• Follow Us On :

Cybersecurity

Cybersecurity Beginner

Course Overview This course provides a comprehensive introduction to the fundamentals of cybersecurity, designed for individuals with…

Course Overview

This course provides a comprehensive introduction to the fundamentals of cybersecurity, designed for individuals with little to no prior experience in the field. You’ll gain an understanding of key concepts, threats, and defenses that form the backbone of modern digital security. Through a mix of theory and practical exercises, you’ll learn how to protect personal and organizational data from cyber threats.

What You’ll Learn

  • Foundations of Cybersecurity — Understand what cybersecurity is, why it’s important, and how it impacts individuals, businesses, and governments.

  • Types of Cyber Threats — Explore common attacks such as phishing, malware, ransomware, and social engineering.

  • Basic Security Principles — Learn about confidentiality, integrity, and availability — the CIA Triad.

  • Network Security Basics — Discover how networks function and how to secure them using firewalls, encryption, and secure protocols.

  • Best Practices for Individuals and Organizations — Password hygiene, multi-factor authentication, data backup, and safe browsing habits.

  • Introduction to Ethical Hacking and Incident Response — Gain insight into how ethical hackers find vulnerabilities and how incidents are handled.

Who Should Enroll

This course is ideal for:

  • Students and professionals exploring a career in cybersecurity.

  • IT or business professionals looking to strengthen their security awareness.

  • Anyone interested in understanding how to stay safe online and protect digital assets.

Prerequisites

No prior cybersecurity or IT experience is required. Basic computer literacy is recommended.

Course Format

  • Duration: 4–6 weeks (self-paced or instructor-led options)

  • Format: Video lectures, hands-on labs, quizzes, and real-world case studies

  • Certification: Participants will receive a Cybersecurity Fundamentals Certificate upon successful completion.

Learning Outcomes

By the end of this course, participants will be able to:

  • Identify and assess common cyber risks.

  • Apply basic security practices in personal and professional settings.

  • Understand foundational cybersecurity frameworks and terminology.

  • Lay the groundwork for further studies in network security, ethical hacking, or digital forensics.

Show More

Course Curriculum

1.1 Compare and contrast various types of security controls. 
Categories Technical  Managerial  Operational  Physical  Control types Preventive  Deterrent  Detective  Corrective  Compensating  Directive 

1.2 Summarise fundamental security concepts.
Confidentiality, Integrity, and Availability (CIA) Physical security Non-repudiation Bollards Authentication, Authorisation, and Accounting (AAA) Access control vestibule Authenticating people Fencing Authenticating systems Video surveillance Authorisation models Security guard Gap analysis Access badge Zero Trust Lighting Control Plane Sensors Adaptive identity Infrared Threat scope reduction Pressure Policy-driven access control Microwave Policy Administrator Ultrasonic Policy Engine Data Plane Deception and disruption technology Implicit trust zones Honeypot Subject/System Honeynet Policy Enforcement Point Honeyfile Honeytoken

1.3 Explain the importance of change management processes and the impact to security.
Business processes impacting Security operation Technical implications Documentation Allow lists/ Deny lists Updating diagrams Approval process Restricted activities Updating policies/ Procedures Ownership Downtime Stakeholders Service restart Version control Impact analysis Application restart Test results Legacy applications Backout plan Dependencies Maintenance window Standard operating procedure

1.4 Explain the importance of using appropriate cryptographic solutions.
Public Key Infrastructure (PKI) Tools Public key Trusted Platform Module (TPM) Online Certificate Status Protocol (OCSP) Private key Hardware Security Module (HSM) Key escrow Key management system Self-signed Encryption Secure enclave Third-party Level Obfuscation Root of trust Full-disk Steganography Certificate signing request (CSR) generation Partition Tokenization File Data masking Wildcard Volume Hashing Database Salting Record Digital signatures Transport/communication Key stretching Asymmetric Blockchain Symmetric Open public ledger Key exchange Certificates Algorithms Certificate authorities Key length Certificate Revocation Lists (CRLs)

2.1 Compare and contrast common threat actors and motivations.
Threat actors Blackmail Nation-state Financial gain Unskilled attacker Philosophical or Political beliefs Hacktivist Ethical hacker Insider threat Revenge Organized crime Disruption or chaos Shadow IT War Attributes of actors Internal or external Resources and funding Level of sophistication or Capability Motivations Data exfiltration Espionage Service disruption

2.2 Explain common threat vectors and attack surfaces.
Message-based Email Short Message Service (SMS) Instant Messaging (IM) Image-based File-based Voice call Open service ports Default credentials Supply chain Managed Service Providers (MSPs) Vendors Suppliers Human vectors / Social engineering Removable device Phishing Vulnerable software Vishing Client-based vs. Agentless Smishing Unsupported systems and applications Misinformation / Disinformation Impersonation Unsecure networks Business email compromise Pretexting Wireless Wired Bluetooth Watering hole Brand impersonation Typosquatting

2.3 Explain various types of vulnerabilities.
Application Hardware Cryptographic Memory injection Firmware Misconfiguration Buffer overflow End-of-life Mobile device Race conditions Legacy Side loading Time-of-Check (TOC) Virtualization Jailbreaking Time-of-Use (TOU) Virtual Machine (VM) escape Zero-day Malicious update Resource reuse Operating System (OS)-based Cloud-specific Web-based Supply chain Structured Query Language Injection (SQLi) Service provider Hardware provider Cross-Site Scripting (XSS) Software provider

2.4 Given a scenario, analyse indicators of malicious activity.
Malware attacks Ransomware Trojan Worm Spyware Bloatware Virus Keylogger Logic bomb Rootkit Malicious code Network attacks Distributed Denial-of-Service (DDoS) Amplified Reflected Domain Name System (DNS) attacks Wireless On-path Credential replay Replay Forgery Cryptographic attacks Downgrade Collision Birthday Password attacks Spraying Brute force Indicators Account lockout Concurrent session usage Blocked content Impossible travel Out-of-cycle logging Application attacks Injection Buffer overflow Privilege escalation Resource consumption Resource inaccessibility Physical attacks Radio Frequency Identification (RFID) cloning Environmental

2.5 Explain the purpose of mitigation techniques used to secure the enterprise.
Segmentation Decommissioning Access control Hardening techniques Access Control List (ACL) Permissions Application allow list Isolation Patching Encryption Monitoring Least privilege Configuration enforcement Encryption Hardening techniques Installation of endpoint protection Host-based firewall Host-based Intrusion Prevention System (HIPS) Disabling ports and protocols Default password changes Removal of unnecessary software

3.1 Compare and contrast security implications of different architecture models
Architecture and infrastructure concepts Software-defined networking (SDN) Considerations Availability Cloud On-premises Resilience Responsibility matrix Centralized vs. decentralized Cost Hybrid considerations Containerization Responsiveness Third-party vendors Virtualization Scalability Infrastructure as code (IaC) IoT Ease of deployment Serverless Industrial control systems Risk transference Microservices (ICS)/supervisory control and data acquisition (SCADA) Ease of recovery Network infrastructure Patch availability Physical isolation Real-time operating system (RTOS) Inability to patch Air-gapped Embedded systems Power Logical segmentation High availability Compute

3.2 Given a scenario, apply security principles to secure enterprise infrastructure.
Infrastructure Considerations Extensible Authentication Protocol (EAP) Device Placement Firewall Types Security Zones Web Application Firewall (WAF) Attack Surface Unified Threat Management (UTM) Connectivity Failure Modes Next-Generation Firewall (NGFW) Fail-Open Layer 4 / Layer 7 Fail-Closed Secure Communication / Access Device Attribute Virtual Private Network (VPN) Active vs. Passive Remote Access Inline vs. Tap / Monitor Tunneling Network Appliances Transport Layer Security (TLS) Jump Server Internet Protocol Security (IPSec) Proxy Server Software-Defined Wide Area Network (SD-WAN) Intrusion Prevention System (IPS) / Intrusion Detection System (IDS) Secure Access Service Edge (SASE) Selection of Effective Controls Load Balancer Sensors Port Security 802.1X Extensible Authentication

3.3 Compare and contrast concepts and strategies to protect data.
Data Types Private Encryption Regulated Critical Hashing Trade Secret General Data Considerations Masking Intellectual Property Data States Tokenization Legal Information Data at Rest Obfuscation Financial Information Data in Transit Segmentation Human and Non-Human Readable Data in Use Permission Restrictions Data Classifications Data Sovereignty Sensitive Geolocation Confidential Methods to Secure Data Public Geographic Restrictions Restricted

3.4 Explain the importance of resilience and recovery in security architecture.
High Availability Testing Load Balancing vs. Clustering Tabletop Exercises Site Considerations Failover Hot Simulation Cold Parallel Processing Warm Backups Geographic Dispersion Onsite/Offsite Platform Diversity Frequency Multi-Cloud Systems Encryption Continuity of Operations Snapshots Capacity Planning Recovery People Replication Technology Journaling Infrastructure Power Generators Uninterruptible Power Supply (UPS)

4.1 Given a scenario, apply common security techniques to computing resources.
Here is the corrected list with proper wording, punctuation, and capitalization (no bullet points): Secure Baselines Wireless Devices Wireless Security Settings Establish Installation Considerations Wi-Fi Protected Access 3 (WPA3) Deploy Site Surveys AAA/Remote Authentication Dial-In User Service (RADIUS) Maintain Heat Maps Hardening Targets Mobile Solutions Cryptographic Protocols Mobile Devices Mobile Device Management (MDM) Authentication Protocols Workstations Deployment Models Application Security Switches Bring Your Own Device (BYOD) Input Validation Routers Corporate-Owned, Personally Enabled (COPE) Secure Cookies Cloud Infrastructure Static Code Analysis Servers Choose Your Own Device (CYOD) Code Signing ICS/SCADA Connection Methods Sandboxing Embedded Systems Cellular Monitoring RTOS Wi-Fi IoT Devices Bluetooth

4.2 Explain the security implications of proper hardware, software, and data asset management.
Acquisition and Procurement Process Disposal and Decommissioning Assignment and Accounting Sanitization Ownership Destruction Classification Certification Monitoring and Asset Tracking Data Retention Inventory Enumeration

4.3 Explain various activities associated with vulnerability management.
Identification Methods Analysis Vulnerability Response and Remediation Vulnerability Scan Confirmation Application Security False Positive Patching Static Analysis False Negative Insurance Dynamic Analysis Prioritization Segmentation Package Monitoring Common Vulnerability Scoring System (CVSS) Compensating Controls Threat Feed Exceptions and Exemptions Open-Source Intelligence (OSINT) Common Vulnerabilities and Exposures (CVE) Validation of Remediation Proprietary/Third-Party Rescanning Information-Sharing Organization Vulnerability Classification Audit Dark Web Exposure Factor Verification Penetration Testing Environmental Variables Reporting Responsible Disclosure Program Industry/Organizational Impact Bug Bounty Program Risk Tolerance System/Process Audit

4.4 Explain security alerting and monitoring concepts and tools.
Monitoring Computing Resources Tools Systems Security Content Automation Protocol (SCAP) Applications Benchmarks Infrastructure Agents/Agentless Activities Security Information and Event Management (SIEM) Log Aggregation Antivirus Alerting Data Loss Prevention (DLP) Scanning Simple Network Management Protocol (SNMP) Traps Reporting NetFlow Archiving Vulnerability Scanners Alert Response and Remediation/Validation Quarantine Alert Tuning

4.5 Given a scenario, modify enterprise capabilities to enhance security.
Firewall Operating System Security File Integrity Monitoring Rules Group Policy Data Loss Prevention (DLP) Access Lists — SELinux Network Access Control (NAC) Ports and Protocols Implementation of Secure Protocols Endpoint Detection and Response (EDR) / Extended Detection and Response (XDR) Screened Subnets Protocol Selection Intrusion Detection System/Intrusion Prevention System (IDS/IPS) Port Selection Trends Transport Method User Behavior Analytics Signatures DNS Filtering Web Filter Email Security Agent-Based Domain-Based Message Authentication Reporting and Conformance (DMARC) Centralized Proxy Universal Resource Locator (URL) Scanning DomainKeys Identified Mail (DKIM) Content Categorization Sender Policy Framework (SPF) Block Rules Gateway Reputation

4.6 Given a scenario, implement and maintain identity and access management.
Provisioning and De-Provisioning User Accounts Discretionary Password Concepts Role-Based Password Best Practices Permission Assignments and Implications Rule-Based Length Attribute-Based Complexity Identity Proofing Time-of-Day Restrictions Reuse Federation Least Privilege Expiration Single Sign-On (SSO) Multifactor Authentication Age Lightweight Directory Access Protocol (LDAP) Implementations Password Managers Biometrics Passwordless Open Authorization (OAuth) Hard/Soft Authentication Tokens Privileged Access Management Tools Security Assertion Markup Language (SAML) Security Keys Factors Just-in-Time Permissions Interoperability Something You Know Password Vaulting Attestation Something You Have Ephemeral Credentials Access Controls Something You Are Mandatory Somewhere You Are

4.7 Explain the importance of automation and orchestration related to secure operations.
Use Cases of Automation and Scripting Benefits Single Point of Failure Efficiency and Time Saving Technical Debt User Provisioning Enforcing Baselines Ongoing Supportability Resource Provisioning Standard Infrastructure Configurations Guard Rails Security Groups Scaling in a Secure Manner Ticket Creation Employee Retention Escalation Reaction Time Enabling/Disabling Services and Access Workforce Multiplier Other Considerations Continuous Integration and Testing Complexity Integrations and Application Cost Programming Interfaces (APIs)

4.8 Explain appropriate incident response activities.
Process Training Legal Hold Preparation Testing Chain of Custody Detection Tabletop Exercise Acquisition Analysis Simulation Reporting Containment Root Cause Analysis Preservation Eradication Threat Hunting E-Discovery Recovery Digital Forensics Lessons Learned

4.9 Given a scenario, use data sources to support an investigation.
Log Data Data Sources Firewall Logs Vulnerability Scans Application Logs Automated Reports Endpoint Logs Dashboards OS-Specific Security Logs Packet Captures IPS/IDS Logs Network Logs Metadata

5.1 Summarise elements of effective security governance.
Guidelines Procedures Government Entities Policies Change Management Centralized/Decentralized Acceptable Use Policy (AUP) Onboarding/Offboarding Roles and Responsibilities for Systems and Data Information Security Policies Playbooks Business Continuity External Considerations Owners Disaster Recovery Regulatory Controllers Incident Response Legal Processors Software Development Lifecycle (SDLC) Industry Custodians/Stewards Local/Regional Change Management National Standards Global Password Monitoring and Revision Access Control Types of Governance Structures Physical Security Boards Encryption Committees

5.2 Explain elements of the risk management process.
Risk Identification Risk Register Risk Reporting Risk Assessment Key Risk Indicators Business Impact Analysis Ad Hoc Risk Owners Recovery Time Objective (RTO) Recurring Risk Threshold Recovery Point Objective (RPO) One-Time Risk Tolerance Mean Time to Repair (MTTR) Continuous Risk Appetite Mean Time Between Failures (MTBF) Risk Analysis Expansionary Qualitative Conservative Quantitative Neutral Single Loss Expectancy (SLE) Risk Management Strategies Annualized Loss Expectancy (ALE) Transfer Annualized Rate of Occurrence (ARO) Accept Probability Exemption Likelihood Exception Exposure Factor Avoid Impact Mitigate

5.3 Explain the processes associated with third-party risk assessment and management.
Vendor Assessment Agreement Types Vendor Monitoring Penetration Testing Service-Level Agreement (SLA) Questionnaires Right-to-Audit Clause Memorandum of Agreement (MOA) Rules of Engagement Evidence of Internal Audits Memorandum of Understanding (MOU) Independent Assessments Supply Chain Analysis Master Service Agreement (MSA) Vendor Selection Work Order (WO) / Statement of Work (SOW) Due Diligence Conflict of Interest Non-Disclosure Agreement (NDA) Business Partners Agreement (BPA)

5.4 Summarise elements of effective security compliance.
Compliance Reporting Compliance Monitoring Data Subject Internal Due Diligence/Care Controller vs. Processor External Attestation and Acknowledgement Ownership Consequences of Non-Compliance Internal and External Data Inventory and Retention Fines Automation Right to Be Forgotten Sanctions Privacy Reputational Damage Legal Implications Loss of License Local/Regional Contractual Impacts National Global

5.5 Explain types and purposes of audits and assessments.
Attestation Penetration Testing Internal Physical Compliance Offensive Audit Committee Defensive Self-Assessments Integrated External Known Environment Regulatory Partially Known Environment Examinations Unknown Environment Assessment Reconnaissance Independent Third-Party Audit Passive Active

5.6 Given a scenario, implement security awareness practices
Phishing User Guidance and Training Reporting and Monitoring Campaigns Policy/Handbooks Initial Recognizing a Phishing Attempt Situational Awareness Recurring Responding to Reported Suspicious Messages Insider Threat Development Password Management Execution Anomalous Behavior Recognition Removable Media and Cables Risky Social Engineering Unexpected Operational Security Unintentional Hybrid/Remote Work Environments

6.1 Introduction to AI concepts.
Generative AI Computer Vision Speech Natural Language Processing Extract Data and Insights Responsible AI

6.2 Introduction to machine learning concepts.
Machine Learning Models Types of Machine Learning Models Regression Binary Classification Multiclass Classification Clustering Deep Learning

6.3 Get started with speech in Azure.
Understand Speech Recognition and Synthesis Get Started with Speech on Azure Use Azure AI Speech

6.4 Introduction to AI-powered information extraction concepts.
Understand the Extraction of Data from Images Understand the Extraction of Data from Forms Understand Multimodal Data Extraction Understand Data Extraction for Knowledge Mining

6.5 Get started with AI-powered information extraction in Azure.
Azure AI Services for Information Extraction Extract Information with Azure AI Vision Extract Multimodal Information with Azure AI Content Understanding Extract Information from Forms with Azure AI Document Intelligence Create a Knowledge Mining Solution with Azure AI Search

6.6 Understand Azure AI services for computer vision.
Understand Azure AI Services for Computer Vision Understand Azure AI Vision Image Analysis Capabilities Understand Azure AI Vision Face Service Capabilities Get Started in Azure AI Foundry Portal

No Data Available in this Section
No Data Available in this Section