69 lines
1.5 KiB
Markdown
69 lines
1.5 KiB
Markdown
# getting-started-in-cybersec
|
|
A guide to go from zero to hero in cyber security
|
|
|
|
## fundamentals and theory
|
|
1. definitions
|
|
2. core ideas
|
|
1. GRC
|
|
- security culture
|
|
- budget
|
|
- man power
|
|
2. CIA triad
|
|
3. security in depth + zero trust security vs castle methoddiv. assume compromise
|
|
4. assessing threats
|
|
- threat actors
|
|
5. threat modeling
|
|
6. risk analysis
|
|
- assets
|
|
- financial impact modeling
|
|
- heatmap of threats
|
|
7. mitigating risk
|
|
8. controlls
|
|
- administrative
|
|
- technical
|
|
- detective
|
|
- preventitive
|
|
- deturrant
|
|
9. disaster recovery
|
|
- assume compromise
|
|
- redundant backups
|
|
- hot/cold/warm sites
|
|
10. access and authentication
|
|
- access
|
|
- authentication
|
|
- MFA
|
|
i. soemthing you know
|
|
ii. something you have
|
|
iii. something you are
|
|
iv. location
|
|
3. how security departments usually work
|
|
a. SOC
|
|
b. NOC
|
|
c. IR
|
|
d. administrative
|
|
4. offensive/defensive aka red team/blue team
|
|
a. blue team
|
|
b. red team
|
|
c. red team informs blue team
|
|
d. purple team
|
|
|
|
## technical concepts and theory
|
|
1. networking
|
|
a. client-server model
|
|
b. network devices
|
|
c. ip addresses
|
|
d. mac addresses
|
|
e. LAN
|
|
f. ARP
|
|
g. DHCP
|
|
h. routing
|
|
I. TCP
|
|
- packets
|
|
J. DNS
|
|
2. operating systems
|
|
a. windows
|
|
b. linux
|
|
c. android
|
|
d. ios
|
|
e. embedded/iot
|