Video description
26 Hours of Video Instruction26 Hours of Detailed, Curated Video Training to Take You from Basic to Guru in Cybersecurity
Overview
The Complete Cybersecurity Bootcamp, 2nd Edition is your comprehensive guide to becoming a cybersecurity professional. The extensive course is compiled from Omar Santo's best-selling video courses, starting with the basics and leading you through the most important topics in the cybersecurity landscape. The videos in this intensive bootcamp are structured to help you start with the fundamental concepts of cybersecurity and then build your core cybersecurity knowledge and move on to real-life pen testing and ethical hacking projects. It also covers cloud security, cybersecurity management, monitoring and analysis, network security telemetry, digital forensics and incident response (DFIR), ethical hacking and pen testing, wireless hacking and pen testing, mobile device security, and IoT security. This course can also be a resource for anyone who is preparing for security certification like CompTIA Security+, Cisco CyberOps Associate, CISSP, CompTIA PenTest+, Certified Ethical Hacker (CEH), GIAC certifications, or others.
Omar Santos, a best-selling Cisco Press and Pearson security author and trainer, has compiled the lessons to provide you with the best knowledge. The Bootcamp is organized in an easy-to-follow manner to give you the freedom to move at your own pace. The course provides supplement materials to strengthen your critical concepts and techniques that help you build your own hacking environment, examples of real-life penetration testing reports, and more. This material can be found at theartofhacking.org.
The contents of The Complete Cybersecurity Bootcamp, 2nd Edition were created using the following titles:
- Wireless Networks, IoT, and Mobile Devices Hacking by Omar Santos
- Cisco CyberOps Associate CBROPS 200-201 Complete Video Course by Omar Santos and Ron Taylor
- CCNP and CCIE Security Core SCOR 350-701 Complete Video Course by Omar Santos and Ron Taylor
- CompTIA PenTest+ (PT1-001) Complete Video Course by Omar Santos
- Certified Ethical Hacker (CEH) Complete Video Course, 3rd Edition by Omar Santos and Nick Garner
- Security Penetration Testing by Omar Santos, Jon Sternstein, Ron Taylor, and Chris McCoy
Sign up for Cybersecurity live training with Omar Santos:
Modern Cybersecurity Fundamentals
Becoming a Hacker: An Introduction to Ethical Hacking, Penetration Testing, and Bug Hunting
Topics include
Module 1: Security Concepts
Module 2: Security Operations, Incident Response, and Digital Forensics
Module 3: AAA, Identity Management, Network Visibility, and Segmentation
Module 4: Fundamentals of Ethical Hacking and Penetration Testing
Module 5: Mobile Device Security
Module 6: Internet of Things (IoT) Security
Module 7: Cloud Security Fundamentals
About the Instructor
Omar Santos is an active member of the cybersecurity community, where he leads several industry-wide initiatives. He is the lead of the DEF CON Red Team Village; the chair of the Common Security Advisory Framework (CSAF) technical committee; the co-chair of the Forum of Incident Response and Security Teams (FIRST) Open Source Security working group; and has been the chair of several initiatives in the Industry Consortium for Advancement of Security on the Internet (ICASI). His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to increasing the security of their critical infrastructures.
Omar is the author of over twenty books and video courses, as well as numerous white papers, articles, and security configuration guidelines and best practices. Omar is a principal engineer of the Cisco Product Security Incident Response Team (PSIRT), where he mentors and leads engineers and incident managers during the investigation and resolution of cybersecurity vulnerabilities. Additional information about Omar’s current projects can be found at omarsantos.io and you can follow Omar on Twitter @santosomar.
Skill Level
- Beginner
- Survey cybersecurity vulnerabilities
- Decipher Encryption and Hashing Algorithms
- Analyze Computer Incident Response Teams (CSIRTs) and Product Security Incident Response Teams (PSIRTs)
- Apply VERIS
- Perform DNS Analysis and Web Log Analysis
- Identify MITRE ATT&CK Framework
- Examine Asset and Threat Actor Attribution
- Examine Host-based Intrusion Detection
- Analyze Security Device Data
- Survey the TACACS+ Protocol
- Survey Open Source SDN Solutions
- Scope a Penetration Testing Engagement Properly
- Perform Footprinting through Social Engineering
- Scan beyond IDS and Firewall
- Survey Web Server Attack Tools
- Explore SQL Injection Tools
- Hack Bluetooth
- Build your own lab
- Create a Fuzzing Strategy
- Crack Passwords
- Hack iOS and Android OS
- Hack Android devices
- Anyone contemplating starting a career in cybersecurity.
- People who would like to better understand cybersecurity concepts.
- Anyone studying for a security cert like CompTIA Security+, Cisco CyberOps Associate, Certified Ethical Hacker (CEH), GIAC Information
- Students should be familiar with basic computing and networking concepts, as well as Linux and Windows fundamentals.
Pearson publishes expert-led video tutorials covering a wide selection of technology topics designed to teach you the skills you need to succeed. These professional and personal technology videos feature world-leading author instructors published by your trusted technology brands: Addison-Wesley, Cisco Press, Pearson IT Certification, Sams, and Que. Topics include: IT Certification, Network Security, Cisco Technology, Programming, Web Development, Mobile Development, and more.
Learn more about Pearson Video training at http://www.informit.com/video.
Table of contents
- Introduction
- Module 1: Security Concepts
-
Lesson 1: Cybersecurity Fundamentals
- Learning objectives
- 1.1 Describing the CIA Triad
- 1.2 Comparing Security Deployments: Network, Endpoint, and Application Security Systems
- 1.3 Comparing Security Deployments: Agentless and Agent-based Protections
- 1.4 Comparing Security Deployments: Legacy Antivirus and Antimalware
- 1.5 Comparing Security Deployments: SIEM, SOAR, and Log Management
- 1.6 Defining Threat Intelligence
- 1.7 Defining Threat Hunting
- 1.8 Understanding Malware Analysis
- 1.9 Interpreting the Output Report of a Malware Analysis Tool
- 1.10 Understanding the Different Threat Actor Types
- 1.11 Defining Run Book Automation (RBA)
- 1.12 Defining Reverse Engineering
- 1.13 Understanding the Sliding Window Anomaly Detection
-
Lesson 2: Additional Cybersecurity Principles
- Learning objectives
- 2.1 Performing Risk Assessment
- 2.2 Comparing Threats, Vulnerabilities, and Exploits
- 2.3 Understanding Authentication, Authorization, and Accounting
- 2.4 Examining the Access Control Process: Terminology and Data Classification
- 2.5 Examining the Access Control Process: Data States and Policy Roles
- 2.6 Examining the Access Control Process: Security and Access Control Classification
- 2.7 Understanding Discretionary Access Control
- 2.8 Understanding Mandatory Access Control
- 2.9 Understanding Role-based Access Control
- 2.10 Understanding Attribute-based Access Control
- 2.11 Understanding Rule-based Access Control
- 2.12 Understanding Time-based Access Control
-
Lesson 3: Types of Attacks and Vulnerabilities
- Learning objectives
- 3.1 Surveying Types of Vulnerabilities
- 3.2 Understanding Passive Reconnaissance and Social Engineering
- 3.3 Understanding Active Reconnaissance Port Scanning and Host Profiling
- 3.4 Understanding Privilege Escalation and Code Execution Attacks
- 3.5 Understanding Backdoors and Man-in-the-Middle Attacks
- 3.6 Understanding Denial of Service Attacks
- 3.7 Surveying Attack Methods for Data Exfiltration
- 3.8 Understanding ARP Cache Poisoning and Route Manipulation Attacks
- 3.9 Understanding Password Attacks
- 3.10 Understanding Wireless Attacks
- 3.11 Exploring Security Evasion Techniques
- 3.12 Identifying the Challenges of Data Visibility in Detection
- 3.13 Identifying Potential Data Loss from Provided Traffic Profiles
- 3.14 Comparing Rule-based Detection vs. Behavioral and Statistical Detection
- Lesson 4: Fundamentals of Cryptography and PKI
- Module 2: Security Operations, Incident Response, and Digital Forensics
-
Lesson 5: Fundamentals of Incident Response
- Learning objectives
- 5.1 Describing Concepts as Documented in NIST.SP800-86
- 5.2 Mapping the Organization Stakeholders Against the NIST IR Categories
- 5.3 Scoping the Incident Response Plan and Process
- 5.4 Understanding Information Sharing and Coordination
- 5.5 Identifying the Incident Response Team Structure
- 5.6 Analyzing Computer Incident Response Teams (CSIRTs)
- 5.7 Analyzing Product Security Incident Response Teams (PSIRTs)
- 5.8 Surveying Coordination Centers
- 5.9 Analyzing Managed Security Service Providers Incident Response Teams
- 5.10 Introducing the Vocabulary for Event Recording and Incident Sharing (VERIS)
- 5.11 Applying the VERIS Schema to Incident Handling
- 5.12 Surveying the VERIS Incident Recording Tool and Other Resources
-
Lesson 6: Fundamentals of Security Monitoring
- Learning objectives
- 6.1 Describing Endpoint-based Attacks
- 6.2 Understanding Data Normalization
- 6.3 Deconstructing Universal Data Formats
- 6.4 Understanding the 5-tuple Correlation
- 6.5 Performing DNS Analysis
- 6.6 Performing Web Log Analysis
- 6.7 Performing Deterministic and Probabilistic Analysis
- 6.8 Understanding Security Monitoring Fundamentals
- 6.9 Surveying Security Monitoring Tools
- 6.10 Grasping Security Monitoring Operational Challenges
-
Lesson 7: Intrusion Event Categories
- Learning objectives
- 7.1 Identifying and Mitigating Reconnaissance
- 7.2 Identifying and Mitigating Weaponization
- 7.3 Identifying and Mitigating Delivery
- 7.4 Identifying and Mitigating Exploitation
- 7.5 Identifying and Mitigating Installation
- 7.6 Identifying and Mitigating Command and Control
- 7.7 Understanding Action on Objectives
- 7.8 Understanding the MITRE ATT Framework
- Lesson 8: Digital Forensics Fundamentals
-
Lesson 9: Endpoint Security Technologies and Host-based Forensics Fundamentals
- Learning objectives
- 9.1 Examining Host-based Intrusion Detection
- 9.2 Exploring Antimalware and Antivirus
- 9.3 Understanding Host-based Firewalls
- 9.4 Exploring Application-level AllowLists/BlockLists
- 9.5 Exploring Systems-based Sandboxing
- 9.6 Understanding Windows Forensics Basics
- 9.7 Surveying Windows Forensics: Application Processes
- 9.8 Surveying Windows Forensics: Memory
- 9.9 Surveying Windows Forensics: The Windows Registry
- 9.10 Surveying Windows Forensics: Hard Drives, FAT, and NTFS
- 9.11 Understanding Linux and MAC OS X Forensics Basics
- 9.12 Examining Web Server Logs
-
Lesson 10: Network Intrusion Analysis
- Learning objectives
- 10.1 Introducing Intrusion Analysis Fundamentals
- 10.2 Examining Packet Captures
- 10.3 Examining Protocol Headers
- 10.4 Analyzing Security Device Data
- 10.5 Differentiating False Positives, False Negatives, True Positives, and True Negatives
- 10.6 Comparing Inline Traffic Interrogation and Taps or Traffic Monitoring
- 10.7 Extracting Files from a TCP Stream when Given a PCAP File and Wireshark
- 10.8 Interpreting Common Artifact Elements from an Event to Identify an Alert
- Module 3: Security Operations, Incident Response, and Digital Forensics
-
Lesson 11: Introducing AAA and Identity Management
- Learning objectives
- 11.1 Understanding Authentication
- 11.2 Exploring the RADIUS Protocol
- 11.3 Surveying the TACACS+ Protocol
- 11.4 Understanding Authorization
- 11.5 Surveying Authorization Models
- 11.6 Defining Accounting
- 11.7 Exploring Multifactor Authentication and Single Sign-On
- 11.8 Exploring Examples of Multifactor and Single Sign-On
-
Lesson 12: Network Visibility and Segmentation
- Learning objectives
- 12.1 Defining Network Visibility and Segmentation
- 12.2 Introducing NetFlow and IPFIX
- 12.3 Describing Flexible NetFlow Records
- 12.4 Understanding NetFlow Deployment
- 12.5 Introducing Network Segmentation
- 12.6 Exploring Application-based Segmentation
- 12.7 Describing Network Access with CoA
-
Lesson 13: Network Infrastructure Security
- Learning objectives
- 13.1 Configuring and Verifying Network Segmentation Using VLANs and VRF-lite
- 13.2 Configuring and Verifying Port Security
- 13.3 Configuring and Verifying DHCP Snooping
- 13.4 Configuring and Verifying Dynamic ARP Inspection
- 13.5 Exploring and Mitigating Common Layer 2 Threats
- 13.6 Understanding and Configuring BPDU Guard and Root Guard
- 13.7 Understanding and Configuring CDP/LLDP
- 13.8 Understanding the Control Plane, Data Plane, and Management Plane
- 13.9 Exploring How to Secure the Management Plane
- 13.10 Exploring How to Secure the Control Plane
- 13.11 Exploring How to Secure the Data Plane
-
Lesson 14: Software-Defined Networking Security and Programmability
- Learning objectives
- 14.1 Introducing SDN
- 14.2 Explaining North Bound and South Bound APIs in the SDN Architecture
- 14.3 Introducing Cisco ACI
- 14.4 Introducing Cisco DNA and Cisco DNA Center
- 14.5 Understanding VXLAN and Network Overlays
- 14.6 Understanding Microsegmentation
- 14.7 Surveying Open Source SDN Solutions
- 14.8 Understanding the Threats Against SDN Solutions
- 14.9 Understanding the Security Benefits in SDN Solutions
- 14.10 Introducing Network Programmability
- 14.11 Exploring DevNet and DevNet Resources for Security Automation
- 14.12 Introducing APIs, NETCONF, RESTCONF, and YANG
- 14.13 A Brief Introduction to Git
- 14.14 Exploring pxGrid
- 14.15 Integrating and Automating Security Operations with Cisco Products
- Module 4: Fundamentals of Ethical Hacking and Penetration Testing
-
Lesson 15: Overview of Ethical Hacking and Penetration Testing
- Learning objectives
- 15.1 Introducing Ethical Hacking and Pen Testing
- 15.2 Exploring Penetration Testing Methodologies
- 15.3 Explaining the Importance of the Planning and Preparation Phase
- 15.4 Understanding the Legal Concepts of Penetration Testing
- 15.5 Learning How to Scope a Penetration Testing Engagement Properly
- 15.6 Learning the Key Aspects of Compliance-based Assessments
-
Lesson 16: Information Gathering and Passive Reconnaissance
- Learning objectives
- 16.1 Introducing Footprinting Concepts and Methodologies
- 16.2 Performing Footprinting through Search Engines
- 16.3 Performing Footprinting through Web Services
- 16.4 Performing Footprinting through Social Networking Sites
- 16.5 Understanding Website Footprinting
- 16.6 Understanding Email Footprinting
- 16.7 Understanding Whois Footprinting
- 16.8 Understanding DNS Footprinting
- 16.9 Understanding Network Footprinting
- 16.10 Performing Footprinting through Social Engineering
- 16.11 Surveying Footprinting Tools
-
Lesson 17 Active Reconnaissance, Scanning, and Enumeration
- Learning objectives
- 17.1 Surveying Network Scanning Concepts
- 17.2 Exploiting Scanning Tools
- 17.3 Understanding Host Discovery
- 17.4 Understanding Port and Service Discovery
- 17.5 Performing OS Discovery (Banner Grabbing/OS Fingerprinting)
- 17.6 Scanning Beyond IDS and Firewall
- 17.7 Creating Network Diagrams
- 17.8 Introducing Enumeration Techniques
- 17.9 Performing NetBIOS Enumeration
- 17.1 Performing SNMP Enumeration
- 17.11 Performing LDAP Enumeration
- 17.12 Performing NTP and NFS Enumeration
- 17.13 Performing SMTP and DNS Enumeration
- 17.14 Conducting Additional Enumeration Techniques
- Lesson 18 Hacking Web Servers
-
Lesson 19 Hacking Web Applications
- Learning objectives
- 19.1 Introducing Web Application Concepts
- 19.2 Understanding Web App Threats and Hacking Methodologies
- 19.3 Footprinting Web Infrastructures
- 19.4 Analyzing Web Applications
- 19.5 Introducing the OWASP Top 10
- 19.6 Attacking Authentication, Authorization, and Access Controls - Part 1
- 19.7 Attacking Authentication, Authorization, and Access Controls - Part 2
- 19.8 Performing Command Injection Attacks
- 19.9 Exploiting Directory/Path Traversal Vulnerabilities
- 19.1 Input Validation and Sanitation
- 19.11 Exploiting Cross-site Scripting (XSS) Vulnerabilities
- 19.12 Exploiting XML External Entities
- 19.13 Attacking Web Services, APIs, and Understanding Webhooks
- Lesson 20: SQL Injection
- Lesson 21: Fundamentals of Wireless Hacking
- Lesson 22 Wireless Client Attacks
- Lesson 23: Building Your Lab and Attack Hardware
- Lesson 24: Aircrack-ng
-
Lesson 25 Buffer Overflows
- Learning objectives
- 25.1 Understanding Buffer Overflows
- 25.2 Exploiting Buffer Overflows
- 25.3 Overcoming Defenses for Buffer Overflow Vulnerabilities
- 25.4 Understanding Fuzzing
- 25.5 Creating a Fuzzing Strategy
- 25.6 Exploring Mutation-based, Generation-based, and Evolutionary Fuzzers
- 25.7 Surveying Tools to Find and Exploit Buffer Overflows
- Lesson 26 Post-Exploitation Techniques
-
Lesson 27: Hacking User Credentials
- Learning objectives
- 27.1 Understanding Authentication and Authorization Mechanisms
- 27.2 Understanding Authentication and Authorization Attacks
- 27.3 Exploring Password Storage Mechanisms
- 27.4 Understanding Password Storage Vulnerability
- 27.5 Cracking Passwords with John the Ripper
- 27.6 Cracking Passwords with hashcat
- 27.7 Improving Password Security
- Lesson 28 Reporting and Communication
- Module 5: Mobile Device Security
- Lesson 29: Hacking Mobile Platforms
- Lesson 30: Mobile Device Security
- Lesson 31: Fundamentals of Android Security
- Lesson 32 Hacking iOS Devices
- Module 6: Internet of Things (IoT) Security
-
Lesson 33: Fundamentals of IoT Security
- Learning objectives
- 33.1 Introducing IoT Concepts
- 33.2 Understanding IoT Attacks
- 33.3 Understanding IoT Hacking Methodologies
- 33.4 Surveying IoT Hacking Tools
- 33.5 Understanding IoT Countermeasures
- 33.6 Introducing OT Concepts
- 33.7 Performing OT Attacks
- 33.8 Understanding OT Hacking Methodologies
- 33.9 Surveying OT Hacking Tools
- 33.10 Understanding OT Countermeasures
- Lesson 34 Hacking IoT Devices
- Lesson 35: Attacking Bluetooth
- Lesson 36: Attacking NFC
- Module 7: Cloud Security Fundamentals
-
Lesson 37: Understanding Cloud Security
- Learning objectives
- 37.1 Introducing Cloud Computing Concepts
- 37.2 Exploring Container Technology
- 37.3 Understanding Serverless Computing
- 37.4 Surveying Cloud Computing Threats
- 37.5 Understanding Cloud Hacking and Cloud Security Implementations
- 37.6 Introducing the Different Cloud Deployment and Service Models
- 37.7 Surveying Patch Management in the Cloud
- 37.8 Performing Security Assessments in Cloud Environments
- 37.9 Introducing Agile, DevOps, and CI/CD Pipelines
- 37.10 Understanding Container Orchestration and an Introduction to Kubernetes
- 37.11 Exploring the Concepts of DevSecOps
- Module 8: Social Engineering Fundamentals
- Lesson 38 Understanding Social Engineering Countermeasures
- Summary
Product information
- Title: The Complete Cybersecurity Bootcamp, 2nd Edition
- Author(s):
- Release date: May 2022
- Publisher(s): Pearson
- ISBN: 0137949391
You might also like
video
The Absolute Beginners Guide to Cyber Security 2023 - Part 1
Cyber security applies technologies, processes, and controls to protect systems, networks, programs, devices, and data from …
video
CompTIA Security+ SY0-701
27+ Hours of Video Instruction Get the edge you need to successfully study for the CompTIA …
video
CISSP, 3rd Edition
27+ Hours of Video Instruction Overview: CISSP Complete Video Course, 3rd Edition, is your full study …
book
CompTIA Security+ SY0-601 Cert Guide, 5th Edition
Learn, prepare, and practice for CompTIA Security+ SY0-601 exam success with this CompTIA Security+ SY0-601 Cert …