Fundamentals of Cybersecurity: Threats and Defenses

Day 1 – Threat Analysis, Vulnerability Management & Security Operations

Module 1: Attacks and Malware

• Core security concepts: threat, vulnerability, risk, exploit, and control

• Overview of the MITRE ATT&CK Framework

• Common threat actors: nation-states, cybercriminals, insiders, hacktivists

• Common attack types: phishing, malware, ransomware, DDoS, and social engineering

• Attacker tactics, indicators of compromise (IoCs), and defensive responses

Hands-On Lab

• Investigating attacker behavior using the MITRE ATT&CK framework

• Basic malware and indicator research

Module 2: Vulnerability Management

• Common vulnerability types: unpatched software, misconfigurations, weak credentials

• Risk-based thinking and remediation prioritization

Hands-On Lab

• Scanning a system for vulnerabilities

• Assigning confidence levels and prioritizing remediation efforts

Module 3: Introduction to Cryptography

• Security services provided by cryptography

  • Confidentiality, integrity, authentication, digital signatures

• Symmetric, asymmetric, and hashing algorithms

• Protecting data in transit and at rest

• Key management and digital certificates

Hands-On Lab

• Hashing for integrity verification

• Identifying known good and bad files using hashes

Day 2 – Cyber Defenses: Endpoint, Network, AI & Cloud

Module 4: Endpoint Security

• What constitutes an endpoint (servers, clients, IoT)

• Common endpoint risks

• Antivirus vs. allowlisting

• Endpoint hardening and attack surface reduction

• Patching, configuration management, and disk encryption

Module 5: Network Security

• Network segmentation and access control concepts

• Core network components: switches, routers, firewalls, proxies, IDS/IPS

• Common network attacks: sniffing, spoofing, machine-in-the-middle, lateral movement

• Packet fundamentals: TCP/IP, ports, and protocols

• Logging and monitoring concepts (NetFlow, Syslog, RITA)

Hands-On Lab

• Scanning a network to identify hosts and open ports

Module 6: Cloud Security

• Cloud service models: IaaS, PaaS, SaaS

• Shared Responsibility Model

• Identity and Access Management (IAM) in the cloud

• Common cloud threats and misconfigurations (e.g., exposed storage)

Module 7: Artificial Intelligence & Security

• How attackers use AI (deepfakes, phishing automation)

• How defenders use AI (anomaly detection, behavioral analysis)

• Risks of generative AI: data leakage, prompt injection, unreliable outputs

• Introduction to AI governance, ethics, and secure use

Threat Detection Walkthrough

• Guided investigation of a simulated security alert

• Correlating endpoint or network telemetry in a SOC-style workflow

Final Discussion

• Career paths in cybersecurity

• Next steps for skills development and specialization