Advanced Cybersecurity Course

Theory:

• What is Cybersecurity?
• Importance & Relevance in Modern IT Infrastructure
• Fundamental Concepts & Terminologies
• Evolution of Cybersecurity
• Cybersecurity Frameworks (NIST, ISO)

Lab:

• Exploring real-world cybersecurity incidents
• Identifying key assets and threat surfaces in a simulated environment

Theory:

• Malware, Phishing, Ransomware
• Social Engineering, DDoS, SQL Injection
• Case Studies of Real-World Attacks
• Hacker Types & Cyber Threat Actors

Lab:

• Phishing Simulation Demo
• Simulating a SQL Injection Attack
• Analyzing a DDoS scenario using traffic logs

Theory:

• LAN, WAN, TCP/IP Concepts
• Network Protocols & Security Policies
• Firewalls, IDS/IPS, VPNs
• Network Monitoring Tools Overview

Lab:

• Using Wireshark for packet analysis
• Simulating Sniffing Attacks
• Configuring and testing firewall rules
• Network scanning with Nmap

Theory:

• Introduction to Cryptography
• Symmetric & Asymmetric Encryption
• Hashing (MD5, SHA)
• PKI, SSL/TLS, Encoding vs Encryption

Lab:

• Encrypting and decrypting messages using tools like OpenSSL
• Hash generation and integrity verification
• SSL/TLS certificate analysis

Theory:

• OS Security Models: Linux & Windows
• Authentication, File Permissions
• Patch Management & OS Hardening
• Secure Configuration Practices

Lab:

• Applying CIS Benchmark on Windows/Linux
• Configuring 2FA for user accounts
• Creating and managing access control lists (ACLs)

Theory:

• Malware Types and Classification
• Static vs Dynamic Analysis
• Reverse Engineering Basics
• Sandboxing & Signatureless Detection
• AI/ML in Malware Detection

Lab:

• Malware dissection in a sandbox environment
• Identifying indicators of compromise (IOC)
• Analyzing WannaCry ransomware behavior

Theory:

• Ethical Hacking Fundamentals
• Pen Testing Phases (Reconnaissance to Reporting)
• Legal/Ethical Considerations
• Red Team vs. Blue Team Concepts
• Post-exploitation Techniques

Lab:

• Vulnerability scanning with ZAP Proxy, OWASP
• Exploitation with Metasploit
• Using Kali Linux for hands-on attacks

Theory:

• Web App Architecture
• Common Vulnerabilities (XSS, SQLi)
• OWASP Top 10 Overview
• Secure Session Management & Cookies

Lab:

• Pen-testing a vulnerable web app (e.g., DVWA)
• Mitigating XSS/SQLi using Burp Suite
• Implementing a Web Application Firewall (WAF)

Theory:

• Risk Identification, Analysis, & Mitigation
• Business Continuity & Disaster Recovery
• Incident Response Planning
• Security Audits & Compliance Standards (ISO, NIST)

Lab:

• Risk Assessment on a simulated IT infrastructure
• Developing and presenting a sample incident response plan
• Compliance checklist creation and audit simulation

Theory:

• Cloud Service Models (IaaS, PaaS, SaaS)
• Cloud Security Challenges & IAM
• IoT Device Risks & Attack Surfaces
• Shared Responsibility Model
• Identity and Access Management (IAM) in Cloud
• Shared Responsibility Model

Lab:

• Securing AWS/Azure cloud instances
• Identifying misconfigurations in S3 buckets
• Simulating an IoT attack and mitigation

Theory:

• Log Auditing & Analysis
• Log Correlation, Threat Detection Rules
• SIEM Architecture: SIEM vs SOAR

Lab:

• Configuring a SIEM tool and analyze security events (e.g., Splunk, ELK)
• Writing basic correlation rules
• Investigating security incidents using SIEM

Theory:

• AI/ML in Threat Detection
• Blockchain in Cybersecurity
• Threat Intelligence Feeds & Security Automation
• Future Trends & Career Opportunities

Lab:

• Using AI-based tools in threat prediction
• Exploring a blockchain-based authentication model
• Integrating Threat Intelligence into SIEM

• Lectures (Theory)
• Hands-on Labs (Practical)
• Group Discussions
• Case Studies
• Exam Preparation
• Real-World Demonstrations