Cybersecurity: Attack and Defense Strategies
Arm yourself with the knowledge and skills to combat cyber threats and safeguard your digital assets.
(CYBSEC-ATK-DEF.AJ1) / ISBN : 978-1-64459-546-6About This Course
Cybersecurity has become an indispensable aspect of protecting our personal and professional lives. This advanced attack and defense cybersecurity course provides the skills to defend yourself against notorious cyber threats. Through engaging lectures, hands-on exercises, and gamified test preps, you will learn ethical hacking techniques, explore effective cybersecurity attack and defense strategies, and develop the mindset of a cybersecurity professional.
Skills You’ll Get
- Learn to use cybersecurity tools such as Metasploit, Nmap, Wireshark, Nessus, OWASP ZAP, and Hydra
- Understand and configure network segmentation, remote access, and VPN configuration
- Manage incident response processes, handle incidents, and conduct post-incident activities
- Gather threat intelligence using open-source tools and resources
- Analyze logs from different sources (operating systems, firewalls, web servers, cloud platforms) for security intelligence
- Implement vulnerability assessment and management strategies
- Learn various attack techniques, such as reconnaissance, system compromise, lateral movement, priviledge escalation, and social engineering
- Implement defense mechanisms like network security, active sensors, threat intelligence, and vulnerability management
- Understand stages of the Cyber Kill Chain and defend against each phase
Get the support you need. Enroll in our Instructor-Led Course.
Interactive Lessons
18+ Interactive Lessons | 175+ Exercises | 80+ Quizzes | 88+ Flashcards | 88+ Glossary of terms
Gamified TestPrep
65+ Pre Assessment Questions | 65+ Post Assessment Questions |
Hands-On Labs
37+ LiveLab | 36+ Video tutorials | 01:11+ Hours
Preface
- Who this course is for
- What this course covers
- To get the most out of this course
Security Posture
- Why security hygiene should be your number one priority
- The current threat landscape
- Cybersecurity challenges
- Enhancing your security posture
- The Red and Blue Teams
- Summary
- References
Incident Response Process
- The incident response process
- Handling an incident
- Post-incident activity
- Considerations for incident response in the cloud
- Summary
- References
What is a Cyber Strategy?
- How to build a cyber strategy
- Why do we need to build a cyber strategy?
- Best cyber attack strategies
- Best cyber defense strategies
- Benefits of having a proactive cybersecurity strategy
- Top cybersecurity strategies for businesses
- Conclusion
- Further reading
Understanding the Cybersecurity Kill Chain
- Understanding the Cyber Kill Chain
- Security controls used to stop the Cyber Kill Chain
- Threat life cycle management
- Concerns about the Cybersecurity Kill Chain
- How the Cyber Kill Chain has evolved
- Tools used during the Cyber Kill Chain
- Comodo AEP via Dragon Platform
- Summary
- Further reading
- References
Reconnaissance
- External reconnaissance
- Internal reconnaissance
- Tools used for reconnaissance
- Passive vs. active reconnaissance
- How to combat reconnaissance
- How to prevent reconnaissance
- Summary
- References
Compromising the System
- Analyzing current trends
- Performing the steps to compromise a system
- Mobile phone (iOS/Android) attacks
- Summary
- Further reading
- References
Chasing a User’s Identity
- Identity is the new perimeter
- Strategies for compromising a user’s identity
- Summary
- References
Lateral Movement
- Infiltration
- Network mapping
- Performing lateral movement
- Summary
- Further reading
- References
Privilege Escalation
- Infiltration
- Avoiding alerts
- Performing privilege escalation
- Summary
- References
Security Policy
- Reviewing your security policy
- Educating the end user
- Policy enforcement
- Monitoring for compliance
- Continuously driving security posture enhancement via security policy
- Summary
- References
Network Security
- The defense-in-depth approach
- Physical network segmentation
- Securing remote access to the network
- Virtual network segmentation
- Zero trust network
- Hybrid cloud network security
- Summary
- References
Active Sensors
- Detection capabilities
- Intrusion detection systems
- Intrusion prevention system
- Behavior analytics on-premises
- Behavior analytics in a hybrid cloud
- Summary
- References
Threat Intelligence
- Introduction to threat intelligence
- Open-source tools for threat intelligence
- Microsoft threat intelligence
- Summary
- References
Investigating an Incident
- Scoping the issue
- Investigating a compromised system on-premises
- Investigating a compromised system in a hybrid cloud
- Proactive investigation (threat hunting)
- Lessons learned
- Summary
- References
Recovery Process
- Disaster recovery plan
- Live recovery
- Contingency planning
- Business continuity plan
- Best practices for disaster recovery
- Summary
- Further reading
- References
Vulnerability Management
- Creating a vulnerability management strategy
- Elements of a vulnerability strategy
- Differences between vulnerability management and vulnerability assessment
- Best practices for vulnerability management
- Vulnerability management tools
- Conclusion
- Summary
- Further reading
- References
Log Analysis
- Data correlation
- Operating system logs
- Firewall logs
- Web server logs
- Amazon Web Services (AWS) logs
- Azure Activity logs
- Google Cloud Platform Logs
- Summary
- References
Security Posture
- Performing a Phishing Attack
What is a Cyber Strategy?
- Simulating the DDoS Attack
- Using OWASP ZAP
Understanding the Cybersecurity Kill Chain
- Cracking Password Using Hydra
- Using Nikto
- Cracking a Linux Password Using John the Ripper
- Using Sparta
- Using Kismet
- Using the EternalBlue Exploit in Metasploit
Reconnaissance
- Performing Reconnaissance on a Network
- Using the masscan Command
- Capturing Network Packets Using tcpdump
- Performing Nmap Port Scanning
- Gathering OSINT
- Sniffing a Network with Wireshark
- Using Cain and Abel
- Installing the Wardriving Application and Analyzing a Site Survey Capture
- Using theHarvester
- Conducting Vulnerability Scanning Using Nessus
- Using nslookup for Passive Reconnaissance
Compromising the System
- Using the Armitage Tool for Intrusion Detection
- Cracking Windows Password Using Ophcrack
- Conducting a Cross-Site Request Forgery Attack
- Exploiting a Website Using SQL Injection
Lateral Movement
- Understanding Lateral Movement
Privilege Escalation
- Understanding LPE
Network Security
- Configuring VLANs
- Configuring a Network Firewall
- Configuring a VPN
Active Sensors
- Performing Intrusion Detection
Threat Intelligence
- Examining MITRE ATT&CK
Investigating an Incident
- Using the NETSH Command
- Using the PING Command
Recovery Process
- Using the chntpw Command
Vulnerability Management
- Performing Vulnerability Scanning Using OpenVAS
Log Analysis
- Analyzing Linux Logs for Security Intelligence
- Viewing Windows Event Logs
Any questions?Check out the FAQs
Find answers to your most pressing questions about our offensive and defensive cybersecurity training course.
Contact Us NowWhile no formal prerequisites are required for our cyber defense strategies course, a basic understanding of computer networks, cybersecurity, and operating systems is beneficial.
Upon successful completion, you may be eligible for industry-recognized certifications, such as:
- Certified Ethical Hacker (CEH)
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
Best practices of cyber attack prevention and response include using strong passwords, enabling two-factor authentication, keeping software up-to-date, being cautious of suspicious emails, and avoiding clicking on unknown links.
After completing our cyber defense course, you can apply for the following job roles:
- Cybersecurity analyst
- Security Engineer
- Penetration tester
- Incident responder
- Digital forensics investigator
- Information security manager
- Compliance officer
Yes, the demand for professionals in cybersecurity strategies for businesses is steadily increasing due to the growing number of cyber threats.
The salaries of cybersecurity professionals depend on experience, location, and specific role. However, they generally command competitive salaries.