Professional Documents
Culture Documents
Cyber Security Fundamental Course
Cyber Security Fundamental Course
Cybersecurity Fundamental ○
○
○
Blue, Red & Purple teams
Cryptography (Encryption & Decryption)
Digital Signature & Certificates
○ Security Services - Firewalls, EDR/MDR/DR,
Course Content Email Protection, Cloud, Data, Application
Security etc
○ Security Management & Security Operations
Center (SOC)
○ Incident Response, Business Continuity Plan,
Disaster Recovery
Course developed
Course developed & delivered
& delivered by Haris Chughtai (dc.expert123@gmail.com)
by Haris Chughtai 2
U N D E R STAN D I N G CY B E R S E CU R ITY
CourseCourse
developed & delivered
developed by Haris
& delivered by Chughtai (dc.expert123@gmail.com)
Haris Chughtai (dc.expert123@gmail.com) 3
Why Cybersecurity is important?
Cyberattacks are constantly increasing
► People need to understand the potential risks, their roles and responsibilities, and how their actions can
impact the overall security of the organization
► Process refers to the set of procedures and policies in place to guide the interaction between people and
technology
► Technology refers to the set of cybersecurity technologies deployed to provide the protection. Examples
include Firewalls, SIEM, AntiVirus/Endpoint Protection etc
● https://www.youtube.com/watch?v=n_kKEimNhgY
● Data protection signifies the strategic and procedural steps undertaken to safeguard the privacy, availability, and integrity of
sensitive data, and is often interchangeably used with the term ‘data security.’
○ Accept the risk (ignoring the risks and continuing risky activities)
○ Avoid the risk (ceasing the risky activity to remove the likelihood that an event will occur)
○ Reduce the impact of an event), or transfer the risk (passing risk to a third party)
● In this section we will discuss some of the common cyber threat sources
and the risks they pose to organization’s digital assets
CourseCourse
developed & delivered
developed by Haris
& delivered by Chughtai (dc.expert123@gmail.com)
Haris Chughtai (dc.expert123@gmail.com) 12
Threat Surface Threat Actors & Motivation
Attack Surface Definition: All the parts of your IT network where cyber
criminals could identify security gaps, holes, or other potential
vulnerabilities, and gain access.
https://www.fortinet.com/resources/cyberglossary/types-of-cyber-attacks
CourseCourse
developed & delivered
developed by Haris
& delivered by Chughtai (dc.expert123@gmail.com)
Haris Chughtai (dc.expert123@gmail.com) 17
Digital Encryption
● Encryption is a way to conceal information by altering it so that it appears to be random data.
Encryption is essential for security on the Internet.
● Encryption algorithm is the method used to transform data into ciphertext. Like a physical
key, it locks (encrypts) data so that only someone with the right key can unlock (decrypt) it.
Symmetric - only one key used by sender & Asymmetric - different keys (Public & Private)
receiver for both encryption and decryption are used for encryption and decryption.
Symmetric Encryption
(same Key)
https://www.youtube.com/watch?v=ERp8420ucGs
● Almost all newer application support encryption e.g. Email, WhatsApp, Instagram, Facebook, Signal, Telegram, Web Browsers
etc
● Encryption is especially important for keeping HTTP requests and responses secure. The protocol responsible for this is called
HTTPS (Hypertext Transfer Protocol Secure). A website served over HTTPS instead of HTTP will have a URL that begins with
https:// instead of http://, usually represented by a secured lock in the address bar.
● HTTPS uses the encryption protocol called Transport Layer Security (TLS). In the past, an earlier encryption protocol called
Secure Sockets Layer (SSL) was the standard, but TLS has replaced SSL. A website that implements HTTPS will have a TLS
certificate installed on its origin server.
https://www.youtube.com/watch?v=TImdsUglGv4
https://www.youtube.com/watch?v=WqoJOD9_8WY
● A digital certificate is a file or electronic password that proves the authenticity of a device,
server, or user through the use of cryptography and the public key infrastructure (PKI). Digital
certificate authentication helps organizations ensure that only trusted devices and users can
connect to their networks.
● The Public key infrastructure (PKI) is the set of hardware, software, policies, processes, and
procedures required to create, manage, distribute, use, store, and revoke digital
certificates and public-keys.
https://www.youtube.com/watch?v=0ctat6RBrFo
CourseCourse
developed & delivered
developed by Haris
& delivered by Chughtai (dc.expert123@gmail.com)
Haris Chughtai (dc.expert123@gmail.com) 24
Security Services
● Network Security: Network security focuses on protecting an organization's computer networks
from unauthorized access, attacks, and data breaches. It involves the implementation of firewalls,
intrusion detection and prevention systems, virtual private networks (VPNs), and other technologies to
secure network infrastructure.
● Note: When talking about Network Security, keep in mind that WiFi has replaced many of our wired networks,
mainly because of its ease of use. However it also brings security issues, therefore securing Wi-Fi, e.g., using
WPA2, is very important.
Users accessing
● In this section we will discuss the typical teams and programs run to
protect organization’s digital assets
CourseCourse
developed & delivered
developed by Haris
& delivered by Chughtai (dc.expert123@gmail.com)
Haris Chughtai (dc.expert123@gmail.com) 33
Cybersecurity Management/Governance
● Cybersecurity Management is a typical set of Security Activities Executed by the organization to
maintain their security posture to the adequate level
○ Security Prevention - Assuring security through vulnerability management and penetration testing (Red
& Blue teams)
○ Compliance and Compliance/Validation - Complying and validating with various standards (e.g. NIST,
ISO, GDPR, HIPAA, PCI-DSS, SOC-2, FedRamp etc)
○ Security Operations Center (SOC): 24x7 Monitoring, detecting & responding to the security incidents
► Purple — Purple teams act as an intermediary that allows Red and Blue
teams to communicate. Purple teaming is a cybersecurity testing exercise in
which a team of experts take on the role of both red team and blue team, with
the intention of providing a stronger, deeper assurance activity delivers more
tailored, realistic assurance to the organization being tested.
● Incident Response plan responds to abnormal operating conditions to keep the business
operating
● The Disaster Recovery (DR) plan may include the following components:
○ executive summary providing a high-level overview of the plan
○ department-specific plans
○ technical guides for IT personnel responsible for implementing and maintaining critical
backup systems
○ full copies of the plan for critical disaster recovery team members, and checklists for certain
individuals
Understand the terminologies: High Availability (HA), Fault Tolerance (FT), Single Point of Failure (SPOF)
● Nmap (Network Mapper): A powerful open-source tool for network exploration and ● OpenVAS: The Open Vulnerability Assessment System is a powerful
security auditing. open-source vulnerability scanner.
● Metasploit: A penetration testing framework that helps students develop and execute
● Hashcat: A password recovery tool that supports various hashing
exploit code against a remote target.
algorithms and can be used for password cracking.
● Kali Linux: A Debian-based Linux distribution specifically designed for digital forensics
● Cuckoo Sandbox: An open-source automated malware analysis system
and penetration testing. It comes pre-installed with various cybersecurity tools.
○ One of the best is Kali OS. Inside Kali lot of software are natively available in that can be used to analyze suspicious files and behavior.
there
○ Download its VM from https://www.kali.org/ and run and use there softwares ● OSINT Framework: A collection of various tools and resources for
open-source intelligence (OSINT) gathering.
● OWASP ZAP (Zed Attack Proxy): An open-source security tool for finding vulnerabilities
in web applications during the development and testing phase. ● Volatility: An open-source memory forensics framework that allows
students to analyze volatile memory dumps.
● Burp Suite Community Edition: A set of tools for testing web security. The Community
Edition is free and includes various features for web application security testing. ● Security Onion: A Linux distribution for intrusion detection, network
security monitoring, and log management.
● Ghidra: A software reverse engineering (SRE) framework developed by the National
Security Agency (NSA). It helps students analyze malicious code and understand ● YARA: A pattern-matching tool for identifying and classifying malwar
software internals.
c. Google Cybersecurity Professional - (7 days free, later $49/month with access to all
courses and certifications - Financial aid option available)
2. Do a small project or Lab or use a freely available tools to polish your skills.
a. Here is a list of some of the resources
3. Obtain some career certifications as a proof that you know the stuff
8. Start job Hunting - searching for a job is itself a full time job :-)
Good luck !
Course developed
Course developed & delivered
& delivered by Haris Chughtai (dc.expert123@gmail.com)
by Haris Chughtai 48
Keep learning, keep growing