From fb1efbdfb8f747ad58572a81b9237376ef8bc6de Mon Sep 17 00:00:00 2001 From: PrincessPi Date: Fri, 15 Mar 2024 11:17:51 -0600 Subject: [PATCH] more on the outline, reformatted nested lists to be prettier --- README.md | 127 +++++++++++++++++++++++++++--------------------------- 1 file changed, 64 insertions(+), 63 deletions(-) diff --git a/README.md b/README.md index b5c05c1..c4cab70 100644 --- a/README.md +++ b/README.md @@ -1,67 +1,68 @@ # getting-started-in-cybersec A guide to go from zero to hero in cyber security -Outline of core fundamentals (mostly blue team) -* fundamentals - 1. definitions - 2. core ideas - i. GRC - - security culture - - budget - - man power - ii. CIA triad - iii. security in depth + zero trust security vs castle method - iv. assume compromise - v. assessing threats - - threat actors - vi. threat modeling - vii. risk analysis - - assets - - financial impact modeling - - heatmap of threats - viii. mitigating risk - - ix. controlls - - administrative - - technical - - detective - - preventitive - - deturrant - x. disaster recovery - - assume compromise - - redundant backups - - hot/cold/warm sites - xi. access and authentication - - access - - authentication - - MFA - i. soemthing you know - ii. something you have - iii. something you are - iv. location - 3. how security departments usually work - i. SOC - ii. NOC - iii. IR - iv. administrative - - 4. offensive/defensive aka red team/blue team - i. blue team - ii. red team - iii. red team informs blue team - iv. purple team +## fundamentals and theory +1. definitions +2. core ideas + a. GRC + - security culture + - budget + - man power + b. CIA triad + c. security in depth + zero trust security vs castle methoddiv. assume compromise + d. assessing threats + - threat actors + e. threat modeling + f. risk analysis + - assets + - financial impact modeling + - heatmap of threats + g. mitigating risk + h. controlls + - administrative + - technical + - detective + - preventitive + - deturrant + i. disaster recovery + - assume compromise + - redundant backups + - hot/cold/warm sites + j. access and authentication + - access + - authentication + - MFA + i. soemthing you know + ii. something you have + iii. something you are + iv. location +3. how security departments usually work + a. SOC + b. NOC + c. IR + d. administrative +4. offensive/defensive aka red team/blue team + a. blue team + b. red team + c. red team informs blue team + d. purple team - 5. Look ahead to technical concepts - i. networking - - client-server model - - ip addresses - - mac addresses - - LAN - - ARP - - DHCP - - routing - ii. networking contd - - TCP - i. packets - - UDP - - DNS +## technical concepts and theory +1. networking + a. client-server model + b. network devices + c. ip addresses + d. mac addresses + e. LAN + f. ARP + g. DHCP + h. routing + I. TCP + - packets + J. DNS +2. operating systems + a. windows + b. linux + c. android + d. ios + e. embedded/iot