Skip to main content

Deep Dive into Cybersecurity: Security+ Level Knowledge Without the Certificate

📚 My Cybersecurity Learning Journey

Key Topics from a 17-Hour Security+ Course

🔹 CIA Triad Explained

Confidentiality: Ensuring that sensitive data is only accessed by authorized users. This is often achieved using encryption and access controls.

Integrity: Ensuring data is accurate and untampered. Techniques like hashing, checksums, and digital signatures help validate that data hasn't been altered.

Availability: Making sure systems and data are accessible when needed. Achieved through backups, redundancy, load balancing, and fault-tolerant design.

🔹 Types of Threats

  • Malware: Includes viruses, ransomware, worms, and trojans that compromise devices or networks.
  • Social Engineering: Manipulating users into giving up confidential info. Example: Phishing emails.
  • Insider Threats: Employees or contractors misusing access, accidentally or intentionally.
  • Advanced Persistent Threats (APTs): Long-term targeted attacks, often by well-funded threat actors.
  • Zero-Day Vulnerabilities: Exploits for unknown software bugs before a fix is available.

🔹 Networking Fundamentals for Security

Studied basic networking concepts: IP addressing (IPv4/IPv6), MAC addresses, ports, and protocols like TCP/UDP. Learned about the OSI model, and how each layer relates to security implementations. Gained insights into VLANs, VPNs, routers, switches, and secure architecture design.

🔹 Security Protocols

  • SSL/TLS: Secures web communication via encryption. TLS is widely used in HTTPS.
  • IPSec: Secures IP traffic, mainly used in VPNs for encrypted tunnels.
  • SSH: Secure Shell protocol for secure remote login and file transfers.
  • SFTP: Secure file transfer protocol using SSH.
  • WPA3: Wi-Fi Protected Access protocol for securing wireless networks.

🔹 Firewalls & Network Security

Understood how stateful firewalls track active connections and how stateless firewalls inspect packets individually. Learned about configuring ACLs, DMZs for isolating public-facing services, and NAT for IP address masking. Also studied IDS/IPS for threat detection and prevention.

🔹 Security Operations Center (SOC)

Learned how a SOC monitors and manages security posture using tools like SIEM (Security Information and Event Management). Understood the use of SOAR for automating incident response, and endpoint security solutions like EDR/XDR for managing threats on devices.

🔹 Threat Hunting & Threat Intelligence

Studied proactive threat hunting strategies — using indicators of compromise (IoCs), behavior analytics, and threat intelligence feeds. Learned how organizations gather and analyze threat data to understand attacker TTPs (Tactics, Techniques, Procedures) and prepare defenses accordingly.

🔹 Host Security

  • Anti-virus and anti-malware solutions
  • Regular patching to fix vulnerabilities
  • Host-based firewalls and secure configurations
  • OS hardening to remove unnecessary services and enforce strict permissions

🔹 Identity and Access Management (IAM)

  • MFA (Multi-Factor Authentication): Adds additional verification steps to improve login security.
  • SSO (Single Sign-On): One login grants access to multiple systems.
  • RBAC: Access based on user roles.
  • ABAC: Access based on attributes like department or or sensitivity of information.
  • LBAC: Access based on location .
  • Emphasized the Principle of Least Privilege and Separation of Duties to reduce risk.

🔹 AAA – Authentication, Authorization, Accounting

  • Authentication: Verifying identity (e.g., username & password, biometrics).
  • Authorization: Granting permissions based on identity (e.g., admin rights).
  • Accounting: Logging actions (e.g., login attempts, file access) for auditing.

🔹 Mobile Device Security

Learned about MDM (Mobile Device Management) tools for enforcing security policies. Topics included encryption, remote wipe, app whitelisting, and handling BYOD (Bring Your Own Device) risks with secure containers and user awareness.

🔹 Incident Response & Digital Forensics

Studied the full Incident Response (IR) lifecycle: Preparation → Detection → Containment → Eradication → Recovery. Learned forensic steps for evidence preservation: identification, collection, analysis, and documentation. Understood the importance of maintaining chain of custody for legal admissibility.

🔹 Cryptography

  • Symmetric Encryption (AES): Uses one shared key for encryption and decryption. Fast and efficient for large data.
  • Asymmetric Encryption (RSA): Uses public and private key pairs. Suitable for secure key exchange and digital signatures.
  • Hashing Algorithms (SHA-2, MD5): Provide data integrity by creating fixed-length representations.
  • Digital Signatures: Ensure data authenticity and integrity. Common in secure emails and documents.
  • PKI (Public Key Infrastructure): Framework for managing digital certificates and public keys.
  • TLS/SSL Handshake: A multi-step negotiation process to establish secure communication between a client and server using certificates and encryption keys.

🔚 Final Thoughts: Was It Worth It?

After completing the full CompTIA Security+ course on LinkedIn Learning (37 hours), I can confidently say it was absolutely worth it for anyone looking to build a solid foundation in cybersecurity.

The course covers a wide spectrum of essential topics—from understanding basic networking and threats to learning real-world concepts like incident response, cryptography, and security operations.

Even though it doesn’t offer a certification like the official CompTIA Security+ exam, the knowledge and clarity I gained were invaluable. The content was well-structured, beginner-friendly, and practical enough to help me grasp the real-world applications of cybersecurity concepts.

If you're someone looking to start your journey in cybersecurity, I highly recommend this course. It's an excellent way to get exposure to key domains and terminology used in the industry—before diving into more advanced certifications or practical labs.

Bottom Line: Great investment of time for beginners. Solid theoretical grounding, clear explanations

Labels:

Comments

Post a Comment

Please do not enter any spam link here.

Popular posts from this blog

Email Security Deep Dive: 13 Steps to Keep Your Emails Safe

Email Security Checklist The Email Security Checklist 1. Enable SPF (Sender Policy Framework) What it is: SPF is like a guest list for your email domain. It tells the world that only specific servers are allowed to send email for your domain. How it works: Publish an SPF record in DNS. When someone receives an email claiming to be from your domain, their mail server checks if the sending IP is listed in the SPF record. If the IP is not listed, the email is rejected or marked as spam. Example SPF record: v=spf1 ip4:203.0.113.0/24 include:_spf.google.com -all Only servers in the specified IP range and Google’s mail servers can send emails for this domain. Others are rejected. Points to Note: Prevents attackers from spoofing your domain and sending phishing or spam emails. 2. Enable DKIM (DomainKeys Identified Mail) What it is: DKIM is a digital signature for each email, ensuring that the message hasn’t been tampered with. Ho...
Post a Comment
Read more

ઑનલાઇન બેંકિંગ છેતરપિંડી વિશે સાયબર સુરક્ષા ટીપ્સ

Awareness is necessity આજકાલ, ઓનલાઈન બેંકિંગ frauds દિવસેને દિવસે વધી રહી છે. ઈન્ટરનેટ ઉપયોગ, ઈન્ટરનેટ સુરક્ષા અને સાયબર ક્રાઈમ અંગે જાગૃતિ ક્રાઈમ ઘટાડવામાં મદદરૂપ થઈ શકે છે. તેથી અહીં કેટલીક Security guidelines પ્રદાન કરવામાં આવી છે જે તમારે બેંક ટ્રાન્ઝેક્શન દરમિયાન અનુસરવી જોઈએ. સેફ બેંક ટ્રાન્ઝેક્શન ટિપ્સ: SMS દ્વારા અથવા ઈમેઈલ દ્વારા મોકલવામાં આવેલ ATM PIN કોડ અને OTP "વન ટાઈમ પાસવર્ડ" કોઈપણ સાથે ક્યારેય જાહેર કરશો નહીં, પછી ભલે તે બેંકમાં કર્મચારી હોય, કારણ કે બેંક તમને તમારા ખાતા અથવા ક્રેડિટ કાર્ડના કોડ વિશે ક્યારેય પૂછતી નથી. બેંકિંગ વ્યવહારો કરવા માટે પબ્લિક કોમ્પ્યુટરનો ઉપયોગ કરવાનું ટાળો. જો તમે Public Wi-Fi દ્વારા ઈન્ટરનેટ સાથે જોડાયેલા હોવ તો ઈલેક્ટ્રોનિક બેંકિંગ વ્યવહારો કરવાનું ટાળો. વોટ્સએપ, ફેસબુક, ટેલિગ્રામ વગેરે પર, ઈમેઈલ, ચેટ્સ અથવા મેસેજમાં આપેલી કોઈપણ લિંક દ્વારા ખોલતી બેંકિંગ વેબસાઈટ પર બેંકની વિગતો અથવા ઓળખપત્ર ક્યારેય દાખલ કરશો નહીં. હંમેશા personal computer અને latest ઓપરેટિંગ સિસ્ટમ સાથે સ્થાપિત મોબાઇલ ઉપકરણો પર બેંકિંગ વ્યવહાર...
Post a Comment
Read more

PRIZE SCAM: If you have to pay to get the prize, it's not a prize

Awareness is necessity Have you ever got any calls stating that you have won a prize or lottery from any online shopping website? The chances are these calls are fraud As a Cyber volunteer, I have analyzed some case studies of these kinds of frauds. Let’s understand how this type of fraud happens !! The fraudster calls you imposing as an employee from any trusted online shopping site. They try to convince you by giving you the details about your last purchase from the site, with the product and order details. When a person believes that the fraudster is an employee from the online site, they give them attractive schemes about different prizes like laptop, T.V, mobile phones and give an option to select one prize from them.When you show some interest and select a prize from the mentioned prize, they send us a link as SMS. The link sent is the fraud link which asks for our registration details like bank details as well as personal information. While regis...
Post a Comment
Read more

Exploiting and Securing GitLab: Lessons from a TryHackMe Lab

Perimeter security isn’t enough—because sometimes the threat is already inside. In this blog post, I’m sharing what I learned from a hands-on TryHackMe lab on GitLab security . It revealed how a simple internal misconfiguration—like open registration or overly permissive repo access—can lead to major data exposure inside an organization. I’ll walk you through the red team perspective on exploiting a misconfigured GitLab instance , and then flip the script to explain how you can secure your own internal build systems . Scenario: Inside the Walls of a Large Organization Think of a large organization—like a bank—with thousands of employees and multiple teams handling development, IT operations, and security. To keep intellectual property (IP) secure, these organizations often host self-managed GitLab instances on their internal network. But here’s where things can go wrong: GitLab is hosted internally Allows anyone on the internal network to register Has some projects...
Post a Comment
Read more

Do you know, by blindly following trends and using hashtags you can be the victim of cyber crime? : #couplechallenge

Awareness is necessity "Nohashtag challenges" Nowadays, #couplechallenge, #smilechallenge, #chirichchallenge trending on social media platforms. But do you know the history of hashtags? Lets see, how hashtag was invented. Chris Messina a product designer who has been working in Silicon Valley created the idea of hashtag. He and his small group of colleagues were thinking that twitter needs some kind of frame work. He got the idea of hashtag from internet chat room that had pound symbol in front of them. His main idea to create hashtag was for the internet and wanted that anybody writing text on internet be able to participate in global conversation. In 2007, he asked one of his friends to use #sandiego for his tweets and this way the use of hashtag started. In 2009, Twitter added the option of hashtag to its search bar. And this way hashtag became a trend. This trend then being followed by other apps like tumbler, Facebook, instag...
Post a Comment
Read more