Fundamentals from the BookΒΆ
- Introduction to Cybersecurity
- Defining Threats, Vulnerabilities, & Exploits
- Common Software and Hardware Vulnerabilities
- Injection Vulnerabilities
- SQL Injection
- HTML Injection
- Command Injection
- Authentication-based Vulnerabilities
- Cross-site Scripting
- Cross-site Request Forgery
- Cookie Manipulation Attacks
- Race Conditions
- Unprotected APIs
- Return-to-LibC Attacks and Buffer Overflows
- OWASP Top 10
- Security Vulnerabilities in Open Source Software
- CIA
- Cloud Security Threats
- IoT Security Threats
- Digital Forensics and Incident Response
- ISO/IEC 27002:2013 and NIST Incident Response Guidance
- Incident Definition
- False Positives, False Negatives, True Positives, and True Negatives
- Incident Severity Levels
- Incident Reporting
- Incident Response Program
- Incident Response Plan
- Incident Response Process
- Simulations and Playbooks
- Information Sharing and Coordination
- Computer Security Incident Response Teams
- Product Security Incident Response Teams (PSIRTs)
- The Common Vulnerability Scoring System (CVSS)
- National CSIRTs and Computer Emergency Response Teams (CERTs)
- Coordination Centres
- Key Incident Management