Cyber Security Roadmap

ADVANCED DIPLOMA
IN CYBER DEFENCE
Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

All rights reserved.
Overview of
Advanced Diploma In Cyber Defense
Defensive cybersecurity is the best ever remedy to prevent

information and data exploitation from cyber threats and attacks.
Organizations strive to combat emerging security threats continually
in all formats and sizes. Cyber defense forms an integral part of
safeguarding organizational security that involves intensive
know-how of security evaluation methods, preventive measures,
tools and best practices to craft actionable solutions. Advanced
Diploma in Cyber Defense (ADCD) is a comprehensive cyber
security training and certification course from RedTeam Hacker
Academy that helps cyber security aspirants and working security
professionals to gain a competitive edge in assessing pentesting
currently deployed organizational security components across
systems, network and cloud and formulating foolproof defensive
security systems using artificial intelligence (AI) and machine
learning (ML) based methodologies. Exclusively designed to induce
practical based learning in the most crucial domain in information
security, ADCD illustrates vital elements of ICT infrastructure,
network, power of Linux in ethical hacking, enterprise network
security, blue teaming processes, and SOC along with international
security compliance and standards.

RTHA’s ADCD cybersecurity program covers explaining penetration testing and ethical hacking
techniques adopted by malicious hackers. In addition to protection, detection and governance
standards for compliance. The candidates acquire hands-on exposure to multi-environment
security defense in high-tech lab infrastructure during the course. The course is delivered by a
certified security practitioners following globally accepted curriculum empowering learners with
capacity to step up higher career ladders in cybersecurity.
Why ADVANCED DIPLOMA IN CYBER DEFENSE

ADCD from RedTeam Hacker Academy is a practical-based cyber defense diploma in cyber
security course that endeavoring to instills advance offensive and defensive security skills of the
participants. This far-reaching course revolves around the mindset followed by hackers to pene-
trate security architecture of the organization, proven techniques of to protecting organization-
al security architecture and detecting vulnerabilities in the existing system. Serving as the most
sought-after proficiencies, cyber defense capabilities instilled by ADCD prepares candidates to
acquire attack detection ethical hacking capabilities while drafting effective preventive controls
potentially strong to repel cyber attacks.
This intuitive cyber defence program lets you leverage:
Extensive ethical hacking competencies with practical know-how

Far-reaching tech-know in penetration testing
All-inclusive security defence and protection understanding
Internationally valued cybersecurity certifications
Globally defined security compliance and standards
Fully-equipped real-like practice environments
Most recent and proven methodologies for defensive security evaluation
Career-focused curriculum designed by industry experts
Highly valued security credentials after training completion
Training sessions delivered by subject matter experts having
extensive experience.

Eligibility Criteria
Familiarity with systems, networks, and cloud security concepts
Understanding of cybersecurity fundamentals
Understanding of ethical hacking and penetration testing
Target Audience
Cybersecurity professionals
Penetration testers
Network administrators
Applications security personnel
Information security architects
Governance staff

COURSE OUTLINE
Part 1
Threat & Vulnerability Managementreparation

MODULE 1
CYBER SECURITY BUILDING BLOCK

In the world of cybersecurity, essential building blocks include understanding career roles,
basic terms, types of threats, and common security threats. Being aware of Advanced
Persistent Threats (APT), different hacker types, and malware is crucial. Recognizing
vulnerabilities helps implement effective measures, while information security governance
and standards are essential. Cybersecurity professionals play significant roles in
safeguarding digital assets. Regular penetration testing to assess weaknesses is necessary,
following established standards for optimal protection.
MODULE 2
CYBER ATTACKS
Cyber attacks include eavesdropping, replay attacks, man-in-the-middle, session hijacking,
drive-by downloads, DDoS, DNS spoofing, ARP spoofing, wireless attacks, social
engineering, masquerading, side-channel attacks, pass-the-hash, Kerberos exploitation,
elevation of privilege, typo squatting, and zero-day attacks. Stay vigilant to ensure digital
security.
MODULE 3
NETWORK SECURITY
Network security involves various key elements for safeguarding data and systems. The
OSI layers facilitate communication between devices. Secure protocols like TLS, HTTPS,
SSH, SFTP, DNSSEC, S/MIME, SMTPS, POP3S, and IMAPS ensure encrypted and
authenticated data transfer. AAA protocols like RADIUS, TACACS+, and Active Directory
handle authentication and authorization. EAP, WPA2, and WPA3 enhance wireless security,
while VPN enables secure remote connections. Virtual LAN (VLAN) and network
segmentation isolate and organize network traffic. Zero Trust Architecture ensures strict
access controls. Proxy devices, content filters, and port security fortify network defenses.
Single Sign-On and Federated Identity simplify user authentication. Network Access
Control (NAC) verifies and manages device access.

MODULE 4
KALI LINUX FOR HACKERS

Kali Linux, a popular tool for hackers, requires manual partition during installation and
configuration. Linux, as an operating system, is compared to Windows, and its
fundamentals are introduced. Basic commands, user management, permissions, and
processes are covered. Understanding the file system and booting process is essential,
including the role of the kernel in Linux.
MODULE 5
PENETRATION TESTING PLANNING

Penetration testing involves planning and executing in stages. The process begins with
careful Penetration Testing Planning, followed by conducting the actual test. During
testing, ensuring Anonymity & Privacy is crucial to maintain confidentiality and security.
MODULE 6
INFORMATION GATHERING
Information gathering in cybersecurity involves various techniques. Open-Source
Intelligence (OSINT) gathers data from publicly available sources. Google Hacking or
Google Dorking leverages specific search queries to uncover sensitive information.
Recon-ng and theHarvester are tools for automated information gathering. Packet sniffing
using Wireshark captures network data for analysis and assessment.
MODULE 7
SCANNING & ENUMERATION

Scanning & Enumeration involves various techniques and tools. Scanning methodologies
and tools help identify vulnerable targets. Nmap is a widely used scanning tool. DNS
enumeration gathers information about domain names using NSLOOKUP, DIG, and HOST.
ICMP is used for network troubleshooting and enumeration. Concepts and enumeration of
FTP, SMB, SMTP, and SNMP are essential for understanding vulnerabilities. PowerShell,
Sparta, and Zenmap are tools used for scanning and enumeration.

MODULE 8
VULNERABILITY SCANNING
Vulnerability scanning is crucial for detecting weaknesses in systems. It includes credential
and non-credential scans to assess security levels. Various scanning types, such as Nmap,
Nessus, OpenVAS, Nikto, Arachni, Metasploit, and SQLmap, are employed to identify
vulnerabilities effectively.
MODULE 9
EXPLOITATION
Exploitation involves various hacking techniques. Password cracking methods, like John
The Ripper, Hydra, and Rainbow Table Cracking, uncover weak passwords. System hacking
targets computer systems, while web application hacking exploits vulnerabilities in web
apps. Wireless networks can be exploited, and methods to evade IDS, IPS, and firewalls are
used to bypass security measures.
MODULE 10
POST EXPLOITATION
Post exploitation techniques are used after gaining unauthorized access. Deep Packet
Inspection analyzes network traffic deeply. Malware analysis includes Static Analysis and
Dynamic Analysis to understand malicious code. Process and network monitoring help
track system activities. Network pivoting is used to move laterally through the network.
Privilege escalation aims to gain higher access levels.
MODULE 11
CONDUCTING ATTACKS
Conducting attacks involves various methods. DoS & DDoS attacks overwhelm systems to
disrupt services. Social engineering tricks people into divulging sensitive information.
Steganography hides data within innocuous files to evade detection.

MODULE 12
CRYPTOGRAPHY
Cryptography is essential for secure communication. Basic terms include Cryptography,
Cryptanalysis, Cryptosystem, Encryption, Decryption, Algorithm, Key, Plaintext,
Ciphertext, and Work Factor. Classical Cryptography uses traditional methods, while
Symmetric Cryptography uses the same key for encryption and decryption. Asymmetric
Cryptography uses different keys, and Hash Functions, HMAC ensure data integrity.
Digital signatures validate authenticity. Public Key Infrastructure (PKI) manages
cryptographic keys and certificates.
MODULE 13
REPORTING & REMEDIATION

After a penetration test, clearing tracks is essential by disabling any unauthorized
credentials and reactivating IDS and IPS alerts to maintain security. Developing a detailed
penetration testing report helps document findings and vulnerabilities. Creating a
remediation plan outlines steps to address identified weaknesses and enhance overall
security.

Part 2
Cybersecurity Operations Management
MODULE 14
SECURITY OPERATIONS CENTRE (SOC)

A Security Operations Centre (SOC) is a centralized unit responsible for monitoring,
detecting, and responding to cybersecurity threats and incidents. The need for a SOC
arises due to the increasing complexity and frequency of cyberattacks.SOC Functions,
SOC Team, SOC Workflow, SOC Models & Generations, SOC Best Practices, SOC vs
NOC.
MODULE 15
CONFIGURATION & CHANGE MANAGEMENT

Configuration & Change Management is crucial for maintaining a secure IT environment.
Start by identifying and inventorying information assets. Document their configurations
and establish security baselines for best practices. Change Management is needed to
control modifications effectively. The stages involve planning, assessing risks,
implementing changes, and reviewing to ensure a secure and stable system.
MODULE 16
PREVENTIVE MEASURES
Preventive measures are essential for robust cybersecurity. Harden information assets to
strengthen their defenses. Create blacklists to block malicious content and whitelists to
allow trusted sources. Implement anti-malware solutions to detect and prevent malware.
Use honeypots and honeynets to lure attackers away from real assets. Employ auditing,
logging, and monitoring to track and analyze system activities for early detection of
threats. Practice privileged account management to restrict access and reduce potential
risks. Understand false positive, false negative, true positive, and true negative to refine
security measures.

MODULE 17
PATCH & VULNERABILITY MANAGEMENT

Patch & Vulnerability Management is vital for a secure environment. Patching addresses
software vulnerabilities to prevent exploitation. The Patch Management Process involves
identification, assessment, testing, deployment, and verification of patches. Vulnerabilities
come in different forms: People Related, Physical, Technical, and Zero-Day (newly
discovered). In Technical Vulnerability Management, stages include scanning, assessment,
prioritization, remediation, and verification. Scans like Internal, External, Non-Credential,
and Credential help identify weaknesses. Network Discovery Scanning with Nmap and
Zenmap finds devices on the network. Network Vulnerability Scanning with Nmap, Nessus,
and OpenVAS uncovers network risks. Web Vulnerability Scanning with Nikto assesses web
app security. Database Scanning with SQLmap identifies database vulnerabilities.
Vulnerability databases like CVE, CWE, NVD, OWASP Top 10 for Web Apps, IoT, and ICS
catalog and provide information on vulnerabilities for effective risk management.
MODULE 18
FIREWALL MANAGEMENT
Firewall management is vital for network security. Firewalls act as barriers between trusted
and untrusted networks, controlling traffic based on rules. There are hardware and
software firewalls. Creating and updating firewall rules involves defining criteria to allow or
block specific traffic, adapting to changing security needs.
MODULE 19
THREAT INTELLIGENCE & HUNTING

Threat Intelligence is about collecting and analyzing data on potential threats to reduce
false negatives and respond faster to attacks. It relies on frameworks like Cyber Kill Chain
and MITRE Attack Framework and sources such as Threat Feeds, OSINT, social media,
industry sources, vendor feeds, and deep & dark web, while integrating with security tools
like SOAR & AI. Threat Hunting is a proactive approach where security teams create attack
scenarios and actively search for threats within their systems, enabling early detection and
mitigation.

MODULE 20
SOC MONITORING TOOLS

SOC monitoring tools play a critical role in enhancing cybersecurity. IDS & IPS detect and
prevent intrusions. Data Leak Prevention (Network and Endpoint DLP) safeguards against
data leaks. Network Traffic Analysis (NetFlow Monitoring) tracks network activity.
Antimalware and Antispam Solutions protect against malware and spam. File Integrity
Monitor (FIM) ensures file integrity. SIEM centralizes security event data. EDR and XDR
detect and respond to endpoint threats. UEBA analyzes user behavior. SOAR automates
incident response for efficient security management.
MODULE 21
SPLUNK
Splunk is a powerful data analytics and monitoring platform used for capturing, indexing,
and searching machine-generated data from various sources. Its architecture involves
Splunk Enterprise and Forwarder installations, which collect and index data for analysis.
Data indexing enables efficient searching and visualization of information. Users can create
alerts and reports to monitor specific events and patterns. Splunk is widely used in various
use cases to analyze logs and gain valuable insights from machine-generated data.
MODULE 22
INCIDENT RESPONSE
Incident Response is crucial for cybersecurity. Events and Incidents are distinguished
based on their impact. Incident Management follows four stages: Preparation, Detection,
Response, and Recovery. Automating Incident Response using SOAR and UEBA
streamlines and improves the efficiency of handling security incidents.
MODULE 23
SECURITY FORENSICS
Security investigations are essential to identify, analyze, and respond to cybersecurity
incidents effectively. Types of security investigations include digital forensics, network
forensics, and malware analysis. The stages of security forensics involve identification,
preservation, analysis, and reporting of evidence. Security forensics principles include
maintaining integrity, confidentiality, and chain of custody while conducting investigations.

MODULE 24
COMPLIANCE MANAGEMENT
Compliance management is crucial for meeting security standards and legal requirements.
It involves ensuring adherence to policies, laws, and regulations and generating compliance
metrics and reports. Relevant parties are notified of any deviations, and evidence is
available for analysis and presentation. Security laws cover computer crimes and privacy
laws like GDPR and HIPAA. Intellectual property laws protect copyrights, patents, and
trademarks. Industry standards include ISO 27000, PCI DSS, and SSAE18 (SOC) for
maintaining a secure and compliant environment.
Part 3
Certified Red Team Associate (CRTA)

MODULE 25
INTRODUCTION TO RED TEAM’S PLAN AND EXECUTION

RedTeam Intro: Understand Red Teaming. Motivation, like improving defenses, drives it.
Frameworks include Cyber Kill Chain, CBEST, TIBER-EU, ABS, ATT&CK. Phases: Planning,
Roles, Rules, Definition of terms. Involves Ethical Hacking, Vulnerability Assessment,
Penetration Testing. Engages Blue Team for defense, Purple Team for collaboration.
Adversary Emulation & Simulation. Assumed Breach Model is considered.
MODULE 26
MANAGING AND MEASURING YOUR RED TEAM

Planning Red Team: Manage, Grow, and Build. Team logistics and lab setup. Find common
goals and build bridges. Use active defense, honeypots, and decoys. Automate activities
and measure persistence.

MODULE 27
GRAPHS FOR RED TEAMERS

Graphs for Red Teamers: Learn attack & knowledge graphs. Grasp Graph database basics. Build
Homefield graph with Neo4j. Explore the Neo4j browser. Construct a knowledge graph.
MODULE 28
POWERSHELL FOR RED TEAMERS

PowerShell for Red Teamers: Understand PowerShell basics, editors, and its use in Windows
and Linux. Learn about Get-Help, verbs, aliases, cmdlets, and parameters. Grasp operator
basics, type casting, arrays, hash tables, and lists. Build concepts like modules, functions,
branching, and looping. Scripting and advanced features, including remoting, practical use,
jobs, and WMI.
MODULE 29
WEB & NETWORK EXPLOITATION

Web & Network Exploitation: Focus on OWASP Top vulnerabilities like SQL Injection, XSS,
Command Execution, CSRF, Broken Authentication. Learn Network Bypass, Pivoting, ICMP &
DNS Tunnelling, and Port Forwarding techniques for effective exploitation.
MODULE 30
WAR GAME BETWEEN REDTEAM & BLUETEAM

Red Team vs. Blue Team Wargame: Utilize Threat Intelligence, SIEM, and Threat Hunting for
effective SOC Analyst training and practice.
MODULE 31
RED TEAM EXERCISE EXECUTIONS

Red Team Exercise: Execute steps like Initial Access, Reconnaissance, Execution, Persistence,
Privilege Escalation, Defense Evasion, Credential Access, Lateral Movement, Collection,
Command and Control, Exfiltration, and Removing Footprints for comprehensive testing.

MODULE 32
RED TEAMING ON ENTERPRISE ACTIVE DIRECTORY ENVIRONMENT

Red Teaming on Enterprise Active Directory: Perform Kerberoasting, ASREP Roasting, Chisel
Pivoting, DCSync Attack, and capture Domain Controller for effective testing.
Part 4
Certified Penetration Testing Professional
(CPENT - Official Training Only)
MODULE 33
PENETRATION TESTING SCOPING AND ENGAGEMENT

Penetration Testing Prep: Follow LPT Methodology. Set rules, engage communication,
involve personnel. Address legal aspects. Scope, guidelines, and recommendations are key.
Handle scope changes.
MODULE 34
OPEN-SOURCE INTELLIGENCE (OSINT)

Open-Source Intelligence (OSINT): Gather data from the web, analyze websites, and use
DNS interrogation. Automate with tools/scripts for efficient OSINT process.
MODULE 35
SOCIAL ENGINEERING PENETRATION TESTING

Social Engineering Penetration Testing: Understand concepts. Utilize email, phone, and
physical attack vectors. Report findings and provide countermeasures/recommendations.

MODULE 36
NETWORK PENETRATION TESTING - EXTERNAL

Network Penetration Testing - External: Perform Port Scanning, OS and Service
Fingerprinting, Vulnerability Research, and Exploit Verification for comprehensive testing.
MODULE 37
NETWORK PENETRATION TESTING - INTERNAL

Network Penetration Testing - Internal: Begin with Footprinting and Network Scanning.
Conduct OS and Service Fingerprinting, Enumeration, and Vulnerability Assessment. Exploit
Windows and Unix/Linux systems. Explore various Internal Network Exploitation Techniques.
Automate testing and focus on Post Exploitation analysis.v
MODULE 38
NETWORK PENETRATION TESTING - PERIMETER DEVICES

Network Penetration Testing - Perimeter Devices: Evaluate Firewall, IDS, Router, and Switch
security implementations for robust perimeter defense.
MODULE 39
WEB APPLICATION PENETRATION TESTING

Web Application Penetration Testing: Uncover Default and Hidden Content. Perform Web
Vulnerability Scanning, SQL Injection, XSS, Parameter Tampering, Weak Cryptography,
Security Misconfiguration, Client-Side Attacks, Broken Authentication & Authorization,
Broken Session Management, Web Services Security, Business Logic Flaws, Web Server, Thick
Clients, and WordPress Testing to ensure robust security.
MODULE 40
WIRELESS PENETRATION TESTING

Wireless Penetration Testing: Cover Wireless LAN (WLAN) security assessment, RFID, and
NFC penetration testing for comprehensive evaluation.

MODULE 41
IOT PENETRATION TESTING

IoT Penetration Testing: Explore IoT Attacks and Threats, then conduct IoT Penetration Testing
for robust security assessment.
MODULE 42
OT AND SCADA PENETRATION TESTING

OT and SCADA Penetration Testing: Understand OT/SCADA concepts, focus on Modbus
protocol, and perform ICS and SCADA Penetration Testing for critical infrastructure security
assessment.
MODULE 43
CLOUD PENETRATION TESTING

Cloud Penetration Testing: Address Docker Security, perform Cloud Penetration Testing, and
delve into AWS, Azure, and Google Cloud Platform Specific Penetration Testing for robust
cloud security assessment.
MODULE 44
BINARY ANALYSIS AND EXPLOITATION

Binary Analysis and Exploitation: Understand Binary Coding Concepts and follow Binary
Analysis Methodology for effective analysis and exploitation.
MODULE 45
REPORT WRITING AND POST TESTING ACTIONS

Report Writing and Post Testing Actions: Summarize Penetration Testing with an Overview.
Develop the Report in phases, including components. Analyze and Deliver the Penetration
Testing Report. Address Post-Testing Actions for comprehensive organization security.

Part 5
Certified Ethical Hacker (CEH)
MODULE 46
INTRODUCTION TO ETHICAL HACKING

Introduction to Ethical Hacking: Start with Information Security Overview, Threats, and
Attack Vectors. Grasp Penetration Testing and Hacking Concepts, including Ethical
Hacking. Learn Information Security Controls, Laws, and Standards for a comprehensive
understanding.
MODULE 47
FOOTPRINTING AND RECONNAISSANCE

Footprinting and Reconnaissance: Begin with Footprinting Concepts. Explore methods like
Search Engines, Web Services, Social Networking Sites, Website, and Email Footprinting.
Understand Competitive Intelligence, Whois, and DNS Footprinting for comprehensive
reconnaissance.
MODULE 48
SCANNING NETWORKS
Scanning Networks: Learn Network Scanning Concepts, Tools, and Techniques. Go beyond
IDS and Firewall with Banner Grabbing. Create Network Diagrams and apply Scanning in
Pen Testing for comprehensive network assessment.
MODULE 49
ENUMERATION
Enumeration: Understand Enumeration Concepts. Explore NetBIOS, SNMP, LDAP, NTP,
SMTP, and DNS Enumeration. Learn Countermeasures and Other Enumeration
Techniques. Apply Enumeration in Pen Testing for thorough assessment.

MODULE 50
VULNERABILITY ANALYSIS
Vulnerability Analysis: Grasp Vulnerability Assessment Concepts. Explore Solutions, Scoring
Systems, and Tools. Learn to generate effective Vulnerability Assessment Reports for
comprehensive security evaluation.
MODULE 51
SYSTEM HACKING
System Hacking: Understand System Hacking Concepts. Learn Password Cracking, Privilege
Escalation, Application Execution, File Hiding, and Covering Tracks techniques. Apply
Penetration Testing for robust system security assessment.
MODULE 52
MALWARE THREATS
Malware Threats: Grasp Vulnerability Assessment Concepts. Explore Solutions, Scoring
Systems, and Tools for Vulnerability Assessment. Learn to generate effective Vulnerability
Assessment Reports for thorough security evaluation
MODULE 53
SNIFFING
Sniffing: Understand Sniffing Concepts. Explore MAC Attacks, DHCP Attacks, ARP Poisoning,
Spoofing, and DNS Poisoning techniques. Learn Sniffing Tools and Countermeasures. Grasp
Sniffing Detection Techniques. Apply Sniffing in Pen Testing for thorough security assessment.
MODULE 54
SOCIAL ENGINEERING
Social Engineering: Understand Social Engineering Concepts and Techniques, including Insider
Threats, Impersonation on Social Networking Sites, and Identity Theft. Learn
Countermeasures and apply Social Engineering in Penetration Testing for comprehensive
security assessment.

MODULE 55
DENIAL-OF-SERVICE
Denial-of-Service: Grasp DoS/DDoS Concepts. Learn Attack Techniques and Botnets. Study
DDoS Case. Explore Attack Tools and Countermeasures. Understand Protection Tools and
apply DoS/DDoS Attack in Penetration Testing for robust assessment.
MODULE 56
SESSION HIJACKING
Session Hijacking: Understand Session Hijacking Concepts, including Application-Level and
Network-Level techniques. Explore Session Hijacking Tools and Countermeasures. Apply
Session Hijacking in Penetration Testing for comprehensive security assessment.
MODULE 57
EVADING IDS, FIREWALLS, AND HONEYPOTS

Evading IDS, Firewalls, and Honeypots: Grasp Concepts of IDS, Firewalls, and Honeypots.
Explore Solutions for these defenses. Learn how to Evade IDS and Firewalls, using Evasion
Tools. Detect Honeypots and implement Countermeasures against IDS/Firewall Evasion.
Apply these techniques in Penetration Testing for thorough security assessment.
MODULE 58
HACKING WEB SERVERS

Hacking Web Servers: Understand Web Server Concepts. Explore Attacks and Methodology.
Learn Attack Tools and Countermeasures. Emphasize Patch Management and use Web Server
Security Tools. Apply Web Server Pen Testing for robust security assessment.
MODULE 59
HACKING WEB APPLICATIONS

Hacking Web Applications: Understand Web Application Concepts. Explore Attacks and
Methodology. Learn Attack Tools and Countermeasures. Emphasize Patch Management and
use Web Application Security Tools. Apply Web Application Pen Testing for comprehensive
security assessment.

MODULE 60
SQL INJECTION
SQL Injection: Learn Web App Concepts and Threats. Explore Hacking Methodology and
Tools. Understand Countermeasures and use Web App Security Testing Tools. Apply SQL
Injection in Pen Testing. Understand SQL Injection Concepts, Types, Methodology, and Tools.
Explore Evasion Techniques and Countermeasures for comprehensive security assessment.
MODULE 61
HACKING WIRELESS NETWORKS

Hacking Wireless Networks: Grasp Wireless Concepts and Encryption. Explore Threats and
Hacking Methodology. Learn Wireless Hacking Tools and Bluetooth Hacking. Understand
Countermeasures and use Wireless Security Tools. Apply Wi-Fi Pen Testing for comprehensive
wireless security assessment.
MODULE 62
HACKING MOBILE PLATFORMS

Hacking Mobile Platforms: Study Mobile Platform Attack Vectors. Explore Android OS and
iOS Hacking. Learn about Mobile Spyware and Device Management. Understand Mobile
Security Guidelines and Tools. Apply Mobile Pen Testing for robust assessment of mobile
platform security.
MODULE 63
IOT HACKING
IoT Hacking: Grasp IoT Concepts and Attacks. Explore Hacking Methodology and Tools.
Understand Countermeasures and use IoT Pen Testing for comprehensive security
assessment.
MODULE 64
CLOUD COMPUTING
Cloud Computing: Understand Cloud Computing Concepts and Threats. Explore Cloud
Attacks and Cloud Security. Learn about Cloud Security Tools and apply Cloud Penetration
Testing for robust assessment.

MODULE 65
CRYPTOGRAPHY
Cryptography: Grasp Cryptography Concepts and Encryption Algorithms. Explore
Cryptography Tools, PKI, Email Encryption, Disk Encryption, and Cryptanalysis. Understand
Countermeasures for effective cryptographic security.
Part 6
Implementing an ISMS based on ISO 27001

MODULE 66
INTRODUCTION TO ISMS
Introduction to ISMS: Learn ISMS Objectives and Definitions. Understand Information,
Information Security, Confidentiality, Integrity, and Availability. Explore Security Controls and
grasp the concept of Information Security Management System (ISMS).
MODULE 67
ISO 27001 OVERVIEW

ISO 27001 Overview: Grasp the structure of ISO 27001, including its clauses and controls,
which provide a comprehensive framework for information security management.
MODULE 68
PLANNING ISMS PROJECT

Planning ISMS Project: Explore Implementation Scenarios and Steps. Develop a Project Plan
and create necessary Project Documentations for a successful Information Security
Management System (ISMS) implementation.

MODULE 69
ISMS IMPLEMENTATION: PLAN PHASE

ISMS Implementation: PLAN Phase - Cover Clause 4 (Context of the organization), Clause 5
(Leadership), Clause 6 (Planning), with a focus on Risk Assessment, and Clause 7 (Support) to
ensure a comprehensive foundation for your Information Security Management System
(ISMS) implementation.
MODULE 70
ISMS IMPLEMENTATION: DO PHASE

ISMS Implementation: DO Phase - Focus on Clause 8 (Operations) and develop a robust Risk
Treatment Plan to effectively manage risks within your Information Security Management
System (ISMS) implementation.
MODULE 71
ISMS IMPLEMENTATION: CHECK PHASE

ISMS Implementation: CHECK Phase - Concentrate on Clause 9 (Performance Evaluation),
establish Key Performance Indicators (KPIs) / Metrics, conduct Internal Audits, and engage in
Management Review for effective evaluation and continuous improvement of your
Information Security Management System (ISMS) implementation.
MODULE 72
ISMS IMPLEMENTATION: DO PHASE

ISMS Implementation: DO Phase - In Clause 10 (Improvement), focus on implementing the
Risk Treatment Plan to enhance your Information Security Management System (ISMS) and
ensure ongoing refinement for optimal security.
MODULE 73
GETTING ISO 27001 CERTIFIED

Getting ISO 27001 Certified: Understand the Certification Process, including Preparing for
Certification, undergoing the Certification Audit, and subsequent Surveillance Audits to
achieve and maintain ISO 27001 certification for your Information Security Management
System (ISMS).

Tools Covered

Tools Covered

INTERNATIONAL CERTIFICATION PROGRAM
ADCD PROGRAM INDLUDES EC-COUNCIL iLABS FOR
CSA
CPENT

What Will You Learn
Essential Building Blocks of cybersecurity including risk assessment, evaluation,
management, and remediation
Core components of system security- firewall, anti-spam, anti-virus, backup, disaster
recovery, path management, information security policies
Network security assessment, management, and control with cryptography, authentication
management, network security applications, symmetric and asymmetric authentication for
key distribution
Practicing ethical hacking and penetration testing with Linux
Safeguarding enterprise security with foolproof security strategies, tools, and best practices
Enhancing organizational security with cyber Kill Chain and Offensive Security practices
Blue teaming to identify, evaluate existing security architecture and develop remedial plans
Setting up cyber Security Operation Center (SOC) to observe organizational cyber defence
Leveraging AI (artificial intelligence) and Machine Learning (ML (machine Learning)

capabilities for cyber defence
Implementing Python based functions for malware analysis, security structure scanning, and
pentesting
Understanding of Global Cybersecurity Standards, compliance and governance
International certifications training for CEH

EC-Council iLabs

Our Edutech Products

Our Edutech Products

Our Talent Solutions

Our Global Outreach
Singapore Indonesia UAE Saudi Arabia India

Brazil Sri Lanka Canada UK US Cambodia
Uzbekistan Nigeria Malaysia New Zealand Bahrain
Qatar Czech Republic Ceymon Islands Italy Oman
South Africa Ghana Philippines

Associations & Credentials

Our recent Placements
JASSIM JAMAL CHERICHI AJAYKRISHNA J ANSTIN NAIJO ABDUL RAHMAN

TNP Triotech Mindtree ACPL Systems Pvt Ltd.
Associate Consultant Security Analyst Junior Security Engineer Cyber Security Trainee
AMRUTHA P.H JITHIN ROY JIJIN MICHEAL MUHAMMAD ASHIN

EY Cyberpwn Geojit Mindtree
Technical Consultant Application Security Assurance Information security ofﬁcer - Junior Security Analyst
senior executive
SHIBIN B AKHIL SURESH MAHI M ALEENA PRASANNAN

TuxCentrix Consultancy Pvt Ltd Mindtree Soc L1 EY
Junior Security Analyst Trainee Junior Security Engineer Cyberproof Consultant
JASIM ABDULSALAM VISHNU UNNIKRISHNAN D.V.S.S. AKHIL VISHNU V.S.

Triotech VAPT EY CyberSRC Consultancy
Security Analyst Cyberpwn Security Consultant Associate Security Analyst

Company Where Our Students Works:
The certification programme comprises practical assessments that measure the candidates’
hands-on abilities and comprehension. Candidates must pass these exams to prove they are
adept at finding vulnerabilities, exploiting them, and telling the right people about what they
have discovered. Candidates are eligible to take the final exam after passing these practical
assessments.

Feedbacks
“
With heartfelt gratitude, I'm
currently enrolled in the
Advanced Diploma in Cyber
Defense (ADCD) course at Red
“ My name is Mishal, and I am
proud to be a student at
RedTeam Hacker Academy in
“ ADCD is a well-crafted,
comprehensive training and
certification course. gaining
Team Hacker Academy, and I'm Calicut. Currently enrolled in good knowledge of
thoroughly impressed by its the ADCD Course and having networking. This course has
enlightening, well-structured recently completed the CEH both an offensive and
content, the instructor's certification.I am truly grateful defensive side. and
expertise in simplifying complex for the opportunity to learn well-trained trainers too. This
concepts through relatable from top-class courses course is helpful for
examples, the valuable hands-on provided by RedTeam Hacker professionals to evolve into
labs that reinforce Academy. I must commend the cybersecurity.
comprehension and confidence, trainers at the academy for
and the engaging, interactive their exceptional dedication.
teaching style that encourages They are not only highly
discussions and approachable knowledgeable in their fields
instructor interaction. but also incredibly friendly and
approachable.
Deepak.G Saneersha Hakkim Rinu James, Kochi
Happy Student
htps:/w .youtbe.com/watch?v=sT4wqGXu4o htps:/w .youtbe.com/shrtTwNBhry1NxE htps:/w .youtbe.com/shrtU03wsl4KmI htps:/w .youtbe.com/shrtdPB8R0wsk4

Our Achievement
We are delighted to announce that we have been honored with the

ATC Circle of Excellence Award from Ec-Council.
As always, RedTeam will strive to maintain excellency forever.

We've featured in
h t p s : / w . m a n o r m a n l i e . c o m / d i s t r c - n e w s / m a l p u r a m / 2 0 3 5 / 0 8 m a l p u r a m -2 5 l a k h - r e w a d - f o r p i n t g - o u t h e - s c u r i t y - l a p s e . m h t l
READ MORE
htps:/w.madhy .com/tehnlgyews/u-25lakhtogul-whpointed-uhglitc-nhewbsit-15798?infitescrol=1
htps:/w .madhyma .com/technolgy/newsu-25lakh-togkul-whopinted-out he-glitch-nte-wbsite-157981?infi tescrol=1
READ MORE
h t p s : / w . t w e n y f o u r n e w s . c o m / 2 0 3 / 5 0 4 / c y b e r s c u r i t y - s u d e n t - g o k u l - s d h a k r - w i n s -2 5 l a k h s - b u g o u n t y - r e w a d . h t m l
READ MORE
BROADCAST MEDIA
ht ps:/ yout .be/TbR4Peqm3QI htps:/maly .news18com/videsbuz/rwad-ofs25lakh-toesudnt-whopinted-uhsecrity-bachnte-wbsijk-6027.html
    
 
   
      

Community Initiatives
PANEL DISCUSSION

Our Community Initiatives
2018
2018
2019
2019
Copyright ©2023 by RedTeam Hacker Academy Pvt. Ltd.

2020
2020

2021
2021

h t p s : / y o u t . b e / L zK WhU W O q MY
2023
2023


PANEL DISCUSSION


DUBAI

FAQ
1 What is the ADCD course?

The ADCD course is an advanced programme focused on teaching in-depth cyber
security and defence techniques. It equips students with advanced skills to
safeguard digital systems against cyber threats.
2 Who can enrol in the ADCD course?

Individuals with a background in computer science, networking, or related fields
are eligible. A bachelor's degree or relevant work experience may be required.
3 What topics does the ADCD course cover?

The course covers advanced areas like malware analysis, threat intelligence,
network forensics, cloud security, ethical hacking, and incident response.
4 How does the ADCD course boost my career?

Completing the ADCD course enhances career prospects in cyber security.
Graduates are prepared for roles such as security analysts, penetration testers, and
incident responders.
5 Is prior cyber security experience necessary?

While it's beneficial, the course caters to various skill levels. A strong foundation in
basic cyber security concepts will be helpful for understanding advanced topics.

How RedTeam will help you achieve your
Dream Job
We have been actively involved in the cybersecurity industry for the past 8 years,
providing access to leading cybersecurity companies. Through regular assessments
and comprehensive training, we will support you in securing interviews.
"We can only refer students who demonstrate a strong commitment to learning and
show consistent progress throughout the course. We are unable to assist students
who lack the motivation to help themselves."

Follow Our Channel for more information
https://redteamacademy.com/
www.redteamacademy.com
htps:/w .instagr m.com/redt am cademy/ htps:/w .facebo k.com/redt am cademy htps:/twi er.com/iflow/lgin?redi ct_afer_login=%2Fredtamcdemy htps:/in.l kedin.com/company/redt am cademy htps:/w .yout be.com/@redtamhckeracdemy
Hack Out
Your Career
RedTeam Hacker Academy Pvt. Ltd.
An ISO 9001 - 2015 Certified Company
Contact
h t p s : / r e d t e a m a c a d e m y. a e / h t p s : / r e d t e a m a c a d e m y. c o m / h t p s : / r e d t e a m t r i v a n d r u m . c o m / h t p s : / r e d t e a m t h r i s u r. c o m /
DUBAI CALICUT TRIVANDRUM THRISSUR
O307, Third Floor, Fourth Floor, C.M Mathew 2nd Floor, Athens Plaza, SS Kovil 3rd Floor Puthenpurackal Tower,
Hamsa Building, Above Ansar Brothers Arcade, Kannur Rd, Road, Near Apollo Dimora, Opposite Civil Lane Road, Westfort, Thrissur,
Gallery, Al Karama, Khalid Bin Al Above CSB Bank, West Central Railway Station, Thampanoor,
Waleed Rd, Burjuman Metro Nadakkave, Chakkorathukulam,
Kerala 680004
Thiruvananthapuram,Kerala 695001
Station Exit #2 Dubai Kozhikode, Kerala 673011
+91 956 219 5666 +91 813 784 3966
+971 52 447 9899 +91 956 250 3666
h t p s : / r e d t e a m ko c h i . c o m / ht ps:/ redteamkot ak al.com/ ht ps:/ redteamperinthalman a.com/

KOCHI KOTTAKKAL PERINTHALMANNA CHENNAI
1st Floor, Kariyappilli Tower, 4th Floor, K.P.M Tower, CTM Tower, 3rd Floor, First Floor, Sultana Square,
Near Kinder Hospital, Metro Pillar Above South Indian Bank Opp. Police Station, Opposite Phoenix Market City,
No.345,VMB Road, Tirur, Malappuram ,Manjeri Rd, Mannarkad Rd, 11A/30, Nagendra Nagar,
Pathadippalam, Edappally, Kottakkal, Kerala 676503 Perinthalmanna, Kerala 679322 Velachery Main Road, Chennai-600042
Ernakulam, Kerala 682024
+91 984 629 1666 +91 759 288 6661 +91 9562 944 666
+91 956 290 2666

Cyber Security Roadmap

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cyber Security Roadmap

Uploaded by

Copyright:

Available Formats

ADVANCED DIPLOMA

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

Defensive cybersecurity is the best ever remedy to prevent

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

Why ADVANCED DIPLOMA IN CYBER DEFENSE

This intuitive cyber defence program lets you leverage:

Extensive ethical hacking competencies with practical know-how

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

Threat & Vulnerability Managementreparation

CYBER SECURITY BUILDING BLOCK

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

KALI LINUX FOR HACKERS

PENETRATION TESTING PLANNING

SCANNING & ENUMERATION

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

REPORTING & REMEDIATION

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

Cybersecurity Operations Management

SECURITY OPERATIONS CENTRE (SOC)

CONFIGURATION & CHANGE MANAGEMENT

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

PATCH & VULNERABILITY MANAGEMENT

THREAT INTELLIGENCE & HUNTING

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

SOC MONITORING TOOLS

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

Certified Red Team Associate (CRTA)

INTRODUCTION TO RED TEAM’S PLAN AND EXECUTION

MANAGING AND MEASURING YOUR RED TEAM

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

GRAPHS FOR RED TEAMERS

POWERSHELL FOR RED TEAMERS

WEB & NETWORK EXPLOITATION

WAR GAME BETWEEN REDTEAM & BLUETEAM

RED TEAM EXERCISE EXECUTIONS

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

RED TEAMING ON ENTERPRISE ACTIVE DIRECTORY ENVIRONMENT

PENETRATION TESTING SCOPING AND ENGAGEMENT

OPEN-SOURCE INTELLIGENCE (OSINT)

SOCIAL ENGINEERING PENETRATION TESTING

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

NETWORK PENETRATION TESTING - EXTERNAL

NETWORK PENETRATION TESTING - INTERNAL

NETWORK PENETRATION TESTING - PERIMETER DEVICES

WEB APPLICATION PENETRATION TESTING

WIRELESS PENETRATION TESTING

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

IOT PENETRATION TESTING

OT AND SCADA PENETRATION TESTING

CLOUD PENETRATION TESTING

BINARY ANALYSIS AND EXPLOITATION

REPORT WRITING AND POST TESTING ACTIONS

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

Certified Ethical Hacker (CEH)

INTRODUCTION TO ETHICAL HACKING

FOOTPRINTING AND RECONNAISSANCE

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.

EVADING IDS, FIREWALLS, AND HONEYPOTS

HACKING WEB SERVERS

HACKING WEB APPLICATIONS

Copyright © 2023 by RedTeam Hacker Academy Pvt. Ltd.