Introduction to Cybersecurity: Theory and Practice (223003474)

The course will cover identity and access management, password security, MFA, RBAC, SSO, and federation technologies. It will examine secure development lifecycle principles, threat modeling, risk assessment, and application security testing. Focus will be given to incident response strategies and digital forensics, fundamentals of cloud security, service models, and data security management. Legal and ethical aspects, including privacy laws and compliance strategies, will also be discussed. The course will conclude with penetration testing, ethical hacking, Security Operations Center operations, including SIEM tools, incident handling, and threat hunting.

Students will thoroughly examine vulnerability research methods, including detection techniques, assessment tools, effective management, and reporting. The course will also cover cybersecurity policy and strategy, including policy development, setting security objectives, regulatory compliance, and challenges in policy implementation. The data encryption strategies module will cover encryption principles, technologies, data storage and transmission, and encryption policies. The advanced strategies for penetration testing section will teach high-level techniques, the use of automated tools, method application in various environments, as well as ethical and legal aspects. The digital identity management segment will encompass understanding the digital identity ecosystem, IAM system integration, SSO solutions, and protection strategies. The information security management system course will introduce the ISO27001 standard, ISMS planning, internal auditing, and certification process. The cyber intelligence and information  sources module will review cyber intelligence principles, open sources, threat intelligence platforms, and data analysis. The final module will cover the development of security awareness and training programs, training methodologies, interactive training sessions, and program evaluation and improvement.

Students will delve into advanced threat analysis (APT), learning about threat intelligence, detection, analysis, and the development of effective defense strategies. Threat modeling techniques, including STRIDE, PASTA,
and TRIKE, and their application in the software development lifecycle will also be discussed. The DevSecOps section will explore the integration of security into DevOps processes, automation practices, and tools. Configuration management and automation sessions will cover infrastructure as code principles, configuration management tools, and security strategies in automation. The container security component will focus on security practices for Docker and Kubernetes. The cloud security platforms segment will examine security aspects and strategies for AWS, Azure, and Google Cloud. The network segregation and segmentation module will address network design principles, VLAN configuration, and micro-segmentation. Finally, the course will conclude with security incident simulations and exercises, including Red Team and Blue Team scenarios, incident recovery procedures, and improvement methods.

• CV.
• LinkedIn.
• Job interview workshops.
• Selft – employment and fees.
• IT specialist competencies.