Update Learning Path “cybersecurity”

content/cybersecurity.md

@@ -1,72 +1,167 @@
 ---
 title: CyberSecurity
-date: 2021-08-06T13:35:55+05:30
+date: 2025-03-15T15:22:37.477Z
 category: other
-image: images/CyberSecurity.jpg
+image: https://marvel-b1-cdn.bc0a.com/f00000000100045/www.elmhurst.edu/wp-content/uploads/2020/03/cybersecurity-vs-information-security-illustration.jpg
 tags:
-  - cyber
-  - security
   - cybersecurity
+  - Ethical-Hacking
+  - Blue-Teaming
+  - Penetration-testing
 authors:
   - gauthamkrishna1312
+  - potato-pzy
+pathType:
+  - security
 mainpage: false
 draft: false
 ---
-Cybersecurity is the protection of computer systems and networks from information disclosure, theft of or damage to their hardware, software, or electronic data, as well as from the misdirection of the services they provide.This field is becoming increasingly significant due to the increased reliance on computer systems, the internet and wireless networks standards such as Bluetooth and Wi-Fi, and due to the growth of ”smart” devices, including smartphones, television, and the various devices that constitute the "internet of things". Owing to its complexity, both in terms of politics and technology, cybersecurity is also one of the major challenges in the contemporary world.
+## What is Cybersecurity ?
+
+Cybersecurity is the practice of protecting computers, networks and data from attacks damages or unauthorized access from malicious intent users. Cybersecurity is rather a package of strategies, technologies and best practices that would help in safeguarding information and infrastructure of an organization. Its an every evolving field in which attackers and defenders are getting better day by day 
 
 ## Prerequisites
 
-You can learn cybersecurity as a complete beginner. You should familiarise to use computers and it is good to have knowledge in Networking,IT,Web technologies and should need a mindset to self learn new things. Always connect with cyber security experts and up to date with news related to cyber security
+Cybersecurity is one of those field which has the lowest entry barrier no matter you background you can easily grasp these contents if you have a passion for learning new things, To be stated some of those are 
+
+1. Basic computer know-how
+2. Networking Fundamentals such as TCP/IP protocol, OSI Model etc.
+3. Basic programming/scripting knowledge 
+4. A mind to learn continuously, as cybersecurity is evolving day by day if you wont catch up with new things you would be left back 
 
 ## Topics To Learn
 
-1. Introduction
+If you wanna dive into cybersecurity these are the topics that you should look for .
+
+1. #### Operating system security 
+
+   * Windows hardening 
+
+     * Group policy, Windows defender ATP, Patch management
+   * Linux Security 
+
+     * Secure configuration
+     * File permissions
+     * acess control
+2. #### Network Security 
+
+   * Firewall configurations
+
+     * Packet vs stateful inspection
+     * Next gen Firewall
+     * Firewall Configurations
+   * Intrusion Detection and prevention system 
+
+     * Signature vs anomaly based
+     * Installation & Configuration
+   * VPN 
+
+     * Types of VPN
+     * Remote acess configurations
+   * Wireless Security 
+
+     * Wireless security hardening
+     * Wireless intrusion detection
+3. #### Web Application Security 
+
+   * OWASP TOP 10 
+
+     * Top 10 vulnerabilities 
+     * Secure coding practises
+   * API Security 
+
+     * Token based authentication
+     * Rate limiting and logging
+   * Web server security 
+
+     * SSL/TLS Configuration and certificate management
+     * Server configuration for best security posture
+4. #### Cryptography 
+
+   * Encryption Algorithms 
+
+     * Symmetric encription
+     * Assymetric encyption 
+   * Hashing 
+
+     * SHA 2, SHA 3 
+     * Digital Signature 
+5. #### Penetration testing & Ethical Hacking
+
+   * Reconnaissance
+
+     * IFootprinting, OSINTncide
+     * Network Mapping 
+   * Enumaration
+
+     * Network scanning 
+     * Vulnerability scanning
+   * Exploitation
+
+     * Metasploit framework
+     * OWASP ZAP
+   * Post Exploitation
+
+     * Privilage escalations
+     * Backdoor creation
+   * Covering Tracks
+
+     * Log clearing
+     * TImestamp tampering
+6. #### Incident response & Digital Forensics
+
+   * Incident response framework 
+
+     * Nist Framework 
+     * Incident response plans 
+   * Forensics 
+
+     * Disk Imaging and memmory forensics 
+     * Log analysis and timeline reconstruction
+7. #### Security operation & Monitoring 
+
+   * Security Incident and event management
 
-   * Why do we need cybersecurity
-   * The CIA triad
-   * Vulnerability,Threat and Risk
-2. Cybersecurity Components
+     * Log aggregation, correlation and alerting
+     * incident detectionn and response integration
+   * Threat Hunting 
 
-   * Packet structure
-   * Network architecture
-   * Addressing
-   * Firewalls
-3. Cybersecurity Framework
+     * Procative hunting & behaviour analysis
+     * Threat monitoring and visualization using ELK, Splunk etc.
+   * Endpoint monitoring & Response ( EDR )
 
-   * NIST Cybersecurity Framework
-4. Networking
+     * Monitoring for anomalies in endpoints 
+     * Automated contamination and remediation
+8. #### Cloud Security
 
-   * Network architecture
-   * Net working tools
-5. NMAP
+   * Cloud Infrastructure Hardening:
 
-   * About NMap
-   * Installation
-   * Types of Scans using NMaps
-6. Ethical Hacking
+     * Securing AWS< Azure and GCP enviornments.
+     * Identity acess management ( IAM )
+   * Container security :
 
-   * About ethical hacking
-   * Ethical hacking using kali linux
-7. Cryptography
+     * Securing Kubernetes and docker deployments
+     * Container scanning and runtime monitoring
+   * Serverless Security 
 
-   * What is cryptography
-   * Classification of cryptography
-   * Working of cryptographic algorithms
-   * RSA (Rivest Shamir Adleman)
-8. Steganography
+     * Risk and mitigation strategies for serverless computing architecture 
+     * Security functions and API gateways 
 
-   * What is steganography
-   * Basic steganographic model
-   * LSB Steganography
-   * Steganography tools
-9. DDOS
 
-   * What is DOS and DDOS attack
-   * How does it work
-   * Types of DDOS attack
 
 ## Resources
 
+* References
+
+  * <https://docs.paloaltonetworks.com>
+  * <https://www.snort.org/>
+  * [https://www.wi-fi.org/](\https://www.wi-fi.org/)
+  * <https://owasp.org/Top10/>
+  * <https://nginx.org/en/docs/>
+  * <https://csrc.nist.gov/projects/cryptographic-standards-and-guidelines>
+  * <https://owasp.org/www-project-web-security-testing-guide/>
+  * <https://docs.rapid7.com/metasploit/>
+  * <https://www.google.com/search?q=https://owasp.org/www-project-zap/&authuser=2>
 * Online Courses
 
   * <https://www.udemy.com/course/the-complete-internet-security-privacy-course-volume-1/>