Cyber Security Job Seeker’s Package

Security Fundamentals

• Need of Cybersecurity
• CIA Triad
• Zero Trust 

Security Architecture

• Security Architecture Considerations 
• Security Polices, Standards, Guidelines and Procedures 
• Security Governance
• Security Auditing
• Regulations & Frameworks
• Ethical Hacking
• Types of Hackers

Types of Cybersecurity Attacks

Signs of Attacks

• Indicators of Malicious Activity 

Malware Attacks

• Viruses
• Worms
• Trojans
• Ransomware

Phishing & Social Engineering

• Phishing
• Spear Phishing
• Smishing & Vishing
• Business Email Compromise 

Network Attacks

• Denial of Service (DoS) & Distributed Denial of Service (DDoS)
• Man-in-the-Middle (MitM) Attack
• Session Hijacking

Web & Application Attacks

• SQL Injection (SQLi)
• Cross-Site Scripting (XSS)
• Zero-Day Exploits

Firewall

• What is a Firewall?
• Types of Firewalls
• Packet Filtering Firewalls
• Stateful Inspection Firewalls
• Proxy Firewalls
• Next-Generation Firewalls (NGFWS)
• Load Balancer
• Attack Surface 
• VPN
• What is Penetration Testing?
• Types of Penetration Testing
• Footprinting
• Mitre Attack
• Cyber Kill Chain

Metasploit

• Introduction to Metasploit framework
• Feature of Metasploit
• Metasploit Architecture
• Metasploit Workflow

Linux

• Explanation of what Linux is and its origins.
• Different Linux distributions (distros) and their purposes.
• Advantages of Linux over other operating systems.
• Overview of the Linux file system hierarchy.
• Key directories and their functions (e.g., /home, /etc, /bin, /var).
• Essential commands:Ls,Cd,Pwd,Mkdir, Touch, Cp,Mv,Rm,Cat,nano or vim,chmod,chown
• Briefly discuss the concept of sudo and superuser (root) privilege

Hands-On

• Practical on different commands

Topics

• Ciphers
• Types of cryptography
• Symmetric cryptography
• Asymmetric cryptography
• Hashing
• Hashing Algorithms
• Hash functions
• Digital signatures
• Public Key Infrastructure (PKI)
• Attacks on cryptosystems

Common Security Techniques

• Hardening Devices
• Security Monitoring 

Hands-On

• Generating and identifying hashes
• Signing a file with digital signatures

Topics

• Introduction to Computer Network
• Computer Networks – Architecture
• Layered architecture
• Open Systems Interconnect (OSI) Model
• Transmission Control Protocol/Internet Protocol (TCP/IP)
• Network Scanning
• Enumeration

Hands-On

• Identify the Network Routes in the System
• DNS lookup and reverse lookup
• Network Path tracing
• Network Analysis
• Network scanning
• Enumeration

Topics

• Web server architecture
• Web server attacks
• Countermeasures and patch management
• Web application architecture
• Web application attacks

Hands-On

• Capturing session ID with Burp Suite
• Local File Inclusion on bWAPP

Topics

• Authentication and authorization
• Authentication and authorization principles
• Regulation of access
• Access administration
• IAM
• Provisioning Users
• Multifactor Authentication
• Password protection
• Identity theft

Hands-On

• Adding and granting permissions to users in Linux
• Identifying phishing websites

Topics

• Vulnerability Analysis
• Types of Vulnerability Analysis
• Hardware Vulnerabilities 
• Cloud-specific Vulnerabilities
• Zero-day Vulnerabilities
• Cryptographic Vulnerabilities 
• System Hacking
• Password Cracking
• Privilege escalation
• Executing Applications
• Hiding Files
• Clearing Logs

Vulnerability Management

• Vulnerability Assessment Lifecycle
• Vulnerability Assessment Tools
• Vulnerability Scoring Systems
• Vulnerability Assessments Report
• Vulnerability Scan
• Bug Bounty Program
• False Positive vs. False Negative

Securing IT Assets

• Hardening Techniques

Hands-On

• Scan and Find the vulnerabilities with tools
• Password Breaking
• Install keyloggers and capture keystrokes
• Hacking Labs

Topics

• Malware and its propagation ways
• Malware components
• Types of malware
• Concept of sniffing
• Types of sniffing
• Types of sniffing attacks
• SQL injection
• Types of SQL injection
• SQL injection Methodologies

Hands-On

• Create a trojan by using msfvenom
• Sniff network packets Using Wireshark
• Bypass Authentication using SQL Injection

Topics

• DoS attack
• Common symptoms of DoS/DDoS attack
• Categories of DoS/DDoS Attack Vectors
• DoS/DDoS detection techniques
• Session hijacking
• Application level session hijacking
• Network level session hijacking
• Intrusion Detection System (IDS)
• Types of Intrusion Detection Systems
• Introduction to Firewalls
• Types of Firewalls
• Introduction to Honeypots
• Evading IDS

Hands-On

• DoS Attack using LOIC Tool
• Cross-site Scripting attack
• Demonstration on cookie stealing
• Hijacking

Topics

• Recognizing phishing emails
• Email attachments and links
• Email encryption basics
• Types of social engineering attacks
• Recognizing and defending against social engineering

Hands-On

• Analysis of Phishing mail
• Demonstrate social engineering attack

Topics

• Threat intelligence sources and feeds
• Threat hunting techniques
• SIEM tools and capabilities
• Types of logs 
• Log management and correlation
• Building and customizing SIEM rules
• Incident detection and classification
• Incident response planning and procedures
• Digital forensics basics

Hands-On

• Demonstrate any SIEM tools