up:: [[00 Home MOC]] #### 1. [[Cybersecurity Fundamentals]] - **Objective:** Introduce the basic concepts, including understanding threats, vulnerabilities, and the critical role of cybersecurity. - **Key Areas:** 1. **[[Threat Landscape]]:** Types and sources of cyber threats. 2. **[[Security Principles]]:** Confidentiality, Integrity, Availability (CIA Triad). 3. **[[Risk Management]]:** Identifying and mitigating cyber risks. 4. **[[Cybersecurity Frameworks]]:** Overview of common frameworks (NIST, ISO). 5. **[[Ethical and Legal Considerations]]:** Ethics in cybersecurity and relevant laws. 6. **[[Security Policies and Governance]]:** Developing and implementing security policies. 7. **[[Awareness and Training]]:** Importance of educating users and employees. 8. **[[Emerging Threats]]:** Keeping up with new and evolving cyber threats. 9. **[[Security Standards and Best Practices]]:** Industry standards for security, including critical security controls. 10. **[[Cybersecurity Careers]]:** Introduction to roles and paths in cybersecurity. #### 2. **[[Network Security]]** - **Objective:** Dive into the protection of data in transit and the technologies and practices that safeguard network communications. - **Key Areas:** 1. **[[Fundamentals of Network Security]]:** Basic concepts and terminology. 2. **[[Firewalls and VPNs]]:** Technologies for protecting networks. 3. **[[Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)]]:** Monitoring and protecting networks from attacks. 4. **[[Secure Network Architecture]]:** Design principles for secure networks. 5. **[[Wireless Security]]:** Challenges and strategies for securing wireless networks. 6. **[[Network Monitoring and Defense]]:** Tools and techniques for network surveillance. 7. **[[Protocol Security]]:** Securing common network protocols. 8. **[[Network Access Control (NAC)]]:** Managing device access to networks. 9. **[[Encryption in Network Security]]:** Role of encryption in protecting data in transit. 10. **[[Advanced Persistent Threats (APTs)]] (APTs):** Strategies for defending against sophisticated attacks. #### 3. **[[Application Security]]** - **Objective:** Focus on securing software applications from threats and vulnerabilities from development through deployment. - **Key Areas:** 1. **[[Secure Coding Practices]]:** Best practices for writing secure code. 2. **[[Web Application Security]]:** Specific vulnerabilities and protections for web apps. 3. **[[Mobile Application Security]]:** Security considerations for mobile platforms. 4. **[[Application Vulnerability Testing]]:** Techniques for identifying app vulnerabilities. 5. **[[Software Development Life Cycle Security]]:** Integrating security into the SDLC. 6. **[[Dependency Management]]:** Securing and managing third-party libraries and dependencies. 7. **[[API Security]]:** Protecting application programming interfaces. 8. **[[Application Security Tools]]:** Tools for scanning and securing applications. 9. **[[DevSecOps]]:** Integrating security into DevOps practices. 10. **[[Cloud Application Security]]:** Security considerations for cloud-based applications. #### 4. **[[Identity and Access Management]] (IAM)** - **Objective:** Explore the processes and technologies for ensuring that the right individuals access the right resources at the right times. - **Key Areas:** 1. **[[Authentication Mechanisms]]:** Passwords, biometrics, multi-factor authentication. 2. **[[Authorization Models]]:** Access control models and their applications. 3. **[[User Identity Management]]:** Managing user identities across systems. 4. **[[Single Sign-On and Federation]]:** Simplifying access across systems and organizations. 5. **[[Privileged Access Management]] (PAM):** Securing and managing privileged accounts. 6. **[[Identity as a Service]] (IDaaS):** Cloud-based identity services. 7. **[[IAM Policy and Governance]]:** Developing IAM policies and governance structures. 8. **[[Directory Services]]:** Managing user information with directory services. 9. **[[IAM in the Cloud]]:** IAM considerations for cloud environments. 10. **[[Emerging Technologies in IAM]]:** Advances in identity technologies and approaches. #### 5. **[[Cryptology]]** - **Objective:** Delve into the science of encryption and decryption to secure communication and data. - **Key Areas:** 1. **[[Introduction to Cryptography]]:** Basic concepts and history. 2. **[[Symmetric vs. Asymmetric Encryption]]:** Understanding the differences and uses. 3. **[[Cryptographic Algorithms]]:** Detailed exploration of common algorithms. 4. **[[Public Key Infrastructure]] (PKI):** Fundamentals and application. 5. **[[Digital Signature|Digital Signatures]]:** Ensuring integrity and non-repudiation. 6. **[[Cryptanalysis]]:** Techniques for breaking cryptographic systems. 7. **[[Quantum Cryptography]]:** Impact of quantum computing on cryptography. 8. **[[Blockchain and Cryptography]]:** Cryptographic principles in blockchain technology. 9. **[[Cryptographic Protocols]]:** Design and analysis of secure communication protocols. 10. **[[Cryptography in Applications]]:** Implementing cryptography in software and systems. #### 6. [[Hacking]] - **Objective:** Explore the techniques, tools, and ethics of hacking, from penetration testing to vulnerability exploitation. - **Key Areas:** 1. **[[Ethical Hacking Fundamentals]]:** Introduces the principles and practices of legally authorized security testing. 2. **[[Penetration Testing Methodologies]]:** Frameworks and techniques for systematically discovering and exploiting security vulnerabilities. 3. **[[Vulnerability Assessment]]:** Processes and tools used to identify and evaluate security weaknesses in a system. 4. **[[Social Engineering Techniques]]:** Methods of manipulating individuals into divulging confidential or personal information that may be used for fraudulent purposes. 5. **[[Wireless Network Hacking]]:** Techniques for exploiting vulnerabilities in wireless networks. 6. **[[Web Application Exploitation]]:** Methods for identifying and exploiting vulnerabilities in web-based applications. 7. **[[Cryptographic Attacks]]:** Techniques aimed at breaking cryptographic security systems and protocols. 8. **[[Malware Analysis and Creation]]:** Study of malicious software and its creation for research and security testing. 9. **[[Post-Exploitation Techniques]]:** Strategies used after gaining access to a computer system to maintain access, gather additional information, or manipulate the system. 10. **[[Legal and Ethical Implications of Hacking]]:** The legal framework and ethical considerations surrounding hacking activities. #### 7. [[Threat Intelligence and Vulnerability Management]] - **Objective:** Address the proactive identification and management of software vulnerabilities and threat landscape understanding. - **Key Areas:** 1. **[[Introduction to Threat Intelligence]]:** Concepts and applications. 2. **[[Vulnerability Identification]]:** Finding vulnerabilities in systems and applications. 3. **[[Threat Feeds and Sharing]]:** Utilizing and contributing to threat intelligence feeds. 4. **[[Risk Analysis and Prioritization]]:** Assessing and prioritizing security risks. 5. **[[Vulnerability Assessment Tools]]:** Tools and techniques for assessing vulnerabilities. 6. **[[Penetration Testing]]:** Conducting authorized simulated attacks to evaluate security. 7. **[[Remediation and Patch Management]]:** Addressing vulnerabilities and managing patches. 8. **[[Threat Hunting]]:** Proactively searching for cyber threats. 9. **[[Threat Intelligence Platforms]]:** Tools for aggregating and analyzing threat data. 10. **[[OSINT]]:** Understanding open source intelligence. #### 8. **[[Cybersecurity Tools and Technologies]]** - **Objective:** Equip with practical knowledge on the tools and technologies for cybersecurity defense and analysis. - **Key Areas:** 1. **[[Security Information and Event Management (SIEM)]]:** Centralized viewing and analysis of security events. 2. **[[Endpoint Security]]:** Securing individual devices within an organization. 3. **[[Network Scanning and Enumeration]]:** Tools for mapping and analyzing networks. 4. **[[Malware Analysis and Defense]]:** Techniques for analyzing and defending against malware. 5. **[[Encryption Tools]]:** Applications of encryption in data protection. 6. **[[Penetration Testing Frameworks]]:** Frameworks and tools for conducting pen tests. 7. **[[Cloud Security Tools]]:** Security tools specifically designed for cloud environments. 8. **[[Mobile Security Tools]]:** Tools and practices for securing mobile devices. 9. **[[Open Source Security Tools]]:** Utilizing open-source tools for cybersecurity efforts. 10. [[Hacking Toolkit]]: Using tools to help with hacking. #### 9. **[[Digital Forensics and Incident Response]]** - **Objective:** Cover the methods for investigating cyber attacks, managing security incidents, and the legal aspects of digital forensics. - **Key Areas:** 1. **[[Digital Forensics Fundamentals]]:** Core principles and practices. 2. **[[Incident Response Process]]:** Steps for effectively responding to cybersecurity incidents. 3. **[[Forensic Tools and Techniques]]:** Tools used in the investigation of digital crimes. 4. **[[Network Forensics]]:** Analyzing network traffic for forensic purposes. 5. **[[Mobile Forensics]]:** Techniques and tools for investigating mobile devices. 6. **[[Memory Forensics]]:** Analyzing volatile data in system memory. 7. **[[Digital Forensics Legal and Ethical Considerations]]:** Legal framework and ethical issues in digital forensics. 8. **[[Data Recovery Techniques]]:** Recovering data from damaged or formatted storage. 9. **[[Malware Forensics]]:** Analyzing malware for investigation and defense. 10. **[[Forensic Reporting]]:** Documenting findings and presenting evidence. #### 10. **[[Cybersecurity Ethics and Privacy]]** - **Objective:** Highlight the ethical considerations and privacy concerns in cybersecurity practices. - **Key Areas:** 1. **[[Ethical Hacking]]:** Principles and practices of ethical penetration testing. 2. **[[Privacy Laws and Regulations]]:** Overview of global privacy laws. 3. **[[Data Protection Techniques]]:** Methods for protecting personal and sensitive data. 4. **[[Anonymity and Pseudonymity]]:** Techniques for protecting identities online. 5. **[[Surveillance and Counter-Surveillance]]:** Issues surrounding digital surveillance. 6. **[[Consumer Privacy Rights]]:** Understanding and advocating for consumer privacy. 7. **[[Digital Identity and Trust]]:** Managing digital identities and trust systems. 8. **[[Privacy-Enhancing Technologies]]:** Technologies designed to enhance user privacy. 9. **[[Ethics in AI and Machine Learning]]:** Ethical considerations in AI/ML applications in cybersecurity. # A Note From Addie ![[Pasted image 20240514203209.png]] ## Let's Connect If you’re ready to take control of your cybersecurity career, you’re going to love my weekly newsletter, [Curious Cyber](https://addielamarr.activehosted.com/f/3). This isn’t just your average newsletter—it’s your roadmap (beginner-advanced career) to outsmarting the competition, leveling up your skills, and turning cybersecurity into your personal power move. Every Monday, I’ll drop bite-sized, actionable insights designed to fast-track your success in the field and give you the edge you need. Subscribe to Curious Cyber and let’s make cybersecurity the tool that gets you where you want to be. Ready to win? Let’s do this. | **Contact Type** | **Details** | | --------------------- | -------------------------------------------------------------------------- | | **Website** | [addielamarr.com](https://www.addielamarr.com) | | **Instagram** | [instagram.com/addielamarr.sh/](https://www.instagram.com/addielamarr.sh/) | | **LinkedIn** | [linkedin.com/in/addie-clark](https://www.linkedin.com/in/addie-clark/) | | **Twitter** | [twitter.com/addielamarr](https://twitter.com/addielamarr) | | **Weekly Newsletter** | [Subscribe to Curious Cyber](https://addielamarr.activehosted.com/f/3) |