Cybersecurity for Absolute Beginners (C-FAB)
Your first step into cybersecurity. No technical background needed. Learn what cybersecurity is, why it matters, and build a foundation for your security career.
1. What is Cybersecurity?
Module 1: Foundations. CIA Triad deep-dive: Confidentiality (AES, symmetric keys), Integrity (hashing, SHA-256), Availability (DDoS). Core principles and ethical hacking intro—authorized pentest permission means safe practice ahead.
2. Why Cybersecurity Matters
Module 1: Foundations. Global stats ($10T cybercrime), breaches like Equifax, personal risks from weak crypto. Pentest angle: test your own assets to find gaps (authorized scope reminder).
3. Social Engineering & Your First Line of Defence
Module 1: Foundations. Pure theory—social engineering, why humans are the first line of defence, awareness and scepticism, how attackers exploit trust. Builds on the CIA triad and why security matters; sets up MFA and encryption before a dedicated MITM deep-dive.
4. MFA
Module 1: Foundations. Pure theory—multi-factor authentication: something you know, have, and are; TOTP, hardware keys, SMS pros/cons; how MFA blocks credential theft and brute-force. Builds on social engineering and first line of defence.
5. Encryption
Module 1: Foundations. Pure theory—encryption fundamentals, symmetric vs asymmetric, TLS/HTTPS, protecting data in transit, how encryption defeats MITM. Builds on MFA and first line of defence.
6. History of Encryption
Module 1: Foundations. Pure theory—from ancient ciphers to modern TLS: substitution, Enigma, DES, AES, and the evolution of cryptographic standards. Why strong crypto and key management matter for defence.
7. DDoS Attack
Module 2: Threat Landscape. Distributed Denial of Service attacks: how they work, common vectors (volumetric, protocol, application-layer), mitigation and defence strategies. Essential for understanding availability threats and resilience.
8. Threat Landscape Overview : MITM
Module 1: Foundations. Deep dive into Man-in-the-Middle (MITM) theory: what MITM is, why unencrypted traffic is vulnerable, attack types (ARP, DNS, SSL stripping, WiFi), how encryption and TLS defeat MITM, and detection. Beginner-friendly, no labs. Best after social engineering, MFA, and encryption.
9. Threat Landscape: Malware and Ransomware
Module 2: Threat Landscape. Malware types, how ransomware operates, encryption and extortion, defence and recovery. Builds on threat awareness and safe practice.
10. Threat Landscape: Trojan Horse
Module 2: Threat Landscape. Trojan horse attacks: disguised malware, delivery mechanisms, and how to recognise and defend against them. Builds on malware and social engineering concepts.
11. Intro to Networks
Module 2: Networking Basics. Pure theory—networks and CIA triad, OSI 7-layer model, TCP/IP stack, IP addressing and subnetting, ARP/DNS/ICMP, topologies and devices, attack surface and pentest mindset. Essential for MITM, scanning, and threat modeling.
12. TCP/IP and OSI Model
Module 2: Networking Basics. Pure theory—why models matter, OSI 7 layers (PDU, functions, protocols, attacks), encapsulation, TCP/IP 4-layer stack, TCP/UDP deep dive, TLS in transport (handshake, PFS, AEAD), layered attacks, pentest applications. Builds on Intro to Networks.
13. Ports, Protocols, and Services
Module 2: Networking Basics. Pure theory—why ports matter (demultiplexing, IANA, sockets), common ports (FTP, SSH, HTTP/HTTPS, SMB, RDP, DNS, etc.), protocol–service binding and banners, HTTP vs HTTPS encryption deep dive, pentest enumeration to exploitation. Builds on TCP/IP and TLS.
14. Hands-On: Wireshark Basics
Module 2: Networking Basics. What is Wireshark? Core concepts, capture/decode/display pipeline, dissectors, PCAP. Spot unencrypted vs. TLS traffic; layered analysis and pentest use.
15. Setting Up Your Lab
Module 3: Tools of the Trade. Kali VM, add VeraCrypt for encrypted volumes.
16. Nmap: Port Scanning
Module 3: Tools of the Trade. Scans including SSL services.