Description

                                                   Curriculum 

DOMAIN 1: General Security Concepts

Lesson 1.1 – Core Security Principles

• Confidentiality, Integrity, Availability (CIA triad)
• Authentication, Authorization, and Accounting (AAA)
• Non-repudiation and least privilege
• Security controls: administrative, technical, physical

Lesson 1.2 – Threat Actors & Motivations

• Nation-state, hacktivist, insider, criminal syndicate
• Attributes: capability, intent, targeting
• Threat intelligence sources

Lesson 1.3 – Security Frameworks & Policies

• NIST, ISO 27001, CIS Controls, COBIT
• Security policies: acceptable use, onboarding, password, data retention
• Governance, risk, and compliance (GRC) fundamentals

DOMAIN 2: Threats, Vulnerabilities, and Mitigations

Lesson 2.1 – Common Attack Types

• Phishing, spear-phishing, whaling, smishing
• Ransomware, spyware, worms, rootkits, trojans
• Password attacks: brute force, dictionary, credential stuffing

Lesson 2.2 – Network Attacks

• Man-in-the-Middle (MITM), DoS/DDoS, replay, ARP poisoning
• DNS hijacking, rogue DHCP, VLAN hopping

Lesson 2.3 – Application Attacks

• SQL injection, XSS, CSRF, command injection
• Secure coding practices and patch management

Lesson 2.4 – Vulnerability Management

• Vulnerability lifecycle: discovery, prioritization, remediation, verification
• CVE, CVSS, NVD usage
• Patch management and remediation tracking
• Continuous assessment and reporting

Lesson 2.5 – Threat Modeling & Risk Analysis

• Attack surface analysis
• Qualitative vs quantitative risk
• Risk response: avoid, transfer, mitigate, accept

DOMAIN 3: Security Architecture

Lesson 3.1 – Network Security Design

• Network segmentation and isolation
• Zero Trust Architecture principles
• Secure baseline configuration

Lesson 3.2 – System Hardening

• Operating system and application hardening
• Disable unnecessary services, least privilege
• Firmware security, patch management

Lesson 3.3 – Security Techniques

• Encryption, hashing, digital signatures
• VPNs, PKI, steganography
• Obfuscation, tokenization, non-repudiation

Lesson 3.4 – Identity and Access Management (IAM)

• Authentication factors (MFA)
• SSO, federation, LDAP, Kerberos, RADIUS, TACACS+
• Role-based, attribute-based, and rule-based access

Lesson 3.5 – Cloud and Virtualization Security

• Shared responsibility model
• Cloud service types (IaaS, PaaS, SaaS)
• Secure containers, microservices, APIs

DOMAIN 4: Security Operations

Lesson 4.1 – Alerting and Monitoring

• SIEM, SOAR, IDS/IPS, EDR/XDR
• Event correlation and log management
• Alert severity, MTTD, MTTR metrics

Lesson 4.2 – Incident Response

• Incident response lifecycle: Preparation, Detection, Containment, Eradication, Recovery, Lessons Learned
• Playbooks and escalation procedures
• Digital forensics basics

Lesson 4.3 – Business Continuity & Disaster Recovery

• BCP, DRP, RTO, RPO concepts
• Backup strategies: full, incremental, differential
• Redundancy and fault tolerance

Lesson 4.4 – Change and Configuration Management

• Baselines, drift detection, version control
• Secure change management procedures

Lesson 4.5 – Physical and Environmental Security

• CCTV, locks, alarms, mantraps, biometric access
• Environmental controls: HVAC, UPS, fire suppression

DOMAIN 5: Security Program Management and Governance

Lesson 5.1 – Security Awareness and Training

• Social engineering prevention
• Phishing simulations
• Employee onboarding and offboarding security

Lesson 5.2 – Security Assessments and Audits

• Penetration testing vs vulnerability scanning
• Red team / blue team / purple team exercises
• Audit logs and compliance reporting

Lesson 5.3 – Risk and Compliance Management

• Legal and regulatory considerations (GDPR, HIPAA, PCI DSS)
• Privacy impact assessments (PIA)
• Third-party risk management

Lesson 5.4 – Continuous Improvement

• Metrics and reporting
• Lessons learned documentation
• Updating playbooks and baselines