Tech Academy

Lesson 01: What is Social Engineering

Lesson 02: Phishing

Lesson 03: Spam and Spim

Lesson 04: Dumpster diving and Shoulder surfing

Lesson 05: Tailgaiting and Eliciting information

Lesson 06: Pharming

Lesson 07: Impersonation, Pre-texting and Identity fraud

Lesson 08: Hoaxes and Invoice Scams

Lesson 09: Reconnaissance and Credential harvesting

Lesson 10: Watering hole attack and Typosquatting

Lesson 11: Influence campaigns and Hybrid warfare

Lesson 12: Principles of Social engineering

1.1 Slides (PDF)

Lesson 01: What is a malware

Lesson 02: Ransomware and Cryptowalware

Lesson 03: Trojan and Worms

Lesson 04: Rootkits and Backdoor

Lesson 05: Bots, Botnet and Command & Control

Lesson 06: Keyloggers and Logic bombs

Lesson 07: Viruses

Lesson 08: Spyware and PuPs

Lesson 09: Password Attacks I

Lesson 10: Password Attacks II

Lesson 11: Malicious USB

Lesson 12: Card skimming and Card cloning

Lesson 13: Adversarial AI

Lesson 14: Supply chain attack

Lesson 15: Cloud vs. On-premise attack

1.2 Slides (PDF)

Lesson 01: Privelege escalation

Lesson 02: SQL injection

Lesson 03: DLL injection

Lesson 04: LDAP injection

Lesson 05: XML injection

Lesson 06: Pointer object dereference

Lesson 07: Directory traversal attack

Lesson 08: Buffer overflows

Lesson 09: Race conditions

Lesson 10: Error handling and Improper input handling

Lesson 11: Replay attack

Lesson 12: Integer overflow and API attack

Lesson 13: Request forgeries

Lesson 14: Resource exhaustion and Memory leak

Lesson 15: SSL stripping and Pass the hash

Lesson 16: Driver manipulation

1.3 Slides (PDF)

Lesson 01: Rouge AP and Evil twin

Lesso 02: Bluesnarfing and Bluejacking

Lesson 03: Disassociation and Jamming

Lesson 04: RFID, NFC and Initialization Vector

Lesson 05: On-path attack

Lesson 06: ARP Poisoning

Lesson 07: MAC flooding and MAC cloning

Lesson 08: DNS attacks

Lesson 09: DDoS

Lesson 10: Malicious script execution

1.4 Slides(PDF)

Lesson 01: Actors and Threats I

Lesson 02: Actors and Threats II

Lesson 03: Attributes of actors

Lesson 04: Threat vectors

Lesson 05: Threat Intelligence sources I

Lesson 06: Threat Intelligence sources II

Lesson 07: Threat Intelligence sources III

Lesson 08: Threat Research sources

1.5 Slides(PDF)

Lesson 01: What is Zero day

Lesson 02: Weak configurations

Lesson 03: Third-Party risks

Lesson 04: Improper and Weak patch management

Lesson 05: Legacy platforms

Lesson 06: Vulnerability impacts

1.6 Slides(PDF)

Lesson 01: Threat hunting I

Lesson 02: Threat hunting II

Lesson 03: Vulnerability Scan

Lesson 04: SIEM

Lesson 05: SOAR

1.7 Slides(PDF)

Lesson 01: What is Penetration testing

Lesson 02: Penetration testing II

Lesson 03: Penetration testing concepts

Lesson 04: Reconnaissance

Lesson 05: Exercise types and Teams

1.8 Slides(PDF)

Lesson 1 - Configuration Management

Lesson 2 - Data sovereignity

Lesson 3 - Data Protection I

Lesson 4 - Data Protection II

Lesson 5 - Considerations I

Lesson 6 - Considerations II

Lesson 7 - Site resiliency

Lesson 8 - Deception and disruption

2.1 Slides(PDF)

Lesson 1 - On-premise vs. Cloud

Lesson 2 - Cloud models

Lesson 3 - Cloud Computing Concepts I

Lesson 4 - Cloud Computing Concepts II

Lesson 5 - Virtualization Concepts

2.2 Slides(PDF)

Lesson 1 - Environment

Lesson 2 - Provisioning and De-provisioning

Lesson 3 - Secure Coding Techniques

Lesson 4 - OWASP

Lesson 5 - Software Diversity

Lesson 6 - Automation and Scripting Concepts

Lesson 7 - Elasticity vs. Scalability

Lesson 8 - Version Control

2.3 Slides(PDF)

Lesson 1 - Authentication Methods I

Lesson 2 - Authentication Methods II

Lesson 3 - Biometrics I

Lesson 4 - Biometrics II

Lesson 5 - MFA

Lesson 6 - AAA

Lesson 7 - On-prem vs. Cloud Authentication

2.4 Slides(PDF)

Lesson 1 - Understanding Redundancy

Lesson 2 - Geographical Dispersal

Lesson 3 - Disk Redundancy

Lesson 4 - Multipath

Lesson 5 - Network Redundancy

Lesson 6 - Power Redundancy

Lesson 7 - Replication

Lesson 8 - Backup Types I

Lesson 9 - Backup Types II

Lesson 10 - Non-persistence

Lesson 11 - Diversity

2.5 Slides(PDF)

Lesson 1 - Embedded Systems

Lesson 2 - SCADA

Lesson 3 - IoT

Lesson 4 - Specialized Systems

Lesson 5 - Other Embedded and Specialized Systems

Lesson 6 - Considerations

Lesson 7 - Constraints

2.6 Slides(PDF)

Lesson 1 - Physical security I

Lesson 2 - Cameras

Lesson 3 - Personnel

Lesson 4 - Physical security II

Lesson 5 - Physial security III

Lesson 6 - Secure Areas

Lesson 7 - Secure Data Destruction

2.7 Slides(PDF)

Lesson 1 - Digital Signature

Lesson 2 - Key length and Key stretching

Lesson 3 - Salting, Hashing, ECC and Perfect forward secrecy

Lesson 4 - Quantum cryptography

Lesson 5 - Modes of operation

Lesson 6 - Block chain

Lesson 7 - Cipher Suites

Lesson 8 - Symmetric and Asymmetric

Lesson 9 - Steganography

Lesson 10 - Common Use Cases

Lesson 11 - Limitations

2.8 Slides(PDF)

Lesson 1 - Secure Protocols

Lesson 2 - Use Cases

Lesson 3 - IPSEC

3.1 Slides(PDF)

Lesson 1 - Endpoint Protection

Lesson 3 - Database

Lesson 4 - Application Security I

Lesson 2 - Boot Integrity

Lesson 5 - Application Security II

Lesson 6 - Hardening

Lesson 7 - FDE vs. SED

Lesson 8 - HrOT, TPM and Sandboxing

3.2 Slides(PDF)

Lesson 1 - Load Balancing

Lesson 2 - Network Segmentation

Lesson 3 - VPN I

Lesson 4- VPN II

Lesson 5 - DNS

Lesson 6 - NAC

Lesson 7 - Port Security

Lesson 8 - Network Appliance I

Lesson 9 - Network Appliance II

Lesson 10 - Network Appliance III

Lesson 11 - Network Appliance IV

Lesson 12 - Network Appliance V

Lesson 13 - Network Appliance VI

Lesson 14 - ACL, QoS and Port Mirroring

3.3 Slides(PDF)

Lesson 1 - Cryptographic Protocols

Lesson 2 - Authentication Protocols I

Lesson 3 - Authentication Protocols II

Lesson 4 - Authentication Methods

Lesson 5 - Installation Considerations

3.4 Slides(PDF)

Lesson 1 - Connection Methods and Receivers

Lesson 2 - Mobile Device Management

Lesson 3 - Enforcement Monitoring

Lesson 4 - Deployment Models

3.5 Slides(PDF)

Lesson 1 - Cloud Security Controls

Lesson 2 - Storage

Lesson 3 - Network

Lesson 4 - Compute

Lesson 5 - Solutions I

Lesson 6 - Solutions II

3.6 Slides(PDF)

Lesson 1 - Identity

Lesson 2 - Account Types

Lesson 3 - Account Policies

3.7 Slides(PDF)

Lesson 1 - Authentication Management

Lesson 2 - Authentication and Authorization I

Lesson 3 - Authentication and Authorization II

Lesson 4 - Access Control Schemes I

Lesson 5 - Access Control Schemes II

3.8 Slides(PDF)

Lesson 1 - Public Key Infrastructure I

Lesson 2 - Public Key Infrastructure II

Lesson 3 - Public Key Infrastructure III

Lesson 4 - Public Key Infrastructure IV

Lesson 5 - Types of Certificates I

Lesson 6 - Types of Certificates II

Lesson 7 - Certificate Format I

Lesson 8 - Certificate Format II

Lesson 9 - Concepts I

Lesson 10 - Concepts II

3.9 Slides(PDF)

Lesson 1 - Network Reconaissance I (tracert, nslookup,nmap)

Lesson 2 - Network Reconaissance II (Ping, Pathping and Hping)

Lesson 3 - Network Reconaissance III (Netstat and IP Scanner)

Lesson 4 - Network Reconaissance IV (ARP, Curl and Route_Print)

Lesson 5 - Network Reconnaissance(theHarvester and Sn1per)

Lesson 6 - Network Reconaissance VI(scanless, dnsenum, nessus and cuckoo)

Lesson 7 - File Manipulation Tools

Lesson 8 - Shell and Script Environments

Lesson 9 - Packet Capture and Replay

Lesson 10 - Forensics

Lesson 11 - Exploitation Framworks

Lesson 12 - Password Crackers

Lesson 13 - Data Sanitation

4.1 Slides(PDF)

Lesson 1 - Incident Response Plans and Process

Lesson 2 - Incident Response Exercise

Lesson 5 - Attack Frameworks - Diamond Model

Lesson 6 - Stakeholder Management

Lesson 4 - Attack Frameworks - Cyber Kill Chain

Lesson 7 - DRP, BCP and CoOP

Lesson 3 - Attack Frameworks - Mitre Att&ck

Lesson 8 - Incident Response Team

4.2 Slides(PDF)

Lesson 1 - Vulnerability Scan Output

Lesson 2 - SIEM Dashboard

Lesson 3 - Log Files

Lesson 4 - Syslog, Rsyslog and Syslog-NG

Lesson 5 - Journalctl, NXlog and Bandwidth monitor

Lesson 6 - Metadata

Lesson 7 - Netflow, IPFix and sFlow

Lesson 8 - Protocol Analyzer Output

4.3 Slides(PDF)

Lesson 1 - Re-configure Endpoint Security Solutions

Lesson 2 - Configuration Changes

Lesson 3 - Isolation, Containment and Segmentation

Lesson 4 - SIEM and SOAR

4.4 Slides(PDF)

Lesson 1 - What is Digital Forensics

Lesson 2 - Documentaion and Evidence

Lesson 3 - Acquisition of Evidence

Lesson 4 - Considerations in Acquisition of Evidence

Lesson 5 - On-Premise vs. Cloud

Lesson 6 - Integrity

Lesson 7 - Preservation

Lesson 8 - E-discovery

Lesson 9 - Data Recovery

Lesson 10 - Non-repudiation

Lesson 11 - Strategic and Counter Intelligence

4.5 Slides(PDF)

Lesson 1 - Category

Lesson 2 - Control Types

5.1 Slides(PDF)

Lesson 1 - Regulations, Standards and Legislation

Lesson 2 - Key Frameworks I

Lesson 3 - Key Frameworks II

Lesson 4 - Key Frameworks III

Lesson 5 - Benchmark and Configuration Guides

5.2 Slides(PDF)

Lersson 1 - Personnel I

Lesson 2 - Personnel II

Lesson 3 - Diversity of Training Techniques

Lesson 4 - Third-party Risk Management

Lesson 5 - Data

Lesson 6 - Credential Policies

Lesson 7 - Organization Policies

5.3 Slides(PDF)

Lesson 1 - Risk Types

Lesson 2 - Risk Management Strategies

Lesson 3 - Risk Analysis I

Lesson 4 - Risk Analysis II

Lesson 5 - Disasters

Lesson 6 - Business Impact Analysis I

Lesson 7 - Business Impact Analysis II

Lesson 8 - Business Impact Analysis III

5.4 Slides(PDF)

Lesson 1 - Organizational consequences of privacy breaches

Lesson 2- Notifications of breaches

Lesson 3 - Data Types

Lesson 4 - Privacy enhancing technologies

Lesson 5 - Roles and responsibilities

Lesson 6 - Information Lifecycle

Lesson 7 - Impact assessment

Lesson 8 - ToA and Privacy Notice

5.5 Slides(PDF)

Practice Exam - Set A

Practice Exam - Set B

Mega Quiz(coming soon)

Self-study Plan

Chapter 1 Slides - All Sections (PDF)

Chapter 2 Slides - All Sections (PDF)

Chapter 3 Slides - All Sections (PDF)

Chapter 4 Slides - All Sections (PDF)

Chapter 5 Slides - All Sections (PDF)