance with the security domains addressed by their specific products
✓ Recall the various layers of cyber defense and their respective security technology solutions
✓ Demonstrate good understanding of the people, process, and technology elements of a (SOC)
✓ Itemize key log sources and explain the logging and log collection process
✓ Discuss the importance of the SIEM to a SOC
✓ Recall the key players in the SIEM market space
✓ Express their career progression options if they ever end up working in a SOC
✓ Demonstrate good understanding of security alerts
✓ Define alert use cases and describe how they are developed
✓ Discuss actionable reports and how to derive the best value out of them
✓ Demonstrate good understanding of the tasks undertaken by SOC analysts on daily basis
✓ Recall all the phases of incident response and what goes on in each phase
✓ List some of the important tools to have in an incident response jump kit
✓ State and discuss some of the key factors that affect incident categorization
✓ Interpret an incident response workflow
✓ Demonstrate good understanding of the values that managed security service providers (MSSPs) bring to the table and key considerations for outsourcing
✓ Differentiate between an MSSP and a managed detection and response (MDR) service provider
✓ State key reasons why an organization might want to consider subscribing to an incident response retainer service
✓ List the features and benefits of an internally developed and delivered threat intelligence service
Course Curriculum
-
Lecture 1: Introduction
(2:32)
-
Lecture 2: Overview of NICE Workforce Framework
(5:42)
-
Lecture 3: Important NICE Framework Elements
(2:32)
-
Lecture 4: What is Cyber Security?
(8:17)
-
Lecture 5: Professional Certifications
(14:15)
-
Lecture 6: Knowledge Acceleration Channels
(4:03)
-
Lecture 7: Why Does it Even Matter?
(3:35)
-
Lecture 8: Financial Services: JP Morgan Chase
(2:56)
-
Lecture 9: Healthcare: John Hopkins Medicine
(2:03)
-
Lecture 10: News & Media: The BBC
(2:09)
-
Lecture 11: Oil and Gas: Exxon Mobil
(2:28)
-
Lecture 12: Retail: Tesco
(1:17)
-
Lecture 13: Technology: Facebook
(2:11)
-
Lecture 15: Overview
(2:08)
-
Lecture 16: People, Process and Technology
(2:49)
-
Lecture 17: Governance Structure
(1:30)
-
Lecture 18: Overarching Security Policy
(2:55)
-
Lecture 19: Business Aligned Issue-Specific Policies
(1:59)
-
Lecture 20: Security Standards
(2:14)
-
Lecture 21: Fundamentals of Networking
(5:46)
-
Lecture 22; Common Networking Services and Protocols
(8:50)
-
Lecture 23: Overview of the OSI Model
(5:20)
-
Lecture 24: IP Addressing Basics
(3:30)
-
Lecture 25: IP Subnetting Basics
(10:47)
-
Lecture 26: TCP 3-Way Handshake Process
(10:13)
-
Lecture 27: Network Traffic and Packet Analysis - Wireshark Demo
(11:23)
-
Lecture 28: Key Elements of an Enterprise Network
(3:07)
-
Lecture 29: Understanding Cisco Three-Layer Hierarchical Model
(4:40)
-
Lecture 30: Introduction to the Defense-In-Depth Model
(5:38)
-
Lecture 31: Summary
(4:03)
-
Module 1 - Practice Questions
-
Lecture 32: Cyber Threat Essentials
(3:01)
-
Lecture 33: Overview of Cyber Threats
(8:44)
-
Lecture 34: Global Cyber Threat landscape
(3:05)
-
Lecture 35: Types of Threat Actors
(2:24)
-
Lecture 36: Cybercriminals
(3:17)
-
Lecture 37: Non-Adversarial Employee
(3:51)
-
Lecture 38: Nation State Actors
(3:50)
-
Lecture 39: Hacktivists
(2:19)
-
Lecture 40: Adversarial Employee
(2:14)
-
Lecture 41: Threat Modelling Fundamentals
(5:25)
-
Lecture 42: Threat Modelling - STRIDE
(5:17)
-
Lecture 43: Overview of Vulnerabilities
(8:27)
-
Lecture 44: Vulnerability Naming Standard
(4:59)
-
Lecture 45: Vulnerability Scoring System
(8:52)
-
Lecture 46: Role of Vulnerability in the Attack Triangle
(4:34)
-
Lecture 47: Common Types of Vulnerabilities – Part 1
(7:45)
-
Lecture 48: Common Types of Vulnerabilities – Part 2
(6:24)
-
Lecture 49: Sources of Vulnerability Intelligence
(4:58)
-
Lecture 50: The Vulnerability Management Lifecycle
(5:33)
-
Lecture 51: Practical Demonstration of Vulnerability Discovery and Analysis
(6:05)
-
Lecture 52: Cyber Attack Tactics, Techniques and Procedures
(2:37)
-
Lecture 53: Cyber Kill Chain
(6:51)
-
Lecture 54: Mandiant Attack Lifecycle
(2:58)
-
Lecture 55: MITRE ATT&CK Framework
(6:39)
-
Lecture 56: The Hacking Team
(12:56)
-
Lecture 57: Capital One
(6:12)
-
Lecture 58: Ashley Madison
(5:14)
-
Lecture 59: British Airways
(4:10)
-
Lecture 60: American Medical Collection Agency (AMCA)
(3:43)
-
Lecture 61: Equifax
(5:47)
-
Lecture 62: Section 2 Summary
(3:51)
-
Module 2 - Practice Questions
-
Lecture 63: Section 3 Overview
(3:47)
-
Lecture 64: The NIST Cybersecurity Framework
(6:45)
-
Lecture 65: Identify
(3:47)
-
Lecture 66: Protect
(3:52)
-
Lecture 67: Detect
(1:47)
-
Lecture 68: Respond
(1:47)
-
Lecture 69: Recover
(2:16)
-
Lecture 70: The "Protect" Categories and Technologies
(2:46)
-
Lecture 71: Application Security Overview
(12:25)
-
Lecture 72: Web Application Firewall
(12:25)
-
Lecture 73: Application Security Testing Techniques and Products
(13:09)
-
Lecture 74: Data Security Overview
(6:08)
-
Lecture 75: Data Encryption and Key Management
(7:20)
-
Lecture 76: Data Masking and Tokenization
(7:34)
-
Lecture 77: Data Leakage Prevention (DLP)
(10:09)
-
Lecture 78: Digital Rights Management
(3:47)
-
Lecture 79: Endpoint Protection Platform lock
(16:34)
-
Lecture 80: Application Whitelisting
(4:19)
-
Lecture 81: File Integrity Monitor
(3:54)
-
Lecture 82: Full Disk Encryption
(2:30)
-
Lecture 83: Network Security Overview
(10:44)
-
Lecture 84: Intrusion Protection Systems (IPS)
(5:51)
-
Lecture 85: Network Access Control (NAC)
(3:06)
-
Lecture 86: Secure Web Gateway
(8:56)
-
Lecture 87: Secure Email Gateway
(5:43)
-
Lecture 88: Cloud Security Overview
(9:30)
-
Lecture 89: Cloud Access Security Broker (CASB)
(7:20)
-
Lecture 90: Cloud Security Posture Management
(5:33)
-
Lecture 91: Section 3 Summary
(4:25)
-
Module 3 - Practice Questions
-
Lecture 92: Overview of the SOC
(7:59)
-
Lecture 93: Log Sources and Events Collection
(10:27)
-
Lecture 94: Security Information and Events Management (SIEM)
(7:20)
-
Lecture 95: Career Progression Path in a SOC
(5:18)
-
Lecture 96: SOAR
(6:26)
-
Lecture 97: Maintaining Situational Awareness
(5:19)
-
Lecture 98: Security Alerts
(3:04)
-
Lecture 99: Alerts Use Cases: Privileged account
(2:48)
-
Lecture 100: Alerts Use Cases: Data Leakage Prevention
(1:50)
-
Lecture 101: Alerts Use Cases: Lateral Movement
(2:28)
-
Lecture 102: Alerts Use Cases: C2
(2:32)
-
Lecture 103: Actionable Reports
(10:39)
-
Lecture 104: A Day in the Life of a SOC Analyst
(6:09)
-
Lecture 105: Overview of Incident Response
(4:31)
-
Lecture 106: Incident Response: Prepare
(4:28)
-
Lecture 107: Incident Response: Detect & Analyze
(3:21)
-
Lecture 108: Incident Response: Containment, Eradication, Recovery
(3:01)
-
Lecture 109: Incident Response: Post Incident
(1:38)
-
Lecture 110: Incident Response Jump Kit
(3:33)
-
Lecture 111: Incident Categorization and Process Workflow
(5:36)
-
Lecture 112: Using a SIEM - Practical Demonstration
-
Lecture 113: Incident Response Scenarios
-
Lecture 114: Managed Security Services Provider (MSSP
(7:10)
-
Lecture 115: Managed Detection and Response (MDR) Service
(4:12)
-
Lecture 116: Incident Response Retainer Service
(5:02)
-
Lecture 117: Cyber Threat Intelligence Service
(3:13)
-
Lecture 118: Section 4 Summary
(6:15)
-
Module 4 - Practice Questions
Cyber Defense Lab
Our lab environment closely mirrors the real-world business environment where students get to play the role of a cyber security professional.
Unique Cyber Security Challenges!
Solve real world cyber security challenges by following structured incident response steps