Files
getting-started-in-cybersec/README.md
T
2024-03-15 11:04:02 -06:00

68 lines
1.7 KiB
Markdown

# getting-started-in-cybersec
A guide to go from zero to hero in cyber security
Outline of core fundamentals (mostly blue team)
* fundamentals
1. definitions
2. core ideas
i. GRC
- security culture
- budget
- man power
ii. CIA triad
iii. security in depth + zero trust security vs castle method
iv. assume compromise
v. assessing threats
- threat actors
vi. threat modeling
vii. risk analysis
- assets
- financial impact modeling
- heatmap of threats
viii. mitigating risk
ix. controlls
- administrative
- technical
- detective
- preventitive
- deturrant
x. disaster recovery
- assume compromise
- redundant backups
- hot/cold/warm sites
xi. access and authentication
- access
- authentication
- MFA
i. soemthing you know
ii. something you have
iii. something you are
iv. location
3. how security departments usually work
i. SOC
ii. NOC
iii. IR
iv. administrative
4. offensive/defensive aka red team/blue team
i. blue team
ii. red team
iii. red team informs blue team
iv. purple team
5. Look ahead to technical concepts
i. networking
- client-server model
- ip addresses
- mac addresses
- LAN
- ARP
- DHCP
- routing
ii. networking contd
- TCP
i. packets
- UDP
- DNS