Practical Security Fundamentals

Practical Security Fundamentals is designed to provide an introduction to security principles for students considering a career in cybersecurity. Students will learn about general security concepts and operations, as well as the common threats, vulnerabilities, and mitigations faced in the field. As with all TCM Security courses, we focus on providing practical experience, meaning you’ll gain real-world experience with security tools and techniques by participating in hands-on labs. By the end of this course, you will be equipped with the foundational security knowledge needed to pursue more specialized career pathways like penetration tester, malware researcher, or security analyst.

• Security Basics
• The Red Team and Blue Team
• Defensive Tooling
• Common Threats and Attacks
• Cryptography
• Authentication, Authorization, and Accounting
• Cybersecurity Frameworks
• Incident Response and Digital Forensics

An internet connection and ability to run virtual machines is required to take this course.

Students should have familiarity with how computer systems and networks work. If you are new to IT and cybersecurity, it’s recommended to start with the Practical Help Desk course (or have equivalent knowledge) to follow along with the course.

This course is for students who are looking to break into the IT or security field or who are early on in their career. It was designed to provide the core skills and knowledge required to take the next step from IT to cybersecurity.

It also serves as a solid foundation of the requisite knowledge suggested for more advanced courses in the TCM Security Academy such as the Practical Ethical Hacking or SOC 101 courses.

• Course Introduction
  • Course Intro
  • The Importance of Note Taking
  • Course Discord
  • 🖥️Setting up Linux Virtual Machine
• Security Basics
  • Why Security Matters to You?
  • Why Security Matters
  • The Business of Cybercrime
  • The CIA Triad
  • ✏️Check-In Quiz
• Intro to the Blue Team
  • Who is the Blue Team
  • The SOC
  • The SOC Analyst
  • Other Blue Team Roles
  • TCM Blue Team Roadmap
  • ✏️Check-In Quiz
• Intro to the Red Team
  • Who is the Red Team
  • What is a Penetration Test/Tester
  • Other Red Team Roles
  • 🖥️Red Team Hands-On Lab Part 1
  • 🖥️Red Team Hands-On Lab Part 2
  • TCM Red Team Roadmaps
  • ✏️Check-In Quiz
• Defensive Tooling
  • Section Intro & Vendor Neutrality
  • Firewalls
  • 🖥️Firewall Lab
  • IDS & IPS
  • Endpoint Protection (AV)
  • 🖥️Signature Based Detection Lab
  • Endpoint Protection (EDR)
  • SIEM
  • SOAR (NICE TO HAVE)
  • Defense In-Depth
  • Confusion Matrix
  • ✏️Check-In Quiz
• Vulnerabilities and Exploits
  • Vulnerabilities Vs Exploits
  • 🖥️Exploit Lab
  • CVE, CVSS, CWE
  • ✏️Check-In Quiz
• Intro to Threats and Attacks
  • Threat Actors and Groups
  • Network Based Attacks
  • 🖥️Packet Sniffing Lab
  • Wireless Attacks
  • Supply-Chain Attacks
  • Physical Attacks
  • Mitre ATT&CK and Lockheed Martin Killchain
  • ✏️Check-In Quiz
• Social Engineering
  • Intro to Social Engineering
  • Phishing
  • Tailgating and Impersonation
  • Social Engineering Defenses
  • ✏️Check-In Quiz
• Malware
  • What is Malware
  • Viruses, Worms, and Trojans
  • Ransomware
  • Spyware and Keyloggers
  • Rootkits
  • Maldocs
  • 🖥️Static Malware Analysis Lab
  • Additional Malware Terminology
  • ✏️Check-In Quiz
• Cryptography
  • What is Cryptography
  • Encryption
  • Hashing and Digital Signatures
  • Common Cryptographic Algorithms
  • 🖥️CyberChef Lab
  • Certificates and Public Key Infrastructure
  • HTTPS, TLS and SSL
  • Common Cryptographic Attacks
  • 🖥️Hashcat Lab
  • ✏️Check-In Quiz
• Authentication, Authorization and Accounting (AAA)
  • What is AAA?
  • Least Privilege
  • IAM
  • SSO and MFA
  • 🖥️Linux AAA Lab
  • ✏️Check-In Quiz
• Security Frameworks, Standards and Regulations
  • What are Security Frameworks, Standards and Regulations
  • Risks and Control
  • Popular Security Frameworks
  • Important Security Standards
  • Important Security Regulations
  • GRC
  • ✏️Check-In Quiz
• Digital Forensics and Incident Response
  • What is a Breach?
  • Incident Response
  • Indicators of Compromise
  • Events vs Incidents
  • Digital Forensics
  • ✏️Check-In Quiz
• End Of Course Wrap-Up
  • Bye for Now and What’s Next!?