| 1 | Cyber Security | Is the practice of protecting computer systems, networks, mobile devices and data from unauthorized access, use, disclosure, disruption, modification or destruction by using various methods, processes, tools and behaviors. | ||
| Key Types: | Network Security | Protecting computer networks from intruders. | ||
| Application Security | Keeping software and devices free from threats. | |||
| Information Security | Protecting the integrity and privacy of data. | |||
| Methods & Tools: | Firewalls | Filtering network data between a host or network and another network. | ||
| Antivirus Software | Protecting against malware. | |||
| Encryption Techniques | Making data unreadable to unauthorized parties. | |||
| Data Loss Prevention (DLP) | Tools to detect and block attempted data theft. | |||
| Identity and Access Management Protocols | Safeguarding digital identities of individuals, devices, and organizations. | |||
| Fact: | Human Element | Cybersecurity also relies on people’s awareness, following best practices and adhering to security protocols to prevent breaches. | ||
| 2 | SANS | SysAdmin, Audit, Network, Security | Is an Institute & providing cybersecurity training and certification, offering courses and resources for professionals in various cybersecurity domains | |
| 3 | GIAC | Global Information Assurance Certification | a partner of SANS, develops and administers professional cybersecurity certifications that validate skills and knowledge gained from cyber security courses | Gaining Knowledge through SANS course and passing the corresponding GIAC exam can lead to a GIAC certification. Certification validity is for 4 years or earn 36 CPEs (Continuing Professional Education) credits within the four-year validity period to remain certified. |
| 4 | Area of Specialization | in Cyber Security: | Cloud Security | Cloud Security Essentials |
| Cyber Defense / Open Source Intelligense (OSINT) | (OSINT) research and investigations supporting law enforcement, intelligence operations and a variety of private sector businesses | |||
| Cyber Security & IT Essentials | Network, Endpoint & Cloud | |||
| Cyber Security Leadership | ||||
| Digital Forensics, Incident Response & Threat Hunting | ||||
| Industrial Control Systems Security | ICS/SCADA Security Essentials | |||
| Offensive Operations, Pen Testing & Red Teaming | Hacker Tools, Techniques and Incident Handling | |||
| 5 | Course & Certification | Lot of courses & certifcations are available of Duration: | 6 Days to 4 Months, Few listed below wrt its applicable certification like: | SANS offer 85 courses in cyber security… |
| Focus Area | SANS Course | GIAC Certification | ||
| Offensive Operations, Pen Testing, and Red Teaming | SEC504 – Hacker Tools, Techniques, and Incident Handling | GIAC Certified Incident Handler (GCIH) | ||
| SEC560 – Enterprise Penetration Testing | GIAC Penetration Tester Certfication (GPEN) | |||
| SEC542 – Web App Penetration Testing and Ethical Hacking | GIAC Web App Penetration Tester Certfication (GWAPT) | |||
| SEC588 – Cloud Penetration Testing | GIAC Cloud Penetration Tester Certfication (GCPN) | |||
| SEC575 – iOS and Android Application Security Analysis and Penetration Testing | GIAC Mobile Device Security Analyst (GMOB) | |||
| SEC660 – Advanced Penetration Testing, Exploit Writing, and Ethical Hacking | GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) | |||
| SEC617 – Wireless Penetration Testing and Ethical Hacking | GIAC Assessing and Auditing Wireless Networks (GAWN) | |||
| SEC580 – Metasploit for Enterprise Penetration Testing | ||||
| SEC556 – IoT Penetration Testing | ||||
| SEC568 – Product Security Testing | ||||
| SEC467 – Social Engineering for Security Professionals | ||||
| Cyber Defence | SEC503 – Network Monitoring and Threat Detection In-Depth | GIAC Certified Intrusion Analyst (GCIA) | ||
| SEC450 – Blue Team Fundamentals: Security Operations and Analysis | GIAC security Operations Certified (GSOC) | |||
| Cyber Defense / Open Source Intelligense (OSINT) | SEC497 – Practical Open-Source Intelligence (OSINT) | GIAC Open Source Intelligence Certification (GOSI) | ||
| SEC587 – Advanced Open-Source Intelligence (OSINT) Gathering and Analysis™ | ||||
| Cyber Security Essentials | SEC401 – Security Essentials – Network, Endpoint, and Cloud | GIAC SECURITY ESSENTIAL CERTIFICATION (GSEC) | ||
| Digital Forensics, Incident Response & Threat Hunting | FOR508 – Advanced Incident Response, Threat Hunting, and Digital Forensics | GIAC Certified Forensic Analyst (GCFA) | ||
| FOR578 – Cyber Threat Intelligence | GIAC Cyber Threat Intelligence (GCTI) | |||
| FOR500 – Windows Forensic Analysis | GIAC Certified Forensic Examiner (GCFE) | |||
| FOR610 – Reverse-Engineering Malware: Malware Analysis Tools and Techniques | GIAC Reverse Engineering Malware (GREM) | |||
| FOR509 – Enterprise Cloud Forensics and Incident Response | GIAC Cloud Forensics Responder (GCFR) | |||
| FOR589 – Cybercrime Intelligence | ||||
| FOR585 – Smartphone Forensic Analysis In-Depth | GIAC Advanced Smartphone Forensics (GASF) | |||
| FOR518 – Mac and iOS Forensic Analysis and Incident Response | GIAC iOS and macOS Examiner (GIME) | |||
| 6 | Defensive & Offensive Cyber Security Professions | Defensive | Related to network scanners, analyser, application security tools, frameworks, incident response tools | |
| Offensive | Related to ethical hacking tools | |||
| 7 | Personnel Role | Offensive Operations: | Red Team member Pen Tester | |
| Defensive Operations: | Counterespionage Analyst Cryptanalyst Cyber Intelligence Specialist Data Privacy Officer Data Security Analyst Industrial Internet of Things (IIoT) Security Specialist Information Security Analyst IT Security Architect Security Operations Center (SOC) Analyst Security Awareness Training Specialist Supervisory control and data acquisition (SCADA) Security Analyst | |||
| Leadership: | Chief Security Officer (CSO) Chief Information Security Officer (CISO) Security Operations Center (SOC) Manager | |||
| Incident Response and Threat Hunting: | Threat Hunter Virus Technician Bug Bounty Hunter Ethical Hacker Incident Responder Malware Analyst Vulnerability Assessor | |||
| Threat Intel and Forensics: | Cyber Insurance Policy Specialist Cyber Operations Specialist Cybercrime Investigator Cybersecurity Lawyer Source Code Auditor | Digital Forensic Expert do work like Preserve Data, do Hashing, work on Memory Analysis tool & on other forensic tools. These tools are with specific agencies like CERT – Centre Of Emergency Response Team (Govt Agency) AND password hacking tool provide by Cellebrite Software Company for latest version-1 | ||
| 8 | Additional Knowledge | Required of: | Python | |
| Digital Forensic Tools | ||||
| Intelligence Tools | ||||
| Networking Tools | ||||
| Windows OS | ||||
| Kali Linux / Parret Security OS | ||||
| Android & iOS | ||||
| JS | ||||
| PHP | ||||
| OSINT Tools | ||||
| Social Media Apps | ||||