Duration: 4 months

Module 1: Introduction To Cybersecurity and Security Program:

1. 1. Topic 1: Key Elements of Cyber Security

   2. Topic 2: CIA Triad (Confidentiality / Integrity / Availability)

   3. Topic 3: Defense-In-Depth, Authentication, and Authorization.

   4. Topic 4: Domain Landscape

   5. Topic 5: AAA Services

   6. Topic 6: Cybersecurity governance and strategy

   7. Topic 7: Risk management (Rating methodologies)

   8. Topic 8: Compliance (Legal / Regulatory / HIPAA / PCI – DSS)

   9. Topic 9: Network Access Control

Module 2: Application and Web Application Security:

1. 1. Topic 1: Core Concepts of Web Application

   2. Topic 2: Information gathering with open-source tools

   3. Topic 3: OSINT and Social Engineering

   4. Topic 4: Network and Domain enumeration

   5. Topic 5: SANS 25 and OWASP top 10

   6. Topic 6: Vulnerability assessment

   7. Topic 7: Anonymization on the Internet

Module 3: Threat Intelligence and VAPT:

1. 1. Topic 1: What is a Security Testing and Its Type

   2. Topic 2: Penetration Testing

   3. Topic 3: Manual and Automated Scanning

   4. Topic 4: Dealing with Vulnerabilities

   5. Topic 5: Types of Security Vulnerability

   6. Topic 6: Threat Sources & Events

   7. Topic 7: Malwares and Its Type

   8. Topic 8: Exploitable Vulnerability Reporting

   9. Topic 9: Common Vulnerabilities and Exposures (CVE)

   10. Topic 10: Using the Metasploit Framework

   11. Topic 11: Exploitation

   12. Topic 12: Privileges Escalation on Windows and Linux

   13. Topic 13: Cloud Penetration Testing

   14. Topic 14: Penetration testing concepts i.e. what why & how we do pen test?

   15. Topic 15: Penetration testing methodology and Types

Module 4: Scripting For Security:

1. 1. Topic 1: Client Server Model

   2. Topic 2: Programming Fundamentals

   3. Topic 3: Intro to Bash Scripting

   4. Topic 4: Functions and classes in Python

   5. Topic 5: API connections

   6. Topic 6: Regular Expressions

Module 5: Security Operations Architecture and Detection:

1. 1. Topic 1: Network Architecture Design

   2. Topic 2: Virtual Private Cloud (VPC) design, configuration and   deployment

   3. Topic 3: Firewalls (Access Control Lists / Filters / Rules / White List / Black List)

   4. Topic 4: Proxies, Remote Access, Virtual Private Network (VPN) configuration and deployment

   5. Topic 5: Cloud Infrastructure Auditing

   6. Topic 6: Security Information Event Management (SIEM)

   7. Topic 7: Intrusion Detection System (IDS), Intrusion Prevention System (IPS)

Module 6: Cryptography:

1. 1. Topic 1: Boolean Logic

   2. Topic 2: Modulus Arithmetic, Symmetric / Asymmetric, Hashing

   3. Topic 3: Hashing, TLS / SSL, Disk encryption

   4. Topic 4: Key Derivation Functions

   5. Topic 5: Digital Signatures, Key Management: Public Key Infrastructure

   6. Topic 6: Password Cracking: Rainbow Tables

Module 7: AppSec & Offensive Security:

1. 1. Topic 1: Assessment Approach Testing Viewpoints (Internal /    External, Overt / Covert, White box / Gray Box / Black Box)

   2. Topic 2: Vulnerability Scanning with Nmap and Nessus

   3. Topic 3: Nikto and Burpsuite

   4. Topic 4: Metasploit

Module 7: Threat Hunting & Incident Response:

1. 1. Topic 1: CSIRT

   2. Topic 2: NIST: IR Methodology (Preparation / Detection & Analysis / Containment, Eradication & Recovery / Post-Incident Activity)

   3. Topic 3: NIST: Forensics Process (Data Collection / Examination / Analysis / Reporting)

   4. Topic 4: Threat Intelligence (Cyber Kill Chain / Diamond Model)