Practical Cybersecurity Fundamentals

Video description

12 Hours of Video Instruction

Start your cybersecurity career by learning security principles and practices from cybersecurity expert Omar Santos.

The Practical Cybersecurity Fundamentals LiveLessons gives you the core knowledge to start your own cybersecurity journey. This course is suitable for anyone looking to start their journey or anyone who is looking to get a security certification such as CompTIA Security+, Cisco CyberOps Associate, Certified Ethical Hacker (CEH), and GIAC Information.

Omar Santos takes you on a deep dive into Cybersecurity fundamentals with a training full of demos and real-world examples that allow you to test your skills in a practical scenario. There’s never been a better time to get started on your cybersecurity career!

Sign up for cybersecurity live training classes by Omar Santos

Topics covered include:

  • Cybersecurity Fundamentals—Introduces the fundamental topics of security principles, business continuity (BC), disaster recovery (DR), and incident responses. This module will also cover network security and how to operate security and software defined networking including cryptography, AAA, and identity management.
  • Incident Response, Digital Forensics, and Threat Hunting—Explores the core fundamentals of incident response, threat hunting, and digital forensics. It will teach you tactical, operational, and strategic level cyber threat intelligence skills and tradecraft required to make security teams better, threat hunting more accurate, incident response more effective, and organizations more aware of the evolving threat landscape.
  • Ethical Hacking, Penetration Testing, and Bug Hunting—Starts with an overview of security penetration testing and bug hunting. It covers important ethical hacking topics of passive reconnaissance, OSINT, active reconnaissance, enumeration, and scanning. You will be able to conduct successful penetration testing (ethical hacking) assessments for a modern enterprise, including on-premises systems and cloud offers.
  • Cloud, DevOps, and IoT Security—Covers cloud security concepts, DevOps, and IOT security. It provides a foundational set of standardized skills and knowledge for IoT and industrial control systems (ICS) cybersecurity professionals. You will learn foundational concepts on how to keep the ICS/SCADA/IoT operational environment safe, secure, and resilient against current and emerging cyber threats.
  • AI Security, Ethics, and Privacy: Balancing Innovation with Protection—Introduces AI security, where you will explore LLMs, ChatGPT, Co-Pilot, and more. You will get a deep dive into different types of AI threats: data poison, model inversion, membership inference, model theft, and MITRE’s ATLAS. You will also learn the principle of secure AI development.

About the Instructor

Omar Santos is a recognized cybersecurity thought leader with a passion for driving industry-wide initiatives to enhance the security of critical infrastructures. Omar is the chair of the Common Security Advisory Framework (CSAF) technical committee, the chair and founder of OpenEoX, and a member of the board of directors of OASIS Open and the co-lead of the DEF CON Red Team Village. Omar's collaborative efforts extend to numerous organizations, including the Forum of Incident Response and Security Teams (FIRST) and the Industry Consortium for Advancement of Security on the Internet (ICASI). Omar is a renowned expert in ethical hacking, vulnerability research, and incident response. He employs his deep understanding of these disciplines to help organizations stay ahead of emerging threats. His dedication to cybersecurity has made a significant impact on businesses, academic institutions, law enforcement agencies, and other entities striving to bolster their security measures. With more than 20 books, video courses, white papers, and technical articles under his belt, Omar's expertise is widely recognized and respected. Omar is a Distinguished Engineer leading the AI Security Research at Cisco’s Security & Trust Research and Operations. Omar not only leads engineers and incident managers in investigating and resolving cybersecurity vulnerabilities, but also actively mentors the next generation of security professionals.

Skill Level:

  • Beginner

Learn How To:

  • Understand core cybersecurity fundamentals
  • Perform ethical hacking, penetration testing and bug hunting
  • Explore system and application including active and passive reconnaissance
  • Understand cloud security concepts including IoT and DevSecOps

Course requirement:

  • None

Who Should Take This Course:

  • Anyone contemplating starting a career in cyber security
  • Anyone who would like to better understand cyber security concepts
  • Anyone studying for a security cert like CompTIA Security+, Cisco CyberOps Associate, Certified Ethical Hacker (CEH), GIAC Information

About Pearson Video Training:

Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Sams, and Que. Topics include: IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more. Learn more about Pearson Video training at http://www.informit.com/video.

Table of contents

  1. Introduction
    1. Practical Cybersecurity Fundamentals: Introduction
  2. Module 1: Cybersecurity Fundamentals
    1. Module Introduction
  3. Lesson 1: Security Principles
    1. Learning objectives
    2. 1.1 Understanding the Security Concepts of Information Assurance
    3. 1.2 Understanding the Risk Management Process
    4. 1.3 Understanding Security Controls
    5. 1.4 Understanding Governance Processes
    6. 1.5 Building Your Cybersecurity Lab
  4. Lesson 2: Business Continuity (BC), Disaster Recovery (DR), and Incident Response Concepts
    1. Learning objectives
    2. 2.1 Understanding Business Continuity (BC)
    3. 2.2 Understanding Disaster Recovery (DR)
    4. 2.3 Understanding Incident Response
  5. Lesson 3: Access Control Concepts
    1. Learning objectives
    2. 3.1 Understanding Physical Access Controls
    3. 3.2 Exploring the Principle of Least Privilege
    4. 3.3 Understanding the Concept of Segregation of Duties
    5. 3.4 Introducing Discretionary Access Control (DAC)
    6. 3.5 Understanding Mandatory Access Control (MAC)
    7. 3.6 Understanding Role-based Access Control (RBAC)
  6. Lesson 4: Network Security
    1. Learning objectives
    2. 4.1 Understanding Computer Networking
    3. 4.2 Understanding Network Threats and Attacks
    4. 4.3 Understanding Network Security Infrastructure
    5. 4.4 Introducing Network Segmentation
    6. 4.5 Introducing Cloud Security
  7. Lesson 5: Security Operations
    1. Learning objectives
    2. 5.1 Understanding Data Security
    3. 5.2 Understanding Hashing
    4. 5.3 Understanding System Hardening
    5. 5.4 Understanding Best Practice Security Policies
    6. 5.5 Understanding Security Awareness Training
  8. Lesson 6: Software Defined Networking and Infrastructure as Code
    1. Learning objectives
    2. 6.1 Software Defined Networking Security
    3. 6.2 Understanding the Threats Against SDN Solutions
    4. 6.3 Introducing Network Programmability
    5. 6.4 Introducing SD-WAN and Modern Architectures
    6. 6.5 Surveying the OWASP Top 10
  9. Lesson 7: Cryptography
    1. Learning objectives
    2. 7.1 Introducing Cryptography and Cryptanalysis
    3. 7.2 Understanding Encryption Protocols
    4. 7.3 Describing Hashing Algorithms
    5. 7.4 Introducing Public Key Infrastructure (PKI)
    6. 7.5 Introducing Certificate Authorities (CAs) and Certificate Enrollment
    7. 7.6 Surveying SSL and TLS Implementations
    8. 7.7 Surveying IPsec Implementations and Modern VPN Implementations
  10. Lesson 8: AAA, Identity Management, Network Visibility, and Segmentation
    1. Learning objectives
    2. 8.1 Introducing AAA and Identity Management
    3. 8.2 Implementing Zero Trust and Multifactor Authentication
    4. 8.3 Understanding Identity Management in the Cloud
    5. 8.4 Surveying Single-Sign On (SSO) Implementations
  11. Module 2: Incident Response, Digital Forensics, and Threat Hunting
    1. Module Introduction
  12. Lesson 9: Incident Response Fundamentals
    1. Learning objectives
    2. 9.1 Exploring How to Get Started in Incident Response
    3. 9.2 Understanding the Incident Response Process
    4. 9.3 Defining Playbooks and Run Book Automation (RBA)
    5. 9.4 Understanding Cyber Threat Intelligence (CTI)
    6. 9.5 Understanding Data Normalization
    7. 9.6 Deconstructing Universal Data Formats and 5-tuple Correlation
    8. 9.7 Understanding Security Monitoring Fundamentals
    9. 9.8 Surveying Security Monitoring Tools
  13. Lesson 10: Threat Hunting Fundamentals
    1. Learning objectives
    2. 10.1 Introducing the Threat Hunting Process
    3. 10.2 MITRE's Adversarial Tactics, Techniques, and Common Knowledge (ATT® )
    4. 10.3 Understanding Automated Adversarial Emulation
  14. Lesson 11: Digital Forensics
    1. Learning objectives
    2. 11.1 Introducing Digital Forensics
    3. 11.2 Introducing Reverse Engineering
    4. 11.3 Understanding Evidence Preservation and Chain of Custody
    5. 11.4 Collecting Evidence from Endpoints and Servers
    6. 11.5 Collecting Evidence from Mobile and IoT Devices
    7. 11.6 Exploring Memory Analysis with Volatility
  15. Module 3: Ethical Hacking, Penetration Testing, and Bug Hunting
    1. Module Introduction
  16. Lesson 12: Introduction to Security Penetration Testing and Bug Hunting
    1. Learning objectives
    2. 12.1 How to Start a Career in Ethical Hacking
    3. 12.2 Understanding the Difference Between Traditional Pen Testing, Bug Bounties, and Red Team Assessments
    4. 12.3 Exploring Bug Bounty Programs
    5. 12.4 Understanding the Ethical Hacking and Bug Hunting Methodology
    6. 12.5 Planning and Scoping a Penetration Testing Assessment
  17. Lesson 13: Passive Reconnaissance and OSINT
    1. Learning objectives
    2. 13.1 Understanding Information Gathering and Vulnerability Identification
    3. 13.2 Introducing Open Source Intelligence (OSINT) Techniques
    4. 13.3 Performing DNS-based Passive Recon
    5. 13.4 Identifying Cloud vs. Self-hosted Assets
    6. 13.5 Introducing Shodan, Maltego, AMass, Recon-NG, and other Recon Tools
    7. 13.6 Surveying Password Dumps, File Metadata, and Public Source-code Repositories
    8. 13.7 Introduction to Google Hacking and Search Engine Reconnaissance
  18. Lesson 14: Active Reconnaissance, Enumeration, and Scanning
    1. Learning objectives
    2. 14.1 Introduction to Host and Service Enumeration
    3. 14.2 Mastering Nmap
    4. 14.3 Performing Website and Web Application Reconnaissance
    5. 14.4 Discovering Cloud Assets
    6. 14.5 Crafting Packets with Scapy to Perform Reconnaissance
  19. Lesson 15: Exploiting Systems and Applications
    1. Learning objectives
    2. 15.1 Performing On-Path Attacks
    3. 15.2 Exploring the OWASP Top 10 Risks in Web Applications
    4. 15.3 Exploiting Cross-site Scripting (XSS) and Cross-site Request Forgery (CSRF) Vulnerabilities
    5. 15.4 Understanding Server-side Request Forgery (SSRF) Vulnerabilities
    6. 15.5 Hacking Databases
    7. 15.6 Exploiting Wireless Vulnerabilities
    8. 15.7 Exploiting Buffer Overflows and Creating Payloads
  20. Lesson 16: Post Exploitation Techniques and Reporting
    1. Learning objectives
    2. 16.1 Avoiding Detection and Evading Security Tools
    3. 16.2 Introduction to Lateral Movement and Exfiltration
    4. 16.3 Exploring Command and Control (C2) Techniques
    5. 16.4 Understanding Living-off-the-land and Fileless Malware
    6. 16.5 Best Practices when Creating Pen Testing and Bug Bounty Reports
    7. 16.6 Understanding Post-Engagement Cleanup
  21. Module 4: Cloud, DevOps, and IoT Security
    1. Module Introduction
  22. Lesson 17: Cloud Security Concepts
    1. Learning objectives
    2. 17.1 Introducing the Different Cloud Deployment and Service Models
    3. 17.2 Surveying Patch Management in the Cloud
    4. 17.3 Performing Security Assessments in Cloud Environments
    5. 17.4 Exploring Cloud Logging and Monitoring Methodologies
  23. Lesson 18: DevSecOps
    1. Learning objectives
    2. 18.1 Introducing DevSecOps
    3. 18.2 Securing Code, Applications, and Building DevSecOps Pipelines
  24. Lesson 19: IoT Security
    1. Learning objectives
    2. 19.1 Introducing IoT Concepts
    3. 19.2 Surveying IoT Hacking Methodologies and IoT Hacking Tools
    4. 19.3 Introducing OT, ICS, and SCADA Concepts and Attacks
  25. Module 5: AI Security, Ethics, and Privacy: Balancing Innovation with Protection
    1. Module Introduction
  26. Lesson 20: Introduction to AI Security
    1. Learning objectives
    2. 20.1 Surveying the AI Landscape and Use Cases
    3. 20.2 Exploring LLMs, ChatGPT, Co-pilot and More
    4. 20.3 Understanding the Importance of AI Security
    5. 20.4 Exploring the OWASP Top 10 for LLMs
  27. Lesson 21: A Deep Dive into the Different Types of AI Threats
    1. Learning objectives
    2. 21.1 Exploring Data Poisoning Attacks
    3. 21.2 Understanding Model Inversion Attacks
    4. 21.3 Discussing Membership Inference Attacks
    5. 21.4 Explaining the Model Theft Attack
    6. 21.5 Introducing MITRE's ATLAS
  28. Lesson 22: Principles of Secure AI Development
    1. Learning objectives
    2. 22.1 Exploring the Secure AI Development Lifecycle
    3. 22.2 Understanding Privacy-preserving AI Techniques
    4. 22.3 Understanding Robustness and Resilience in AI Models
    5. 22.4 Surveying AI Security Best Practices
    6. 22.5 Exploring AI Security Tools and Frameworks
    7. 22.6 Understanding the Legal Landscape and Potential New Regulations
    8. 22.7 Investigating Ethical Implications of Artificial Intelligence
  29. Summary
    1. Practical Cybersecurity Fundamentals: Summary

Product information

  • Title: Practical Cybersecurity Fundamentals
  • Author(s): Omar Santos
  • Release date: December 2023
  • Publisher(s): Pearson
  • ISBN: 0138037558