587eebd5ec6bcdcb10e114de057022603e269abe
getting-started-in-cybersec
A guide to go from zero to hero in cyber security
fundamentals and theory
- definitions
- core ideas
- GRC
- security culture
- budget
- man power
- CIA triad
- security in depth + zero trust security vs castle methoddiv. assume compromise
- assessing threats
- threat actors
- threat modeling
- risk analysis
- assets
- financial impact modeling
- heatmap of threats
- mitigating risk
- controlls
- administrative
- technical
- detective
- preventitive
- deturrant
- disaster recovery
- assume compromise
- redundant backups
- hot/cold/warm sites
- access and authentication
- access
- authentication
- MFA i. soemthing you know ii. something you have iii. something you are iv. location
- GRC
- how security departments usually work a. SOC b. NOC c. IR d. administrative
- offensive/defensive aka red team/blue team a. blue team b. red team c. red team informs blue team d. purple team
technical concepts and theory
- networking
a. client-server model
b. network devices
c. ip addresses
d. mac addresses
e. LAN
f. ARP
g. DHCP
h. routing
I. TCP
- packets J. DNS
- operating systems a. windows b. linux c. android d. ios e. embedded/iot
Description