Introduction to Cyber Security
4.2 (154 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
798 students enrolled
Wishlisted Wishlist

Please confirm that you want to add Introduction to Cyber Security to your Wishlist.

Add to Wishlist

Introduction to Cyber Security

Learn the basic and vital components of Cyber Security & Cyberspace. In this course you learn cyber security components!
4.2 (154 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
798 students enrolled
Created by Michael Goedeker
Last updated 4/2017
Current price: $10 Original price: $110 Discount: 91% off
5 hours left at this price!
30-Day Money-Back Guarantee
  • 8.5 hours on-demand video
  • 4 Supplemental Resources
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
What Will I Learn?
  • Understand components of Cyber Security (i.e. Cyber Warfare, Espionage and Crime)
  • Understand how IT-Security has "morphed" into cyber security
  • Review latest research into attacks, defenses and reasons for various areas of cyber security
  • Discuss (briefly) common core concepts of cyper security.
View Curriculum
  • General security, security awareness and or an interest in technology

Many people interpret and decide on what cyber security is, some see cyber security as a continuation of evolved version of it-security, others view it as a completely new branch of security and still others see it as mixture of the two. This course will give you the basics based on actual literature reviews, academic research and personal experience in global projects and work in cyber security, focusing on cyber warfare, espionage, crime and defenses as well as attacks used.

Areas covered in this course include:

  1. Introduction into "Cyber"
  2. Explanation of Cyber Areas such as what cyber is, what are the definitions of cyber war, espionage, crime, etc.
  3. Basic components of Cyber Security such as OSINT, Hacking and Criminal Hackers, Hacker Profiles and Forensics, and much more.
  4. Details into Cyber Warfare, Espionage and Crime

It is a comprehensive introduction into cyber security and the cyber areas that will help you understand more detailed aspects of the weaknesses, attacks and defenses used to attack or protect critical infrastructure.

If you need more comprehensive "practical" knowledge, we provide courses up to the Mil/DoD spec on these topics.

Who is the target audience?
  • Anyone who is interested in security, securing data, information or just yourselves while online
  • Anyone who works or is interested in learning about cyber security and cyber research
  • People who are just started out in the security field and want a fast, easy way to find out about what cyber security means.
  • A brief overview of core cyber principles.
Students Who Viewed This Course Also Viewed
Curriculum For This Course
55 Lectures
Cyber Security - Definitions and The Basics
16 Lectures 02:16:36

We take a look at what cyber security is and explore the various technology and history of the internet and electronic advancements that influence the digital world.

Preview 07:20

What is cyber really? Here we look at the definition of cyber security and how it has evolved into what we now understand as cyber security.

What is "Cyber"?

Many security companies talk about APT (Advanced Persistent Threats) and cyber threats, here we take a look at what cyber threats are in order to understand what makes a threat a cyber threat.

Preview 09:14

Many types of attacks that target other nations also tend to be discovered after some time. This technology unfortunately tends to find its way into criminals malware and attacks. This lecture looks at the ramifications of cyber warfare and espionage and how these attacks or technologies are reverse engineered into the next cyber crime attacks that people and businesses have to deal with.

How Cyber Attacks Spill over into Business

You may have heard of the "Onion" or defense in depth, here we talk about creating layers of security that protect assets. Depending on the layers, we have certain policies, technology and teams making sure that attacks do not reach the next layer in a business or institution.

Layers of Security (The Onion)

Since technology has advanced, we have also seen an increase in the business side of things adapt more technology into it. Today, the internet hosts so many businesses that are interconnected throughout the world. The internet and the underlying technology has created its own economy. Some of the more recent areas include Bitcoin as a currency but certainly also includes eCommerce and eBusiness.

Internet Economy

Although everyone "seems" to know what hacking is, reality tells a different story. There are big differences between hacking, hackers and the criminals that many erroniously refer to as "hackers" when in fact they are crackers.

Hacking & Criminal Hackers

The United Nations Inter-regional Crime Research Institute started a project that sought to put different types of hackers into profiles. This lecture looks at what they did and the results of some of those "profiles".

The Hacker Profiling Project (HPP)

Incident response is a core process or procedure that is referenced in many different standards such as Cobit and ITIL. In cyber security this is even more important as attacks as well as situations that happen within a company or institution can be attacks. Incident response helps the security team or organization quickly stop the attack from going further and also collects data on what happened so that vulnerabilities can be closed.

Incident Response

In order to protect valuable things such as data, we need to first list what "assets" we have and then analyize what threats they face. Risk management is focused on managing the risks toward those assets in an organization.

Risk Management

This has only recently been an area within cyber security that has evolved as a result of attacks on water works, sewage and power plants. Critical infrastructure is the term for all services and structures that if attacked would result in catastrophic lose of life and damages to civilians or a given population.

"Critical Infrastructure"

Everyone works with information in some form or another. When we send and receive or work with information, a third party could be interested in it and will try to get it. One way to protect data is by using tools that encrypt it and enable safer handling or transportation. Encryption should be a standard component in any organization and its security policy.


Awareness simply put means being aware of something, whether a threat, risk or anything else. When we know about something, its easier to recognize and stop.


The internet was never created as a secure system or protocol. As more countries and businesses depend on the internet to do business, so does its importance as an economic factor. When attacks happen, questions arise as to who owns the internet and who is responsible for attacking it. In today´s age, hiding behind Proxy servers can also hide the true identity of an attackers origin.

The Challenge of who is responsible

As with many things in security or technology, humans are usually the weakest link. The human factor discusses how our "humanity" enables attackers to use human nature (aka social engineering) to obtain access and information that is otherwise confidential or secret.

The Human Factor

Social Engineering is a big attack vector that targets human nature to get access or to make people do things that are not allowed or are not correct. These attacks are so dangerous because they are almost always successful without the proper security awareness.

Social Engineering
Modern Components of Cyber
8 Lectures 01:31:47

This refers to the strategy of using different components for defensive and offensive purposes. Most nations have either drafted or have a cyber space or cyber strategy that details what mechanisms and proposed laws apply when attacked and what rights and rules are to be followed in defending or attacking other targets.

Cyber Strategy

A concept that was created in 2011by the Lockheed Martin Computer Incident Response Team. This concept basiclly discusses how APTs (Advanced Persistent Threats) are not or poorly detected by static technology.

"The Kill Chain"

Here we take a look at how computer or cyber technology is changing how nations engage in combat. Tomorow´s wars will be fought with computers, viruses, botnets and other computing technology.

Cyber Warfare

Spy technology (just like warfare) has evolved to include computers, electronics and software into the intelligence spectrum that has evolving technical capabilities to "intercept" any and all data the flows through the internet and its systems.

Cyber Espionage

The use of cyber threats for organized crime and stealing data, secrets as well as information which are then sold to the highest bidder. The lines between crime and espionage are becoming harder to distinguish today. Other areas that are included in cyber crime are stealing private data, passwords, credit cards and whole identities.

Cyber Crime

The use of computer technology and components of "traditional" IT Security for defensive purposes. This area also concentrates on protecting critical infrastructure from attacks as well as using newer methods of sandboxing and other technologies to detect and catagorize APTs and other cyber attacks.

Cyber Defense

The proactive use of attack technologies including malware, botnets DDOS and other malicous weapons to attack another company, attacker or nation-state.

Cyber Offense

Cyber Units are specially trained teams that deal with cyber threats such as war, espionage and even crime to a company or nation. When part of national security, these teams typically include components of defense as well as offense. In recent years most nations have worked on building these advanced types of military or national security technical teams.

Cyber Units
Defending in the "Cyber World"
12 Lectures 01:34:02

Network based systems that analyze traffic to and from systems and block attacks as defined in a rule set.


A network alerting system that detects intrusion attempts to company or institution's resources.Newer versions integrate multiple functions such as SIEM, IDS and IPS in one platform.

IDS (Intrusion Detection System)

A network based attack deterance system that resets TCP/IP connections or attempts to drop malicious attacks on infrastructure or systems.

IPS (Intrusion Prevention System)

Refers to collecting of intellience from open sources as opposed to closed sources (aka spying, human intelligence, etc.).

OSINT (Open Source Intelligence)

Systems collect data about what is going on in a network or systems. A challenge with dynamic and evolving threats is how to use information that we collect to help understand, detect and deter attacks either before they happen or as they are happening. Many systems today just collect too much information and the question arrises very quickly as to the value of that information if it can not be used.

Actionable Data (so all those alerts help me how?)

Here we focus on explaining some of those systems that install agents that monitor the status and capture alerts and information of servers and critical services.

SIEM (Security Incident and Event Monitoring)

This lecture introduces another part of our "Proactive Security Team Methodology" and uses the same skills as hackers do. Malware analysis and reverse engineering looks at malware, its components and how to analyze and reverse engineer it.

Malware Analysis and Reverse Engineering

Successful security teams today and in the future must be just as dynamic and innovative as the attacks they face in cyber space. Teams that adopt a "proactive" stance in that they also learn how to "hack" their own systems, tend to be more secure than those teams that depend on more static and traditional approaches to security.

The Proactive Security Team

There are many different aspects to cyber security, tools and protection of data. Home users are in some cases more vulnerable than in enterprise or institutional networks because of the added risks involved if not using VPN and more elaborate network security technology in larger more complex networks.

Cyber Security for Home Users

Corporations and Businesses will have to face new threats that consistently push the boundaries of existing security technology and solutions. The dynamic and persistent nature of tomorrow´s cyber threats are changing the needs of security and methods to protect against corporate espionage and cyber crime.

Cyber Security for Corporations / Businesses

The central network brain of an organization or institution that monitors the operational status of complex networks. Although tasked with watching over the network components, they also integrate with other functions such as incident management and rapid response teams.

NOC (Network Operations Center)

Simular to the NOC, the Security Operations Center monitors the overall security of an enterprise or institution. Some areas that are included here are Threat Intelligence, Governance and Data Security.

SOC (Security Operations Center)
8 Lectures 25:34

A review of cyber security and what the future holds in regards to threats and defense within the context of this course.


Presentation to this training.

Presentation Material
132 pages

Handbook to this training.

121 pages

This research case focuses on an example of how a BotNet can be used to monitor, infect and influence Social Media.

Cases in Cyber 1 - The Social BotNet

Recent cases of implanted backdoor technology focused on implanting boot-kits in Macs and other UEFI systems that keep systems insecure and monitored by spies or attackers (in some instances) from a distance.

Cases in Cyber 2 - Backdoors in UEFI

Some cases in the past revolved around spyware installed on clients known as FinFisher and Hacking Team. These software suites installed via vulnerabilities and exploits that captured screenshots and circumvented authentication in order to monitor journalists, political dissidents as well as terrorists. One could argue that there needs to be methods to capture terrorist activity in order to protect nations, but there are also ramifications when these tools get into the wrong hands.

Cases in Cyber 3 - FinFisher/Hacking Team (The Endpoint)

By now you certainly have heard of SCADA the malware / virus / worm that infected Nucelar Powerplants in Iran. Research from security companies found this nasty piece of work that broke centrifuges in the plants that were used for Uranium enrichment. This was the first example of a cyber war weapon that actually caused physical damage.

Cases in Cyber 4 - SCADA and Co.
10 pages

Liturature and discussion on 2FA and Authentication

8 pages
The Final Exam
0 Lectures 00:00

This Exam tests that you know the basics, all exams are yes or no questions. If you read and know the course, passing is a piece of cake. Enjoy the process!

Exam Part 1 The Cyber Basics
10 questions

This tests your knowledge of Cyber Components, all exams here are yes or no. Enjoy the process!

Exam Part 2 Modern Components of Cyber
10 questions

This is the last part of the exams for this course, I promise.....would these eyes lie. ;-)

Exam Part 3 Defending in the Cyber World
10 questions
Proactive Security - Tools & Lost Chapters
11 Lectures 02:48:03

This chapter deals with the proactive security team and how defensive and offensive technology can be used together with an approach to protect the layers and also defend the organization.

The Lost Chapters 1 Proactive Security Team Methodology

The security "onion" has different layers. Each layer has certain mechanisms and a central strategy and processes that help defend against attacks reaching the next layer. Here we go through what types to tools protect the layers.

The Lost Chapters 2 Layers of Security and their protection

PTES is a stanard for Penetration Testing that also has a method to its madness. Many pen tests are just point, click and report. GUI or scanners are not pen testing so we will go through the standard and some of the examples.

The Lost Chapters 3a PTES Penetration Testing Execution Standard

This section discusses the Exploitation, Post Exploitation and Reporting phases of the PTES or Penetration Testing Execution Standard.

The Lost Chapters 3b PTES Penetration Testing Execution Standard

When looking at defense of networks, secure designs and architecture are very important elements of any strategy. When we invest time in the correct placement of network devices, segmentation and access control mechanisms and security, we can only improve the overall security posture. Firewalls, switches, routers, 2 and 3 layer network switching engine configurations such as from Cisco, HP, Juniper, etc. are a key aspect of good network design.

The Lost Chapters 4 Secure Network Design

Inspecting network traffic and analyzing what is in packets is always a must for any NOC/SOC team member. Wireshark, TCP/IP dumps are standard components of a hacker, cracker and network or cyber security techie's arsenal.

The Lost Chapters 5 Wireshark and Packet Analysis

We all know BackTrack which was the pen testers toolkit based on Ubuntu Linux. Since its inception, many new tools have come out and give us options to hack and test how secure we are. Kali Linux is a standard pen testing swiss knife Linux distro with many tools already installed and waiting to go.

The Lost Chapters 6 Kali Linux

After looking at Kali, we also look at community based versions of other scanners that help red and blue teams secure some aspects of the network through penetration testing. As with all GUI and scanners, manual validation is always needed to verify . We will take a brief look at Metasplot (in Kali Linux) and Nessus.

The Lost Chapters 7 OpenVas / Metasploit

Looking at web applications has grown in popularity among crackers and hackers. Many successful attacks go back to older vulnerabilities and errors in design such as simple authentication, no filtering that detects and blocks SQL Injection, etc. Web scanners are an easy and fast way to do very simple tests to figure out how easy it is to break into and pwn web applications.

The Lost Chapters 8 Web App Scanners

Black Arch Linux is another awesome Pen Testing and Network Audit virtual machine that allows you to do many things that Kali can but needs less resources and a bit more skills since you can install single packages.

The Lost Chapters 9 Blackarch Linux

This lecture takes a look at the free or open source based HIDS / NIDS and SIEM solutions out there from OSSEC, Snort, SGUIL (network) and Squert on a Xubuntu based Linux distribution called Security Onion. This VM is a more complex than Kali and even BlackArch in that you need to understand the concept of Snort and OSSEC before collecting intrusion information and configuring alerts and rules that trigger events on the dashboards.

The Lost Chapters 10 Network Monitoring Primer with Security Onion VM
About the Instructor
Michael Goedeker
4.1 Average rating
409 Reviews
7,408 Students
5 Courses
Cyber Security Researcher, Speaker & Trainer, M.Sc. CISSP

Michael has worked on multiple projects globally from architecture to cyber security, working with some of the biggest fortune 50 companies and within the top 5 consulting industry. Some companies he has worked with and for include Accenture, Avanade, Dell, FSC, HP, IBM, Microsoft, Sophos and Symantec.

Michael's company (HakDefNet) currently does research and projects focused on Global Cyber Threats, International Business and Security Leadership and are aimed at making security products, processes, solutions and defense against cyber threats as easy to understand and implement as possible. Michael is also the author of the chapter "Cyber Security: Future IT-Security Challenges for Tomorrow's Leaders and Businesses", and recently participated in an interview with IGI Global Promotions Coordinator Ann Lupold, elaborating on elevating issues in cyber security and cyber espionage, as well as the challenges that leaders and businesses face in confronting such issues. He also has written for various IT, Channel and Business publications and newspapers internationally.

Michael is also certified as an ISO/IEC27001:2013 Lead Auditor and is the first cyber security trainer to ever be keynote speaker at Davos.