Everything on this page, and all of the content developed based upon it, is subject to the same terms of the Cooperative Nonviolent Public License found at The Official CNVPL mirror as the rest of my work.
It’s important that you read the above. This means if you’re a person who wants to learn things, this is free.
If you’re an organization who wants to use it and profit off of it: make damn sure you read this license and its terms. I don’t play.
This part is probably my favorite.
My goal is to complete at least one course a quarter. In this case, a Course is made up of several lessons, and contributes to a section within a learning path.
I have the following learning path complete, and am beginning the first Course. Each section of this learning path will be made of multiple courses.
I have the following Learning plan created:
The goal is to have a graduate of the courses who is generally capable in various infosec basics:
An Entry Level Analyst shall be able to:
- Identify, Classify, and Analyze various risks to computer systems
- Discuss and Summarize the process of cataloging assets
- Discuss and Summarize the process of vulnerability assessment
- Describe and apply several secure networking best-practices
- Recognize and Classify basic code in 3 different kinds of programming language
- Develop a plan for securing a basic network
- Explain how to use 2 major operating systems
- Demonstrate completion of a progressively more difficult set of challenges
- Discuss the process of gathering information regarding a cyber incident
- Summarize 2 major compliance standards in cybersecurity
- Explain the purpose of, and summarize operations of, a Security Operations Center
- Develop a Disaster recovery plan
- Perform a risk assessment of a simplified environment
Get an overview of basic topics and the concepts that make up the later courses. Few lessons have practical labs. Serves as a necessary foundation for the rest of the courses. Includes necessary foundation for later labs and lessons.
I.1 What is InfoSec?
- Define Information Security
- Define Information Science
- Define Confidentiality, Integrity, Availability
- Summarize common Information Security risks and their personal impacts
I.2 Parts of a Computer
- Define Computer
- Describe the major components of a personal computer
- Describe the Server Client Relationship
- Describe the basic process of operating system installation
I.3 Virtual Computing
- Describe the abstractions of computer components
- Summarize the process of determining operating system requirements
- Describe the process of configuring the hardware aspects of a Virtual Machine
- Describe the process of installing Linux Debian
I.3L Setting up a VM
In this lab, you will set up a Virtual machine and put what you learned from I.3 into practice.
I.4 What will we Cover?
This is an overview of what I hope we can achieve together through this.
I.KC Knowledge Check
Theses are optional quizzes that I’ll toss in here periodically. They’ll be automated, and I will likely stand up a CMS for them.
Learn the basics of operating systems and their use. Several lessons include labs. Culminates in completion of a Wargame.
Learn the basics of networking, from the lowest physical levels to the highest abstract ones. Several lessons include labs. Culminates in creation of a virtual lab network.
Risk and Compliance:
Learn how to catalog an environment, and then develop a plan to secure against risks by thinking like an attacker. Learn how to apply these concepts to common compliance methodologies. Culminates in performing a conceptual risk analysis
Information Security Practice:
Learn several common practices in Information Security: Including the evidence gathering process, performing a vulnerability assessment, and penetration assessments. Culminates in a practical assessment in a practice environment.
Learn to write code in the Python programming language and discuss several other kinds of language. Take a look at analyzing some code in unfamiliar languages, and how to approach some difficult problems. Learn to write a basic information parsing program to help with log analysis
Recovery and Continuity:
Learn how to anticipate failures of environments and proactively work to mitigate the problems these failures can cause. Culminates in the creation of a basic recovery plan for a simple environment.
Investigation and Response:
Learn the very basics of Digital Forensics and Incident Response. Culminates in completing a simulated investigation and recovery kickoff with the plan from R&C.