1. 6. Cybersecurity Fundamentals
1.1. Foundations
1.1.1. Key Concepts
1.1.1.1. • Asset • Identity • Vulnerability • Threat • Exploit • Risk • Countermeasure • Likelihood • Confidentiality, Integrity, Availability (CIA) • Least Privilege Access (LAP) • Defense of Depth • Authentication, Authorization, and Accounting (AAA) • Advanced Persistent Threat (APT) • Indicators of Compromise (IoC) • Indicators of Attack (IoA)
1.1.2. Classification Criteria
1.1.2.1. • Value • Age • Replacement Cost • Useful Life Time
1.1.3. Classifying Vulnerabilities
1.1.3.1. • Policy Flaws • Design Errors • Protocol Weaknesses • Misconfiguration • Software Vulnerability • Human Factor • Malicious Software • Hardware Vulnerability • Physical Access to Network Resource • Natural Factors
1.1.4. Classification Roles
1.1.4.1. • Owner • Custodian • User
1.1.5. Classifying Countermeasures
1.1.5.1. • Administrative • Physical • Logical
1.1.6. Supply Chain Risk Management
1.1.6.1. • Prevention • Preparedness • Response • Recovery
1.1.7. Risk Management Decisions
1.1.7.1. • Accept • Mitigate • Transfer • Avoid
1.1.8. Threat Modeling Methods
1.1.8.1. • CVSS • MITRE ATT&CK • Cyber Kill Chain • STRIDE • PASTA • DREAD • TRIKE • VAST • Attack Trees • OCTAVE • QTMM • LINDDUN • NIST SP 800-30
1.2. Cybersecurity Teams
1.2.1. • Blue Team • Red Team • Purple Team
1.3. Cybersecurity Domains
1.3.1. • Network Security • System Security • Application Security • Security Management • Physical Security • User Education
2. Cybersecurity Topics
2.1. Penetration Testing
2.1.1. Web
2.1.2. Network
2.1.2.1. Wi-Fi
2.1.2.2. Radio Frequency
2.1.3. System
2.1.3.1. Windows Server
2.1.3.2. Unix/Linux Server
2.1.4. Cloud
2.1.4.1. AWS
2.1.4.2. Azure
2.1.4.3. GCP
2.1.5. API
2.1.6. Mobile
2.1.6.1. Android
2.1.6.2. IOS
2.1.7. ICS/SCADA
2.1.8. IoT
2.1.9. Web3
2.1.10. LLM
2.2. Network Security
2.3. Email Security
2.4. Web Security
2.5. Bug Bounty
2.6. Cloud Security
2.7. API Security
2.8. Mobile Security
2.9. IoT Security
2.10. ICS/SCADA Security
2.11. RFID Security
2.12. Hardware Security
2.13. Cryptography
2.14. Blockchain Security
2.15. Development, Security, and Operations (DevSecOps)
2.16. Social Engineering (SE)
2.17. Threat Hunting (TH)
2.18. Reverse Engineering (RE)
2.19. Malware Analysis (MA)
2.20. Exploit Development (ED)
2.21. Digital Forensics (DF)
2.22. Incident Response (IR)
2.23. Secure Code Review
2.24. Cyber Threat Intelligence (CTI)
2.25. Security Operation Center (SOC)
2.26. Governance, Risk Management, and Compliance (GRC)
2.27. Open Source Intelligence (OSINT)
2.28. Deep/Dark Web Investigation
3. 4. Operating Systems
3.1. Book: Operating System Concepts / Ninth Edition
3.2. Linux Server & Bash Script
3.2.1. Course: (Linux Essentials - Cisco Networking Academy)
3.2.2. Book: (UNIX and Linux System Administration Handbook / 5th Edition)
3.3. Windows Server & Batch Script
3.3.1. Course: Microsoft Certified Solutions Associate (MCSA)
4. 5. Cryptography
4.1. Topics: Symmetric Encryption Asymmetric Encryption Hashing Obfuscation Encoding Steganography Digital Signatures Digital Certificates One Time Password (OTP) Tokenization vs. Encryption Blockchain *(Optional) *
4.2. Book: Cryptography and Network Security: Principles and Practice / Edition 7
5. 1. IT Fundamentals
5.1. Topics: - IT Concepts and Terminology - Computer Hardware and Operating Systems - Applications and Software - Programming Languages and Database Fundamentals - Networking and Storage - Cloud Computing - Security
6. 2. Networking
6.1. Courses:
6.1.1. Cisco Certified Network Associate (CCNA)
6.1.2. CompTIA Network+
7. 3. Programming
7.1. C++ || JAVA
7.1.1. Basics
7.1.2. Object-oriented programming (OOP)
7.1.3. Data Structure *(Optional) *
7.2. Basics of
7.2.1. Python
7.2.2. PHP & API
7.2.3. Oracle || MySQL
7.2.4. HTML, CSS, JavaScript
7.2.5. Intel x86 Assembly *(Optional) *