Operating Systems and Networking Review
- Windows OS Security Configuration
- Linux OS Security Configuration
- Ethernet
- Internet Protocol IPv4/IPv6
- ICMP / Connectivity verification / Command line tools
- Address Resolution
- Transport Layer and Network Services
- Network Devices and Wireless Communications
Network Security Infrastructure
- Network Topologies, Design Models and Common Security Architectures.
- Firewalls, IDS, IPS and Specialised Security Devices
- Network Security Services, ACL’s, SNMP, NetFlow, NTP, AAA and VPN.
Threat Actors, Their Tools, Common Threats and Attacks
- Attack Methods and Tools
- Malware Types, understanding behaviour and purpose
- Reconnaissance, Access, and Social Engineering Attacks
- Denial of Service, Buffer Overflows, and Evasion Methods.
- Network Monitoring Methods and Tools
Attacking the Foundation and What We Do
- IPv4 and IPv6 header structure.
- IP Vulnerabilities.
- TCP and UDP Vulnerabilities.
- IP Service Vulnerabilities.
- Enterprise Service and Application Vulnerabilities
Approaches to Network Security Defence and Access Control.
- Defence-in-depth strategy and how it is used to protect networks.
- Security Policies, Regulations, and Standards.
- How access control protects network data.
- AAA Usage and Operation
Threat Intelligence
- Network Intelligence Communities, SANS, Mitre, (ISC)2.
- Threat Intelligence Services, Cisco Talos, Fireye.
- Common Vulnerabilities and Exposures (CVE) Database.
Cryptography
- Using Cryptography to ensure Integrity and Authenticity of data.
- Enhancing Data Confidentiality using cryptographic approaches.
- Public Key Cryptography.
- Authorities and the PKI (Public Key Infrastructure) Trust System.
- Applications and Impacts of Cryptography in Cybersecurity Operations.
Endpoint Protection and Vulnerability Assessment
- Antimalware Protection and Mitigation
- Host-based Intrusion Prevention/Detection Services
- Application Security and Malware Analysis using a sandbox.
- Network and Server Profiling
- Common Vulnerability Scoring System (CVSS)
- Secure Device Management
- Information Security Management Systems
Technologies and Protocols
- Monitoring and Behaviour of Common Network Protocols
- Security Technologies and how they affect the ability to monitor common network protocols.
Network Security Data and Alert Evaluation
- Network Intrusion Detection Systems (NIDS), Snort, Squil and Squert
- Host-based Intrusion Detection Systems (HIDS), OSSEC and Wazuh.
- Network Packet Capture and Analysis tools.
- Alert Structure and Source.
- Alert Evaluation and Classification
Working with Network Security Data
- Elastic Stack ELK, Data Normalisation, Reduction and Archiving.
- Using Security Onion tools to investigate network data and security events.
- Workflow Management Tools for the Cybersecurity Analyst.
Digital Forensics, Incident Analysis and Response
- Evidence Handling and Attack Attribution.
- The Cyber Kill Chain.
- The Diamond Model of Intrusion Analysis.
- Incident Response Life Cycle, Incident Handling Procedures and their application
