Subcribe and Access : 5200+ FREE Videos and 21+ Subjects Like CRT, SoftSkills, JAVA, Hadoop, Microsoft .NET, Testing Tools etc..
Batch
Date: June 29th @6:30PM
Faculty: Mr. Vishwa (12+ Yrs Of Exp,..)
Duration: 2 Months
Venue
:
DURGA SOFTWARE SOLUTIONS,
Flat No : 202,
2nd Floor,
HUDA Maitrivanam,
Ameerpet, Hyderabad - 500038
Ph.No: +91 - 8885252627, 9246212143, 80 96 96 96 96
Syllabus:
Cyber Security + SOC + Ethical Hacking
Who Can Join?
- Freshers and graduates from any technical stream
- System Admins / Network Engineers transitioning to security
- DevOps/Cloud Engineers adding security to their stack
- Anyone aiming for SOC Analyst, Pentester, or Cloud Security roles
Pre-Requisites (Not Mandatory):
- Basic knowledge of networking, Linux commands, and cloud concepts
- Curiosity to learn ethical hacking, defense, and incident handling.
Module 1: Cybersecurity Fundamentals
- What is Cybersecurity?
- Types of Hackers (White/Black/Grey)
- Common Attacks:
- Phishing
- Malware
- Ransomware
- MITM
- CIA Triad – Confidentiality, Integrity, Availability
- Real-time cyber attack examples (e.g., WannaCry, SolarWinds)
Project: Analyze a recent real-world data breach
Module 2: Networking for Security
- OSI & TCP/IP Models
- Ports, Protocols, IP addressing
- Firewalls, NAT, Proxy, IDS/IPS
- Packet Analysis using Wireshark
- Secure Network Design Basics
Tools: Wireshark, Nmap, tcpdump
Lab: Capture and analyze HTTP vs HTTPS traffic
Module 3: System Security
- Windows & Linux Hardening
- Patch Management
- File Permissions
- Logging & Monitoring
- Password Policies, Account Lockouts
Tools: AuditD (Linux), Windows Event Viewer
Lab: Secure a Linux VM and audit login attempts
Module 4: Application & Web Security
- OWASP Top 10 (SQLi, XSS, CSRF, etc.)
- Secure Coding Basics
- Static vs Dynamic Scanning
- Web App Firewalls (WAF)
- Secure Headers & Cookies
Tools: Burp Suite, OWASP ZAP, SonarQube
Lab: Scan a vulnerable web app (DVWA or Juice Shop)
Module 5: Identity & Access Management
- IAM Concepts: RBAC, ABAC, MFA, SSO
- Directory Services: LDAP, AD
- Federation (SAML, OAuth, OpenID)
- PAM (Privileged Access Management)
Tools: Okta, CyberArk, AWS IAM
Lab: Implement MFA + least privilege IAM roles in AWS
Module 6: Cloud Security Basics
- Shared Responsibility Model (AWS/Azure/GCP)
- Cloud Threats (Misconfigured S3, Public Buckets)
- Encryption in Cloud
- CloudTrail, CloudWatch, GuardDuty
Tools: AWS, Azure Defender, Prowler, ScoutSuite
Lab: Scan AWS account for misconfigs and harden it
Module 7: Vulnerability Management
- VA vs PT
- CVE, CVSS, NVD
- Patch Lifecycle
- Prioritization & Risk Scoring
Tools: Nessus, OpenVAS, Qualys
Lab: Scan internal network with Nessus and report top 5 critical findings
Module 8: Cyber Threats & Incident Response
- Threat Intelligence Sources (MITRE ATT&CK, OTX)
- Indicators of Compromise (IoC)
- Incident Response Lifecycle
- Malware Types and Sandboxing
Tools: VirusTotal, CrowdStrike, Cuckoo Sandbox
Lab: Analyze phishing email headers and detect malware
Module 9: Security Operations (SOC)
- SOC Tiers & Workflow
- SIEM Overview
- Log Analysis & Alert Tuning
- Detection Rules
Tools: Splunk, ELK Stack, Wazuh, QRadar (demo)
Lab: Investigate brute-force login in Splunk logs
Module 10: Compliance, GRC & Certifications
- Frameworks: ISO 27001, NIST, SOC2, HIPAA, PCI-DSS
- Control Mapping
- Audit vs Risk Assessment
- Cybersecurity Certifications Overview
Activity: Map AWS services to ISO 27001 Annex A controls
Capstone Project (Choose One)
1. SOC Analyst Simulator
- SIEM Setup
- Detect brute-force + privilege escalation
- Write incident report
2. Cloud Security Audit
- Scan AWS for misconfigs
- Fix IAM, S3, EC2, VPC
- Submit hardening checklist
3. Web App Pentest
- Scan OWASP Juice Shop
- Exploit XSS, CSRF
- Write full penetration test report
