CE | Cybersecurity Essentials Scope and Sequence
Version 3.0

Introduction

Every day, Cybersecurity threats are growing in complexity and scale. In their Global Risks Report (2021) publication, even the World Economic Forum listed Cybersecurity failure among the top 5 global risks, along with threats like extreme weather and infectious diseases. At the same time, organizations everywhere seek new cybersecurity talent. However, due to a skill gap, a predicted 3.5 million cybersecurity jobs globally will likely go unfilled by 2025.

Educators are critical to helping close this skills gap by kickstarting the cybersecurity career journeys of their students. Cybersecurity Essentials 3.0 has been designed to help educators prepare students to take the first stepping stone on their cybersecurity career journey. After completing the course, students can find job roles such as:

  • Junior Cybersecurity Analyst
  • Cybersecurity Technician
  • Cybersecurity Support
  • Cybersecurity Specialist
  • Tier 1 Help Desk Support

Or, they can continue their education toward associate and professional-level cybersecurity job roles with courses like CyberOps Associate, Network Security, etc.

Target Audience

The Cybersecurity Essentials 3.0 course is designed for learners as a starting point for cybersecurity careers. It equips learners with entry-level job skills across the three-course domains:

  • Endpoint Security
  • Network Defense
  • Cyber Threat Management

These domains provide an integrated and comprehensive learning experience for an entry-level Junior Cybersecurity Analyst role. Course topics include:

  • Cybersecurity threats and attacks
  • Threat mitigation
  • Vulnerabilities in protocols and network services
  • Linux and Windows endpoint security
  • Common network defense measures and architectures
  • Vulnerability and risk management
  • Cybersecurity incident response

The course includes hands-on labs using Virtual Machines, Packet Tracer activities, and research-based lab experiences. The course is appropriate for learners of many ages and education levels, primarily at high schools, colleges, and NGOs focusing on retraining opportunities.

Prerequisites

Learners are expected to have the following skills:

  • High school reading level
  • Basic computer literacy
  • Basic PC operating system navigation skills
  • Basic internet usage skills
  • Knowledge of TCP/IP networking, including network protocols, services, processes, and basic configuration of networking devices such as routers and switches

Certification Alignment

This course aligns with Cisco Certified Support Technician (CCST) Cybersecurity certification objectives.

Course Description

In this course, learners develop workforce readiness skills and build a foundation for success in cybersecurity-related careers. With video and rich interactive media support, participants learn, apply, and practice cybersecurity knowledge and skills through a series of in-depth, hands-on experiences and simulated activities that reinforce their learning.

Cybersecurity Essentials teaches comprehensive cybersecurity concepts and skills at the entry level, from threat mitigation and defense to post-incident forensics. Learners will progress from basic cybersecurity concepts to experiences in assessing vulnerabilities and risks later in the curriculum.

Course Objectives

Cybersecurity Essentials prepares students to take their first stepping stone toward entry-level roles or continue their education toward associate and professional-level job roles. These course materials assist in developing the skills necessary to:

  • Explain how threat actors execute some of the most common types of cyber attacks.
  • Explain network security principles.
  • Explain how TCP/IP vulnerabilities enable network attacks.
  • Recommend measures to mitigate threats.
  • Troubleshoot a wireless network.
  • Explain how devices and services are used to enhance network security.
  • Use Windows administrative tools.
  • Implement basic Linux security.
  • Evaluate endpoint protection and the impacts of malware.
  • Use cybersecurity best practices to improve confidentiality, integrity, and availability.
  • Explain approaches to network security defense.
  • Implement some of the various aspects of system and network defense.
  • Configure local and server-based access control.
  • Implement access control lists (ACLs) to filter traffic and mitigate network attacks.
  • Explain how firewalls are implemented to provide network security.
  • Implement Zone-Based Policy Firewall using the CLI.
  • Recommend cloud security requirements based on a given cloud scenario.
  • Determine the cryptographic techniques that are required to ensure confidentiality, integrity, and authenticity.
  • Explain how security technologies affect security monitoring.
  • Use different types of logs and records to store information regarding hosts and the network.
  • Explain the process of evaluating alerts.
  • Create documents and policies related to cybersecurity governance and compliance.
  • Use tools for network security testing.
  • Evaluate threat intelligence sources.
  • Explain how endpoint vulnerabilities are assessed and managed.
  • Select security controls based on risk assessment outcomes.
  • Use incident response models and forensic techniques to investigate security incidents.

Equipment Requirements

Hands-on labs require computers capable of running virtualization software (VirtualBox or UTM) with at least 4GB of RAM and 20GB of free disk space. Labs that require more complex networking environments use the Packet Tracer network simulation tool. Other learning experiences require focused internet-based research and the completion of lab documents.

Optional Lab Equipment:

  • Microsoft Windows host

Software:

  • Oracle Virtual Box or UTM
  • Lab virtual machine OVA file
  • Packet Tracer 8.2.1 or higher

Course Outline

Domain One: Endpoint Security

Module 1: Cybersecurity Threats, Vulnerabilities, and Attacks

1.1 Common Threats

1.2 Deception

1.3 Cyber Attacks

1.4 Wireless and Mobile Device Attacks

1.5 Application Attacks

Module 2: Securing Networks

2.1 Current State of Affairs

2.2 Who is Attacking Our Network?

Module 3: Attacking the Foundation

3.1 IP PDU Details

3.2 IP Vulnerabilities

3.3 TCP and UDP Vulnerabilities

Domain Two: Network Defense

Module 4: Attacking What We Do

4.1 IP Services

4.2 Enterprise Services

4.3 Mitigating Common Network Attacks

Module 5: Wireless Network Communication Devices

5.1 Wireless Communications

5.2 WLAN Threats

5.3 Secure WLANs

Module 6: Network Security Infrastructure

6.1 Security Devices

6.2 Security Services

Module 7: The Windows Operating System

7.1 Windows History

7.2 Windows Architecture and Operations

7.3 Windows Configuration and Monitoring

7.4 Windows Security

Module 8: Linux Overview

8.1 Linux Basics

8.2 Working in the Linux Shell

8.3 Linux Servers and Clients

8.4 Basic Server Administration

8.5 The Linux File System

8.6 Working with the Linux GUI

8.7 Working on a Linux Host

Module 9: System and Endpoint Protection

9.1 Defending Systems and Devices

9.2 Antimalware Protection

9.3 Host-based Intrusion Prevention

9.4 Application Security

Domain Two: Network Defense

Module 11: Understanding Defense

11.1 Defense-in-Depth

11.2 Cybersecurity Operations Management

11.3 Security Policies, Regulations, and Standards

Module 12: System and Network Defense

12.1 Physical Security

12.2 Application Security

12.3 Network Hardening: Services and Protocols

12.4 Network Hardening: Segmentation

12.5 Hardening Wireless and Mobile Devices

12.6 Cybersecurity Resilience

12.7 Embedded and Specialized Systems

Module 13: Access Control

13.1 Access Controls

13.2 Access Control Concepts

13.3 Account Management

13.4 AAA usage and operation

Module 14: Access Control Lists

14.1 Introduction to Access Control Lists

14.2 Wildcard Masking

14.3 Configure ACLs

14.4 Named Standard IPv4 ACL Syntax

14.5 Implement ACLs

14.6 Mitigate Attacks with ACLs

14.7 IPv6 ACLs

Module 15: Firewall Technologies

15.1 Secure Networks with Firewalls

15.2 Firewalls in Network Design

Module 16: Zone-Based Policy Firewalls

16.1 ZPF Overview

16.2 ZPF Operation

16.3 Configure a ZPF

Module 17: Cloud Security

17.1 Virtualization and Cloud Computing

17.2 The Domains of Cloud Security

17.3 Cloud Infrastructure Security

17.4 Cloud Application Security

17.5 Cloud Data Security

17.6 Protecting VMs

Module 18: Cryptography

18.1 Confidentiality

18.2 Obscuring Data

18.3 Integrity and Authenticity

18.4 Hashing

18.5 Public Key Cryptography

18.6 Authorities and the PKI Trust System

18.7 Applications and Impacts of Cryptography

Module 20: Network Security Data

19.1 Monitoring Common Protocols

19.2 Security Technologies

20.1 Types of Security Data

20.2 End Device Logs

20.3 Network Logs

Module 21: Evaluating Alerts

21.1 Source of Alerts

21.2 Overview of Alert Evaluation

Domain Three: Cyber Threat Management

Module 22: Governance and Compliance

22.1 Governance

22.2 The Ethics of Cybersecurity

22.3 IT Security Management Framework

Module 23: Network Security Testing

23.1 Security Assessments

23.2 Network Security Testing Techniques

23.3 Network Security Testing Tools

23.4 Penetration Testing

Module 24: Threat Intelligence

24.1 Information Sources

24.2 Threat Intelligence Services

Module 25: Endpoint Vulnerability Assessment

25.1 Network and Server Profiling

25.2 Common Vulnerability Scoring System (CVSS)

25.3 Secure Device Management

Module 26: Risk Management and Security Controls

26.1 Risk Management

26.2 Risk Assessment

26.3 Security Controls

Module 27: Digital Forensics and Incident Analysis and Response

27.1 Evidence Handling and Attack Attribution

27.2 The Cyber Kill Chain

27.3 The Diamond Model of Intrusion Analysis

27.4 Incident Response

27.5 Disaster Recovery