
This introductory lesson on cybersecurity provides a comprehensive overview of fundamental principles and practices that will be explored in-depth throughout the course. The lesson emphasizes the critical balance between security and convenience, highlights core objectives of cybersecurity, such as protecting networks, devices, and sensitive data, and stresses the importance of good administrative practices, including patch management, user privilege control, and minimization of the attack surface. Students will gain insights into multifactor authentication's significance and the need for minimizing privileges to enhance overall cybersecurity, ensuring a strong foundation for the upcoming lessons in the course.
In this lesson, we explore the concept of social engineering in the realm of cybersecurity and highlight the human element's importance in securing an organization. The lesson emphasizes how trust, willingness to help, and busy schedules can lead to security vulnerabilities and suggests practical approaches, such as social engineering penetration tests, to train employees to be more cautious and vigilant in recognizing potential threats.
In this lesson, we delve into the importance of creating and implementing an employee cybersecurity policy. The cybersecurity policy is a formal document that outlines the responsibilities of employees regarding cybersecurity measures, and while we won't create an entire policy in this session, we will provide you with valuable resources to help craft your own cybersecurity policy, emphasizing the significance of these policies and the need for employee compliance to ensure data security.
This lesson explores the significant shift from office-based work to remote work, highlighting the absence of traditional security measures when employees work from home. It emphasizes the importance of adapting security policies to address the unique challenges posed by remote work and the need for effective identity validation for remote workers seeking assistance, ultimately underlining the increased cybersecurity risks associated with this mode of work.
This lesson explains how VPN services like NordVPN and Surfshark work, detailing their use of encryption and secure servers to protect user privacy, mask IP addresses, and bypass geographic restrictions. It also explores the benefits, drawbacks, typical costs, and the risks VPNs help eliminate.
In this lesson, the focus is on remote worker VPN services and the challenges they pose for cybersecurity. It highlights the security concerns related to remote workers using personal devices and the potential solutions to mitigate these risks, such as using virtual desktops as a secure alternative to allowing personal devices on the corporate network.
In this lesson, we explore three common cybersecurity attacks, starting with distributed denial of service (DDoS) attacks, where attackers overwhelm systems with traffic to make websites or applications unavailable. We then delve into advanced persistent threats (APTs), where attackers gain long-term access to networks, potentially stealing data or taking control of systems, and finish by discussing SQL injection attacks that target databases to read or modify sensitive information. Understanding these threats is essential for effective cybersecurity defense strategies.
In this lesson, we explore the differences between servers and managed services in terms of cybersecurity. By comparing an on-premises server setup with managed cloud services like Office 365 or AWS, we understand how the responsibilities and security implications vary, introducing the concept of a shared responsibility model in cloud computing.
In this lesson, we explore the importance of basic physical security measures as an integral part of a comprehensive cybersecurity plan. Focusing on key areas such as front door access, dumpster security, data center protection, and the use of misleading signage, we learn how these measures help deter unauthorized access and make it more challenging for potential attackers to locate and compromise critical assets within a facility.
In this lesson, we delve into the concept of network segmentation and its role in enhancing network security. Using a simple example involving three servers, we explore the use of network segments, VLANs, routers, and firewalls to control and enforce security measures between different segments, ultimately preventing unauthorized communication between specific zones within a network. We also touch upon the limitations of traditional segmentation, which can lead to challenges in controlling traffic within segments, paving the way for the introduction of the more modern micro-segmentation approach to address these issues.
In this lesson, we delve into the concept of micro segmentation as a solution to overcome the challenges of controlling communication within a network segment. By placing firewalls at the network interface of virtual machines, micro segmentation allows for fine-grained control over traffic and enhances security by inspecting and stopping traffic at the individual network interface level, making lateral movement within the network more difficult.
Key takeaways include understanding how micro segmentation works, its benefits in enhancing network security, and the tools and solutions available to implement it, such as VMware NSX-T and cloud providers' security group rules. This lesson is essential for anyone looking to strengthen network security and minimize potential damage in the event of a compromise.
In this lesson, we explore the concepts of stateful firewalls, zero trust models, and deep packet inspection in the context of network security. We learn how stateful firewalls dynamically open and close ports based on known connections and contrast them with zero trust models that deny all traffic by default, only allowing explicitly defined traffic. Additionally, we delve into intrusion detection and prevention systems, highlighting their roles in identifying and alerting or actively preventing known exploits within a network.
In this lesson, the concept of a honeypot is explained, and its use as a cybersecurity strategy is explored. The lesson uses the Honey Train Project as a prime example, demonstrating how honeypots can lure potential attackers by presenting an enticing yet low-value target, ultimately allowing organizations to analyze and thwart cyber threats while diverting attackers' time and resources.
In this informative lesson, the video covers essential aspects of antivirus, anti-malware, and anti-spyware solutions. It highlights the importance of selecting the right antivirus solution for various environments, especially in virtualized settings, while emphasizing the significance of licensing compliance and resource efficiency to ensure effective protection against malware threats.
This lesson delves into the vital aspect of backups and disaster recovery within the context of cybersecurity. It emphasizes the significance of backup solutions in mitigating the impact of threats like ransomware, explores different backup methods such as Veeam, tape libraries, and cloud-based solutions like AWS Storage Gateway and Vcdr, highlighting the cost-effectiveness and advantages of these options in ensuring data protection and recovery.
In this lesson, you'll explore various DNS and URL filtering tools to enhance internet communication security. You'll learn about the importance of DNS filtering to prevent malicious connections, the differences between white-list and black-list approaches, and the utilization of solutions like Palo Alto Networks, DNS Pi-hole, and AWS Route 53 for protecting against DDoS attacks and other threats.
In this lesson, you'll explore the concept of port security and its application in safeguarding Ethernet ports within physical locations. You'll learn about both low-tech methods, such as physically disconnecting unused ports, and higher-tech approaches like implementing port security on physical switches, which involves MAC address tracking and the "trust on first use" (tofu) principle to enhance network security and protect against unauthorized devices.
In this concise lesson, you'll learn about the importance of cybersecurity insurance as a safeguard against unforeseen cybersecurity incidents that may result in data loss or significant downtime. While cybersecurity measures are crucial, having insurance provides a safety net to mitigate financial losses and help businesses recover from potential cyber threats, making it a valuable consideration for protecting your organization.
In this informative lesson, you'll delve into the concept of penetration testing, which involves hiring professionals to intentionally try to breach your network's security. By actively identifying vulnerabilities and weaknesses, penetration testing helps organizations proactively address potential threats and secure sensitive data, making it an essential practice for safeguarding against cyberattacks and ensuring compliance with audit requirements.
"Simple and engaging, important concepts are being talked without technical arrogance!" -Pathakn
"Excellent course and definitely enjoyed the instructor's style and pace." -Jim
"Very smart and intuitive. Going over the basics is hard, he does it well. I love the way he applies his knowledge" -Joe
If you need to get a basic understanding of Cyber Security quickly and clearly, this is the course for you. This course is designed for beginners and busy professionals.
According to Glassdoor the median salary for a Cyber Security professionals is $134k per year! Take your career to the next level with this essential skill set.
Frequent quizzes and downloadable PDF study guides are recent additions to this course that will help you learn even faster!
Here are a few of the topics we will cover:
Social Engineering
Example Employee Security Policy
Remote Workers Security and VPNs
VPN Services for Internet Access (Nord, SurfShark, etc..)
Common Attack Types
Servers vs. Managed Services
Operational Security
Network Segmentation, Microsegmentation, and Switch Port Security
Basic Firewall Concepts, DNS and URL Filtering
Honey Pots
AntiVirus / AntiMalware / AntiSpyware
Backups and Disaster Recovery
Cyber Security Insurance
Penetration Testing / Vulnerability Identification
Zero Trust / Least Privilege Security Mode
If you need the basics of Cyber Security, this course will give you a strong foundation and is the ideal starting point.
If you are a manager or administrator who needs a basic understanding of what a Cyber Security plan should include, this is the course for you!
Instructor
My name is Rick Crisci. I spent years teaching directly for tech giants like AWS and VMware. My mission is to take complex topics and make them simple and easy to understand. I use plenty of hands-on demos, diagrams, and downloadable materials to help you learn as quickly and easily as possible.
I have already taught 500,000+ students and gotten over 100,000 reviews, and have many top-rated and best-selling courses on Udemy.
Full Refund Money-Back Guarantee
There is no risk to try my class! If for any reason you are not happy within 30 days you can get a full refund, no questions asked!