Course Syllabus
Introduction to Cybersecurity & CIA Triad
Security Domains & Roles (Blue/Red/Purple)
Threat Landscape & Kill Chain
ATT&CK & D3FEND Frameworks
TCP/IP, Ports & Protocols
Routing, VLANs, Firewalls, NAT
Windows & Linux Security Basics
System Hardening & Baselines
Malware Types & Behavior
Phishing & Social Engineering
Privilege Escalation & Lateral Movement
Ransomware & Supply-Chain Attacks
Vulnerability Mgmt Lifecycle
Scanning with Nmap, Nessus/OpenVAS
Patch Mgmt & Remediation
CIS Benchmarks & STIGs
Log Sources (OS, Network, Cloud)
SIEM Concepts (Use Cases, Correlation)
Hands-on: Splunk / ELK Queries
Alert Tuning & False Positives
IR Lifecycle (Prep, Detect, Contain…)
Playbooks & Runbooks
Triage & Evidence Handling
Post-Incident Review & Metrics
Forensic Process & Chain of Custody
Disk, Memory & Network Forensics
Tools: Autopsy, Volatility, Wireshark
Timeline & Artifact Analysis
IAM, SSO, MFA & RBAC
Password Hashing & Cracking Basics
PKI, TLS, Certificates
Data Encryption at Rest/In Transit
Shared Responsibility Model
AWS/Azure Logging & Guardrails
Kubernetes & Container Hardening
Cloud Threat Detection (CSPM/CWPP)
Zero Trust & Network Segmentation
Secure SDLC & Code Review
Web/App Security (OWASP Top 10)
Pentesting Basics & Reporting
Risk Assessment & Treatment
Policies, Standards & Procedures
Frameworks: NIST CSF, ISO 27001
Privacy & Regulations (GDPR, PCI-DSS)
Wireshark, Zeek, Suricata
Burp Suite, Metasploit, OpenVAS
EDR/XDR & SOAR Fundamentals
Automation with Python/Bash & APIs
Hypothesis-Driven Hunting
Behavioral Analytics & UEBA
YARA & Sigma Rules
Threat Intel (STIX/TAXII)
Blue-Team Labs (SIEM, IR Scenarios)
Case Studies & Breach Reports
Capstone: End-to-End IR & Hunt
Interview Prep & Certifications (Sec+, CYSA+, SOC)