Cyber Defense Fundamentals: Threats, Tools & Techniques

Name: Cyber Defense Fundamentals: Threats, Tools & Techniques
Rating: 5.0 (3 reviews)

Build cyber defense skills in threat detection, network security, firewall management, and endpoint protection

Role Play

Created byStarweaver Experts, Paul Siegel, Abdelrhman orafy

Last updated 4/2026

English

What you'll learn

Analyze common cyber threats and use foundational detection techniques to identify vulnerabilities and improve cybersecurity defense strategies
Implement core network security defense strategies to secure systems, traffic, network and infrastructure through best practices in cyber defense
Apply endpoint protection methods, including system hardening, deployment of security tools, and other cyber defense methods to protect organizational assets
Configure and manage firewall policies to control access, enforce security controls, and prevent unauthorized access as part of a robust cyber defense framework

Course content

15 sections • 62 lectures • 6h 52m total length

Intro Video to Course5:52
Introduction to the course, key topics to be covered, and call to action.
Welcome to the Course: Course Overview3:03

Section Introduction4:06
Introduction to the section, key topics to be covered, and what learners can expect to achieve.
Fundamentals of Cyber Defense7:06
Overview of cyber defense basics, including threats, vulnerabilities, and the role of layered security.
Understanding the Threat Landscape6:27
Explanation of common cyber threats - malware, phishing, intrusions and how attackers exploit weaknesses.
Core Components of Defensive Security7:30
Breakdown of essential defense pillars: prevention, detection, response, and monitoring in security operations.

Types of Cyber Threats7:38
Overview of common threat types including malware, phishing, social engineering, insider threats, and network-based attacks.
How Cyber Attacks Work11:53
Demonstration of basic attack flow showing how attackers’ probe, exploit, and gain access to systems
Threat Actors & Motivation8:21
Breakdown of who threatens actors are - criminals, nation-states, hacktivists and why they target organizations.

Network Defense Basics7:59
Introduction to key network defense concepts such as segmentation, ACLs, monitoring, and secure architecture.
Defensive Tools & Technologies10:04
Demonstration of tools used for network defense, including firewalls, IDS/IPS, and packet analyzers.
Defensive Tools & Technologies6:38
Explore four defensive tools that protect networks—firewalls, local traffic controls, IDS/IPS, and analysis with Wireshark and SEM platforms—and see pfSense with Cercata detect and categorize alerts during scans and DDoS.
Understanding Traffic Flow5:39
Explanation of network traffic patterns, protocols, and baseline behavior helps detect anomalies.
Network Security Principles & Traffic Fundamentals0:17
Basic Network Monitoring Lab0:14
Defending Networks and Monitoring Traffic
Investigating a Suspicious Security Alert

Section Introduction3:51
Introduction to the section, key topics to be covered, and call to action.
What Is Network Defense?7:15
Overview of network defense basics, including why networks are targeted and how defensive layers protect infrastructure.
Defensive Architecture Basics7:27
Explanation of concepts like network segmentation, perimeter defense, and secure traffic design.
Network Visibility & Monitoring8:35
Introduction to monitoring traffic, detecting anomalies, and understanding normal vs suspicious network behavior.
Network Visibility & Monitoring5:32
Explore network visibility and monitoring by collecting security logs, filtering events like 4625 failed logins, and using Splunk to visualize anomalies and brute-force activity.

Understanding Network Segmentation7:00
Explanation of segmentation, VLANs, and how dividing networks improves security and reduces attack spread.
Access Control Lists (ACLs)12:09
Demonstration of configuring ACLs and understanding how rules allow or block specific types of traffic.
Access Control Lists (ACLs) Part 24:47
Explore how access control lists govern traffic by source, destination, ports, and protocols, and how top-to-bottom rule processing, least privilege, and default denial strengthen network segmentation and threat logging.
Authentication & Authorization Basics7:05
Overview of identity verification, least privilege, and securing access to critical network resources

Introduction to Traffic Monitoring22:55
Overview of traffic analysis and the importance of establishing baselines for detecting abnormal behavior.
Introduction to Traffic Monitoring Part 24:24
Learn how traffic monitoring provides defenders visibility, baselines, and real-time threat detection, then simulate attacks with nmap and dos floods using Splunk for instant investigation.
IDS/IPS Fundamentals12:10
Demonstration of intrusion detection concepts, signatures, alerts, and how IDS tools detect suspicious activity.
IDS/IPS Fundamentals Part 25:41
Explore real-time network threat monitoring with Splunk dashboards, visualizing traffic, top sources, and targeted ports; learn IDS vs IPS, signatures, and behavior analysis for anomalies.
Identifying Suspicious Network Behavior7:46
Explanation of common indicators of compromise in network traffic and how analysts investigate them.
Monitoring & IDS Essentials0:19
Basic IDS/Traffic Analysis Lab0:16
Traffic Monitoring & Intrusion Detection
Containing Lateral Movement in the Network

Section Introduction3:37
Introduction to the section, key topics to be covered, and call to action.
What Are Endpoints?6:56
Explanation of endpoint types, why they are targeted, and their role in an organization's security posture.
Common Endpoint Vulnerabilities6:17
Overview of typical weaknesses such as outdated software, misconfiguration, weak authentication, and unsafe user behavior.
Principles of Endpoint Protection7:43
Introduction to endpoint hardening, antivirus/EDR tools, and best practices for reducing attack surfaces.

System Hardening Basics6:38
Overview of endpoint hardening concepts, including disabling unused services, enforcing strong policies, and minimizing exposure.
Patch Management Workflow12:16
Prioritize and deploy security-critical patches to close exploitable vulnerabilities, balancing testing and stability. Use SIEM analytics in Splunk to detect post-patch exploitation and study attack patterns.
Patch Management Workflow9:52
Demonstration of updating software, applying patches, and automating updates to reduce vulnerabilities.
Secure Authentication Practices9:14
Explanation of password policies, MFA, privilege management, and limiting user access rights.

Introduction to Endpoint Security Tools6:49
Overview of antivirus, EDR, and endpoint monitoring tools that detect suspicious activity.
EDR Alerts & Investigation8:28
Demonstration of analyzing endpoint alerts, reviewing suspicious processes, and responding to potential threats.
EDR Alerts & Investigation9:42
Explore how edr alerts guide investigations, using pfSense logs to detect port scans and ssh brute force, and Velociraptor to collect Windows endpoint telemetry for rapid response.
How Endpoints Detect Attacks9:10
Explanation of behavioral detection, signatures, sandboxing, and how endpoints mitigate attacks.
Endpoint Protection Fundamentals0:17
Endpoint Investigation Lab0:14
Endpoint Security Tools & Threat Detection
Responding to a Potential Endpoint Compromise

Requirements

A basic understanding of networking, OS fundamentals, and comfort using command-line tools. A general understanding of IT systems is also recommended.

Description

Fundamentals of Cyber Defense are designed to provide learners with a structured, practical, and operations-focused understanding of how modern IT environments are secured against evolving cyber threats. In today’s increasingly interconnected world, organizations of all sizes rely heavily on interconnected systems, which makes them vulnerable to sophisticated and persistent cyber attacks.

This course introduces learners to the essential cyber defense capabilities required to secure networks, endpoints, and systems, covering areas like threat detection, network security, endpoint protection, and firewall configuration. Rather than treating cybersecurity as a set of isolated tools, the course emphasizes how these components work together as part of a coordinated defense strategy.

Learners will gain hands-on skills in identifying vulnerabilities, analyzing attacker behavior, and applying foundational security controls to mitigate cybersecurity risks. The course explores how cyberattacks unfold across environments, including techniques such as phishing, lateral movement, and privilege escalation, enabling learners to anticipate and effectively respond to emerging threats. Emphasis is placed on how weaknesses arise from misconfigurations, inadequate monitoring, and weak access control, and how these gaps can be closed through proper cyber defense design. Practical learning ensures participants can recognize risks, implement core protections, and support ongoing security operations in real-world scenarios.

The program also highlights how different cyber defense layers work together to create resilient systems and how to maintain visibility across networks and endpoints. By the end of this course, learners will be able to apply core cybersecurity principles, contribute to organizational cybersecurity defense efforts, and support proactive cyber defense strategies.

Participants will leave with a solid foundation in cyber defense, the ability to think analytically about cybersecurity risk, and the skills needed to protect systems, data, and digital environments in both professional and personal contexts.

Who this course is for:

This course is ideal for IT professionals, network administrators, SOC analysts, helpdesk analysts, and cybersecurity students seeking to strengthen their foundational cyber defense knowledge and skills.

Cyber Defense Fundamentals: Threats, Tools & Techniques

What you'll learn

Explore related topics

Course content

Introduction to the Course2 lectures • 9min

Introduction to Cyber Defense Principles4 lectures • 25min

Understanding Cyber Threats and Attack Behavior3 lectures • 28min

Defending Networks and Monitoring Traffic7 lectures • 31min

Introduction to Network Defense5 lectures • 33min

Network Access Control & Segmentation4 lectures • 31min

Traffic Monitoring & Intrusion Detection8 lectures • 54min

Introduction to Endpoint Security4 lectures • 25min

Endpoint Hardening Techniques4 lectures • 38min

Endpoint Security Tools & Threat Detection7 lectures • 35min

Requirements

Description

Who this course is for: