Network Defense Essentials covers the fundamental concepts of information security and network defense. This introductory cybersecurity course is designed for today's entry-level information security or cybersecurity careers and is ideal for learners aspiring to pursue a career in cybersecurity.

The course gives a holistic overview of the key components of Information Security such as Identification, Authentication and Authorization, Virtualization and Cloud Computing, Wireless Networks, Mobile and IoT Devices, and Data Security. The interactive labs component of this course ensures that learners receive the hands-on, practical experience required for a future in cybersecurity.

NDE-certified learners have an assured means of formal recognition to add to their resumes and show off their expertise and skills to prospective employers. The purpose of the NDE certification is to recognize the competency and expertise of a professional in network defense and information security skills, thereby adding value to their workplace and employer.

What is Included?

Self Paced

Self Paced

Digital Forensics Essentials helps learners increase their competency and expertise in digital forensics and information security skills, thereby adding value to their workplace and employer.

This course will introduce learners to Computer Forensics Fundamentals as well as the Computer Forensics Investigation Process. Plan to learn about Dark Web, Windows, Linux, Malware Forensics, and so much more! The interactive labs component of this course ensures that learners receive the hands-on, practical experience required for a future in digital forensics.

DFE-certified learners have an assured means of formal recognition to add to their resumes and show off their expertise and skills to prospective employers. This improves their prospects for employment advancement, higher salaries, and greater job satisfaction.

What is Included?

Introduction to footprinting

Footprinting through search engines

Types of footprinting

Advanced Google hacking techniques

Google Hacking database

Footprinting domain and subdomains

People search.

Passive Network footprinting

Mirroring a website

Monitoring website for tracking changes

Email footprinting

DNS, its types, and footprinting

Footprinting tools

Introduction and types of Scanning

Banner Grabbing

Nmap and various types of scanning

▪  ICMP scanning

▪  Ping sweep

▪  ICMP echo scanning

▪  TCP connect / full-open scan

▪  Stealth Scan / half-open scan

▪  Inverse TCP flag scanning

▪  Xmas scan

▪  ACK flag probe scanning

▪  IDLE/IPID header Ssan

▪  UDP scanning

Detecting and Evading Firewalls

Network discovery and mapping

Discovering networks from mobile device

What is enumeration?

Introduction to Ports and services

Common ports and services

Enumerating services

SNMP enumeration

▪  NetBIOS enumeration

▪  LDAP enumeration

▪  NTP enumeration

▪  SMTP enumeration

▪  FTP enumeration

▪  DNS enumeration

Vulnerability Assessment Concepts

Vulnerability Assessment tools

Common Vulnerability Scoring System [CVSS]

Common Vulnerabilities and Exposures [CVE]

National Vulnerability Database [NVD]

Analysing a Vulnerability Assessment Report

Online and offline Password attacks

LM & NTLM

Cracking hashes

Password recovery tools

Keyloggers

Trojans

Rootkits

Steganography

Privilege Escalation

Introduction to malwares

Introduction to virus and worms

Different types of viruses

Virus making

Create Payload

Network sniffing

Sniffing tools

MITM attacks

Lawful Interception

DHCP attacks

MAC flooding

MAC Spoofing

ARP poisoning

Social Engineering Concepts

What is social engineering?

Phases of a social engineering attack

Social Engineering Techniques

Types of social engineering

Human-based social engineering

Computer-based social engineering

Mobile-based social engineering

Insider Threats

Impersonation on Social Networking Sites

Social engineering through impersonation on social networking sites

Social networking threats to corporate networks

Identity Theft

Social engineering countermeasures

Insider threats countermeasures

Identity theft countermeasures

Detect phishing emails

Anti-phishing toolbar

Introduction to honeypots

Installing a honeypot

Configuring honeypot

Analysing logs for attack detection in honeypots

• Introduction to web server and applications

 • Web Application threats

•HTTP headers

• Web Applicable hacking methodology

• Web application attacks

▪  Introduction to OWASP Top 10

▪  Encoding

▪  SQL

▪  CSRF

▪  XSS

▪  Directory traversal

▪  Command injection

▪  Logical flaws

▪  Fuzzing

▪  Session stealing

• Web server architecture

• Brute Force attacks

• Server misconfiguration

• Patch management and hotfixes

Mobile platform attack vectors
• Mobile platform vulnerabilities •Introduction to OWASP top 10 mobile risks • SMSH’ing attacks
• Mobile malwares
• Rooting Android devices
• Android hacking tools
• Mobile Device management

What is IoT?

How does IoT work?

IoT architecture

IoT application areas and devices

IoT technologies and protocols

IoT communication models

Challenges of IoT

Threat vs opportunity

IoT Attacks

IoT security problems

OWASP top 10 IoT vulnerabilities and obstacles

IoT attack surface areas

IoT threats

Hacking IoT devices

How to defend against IoT hacking

General guidelines for IoT device manufacturing companies

OWASP Top 10 IoT vulnerabilities solutions

IoT framework security considerations

IoT security tools

Cloud Computing Concepts

Introduction to cloud computing

Separation of responsibilities in cloud

Cloud deployment models

NIST cloud deployment reference architecture

Cloud computing benefits

Virtualization

Cloud Computing Threats

Cloud Computing Attacks

Cryptography Concepts

Cryptography

Types of cryptography

Government Access to Keys (GAK)

Encryption Algorithms

Ciphers

Data Encryption Standard (DES)

Advanced Encryption Standard (AES)

RC4, RC5, and RC6 algorithms

Twofish

The DSA and related signature schemes

Rivest Shamir Adleman (RSA)

Diffie-Hellman

Message digest (One-Way Hash) functions

Cryptography Tools

MD5 hash calculators

Hash calculators for mobile

Cryptography tools

Cryptography tools for mobile

Public Key Infrastructure (PKI)

Pretty Good Privacy (PGP)

SSL/TLS

Disk encryption

Disk encryption tools

Cryptography attacks

Cryptanalysis tools

Online MD5 decryption tools

CompTIA Security+ (SY0-601) is a widely recognized and globally respected certification that validates the essential knowledge and skills required for a career in cybersecurity. It is an entry-level certification designed for professionals looking to establish a solid foundation in information security.

The SY0-601 exam covers a comprehensive range of topics, including network security, threats, vulnerabilities, identity management, access control, cryptography, risk management, and security operations. It equips candidates with the necessary expertise to identify and address security incidents, implement secure network architectures, and apply best practices to protect organizations from emerging threats.

By obtaining the CompTIA Security+ certification, individuals demonstrate their competence in key cybersecurity areas and their ability to navigate the constantly evolving landscape of security technologies and practices. The certification is vendor-neutral, meaning it focuses on fundamental security concepts rather than specific products, allowing professionals to apply their knowledge across various environments and technologies.

Having the SY0-601 certification not only enhances career prospects but also provides a strong foundation for further advanced certifications in cybersecurity. It is highly regarded by employers in both the public and private sectors, as it validates the skills necessary to secure networks, devices, and data effectively.

The SY0-601 exam consists of multiple-choice and performance-based questions, assessing both theoretical knowledge and practical application. It is recommended that candidates have at least two years of experience in IT administration with a focus on security before attempting the exam.

Overall, the CompTIA Security+ (SY0-601) certification serves as a significant milestone in a cybersecurity professional's career, showcasing their dedication to maintaining a high level of expertise in securing information and systems, while also providing a solid foundation for ongoing professional growth.