Skills You’ll Learn
- Information Security principles such as the CIA triad, AAA model, threat vectors, and layered defense strategies, including Zero Trust and Defense-in-Depth
- Cryptography fundamentals, including symmetric/asymmetric encryption, hash functions, digital signatures, and their role in securing systems and data
- Threat sources and vulnerability types, identifying motives behind cyberattacks, vectors of exploitation, and their organizational impact
- Ethical hacking foundations, including hacker classifications, responsibilities, and the full ethical hacking lifecycle from reconnaissance to covering tracks
- Attack models and frameworks, utilizing methodologies like Cyber Kill Chain, MITRE ATT&CK, and IoC analysis for understanding adversary behavior
- Malware categories and techniques, including Trojans, worms, viruses, ransomware, spyware, rootkits, and countermeasures against them
- Password cracking approaches, covering brute-force, dictionary, and hybrid attacks, supported by tools and defense strategies
- Social engineering tactics, such as phishing, SMiShing, fake apps, insider threats, identity theft, and mitigation using SET and other tools
- Network-level attack techniques, including sniffing, ARP spoofing, DoS/DDoS, session hijacking, and relevant tools and detection methods
- Web and application-layer security, exploring OWASP Top 10 risks, SQL injection types, web server misconfigurations, and testing tools
- Wireless and Bluetooth attack methods, including rogue APs, MAC spoofing, jamming, and mobile security controls like MDM
- IoT and OT system vulnerabilities, including device-level threats, IIoT challenges, Purdue Model layers, and botnet-based attacks
- Cloud and container security, understanding Docker/Kubernetes, OWASP cloud risks, attacks like cryptojacking and MITC, and security tools
- Penetration testing essentials, covering testing types, methodologies, phases, ethical considerations, risk handling, and when to conduct tests
What Skills You’ll Learn
- Key issues plaguing the information security world and information security laws and standards.
- Fundamentals of ethical hacking
- Information security threats and vulnerabilities
- Different types of malware
- Different types of password-cracking techniques and countermeasures
- Social engineering techniques, insider threats, identity theft, and countermeasures
- Network level attacks (sniffing, denial-of-service, and session hijacking) and countermeasures
- Application-level attacks (web-server attacks, web application attacks, and SQL injection) and countermeasures
- Wireless encryption, wireless threats, and countermeasures
- Mobile platform attack vector, mobile device management, mobile security guidelines, and security tools
- IoT and OT concepts, attacks, and countermeasures
- Cloud computing technologies, cloud computing threats, attacks, and security techniques
- Fundamentals of pen testing




