IT Security: Defense Against the Digital Dark Arts
Threats & attacks · Cryptography · AAA framework · Network security · Policies & compliance
1 · Security Threats & Attacks
Placeholder - fill in while studying.
Topics: malware types (virus, worm, trojan, ransomware, spyware, rootkit), social engineering (phishing, spear phishing, vishing, pretexting), SQL injection, XSS, MITM, DoS/DDoS, password attacks (brute force, rainbow table, dictionary), insider threats.
2 · Cryptography & Encryption
Placeholder - fill in while studying.
Topics: symmetric (AES, DES, 3DES) vs asymmetric (RSA, ECC) encryption, key exchange, PKI, digital certificates (X.509), CA hierarchy, hashing (MD5, SHA-1, SHA-256), digital signatures, TLS/SSL handshake, HTTPS.
3 · AAA - Authentication, Authorization & Accounting
Placeholder - fill in while studying.
Topics: authentication factors (something you know / have / are), MFA, RADIUS, TACACS+, Kerberos, LDAP/AD authentication, OAuth, SAML, RBAC vs DAC vs MAC, least privilege, Zero Trust, audit logging.
4 · Securing Networks
Placeholder - fill in while studying.
Topics: firewalls (stateful vs stateless vs NGFW), IDS vs IPS, DMZ, network segmentation, WPA2 vs WPA3, 802.1X (EAP), VPN (reviewed in Course 2), port security, NAC, honeypots, network monitoring (SIEM).
5 · Security Policies & Compliance
Placeholder - fill in while studying.
Topics: security policies (AUP, password policy, data classification), compliance frameworks (HIPAA, PCI-DSS, SOC 2, ISO 27001, NIST), vulnerability management, patch cadence, incident response lifecycle (PICERL), risk assessment, physical security.