Cybersecurity – Curriculum

Școala Informală de IT

Curriculum Cybersecurity

  1. Basics – How Internet Works:
Basic networking, IP, TCP, DNS, HTTP, HTTPS, WLAN, LAN, Intranet, Extranet, Web Domains
  1. Basics – App Architectures
Client-Server, 3 Layer Architecture, Web Apps, Mobile Apps, APIs, Operating Systems
  1. Basic security concepts
Authentication and Authorization, Roles, Passwords, Security policies, Secure vs, Unsecure
  1. Layers of security in organizations
Physical Security, Hardware security, Platform Security, Application Security, Antivirus, Firewall
  1. Web security assurance 
Certificates, Digital Signatures, Multifactor-Authentication, Password Management Tools
  1. CIA Traid –  What we secure?
Confidentiality, Integrity and Availability, Study Case – Cloud Security Layers
  1. How do we secure?
Technical mechanisms: firewalls, antivirus, monitoring, Public key infrastructure, encryption, VPN, …
  1. How do we secure?
Non-technical and pro-active mechanisms: audits, certifications, contracts and NDAs, training, awareness, risk assessment – basic probabilities
  1. Cyber threats
DOS, DDOS, Data Destruction – Ransomware, Impersonation attacks – phsishing, Smishing etc – social engineering, data theft
  1. Mitigation and incident response strategy
Data breach reports and incidents reports, minimize the impact strategies
  1. Privacy and data confidentiality
Cookies, tracking, spam versus non-spam, GDPR consent, data retention
  1. Industry specific workshop
Fintech, MedTech, Business Continuity plan, Business Availability, SLAS
  1. Security testing 
The OWASP Security Testing Guidelines  Whitehat and pentesting principles
  1. Overview of OWASP and CloudSecurity Alliance
 OWASP Top Ten, Cloud Security Alliance Documentation, NIST documentation overview