Sign Up for our Free One-Day SOC Summit Event March 25, 2026 Register Here

Fundamentals of Cybersecurity: Threats and Defenses

Course Authored by .

Fundamentals of Cybersecurity: Threats and Defenses

This two-day introduction to cybersecurity course is designed to cut through the noise and provide a practical, defensible foundation for understanding how modern cyber-attacks work, how both attackers and defenders think, and where security fits in with your organization.

Course Length: 16 Hours

Includes a Certificate of Completion



Enroll Now

WWHF Deadwood 2026 - Link at bottom.

Description

Cybersecurity can feel overwhelming to newcomers. There is a maze of tools, acronyms, and worst-case scenarios. This two-day introduction to cybersecurity course is designed to cut through the noise and provide a practical, defensible foundation for understanding how modern cyber-attacks work, how both attackers and defenders think, and where security fits in with your organization.

Students will explore real-world threat models, attacker behaviors, and defensive strategies across endpoints, networks, cloud services, and emerging AI risks. Concepts are reinforced through guided hands-on labs that mirror the types of investigations and decisions made by entry-level analysts, system administrators, and security-aware IT professionals.

This course emphasizes understanding before tooling, helping students build mental models they can carry into any security role, technology stack, or further training.

  • VM / Lab / Student Information
    • Labs are instructor-guided and designed for learning, not speed or competition
    • Exercises focus on analysis, investigation, and decision-making rather than exploitation
    • A virtual lab environment will be used for all hands-on activities
    • Students will not need to install complex infrastructure or maintain lab environments after class

Syllabus

Day 1 – Threat Analysis, Vulnerability Management & Security Operations

Module 1: Attacks and Malware

  • Core security concepts: threat, vulnerability, risk, exploit, and control

  • Overview of the MITRE ATT&CK Framework

  • Common threat actors: nation-states, cybercriminals, insiders, hacktivists

  • Common attack types: phishing, malware, ransomware, DDoS, and social engineering

  • Attacker tactics, indicators of compromise (IoCs), and defensive responses

Hands-On Lab

  • Investigating attacker behavior using the MITRE ATT&CK framework

  • Basic malware and indicator research

Module 2: Vulnerability Management

  • Common vulnerability types: unpatched software, misconfigurations, weak credentials

  • Risk-based thinking and remediation prioritization

Hands-On Lab

  • Scanning a system for vulnerabilities

  • Assigning confidence levels and prioritizing remediation efforts

Module 3: Introduction to Cryptography

  • Security services provided by cryptography

    • Confidentiality, integrity, authentication, digital signatures

  • Symmetric, asymmetric, and hashing algorithms

  • Protecting data in transit and at rest

  • Key management and digital certificates

Hands-On Lab

  • Hashing for integrity verification

  • Identifying known good and bad files using hashes

Day 2 – Cyber Defenses: Endpoint, Network, AI & Cloud

Module 4: Endpoint Security

  • What constitutes an endpoint (servers, clients, IoT)

  • Common endpoint risks

  • Antivirus vs. allowlisting

  • Endpoint hardening and attack surface reduction

  • Patching, configuration management, and disk encryption

Module 5: Network Security

  • Network segmentation and access control concepts

  • Core network components: switches, routers, firewalls, proxies, IDS/IPS

  • Common network attacks: sniffing, spoofing, machine-in-the-middle, lateral movement

  • Packet fundamentals: TCP/IP, ports, and protocols

  • Logging and monitoring concepts (NetFlow, Syslog, RITA)

Hands-On Lab

  • Scanning a network to identify hosts and open ports

Module 6: Cloud Security

  • Cloud service models: IaaS, PaaS, SaaS

  • Shared Responsibility Model

  • Identity and Access Management (IAM) in the cloud

  • Common cloud threats and misconfigurations (e.g., exposed storage)

Module 7: Artificial Intelligence & Security

  • How attackers use AI (deepfakes, phishing automation)

  • How defenders use AI (anomaly detection, behavioral analysis)

  • Risks of generative AI: data leakage, prompt injection, unreliable outputs

  • Introduction to AI governance, ethics, and secure use

Threat Detection Walkthrough

  • Guided investigation of a simulated security alert

  • Correlating endpoint or network telemetry in a SOC-style workflow

Final Discussion

  • Career paths in cybersecurity

  • Next steps for skills development and specialization

FAQ

Who Should Take This Workshop

This course is ideal for:

  • Aspiring cybersecurity professionals

  • Early-career SOC analysts or junior security staff

  • System administrators and IT generalists moving into security roles

  • Technical managers who need a working understanding of cybersecurity risks

  • Students and career-changers seeking a realistic view of the field

No prior IT or security experience is required.

Student Requirements / Prerequisites

Required

  • Laptop capable of running a modern web browser (Google Chrome preferred)

  • Needs to be able to change network and VPN settings

Helpful, but not Required

  • Basic familiarity with computers, operating systems, and networking concepts

  • Prior IT or helpdesk experience

  • Exposure to command-line tools

  • Curiosity and willingness to ask “why”

Key Takeaways

By the end of this course, students will be able to:

  • Explain how cyber-attacks progress from initial access to impact

  • Identify common threats, vulnerabilities, and defensive controls

  • Understand how cryptography protects data and where it can fail

  • Describe the role of endpoint, network, cloud, and AI security controls

  • Perform basic security investigations using real-world frameworks and tools

  • Develop a defensible mental model for thinking about cybersecurity risk

About the Instructor

Pixel splash background
Bio

Doc Blackburn is a seasoned (old) cybersecurity instructor with decades of experience in IT, security, and compliance. Over his career, he has worked in many areas of IT, including systems administration, programming, network design, cloud services, web development, and risk management, bringing a broad technical foundation to his teaching. For more than 13 years, Doc has trained students and professionals to understand, implement, and maintain effective security practices, drawing on real-world consulting experience in compliance frameworks such as NIST SP 800-171, CIS Critical Controls, and MITRE ATT&CK. Known for making complex concepts accessible to all audiences, he blends technical depth with practical insights, preparing learners to address today’s evolving cyber threats.

This class is being taught at Wild West Hackin’ Fest – Deadwood 2026.

For more information about our conferences, visit Wild West Hackin’ Fest!

REGISTER HERE

Clicking on the button above will take you to our registration page

Related products

Shopping Cart

No products in the cart.