Diploma in Cyber Security Course Updated 2024

Diploma in Cyber Security Course Updated 2023

78%

Alumni Career Transitions

5200+

Hiring Partners

60%

Avg Salary Hike

Years of R & D in Syllabus

Diploma in Cyber Security

CompTIA A+
EXAM NUMBER: CORE 1 (2201101)

Diploma in Cyber Security Course Updated 2024 - Syllabus

Networking

Compare and contrast Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports, protocols, and their purposes
1. Ports and protocols
2. File Transfer Protocol (FTP)
3. Secure Shell (SSH)
4. Telnet
5. Simple Mail Transfer Protocol (SMTP)
6. Domain Name System
7. (DNS)
8. Dynamic Host Configuration Protocol (DHCP)
9. Hypertext Transfer Protocol (HTTP)
10. Post Office Protocol 3(POP3)
11. Network Basic Input/ Output System (NetBIOS)/ NetBIOS over TCP/IP (NetBT)
12. Internet Mail Access Protocol (IMAP)
13. Simple Network Management Protocol (SNMP)
14. Lightweight Directory Access Protocol (LDAP)
15. Hypertext Transfer Protocol Secure (HTTPS)
16. Server Message Block (SMB)/Common Internet File System (CIFS)
17. Remote Desktop Protocol (RDP)
18. TCP vs. UDP
19. Connectionless
20. DHCP
21. Trivial File Transfer Protocol (TFTP)
22. Connection oriented
23. HTTPS
24. SSH
Compare and contrast common networking hardware.
1. Routers
2. Switches
  - Managed
  - Unmanaged
3. Access points
4. Patch panel
5. Firewall
6. Power over Ethernet (PoE)
  - Injectors
  - Switch
  - PoE standards
7. Hub
8. Cable modem
9. Digital subscriber line (DSL)
10. Optical network terminal (ONT)
11. Network interface card (NIC)
12. Software defined networking (SDN)
Compare and contrast protocols for wireless networking.
1. Frequencies
  1. 4GHz
  2. 5GHz
2. Channels
  - Regulations
  - 4GHz vs. 5GHz
3. Bluetooth
4. 802.11
  - a
  - b
  - g
  - n
  - ac (WiFi 5)
  - ax (WiFi )
5. Long range fixed wireless
  - Licensed
  - Unlicensed
  - Power
  - Regulatory requirements for wireless power
6. NFC
7. Radiofrequency identification (RFID)
Summarize services provided by networked hosts.
1. Server roles
  - DNS
  - DHCP
  - Fileshare
  - Print servers
  - Mail servers
  - Syslog
  - Web servers
  - Authentication, authorization, and accounting (AAA)
2. Internet appliances
  - Spam gateways
  - Unified threat management(UTM)
  - Load balancers
  - Proxy servers
3. Legacy/embedded systems Supervisory control and data acquisition (SCADA)
4. Internet of Things (IoT) devices
Given a scenario, install and configure basic wired/wireless small office/home office (SOHO) networks.
1. Internet Protocol (IP) addressing
  - IPv4
  - Private addresses
  - Public addresses
  - IPv6
  - Automatic Private IP Addressing (APIPA)
  - Static
  - Dynamic
  - Gateway
Compare and contrast common network configuration concepts.
1. DNS
2. Address
3. A
4. AAAA
5. Mail exchanger (MX)
6. Text (TXT)
7. M Spam management
  - - DomainKeys Identified Mail (DKIM)
    - Sender Policy Framework (SPF)
    - Domainbased Message Authentication, Reporting, and Conformance (DMARC)
8. DHCP
  1. Leases
  2. Reservations
  3. Scope
9. Virtual LAN (VLAN)
10. Virtual private network (VPN)
Compare and contrast Internet connection types, network types, and their features.
1. Internet connection types
2. Satellite
3. Fiber
4. Cable
5. DSL
6. Cellular
7. Wireless Internet service provider (WISP)
Network types
1. Local area network (LAN)
2. Wide area network (WAN)
3. Personal area network (PAN)
4. Metropolitan area network (MAN)
5. Storage area network (SAN)
6. Wireless local area network (WLAN)
Given a scenario, use networking tools.
1. Crimper
2. Cable stripper
3. WiFi analyzer
4. Toner probe
5. Punchdown tool
6. Cable tester
7. Loopback plug
8. Network tap

CompTIA CySA+ EXAM CODES CS0002 & CS0003

CompTIA Cybersecurity Analyst (CySA+) is a certification for cyber professionals tasked with incident detection, prevention and response through continuous security monitoring.

Threat Management 27%
Vulnerability Management 26%
Cyber Incident Response 23%
Security Architecture and Tool Sets 24%

Threat Management

Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes.
1. Procedures/common tasks
  - Topology discovery
  - OS fingerprinting
  - Service discovery
  - Packet capture
  - Log review
  - Router/firewall ACLs review
  - Email harvesting
  - Social media profiling
  - Social engineering
  - DNS harvesting
  - Phishing
2. Variables
  - Wireless vs. wired
  - Virtual vs. physical
  - Internal vs. external
  - Onpremises vs. cloud
3. Tools
  - NMAP
  - Host scanning
  - Network mapping
  - NETSTAT
  - Packet analyzer
  - IDS/IPS
  - HIDS/NIDS
  - Firewall rulebased and logs
  - Syslog
  - Vulnerability scanner
Given a scenario, analyze the results of a network reconnaissance
1. Pointintime data analysis
  - Packet analysis
  - Protocol analysis
  - Traffic analysis
  - Netflow analysis
  - Wireless analysis
2. Data correlation and analytics
  - Anomaly analysis
  - Trend analysis
  - Availability analysis
  - Heuristic analysis
  - Behavioural analysis
3. Data output
  - Firewall logs
  - Packet captures
  - NMAP scan results
  - Event logs
  - Syslogs
  - IDS report
4. Tools
  - SIEM
  - Packet analyzer
  - IDS
  - Resource monitoring tool
  - Netflow analyzer
Given a network based threat, implement or recommend the appropriate response and countermeasure.
1. Network segmentation
  - System isolation
  - Jump box
2. Honeypot
3. Endpoint security
4. Group policies
5. ACLs
  - Sinkhole
6. Hardening
  - Mandatory Access Control (MAC)
  - Compensating controls
  - Blocking unused ports/services
7. Patching
8. Network Access Control (NAC)
  - Timebased
  - Rulebased
  - Rolebased
  - Locationbased
Explain the purpose of practices used to secure a corporate environment
1. Penetration testing
  - Rules of engagement
  - Timing
  - Scope
  - Authorization
  - Exploitation
  - Communication
  - Reporting
2. Reverse engineering
  - Isolation/sandboxing
  - Hardware
  - Source authenticity of hardware
  - Trusted foundry
  - OEM documentation
  - Software/malware
  - Fingerprinting/hashing
  - Decomposition
3. Reverse engineering
  - Isolation/sandboxing
  - Hardware
  - Source authenticity of hardware
  - Trusted foundry
  - OEM documentation
  - Software/malware
  - Fingerprinting/hashing
  - Decomposition
4. Training and exercises
  - Red team
  - Blue team
  - White team
5. Risk evaluation
  - Technical control review
  - Operational control review
  - Technical impact and likelihood
  - High
  - Medium
  - Low

Vulnerability Management

Given a scenario, implement an information security vulnerability management process.
1. Identification of requirements
  - Regulatory environments
  - Corporate policy
  - Data classification
  - Asset inventory
  - Critical
  - Noncritical
2. Establish scanning frequency
  - Risk appetite
  - Regulatory requirements
  - Technical constraints
  - Workflow
3. Configure tools to perform scans according to specification
  - Determine scanning criteria
  - Sensitivity levels
  - Vulnerability feed
  - Scope
  - Credentialed vs. noncredentialed
  - Types of data
  - Serverbased vs. agentbased
  - Tool updates/plugins
  - SCAP
  - Permissions and access
4. Execute scanning
5. Generate reports
  - Automated vs. manual distribution
6. Remediation
  - Prioritizing
  - Criticality
  - Difficulty of implementation
  - Communication/change control
  - Sandboxing/testing
  - Inhibitors to remediation
  - MOUs
  - SLAs
  - Organizational governance
  - Business process interruption
  - Degrading functionality
7. Ongoing scanning and continuous monitoring

Given a scenario, analyse the output resulting from a vulnerability scan.

Analyse reports from a vulnerability scan
1. Review and interpret scan results
2. Identify false positives
3. Identify exceptions
4. Prioritize response actions
Validate results and correlate other data points
1. Compare to best practices or compliance
2. Reconcile results
3. Review related logs and/or other data sources
4. Determine trends
Compare and contrast common vulnerabilities found in the following targets within an organization
1. Servers
2. Endpoints
3. Network infrastructure
4. Network appliances
5. Virtual infrastructure
6. Virtual hosts
7. Virtual networks
8. Management interface
9. Mobile devices
10. Interconnected networks
11. Virtual Private Networks (VPNs)
12. Industrial Control Systems (ICSs)
13. SCADA devices

Cyber Incident Response

Given a scenario, distinguish threat data or behaviour to determine the impact of an incident.
1. Threat classification
2. Known threats vs. unknown threats
3. Zero day
4. Advanced persistent threat
Factors contributing to incident severity and prioritization
1. Scope of impact
2. Downtime
3. Recovery time
4. Data integrity
5. Economic
6. System process criticality
7. Types of data
8. Personally Identifiable Information (PII)
9. Personal Health Information (PHI)
10. Payment card information
11. Intellectual property
12. Corporate confidential
13. Accounting data
14. Mergers and acquisitions
Given a scenario, prepare a toolkit and use appropriate forensics tools during an investigation.
1. Forensics kit
  - Digital forensics workstation
  - Write blockers
  - Cables
  - Drive adapters
  - Wiped removable media
  - Cameras
  - Crime tape
  - Tamperproof seals
  - Documentation/forms
  - Chain of custody form
  - Incident response plan
  - Incident form
  - Call list/escalation list
2. Forensic investigation suite
  - Imaging utilities
  - Analysis utilities
  - Chain of custody
  - Hashing utilities
  - OS and process analysis
  - Mobile device forensics
  - Password crackers
  - Cryptography tools
  - Log viewers
Explain the importance of communication during the incident response process.
1. Stakeholders
  - HR
  - Legal
  - Marketing
  - Management
2. Purpose of communication processes
  - Limit communication to trusted parties
  - Disclosure based on regulatory/ legislative requirements
  - Prevent inadvertent release of information
  - Secure method of communication
3. Role-based responsibilities
  - Technical
  - Management
  - Law enforcement
  - Retain incident response provider
Given a scenario, analyse common symptoms to select the best course of action to support incident response.
1. Common network-related symptoms
  - Bandwidth consumption
  - Beaconing
  - Irregular peertopeer communication
  - Rogue devices on the network
  - Scan sweeps
  - Unusual traffic spikes
2. Common host related symptoms
  - Processor consumption
  - Memory consumption
  - Drive capacity consumption
  - Unauthorized software
  - Malicious processes
  - Unauthorized changes
  - Unauthorized privileges
  - Data exfiltration
3. Common application-related symptoms
  - Anomalous activity
  - Introduction of new accounts
  - Unexpected output
  - Unexpected outbound communication
  - Service interruption
  - Memory overflows
Summarize the incident recovery and post incident response process.
1. Containment techniques
  - Segmentation
  - Isolation
  - Removal
  - Reverse engineering
2. Eradication techniques
  - Sanitization
  - Reconstruction/reimage
  - Secure disposal
3. Validation
  - Patching
  - Permissions
  - Scanning
  - Verify logging/communication to security monitoring
4. Corrective actions
  - Lessons learned report
  - Change control process
  - Update incident response plan
5. Incident summary report

Security Architecture and Tool Sets

Explain the relationship between frameworks, common policies, controls, and procedures.
1. Regulatory compliance
2. Frameworks
  - NIST
  - ISO
  - COBIT
  - SABSA
  - TOGAF
  - ITIL
3. Policies
  - Password policy
  - Acceptable use policy
  - Data ownership policy
  - Data retention policy
  - Account management policy
  - Data classification policy
4. Controls
  - Control selection based on criteria
  - Organizationally defined parameters
  - Physical controls
  - Logical controls
  - Administrative controls
5. Procedures
  - Continuous monitoring
  - Evidence production
  - Patching
  - Compensating control development
  - Control testing procedures
  - Manage exceptions
  - Remediation plans
6. Verifications and quality control
  - Audits
  - Evaluations
  - Assessments
  - Maturity model
  - Certification
Given a scenario, use data to recommend remediation of security issues related to identity and access management.
1. Security issues associated with Contextbased authentication
  - Time
  - Location
  - Frequency
  - Behavioural
2. Security issues associated with identities
  - Personnel
  - Endpoints
  - Servers
  - Services
  - Roles
  - Applications
3. Security issues associated with identity repositories
  - Directory services
  - TACACS+
  - RADIUS
4. Security issues associated with federation and single signon
  - Manual vs. automatic provisioning/DE provisioning
  - Selfservice password reset
5. Exploits
  - Impersonation
  - Man in the middle
  - Session hijack
  - Cross-site scripting
  - Privilege escalation
  - Rootkit
Given a scenario, review security architecture and make recommendations to implement compensating controls.
1. Security data analytics
  - Data aggregation and correlation
  - Trend analysis
  - Historical analysis
2. Manual review
  - Firewall log
  - Syslogs
  - Authentication logs
  - Event logs
3. Defense in depth
  - Personnel
  - Training
  - Dual control
  - Separation of duties
  - Third party/consultants
  - Cross training
  - Mandatory vacation
  - Succession planning
  - Processes
  - Continual improvement
  - Scheduled reviews
  - Retirement of processes
  - Technologies
  - Automated reporting
  - Security appliances
  - Security suites
  - Outsourcing
  - Security as a Service
  - Cryptography
  - Other security concepts
  - Network design
  - Network segmentation
Given a scenario, use application security best practices while participating in the Software Development Life Cycle (SDLC).
1. Best practices during software development
  - Security requirements definition
  - Security testing phases
  - Static code analysis
  - Web app vulnerability scanning
  - Fuzzing
  - Use interception proxy to crawl application
  - Manual peer reviews
  - User acceptance testing
  - Stress test application
  - Security regression testing
  - Input validation
2. Secure coding best practices
  - OWASP
  - SANS
  - Center for Internet Security
  - System design recommendations
  - Benchmarks

** Syllabus Updated on April 2023 -2024

Diploma in Cyber Security Course Networking Training 2023 and Certification Online Offline classes Virtual Lab Facility Updated syllabus

Cyber Security is becoming one of the finest options in all organizations. Due to the rapidly increasing cyber-attacks across the globe, organizations are searching for specialists who can help them in handling the same. To begin a career, we at GNA University are offering a one-year diploma program in cyber security to meet the growing needs and specialized knowledge in all aspects of cyber security. The program is formulated to provide students the full-fledge knowledge of cybercrime and security theoretically as well as practically. Cyber security is a field that involves defending against cybercrime, espionage, sabotage on the internet and networks for a number of different reasons. Students will study subjects such as network design, security measures, potential threats, firewalls, and antiviral software. After doing this diploma you are enabled for multiple career prospectus that works in a dynamic world of cyber security.

CAREER OPPORTUNITIES

Cybersecurity specialists work in each size organization and industry to shield organizations from information breaks and assaults. Furthermore, the interest in cybersecurity experts is developing fast. Employment for cybersecurity positions have become quicker than openings for IT occupations in general.

Career Pathways :

Security Architect
Cyber Security Analyst
Forensic Computer Analyst
Information Security Officer
IT Security Consultant
Lead Software Security Engineer
IT Security Engineer

Diploma in Cyber Security is intended to give an all encompassing comprehension of key advances and strategies engaged with network protection, security of existing frameworks from digital danger and arising new methods for security assurances. Toward the finish of the course understudies will be furnished with new instruments to deal with their own network protection arrangements. The educational plan will cover Essential Working Frameworks (Windows and Linux), Information Correspondence and Systems administration (Firewall and Convention), Data Security, Application and Organization Network protection and Venture work. The program will likewise illuminate Digital Regulations, kinds of hacking and security review.

Objectives of the course

To provide students a deeper knowledge on various aspects pertaining to cyber security.
To cover vulnerability detection and analysis of web applications, mobile applications and other computer systems.
Study aspects concerning the freedom of expressions using digital technology, the use and abuse of the Internet and the issues of digital piracy, data usage and privacy.
Discuss the role of multiple cyber agencies, spanning the civil, government and defence domains
To acquaint students with the basic concepts of research methodology and help them develop the spirit of scientific inquiry.
To identify basic vulnerabilities, learn to assess the risk to data and self.
To introduce students to the principles, procedures and processes of cyber -forensics and cyber- crime investigations.
To cover the concepts of how cyber-space, cyber-security and cyber-warfare are emulated by various threat actors..
Gain and understanding of how the evolution and access to technology has affected the scenario of security

** The above is the lite syllabus and doesn’t cover the full syllabus. To get full syllabus Book a Free Demo Now