This document outlines a practical curriculum for cyber security fundamentals. It contains 11 modules that cover topics such as threats and vulnerabilities, security attacks, identification and authentication, network security controls, application security, wireless and IoT security, data security, network troubleshooting, and log monitoring and incident response. Each module includes an overview and multiple hands-on labs to teach related skills and techniques through practical exercises. The goal is to provide a comprehensive yet practical introduction to cyber security concepts, tools, and best practices.
This document outlines a practical curriculum for cyber security fundamentals. It contains 11 modules that cover topics such as threats and vulnerabilities, security attacks, identification and authentication, network security controls, application security, wireless and IoT security, data security, network troubleshooting, and log monitoring and incident response. Each module includes an overview and multiple hands-on labs to teach related skills and techniques through practical exercises. The goal is to provide a comprehensive yet practical introduction to cyber security concepts, tools, and best practices.
This document outlines a practical curriculum for cyber security fundamentals. It contains 11 modules that cover topics such as threats and vulnerabilities, security attacks, identification and authentication, network security controls, application security, wireless and IoT security, data security, network troubleshooting, and log monitoring and incident response. Each module includes an overview and multiple hands-on labs to teach related skills and techniques through practical exercises. The goal is to provide a comprehensive yet practical introduction to cyber security concepts, tools, and best practices.
Module 01 - Information Security Threats and Vulnerabilities1
Overview of Threats and Vulnerability2 o Lab 01: Create a Trojan to Gain Access to the Target System3 o Lab 02: Create a Virus to Infect the Target System13 o Lab 03: Create a Worm using the Internet Worm Maker Thing23 o Lab 04: User System Monitoring and Surveillance using Spytech SpyAgent32 o Lab 05: Find Vulnerabilities on Exploit Sites48 o Module 02 - Information Security Attacks55 o Overview of Information Security56 o Lab 01: Perform a Man-in-the-Middle (MITM) Attack using Cain & Abel58 o Lab 02: Perform MAC Flooding using macof68 o Lab 03: Perform a DoS Attack on a Target Host using hping374 o Lab 04: Perform an SQL Injection Attack Against MSSQL to Extract Databases using sqlmap83 o Lab 05: Perform Parameter Tampering using Burp Suite96 o Lab 06: Audit System Passwords using John-the-Ripper106 o Lab 07: Perform Social Engineering using Various Techniques to Sniff Users' Credentials112 o Lab 08: Crack a WPA2 Network using Aircrack-ng124 o Lab 09: Hack an Android Device by Creating Binary Payloads126 o Lab 10: Exploit Open S3 Buckets using AWS CLI139 Module 03 - Identification, Authentication, and Authorization149 o Overview of Identification, Authentication and Authorization150 o Lab 01: Implement Access Controls in Windows Machine151 o Lab 02: Manage Access Controls in Linux Machine166 o Lab 03: Implement Role-Based Access Control in Windows Admin Center (WAC)175 o Lab 04: Implement Centralized Authentication Mechanism193 Module 04 - Network Security Controls - Administrative Controls213 o Overview of Security Policy214 o Lab 01: Implement Password Policies using Windows Group Policy215 o Lab 02: Implement Auditing Policies232 o Lab 03: Implement a Secure Network Policy249 o Lab 04: Implement a PowerShell Security Policy262 Module 05 - Network Security Controls - Technical Controls283 o Overview of Technical Control284 o Lab 01: Implement Host-based Firewall Protection with iptables286 o Lab 02: Implement Host-based Firewall Functionality Using Windows Firewall290 o Lab 03: Implement Network-Based Firewall Functionality: Block Unwanted Website Access using pfSense307 o Lab 04: Implement Network-Based Firewall Functionality: Block Insecure Ports using pfSense Firewall319 o Lab 05: Implement Host-based IDS functionality using Wazuh HIDS338 o Lab 06: Implement Network-based IDS Functionality using Suricata IDS352 o Lab 07: Detect Malicious Network Traffic using HoneyBOT383 o Lab 08: Establish Virtual Private Network Connection using SoftEther VPN390 o Lab 09: Scan System for Viruses using Kaspersky Internet Security406 Module 06 - Network Security Assessment Techniques and Tools413 o Overview of Network Security Assessment414 o Lab 01: Collect Data through Search Engines415 o Lab 02: Gather Threat Intelligence Feed using threatfeeds.io430 o Lab 03: Perform Vulnerability Research in Common Weakness Enumeration (CWE)435 o Lab 04: Perform Vulnerability Assessment to Identify Security Vulnerabilities in the Target System o441 Module 07 - Application Security449 o Overview of Application Security450 o Lab 01: Implement Application Whitelisting using AppLocker452 o Lab 02: Blacklist Application using ManageEngine Desktop Central473 o Lab 03: Perform Application Sandboxing using Sandboxie488 o Lab 04: Detect Web Application Vulnerabilities using OWASP ZAP493 o Lab 05: Detect Injection Vulnerability using Burp Suite499 o Lab 06: Determine Application-Level Attacks514 o Lab 07: Perform Web Server Footprinting using Various Footprinting Tools527 Module 8 - Wireless Network Security619, IoT and OT Security661 o Overview of Wireless Network Security620 o Lab 01: Configure Security on a Wireless Router621 o Lab 02: Implement Enterprise Mobile Security using Miradore MDM Solution637 o Lab 03: Secure IoT Device Communication using TLS/SSL663 Module 9 - Data Security735 o Overview of Data Security736 o Lab 01: Perform Disk Encryption using BitLocker Drive Encryption738 o Lab 02: Perform Disk Encryption using VeraCrypt745 o Lab 03: Implement Built-in File System-level Encryption on Windows752 o Lab 04: Perform Data Backup using Genie Backup Manager757 o Lab 05: File Recovery using EaseUS Data Recovery Wizard765 o Lab 06: Back Up and Restore Data in Windows770 o Lab 07: Perform Data Destruction using Windows DiskPart Utility783 Module 10- Network Troubleshooting789 o Overview of the Network Troubleshooting790 o Lab 01: Network Troubleshooting using Command Line Utilities and Tools791 o Lab 02: Network Troubleshooting using Nmap800 o Lab 03: Network Troubleshooting using Hping3807 o Lab 04: Access Remote Machine using PuTTY811 o Lab 05: Intercept Network Traffic using Wireshark and tcpdump817 o Lab 06: Apply Various Filters in Wireshark830 o Lab 07: Analyze and Examine Various Network Packet Headers in Linux using tcpdump838 o Lab 08: Scan Network to Identify Hosts in the Local Network844 Module 11 - Network Logs Monitoring and Analysis853 and Incident Response873
o Overview of Logs Monitoring and Analysis854
o Lab 01: Configure, View, and Analyze Windows Event Logs855 o Lab 02: View and Analyze Windows Logs862 o Lab 03: View and Analyze Linux Logs866 o Lab 04: Conduct Security Checks using buck-security on Linux875 o Lab 05: Analysis and Validation of Malware Incident879 o Lab 06: Implement Policies using Group Policy Management Console886