Cybersecurity – Attack and Defense Strategies
(CYBSEC-ATK-DEF.AJ1)/ISBN:978-1-64459-546-6
The Cybersecurity – Attack and Defense Strategies course delves into the intricacies of cybersecurity by exploring both offensive and defensive strategies. This course is meticulously crafted to empower you with the expertise required to safeguard systems, networks, and data from cyber threats while gaining insights into the tactics employed by cyber attackers. Whether you are venturing into cybersecurity or aiming to advance your competencies, this course equips you with the skills necessary to excel in the cybersecurity domain.
Lessons
18+ Lessons | 175+ Exercises | 80+ Quizzes | 88+ Flashcards | 88+ Glossary of terms
TestPrep
65+ Pre Assessment Questions | 65+ Post Assessment Questions |
Hands-On Labs
37+ LiveLab | 00+ Minutes
Need guidance and support? Click here to check our Instructor Led Course.
Here's what you will learn
Download Course OutlineLessons 1: Preface
- Who this course is for
- What this course covers
- To get the most out of this course
Lessons 2: Security Posture
- Why security hygiene should be your number one priority
- The current threat landscape
- Cybersecurity challenges
- Enhancing your security posture
- The Red and Blue Teams
- Summary
- References
Lessons 3: Incident Response Process
- The incident response process
- Handling an incident
- Post-incident activity
- Considerations for incident response in the cloud
- Summary
- References
Lessons 4: What is a Cyber Strategy?
- How to build a cyber strategy
- Why do we need to build a cyber strategy?
- Best cyber attack strategies
- Best cyber defense strategies
- Benefits of having a proactive cybersecurity strategy
- Top cybersecurity strategies for businesses
- Conclusion
- Further reading
Lessons 5: Understanding the Cybersecurity Kill Chain
- Understanding the Cyber Kill Chain
- Security controls used to stop the Cyber Kill Chain
- Threat life cycle management
- Concerns about the Cybersecurity Kill Chain
- How the Cyber Kill Chain has evolved
- Tools used during the Cyber Kill Chain
- Comodo AEP via Dragon Platform
- Summary
- Further reading
- References
Lessons 6: Reconnaissance
- External reconnaissance
- Internal reconnaissance
- Tools used for reconnaissance
- Passive vs. active reconnaissance
- How to combat reconnaissance
- How to prevent reconnaissance
- Summary
- References
Lessons 7: Compromising the System
- Analyzing current trends
- Performing the steps to compromise a system
- Mobile phone (iOS/Android) attacks
- Summary
- Further reading
- References
Lessons 8: Chasing a User’s Identity
- Identity is the new perimeter
- Strategies for compromising a user’s identity
- Summary
- References
Lessons 9: Lateral Movement
- Infiltration
- Network mapping
- Performing lateral movement
- Summary
- Further reading
- References
Lessons 10: Privilege Escalation
- Infiltration
- Avoiding alerts
- Performing privilege escalation
- Summary
- References
Lessons 11: Security Policy
- Reviewing your security policy
- Educating the end user
- Policy enforcement
- Monitoring for compliance
- Continuously driving security posture enhancement via security policy
- Summary
- References
Lessons 12: Network Security
- The defense-in-depth approach
- Physical network segmentation
- Securing remote access to the network
- Virtual network segmentation
- Zero trust network
- Hybrid cloud network security
- Summary
- References
Lessons 13: Active Sensors
- Detection capabilities
- Intrusion detection systems
- Intrusion prevention system
- Behavior analytics on-premises
- Behavior analytics in a hybrid cloud
- Summary
- References
Lessons 14: Threat Intelligence
- Introduction to threat intelligence
- Open-source tools for threat intelligence
- Microsoft threat intelligence
- Summary
- References
Lessons 15: Investigating an Incident
- Scoping the issue
- Investigating a compromised system on-premises
- Investigating a compromised system in a hybrid cloud
- Proactive investigation (threat hunting)
- Lessons learned
- Summary
- References
Lessons 16: Recovery Process
- Disaster recovery plan
- Live recovery
- Contingency planning
- Business continuity plan
- Best practices for disaster recovery
- Summary
- Further reading
- References
Lessons 17: Vulnerability Management
- Creating a vulnerability management strategy
- Elements of a vulnerability strategy
- Differences between vulnerability management and vulnerability assessment
- Best practices for vulnerability management
- Vulnerability management tools
- Conclusion
- Summary
- Further reading
- References
Lessons 18: Log Analysis
- Data correlation
- Operating system logs
- Firewall logs
- Web server logs
- Amazon Web Services (AWS) logs
- Azure Activity logs
- Google Cloud Platform Logs
- Summary
- References
Hands-on LAB Activities
Security Posture
- Performing a Phishing Attack
What is a Cyber Strategy?
- Simulating the DDoS Attack
- Using OWASP ZAP
Understanding the Cybersecurity Kill Chain
- Using Nikto
- Cracking a Linux Password Using John the Ripper
- Using the EternalBlue Exploit in Metasploit
- Cracking Password Using Hydra
- Using Sparta
- Using Kismet
Reconnaissance
- Performing Reconnaissance on a Network
- Installing a Wardriving Application and Analyzing a Site Survey Capture
- Gathering OSINT
- Sniffing a Network with Wireshark
- Using the masscan Command
- Capturing Network Packets Using tcpdump
- Performing Nmap Port Scanning
- Using theHarvester
- Conducting Vulnerability Scanning Using Nessus
- Using Cain and Abel
- Using nslookup for Passive Reconnaissance
Compromising the System
- Using the Armitage Tool for Intrusion Detection
- Cracking Windows Password Using Ophcrack
- Conducting a Cross-Site Request Forgery Attack
- Exploiting a Website Using SQL Injection
Lateral Movement
- Understanding Lateral Movement
Privilege Escalation
- Understanding LPE
Network Security
- Configuring VLANs
- Configuring a Network Firewall
- Configuring a VPN
Active Sensors
- Performing Intrusion Detection
Threat Intelligence
- Examining MITRE ATT&CK
Investigating an Incident
- Using the NETSH Command
- Using the PING Command
Recovery Process
- Using the chntpw Command
Vulnerability Management
- Performing Vulnerability Scanning Using OpenVAS
Log Analysis
- Analyzing Linux Logs for Security Intelligence
- Viewing Windows Event Logs