Expert in Oracle PL SQL Training Crash Course
Expert in Oracle PL SQL Training Course By Elevate Academy Team DB Management Course World Class Instructor 1:1 with Industry…
- Tesbo Courses
Slash Courses
Classic Courses
Elevate Academy is a recognized leader in cybersecurity education, offering a comprehensive program designed to prepare learners for today’s rapidly evolving digital threats. This expertly crafted course combines essential theoretical foundations with hands-on practical training, enabling participants to confidently protect information systems, manage security risks, and respond effectively to cyber incidents.
This course is part of a curated selection of high-quality training programs adopted by companies worldwide to upskill their IT and security teams.
The CompTIA Security+ (SY0-601) course provides learners with a strong foundation in essential cybersecurity skills. Designed for individuals aiming to enter or advance in the cybersecurity field, this program covers core areas such as network security, cryptography, risk management, and threat detection. Guided by experienced instructors, participants will gain the practical knowledge needed to protect systems and respond to security threats effectively, preparing them to handle real-world challenges with confidence.
This course is focused on helping learners master the key concepts and practices in cybersecurity. Through structured training, students will develop skills in threat analysis, incident response, network protection, cryptographic methods, and compliance with security standards. The course prepares individuals to take the CompTIA Security+ certification exam and succeed in roles that demand a solid grasp of cybersecurity fundamentals.
Different Types of Social Engineering Techniques
Phishing
Smishing
Vishing
Spam
Spam over instant messaging (SPIM)
Spear phishing
Dumpster diving
Shoulder surfing
Pharming
Tailgating
Eliciting information
Whaling
Prepending
Identity fraud
Invoice scams
Credential harvesting
Reconnaissance
Hoax
Impersonation
Watering hole attack
Typosquatting
Pretexting
Influence campaigns
Hybrid Warfare
Social Media
Principles (reasons for effectiveness)
Authority
Intimidation
Consensus
Scarcity
Familiarity
Trust
Urgency
Malware
Ransomware
Trojans
Worms
Potentially unwanted programs (PUPs)
Fileless virus
Command and control
Bots
Cryptomalware
Logic bombs
Spyware
Keyloggers
Remote access Trojan (RAT)
Rootkit
Backdoor
Password attacks
Password attacks
Spraying
Dictionary
Brute Force
Offline
Online
Rainbow table
Plaintext/unencrypted
Physical attacks
Malicious Universal
Serial Bus (USB) cable
Malicious flash drive
Card cloning
Skimming
Adversarial artificial intelligence (AI)
Tainted training data for machine learning (ML)
Security of machine learning algorithms
Supply-chain attacks
Cloud based vs. on-premises attacks
Crytographic attacks
Birthday
Collision
Downgrade
Analyze Potential Indicators Network Attacks Wireless
Radio frequency identification (RFID)
Near-field communication (NFC)
Initialization vector (IV)
On-path attack (previously known as man-in-the-middle attack / man-in-the-browser attack)
Layer 2 attacks
Address Resolution Protocol (ARP) poisoning
Media access control (MAC) flooding
MAC cloning
Domain name system (DNS)
Domain hijacking
DNS poisoning
Uniform Resource Locator (URL) redirection
Domain reputation
Distributed denial-of-service (DDoS)
Network
Application
Operational technology (OT)
Malicious code or script execution
PowerShell
Python
Bash
Macros
Visual Basic for Applications (VBA)
Actors and Threats
Advanced persistent threat (APT)
Insider threats
State actors
Hacktivists
Script kiddies
Criminal syndicates
Hackers
Authorized
Unauthorized
Semi-authorized
Attributes of Actors
Internal/external
Level of sophistication/capability
Resources/funding
Intent/motivation
Vectors
Direct access
Wireless
Supply chain
Social media
Removable media
Cloud
Threat Intelligence Sources
Open-source intelligence (OSINT)
Closed/proprietary
Vulnerability databases
Public/private information-sharing centers
Dark web
Indicators of compromise
Automated Indicator Sharing (AIS)
Structured Threat Information eXpression (STIX) / Trusted Automated eXchange of Intelligence Information (TAXII)
Predictive analysis
Threat maps
File/code repositories
Research Sources
Vendor websites
Vulnerability feeds
Conferences
Academic journals
Request for comments (RFC)
Local industry groups
Social media
Threat feeds
Adversary tactics, techniques, and procedures (TTP)
Various Types of Vulnerabilities
Cloud-based vs. on-premises vulnerabilities
Zero-day
Weak configurations
Open permissions
Unsecure root accounts
Errors
Weak encryption
Unsecure protocols
Default settings
Open ports and services
Third-party risks
Vendor management
System integration
Lack of vendor support
Supply chain
Outsourced code development
Data storage
Improper or weak patch management
Firmware
Operating system (OS)
Applications
Legacy platforms
Impacts
Data loss
Data breaches
Data exfiltration
Identity theft
Financial
Reputation
Availability loss
Penetration Testing
Penetration testing
Known environment
Unknown environment
Partially known environment
Rules of engagement
Lateral movement
Privilege escalation
Persistence
Cleanup
Bug bounty
Pivoting
Passive and active reconnaissance
Drones
War flying
War driving
Footprinting
OSINT
Exercise types
Red-team
Blue-team
White-team
Purple-team
Importance of Security Concepts
Configuration management
Diagrams
Baseline configuration
Standard naming conventions
Internet protocol (IP) schema
Data sovereignty
Data protection
Data loss prevention (DLP)
Masking
Encryption
At rest
In transit/motion
In processing
Tokenization
Rights management
Geographical considerations
Response and recovery controls
Secure Sockets Layer (SSL) / Transport Layer Security (TLS) inspection
Hashing
API considerations
Site resiliency
Hot site
Cold site
Warm site
Deception and disruption
Honeypots
Honeyfiles
Honeynets
Fake telemetry
DNS sinkhole
Cloud Computing Concepts
Cloud models
Infrastructure as a service (IaaS)
Platform as a service (PaaS)
Software as a service (SaaS)
Anything as a service (XaaS)
Public
Community
Private
Hybrid
Cloud service providers
Managed service provider (MSP) / managed security service provider (MSSP)
On-premises vs. off-premises
Fog computing
Edge computing
Thin client
Containers
Microservices/APIs
Infrastructure as code
Software-defined networking (SDN)
Software-defined visibility (SDV)
Serverless architecture
Services integration
Transit gateway
Virtualization
Virtual machine (VM)
Sprawl avoidance
VM escape protection
Environment
Development
Test
Staging
Production
Quality assurance (QA)
Provisioning and deprovisioning
Integrity measurement
Secure coding techniques
Normalization
Stored procedures
Obfuscation/camouflage
Code reuse/dead code
Server-side vs. client-side execution and validation
Memory management
Use of third-party libraries and SDKs
Data exposure
Open Web Application Security Project (OWASP)
Software diversity
Compiler
Binary
Automation/scripting
Automated courses of action
Continuous monitoring
Continuous validation
Continuous integration
Continuous delivery
Continuous deployment
Elasticity
Scalability
Version control
Authentication methods
Directory services
Federation
Attestation
Technologies
Time-based one-time password (TOTP)
HMAC-based one-time password (HOTP)
Short message service (SMS)
Token key
Private
Hybrid
Cloud service providers
Managed service provider (MSP) / managed security service provider (MSSP)
On-premises vs. off-premises
Fog computing
Edge computing
Thin client
Containers
Microservices/AP
Infrastructure as code
Software-defined networking (SDN)
Software-defined visibility (SDV)
Serverless architecture
Services integration
Transit gateway
Virtualization
Virtual machine (VM)
Sprawl avoidance
VM escape protection
Something you exhibit
Someone you know
Authentication, authorization, and accounting (AAA)
Cloud vs. on-premises requirements
Implement Cybersecurity Resilience
Redundancy
Geographic dispersal
Disk
Redundant array of inexpensive disks (RAID) levels
Multipath
Network
Load balancers
Network interface card (NIC) teaming
Power
Uninterruptible power supply (UPS)
Generator
Dual supply
Managed power distribution units (PDUs)
Replication
Storage area network
VM
On-premises vs. cloud
Backup types
Full
Incremental
Snapshot
Differential
Tape
Disk
Copy
Network-attached storage (NAS)
Storage area network
Cloud
Image
Online vs. offline
Offsite storage
Distance considerations
Non-persistence
Revert to known state
Last known-good configuration
Live boot media
High availability
Scalability
Restoration order
Diversity
Technologies
Vendors
Crypto
Controls
Embedded and Specialized Systems
Raspberry Pi
Field-programmable gate array (FPGA)
Arduino
Supervisory control and data acquisition (SCADA) / industrial control system (ICS)
Facilities
Industrial
Manufacturing
Energy
Logistics
Internet of Things (IoT)
Sensors
Smart devices
Wearables
Facility automation
Weak defaults
Specialized
Medical systems
Vehicles
Aircraft
Smart meters
Voice over IP (VoIP)
Heating, ventilation, air conditioning (HVAC)
Drones
Multifunction printer (MFP)
Real-time operating system (RTOS)
Surveillance systems
System on chip (SoC)
Communication considerations
5G
Narrow-band
Baseband radio
Subscriber identity module (SIM) cards
Zigbee
Physical Security Measures
Bollards/Barricades
Access Control Vestibules
Badges
Alarms
Signage
Cameras
Motion recognition
Object detection
Closed-circuit television (CCTV)
Industrial Camouflage
Personnel
Guards
Robot sentries
Reception
Two-person integrity/control
Locks
Biometrics
Electronic
Physical
Cable locks
USB Data Blocker
Lighting
Fencing
Fire Suppression
Sensors
Motion detection
Noise detection
Proximity reader
Moisture detection
Cards
Temperature
Drones
Visitor Logs
Faraday Cages
Air Gap
Screened Subnet (previously known as Demilitarized Zone)
Protected Cable Distribution
Secure Areas
Air gap
Vault
Safe
Hot aisle
Cold aisle
Secure Data Destruction
Burning
Shredding
Pulping
Pulverizing
Degaussing
Third-party solutions
Domain Name System Security Extensions (DNSSEC)
SSH (Secure Shell)
Secure/Multipurpose Internet Mail Extensions (S/MIME)
Secure Real-time Transport Protocol (SRTP)
Lightweight Directory Access Protocol Over SSL (LDAPS)
File Transfer Protocol, Secure (FTPS)
SSH File Transfer Protocol (SFTP)
Simple Network Management Protocol, version 3 (SNMPv3)
Hypertext Transfer Protocol over SSL/TLS (HTTPS)
IPSec (Internet Protocol Security)
Authentication Header (AH) / Encapsulating Security Payloads (ESP)
Tunnel/Transport
Post Office Protocol (POP) / Internet Message Access Protocol (IMAP)
Voice and video
Time synchronization
Email and web
File transfer
Directory services
Remote access
Domain name resolution
Routing and switching
Network address allocation
Subscription services
Host or Application Security Solutions
Endpoint protection
Antivirus
Anti-malware
Endpoint detection and response (EDR)
Data loss prevention (DLP)
Next-generation firewall (NGFW)
Host-based intrusion prevention system (HIPS)
Host-based intrusion detection system (HIDS)
Host-based firewall
Boot integrity
Boot security/Unified Extensible Firmware Interface (UEFI)
Measured boot
Boot attestation
Database security
Tokenization
Salting
Hashing
Application security
Input validations
Secure cookies
Hypertext Transfer Protocol (HTTP) headers
Code signing
Allow list
Block list/deny list
Secure coding practices
Static code analysis
Manual code review
Dynamic code analysis
Fuzzing
Hardening
Open ports and services
Registry
Disk encryption
OS security
Patch management
Third-party updates
Auto-update
Self-encrypting drive (SED)/full-disk encryption (FDE)
Opal
Hardware root of trust
Trusted Platform Module (TPM)
Sandboxing
Load Balancing
Active/active
Active/passive
Scheduling
Virtual IP
Persistence
Network Segmentation
Virtual local area network (VLAN)
Screened subnet (previously known as demilitarized zone)
East-west traffic
Extranet
Intranet
Zero Trust
Virtual Private Network (VPN)
Always-on
Split tunnel vs. full tunnel
Remote access vs. site-to-site
IPSec
SSL/TLS
HTML5
Layer 2 tunneling protocol (L2TP)
DNS
Network Access Control (NAC)
Agent and agentless
Out-of-band Management
Port Security
Network Appliances
Jump servers
Proxy servers
Forward
Reverse
Network-based intrusion detection system (NIDS) / network-based intrusion prevention system (NIPS)
Signature-based
Heuristic/behavior
Anomaly
Inline vs. passive
HSM
Sensors
Collectors
Aggregators
Firewalls
Web application firewall (WAF)
Next-generation firewall (NGFW)
Stateful
Stateless
Unified threat management (UTM)
Network address translation (NAT) gateway
Content/URL filter
Open-source vs. proprietary
Hardware vs. software
Appliance vs. host-based vs. virtual
Access Control List (ACL)
Route Security
Quality of Service (QoS)
Implications of IPv6
Port Spanning/Port Mirroring
Port taps
Monitoring Services
File Integrity Monitors
Cryptographic Protocols
WiFi Protected Access 2 (WPA2)
WiFi Protected Access 3 (WPA3)
Counter-mode/CBC-MAC Protocol (CCMP)
Simultaneous Authentication of Equals (SAE)
Authentication Protocols
Extensible Authentication Protocol (EAP)
Protected Extensible Authentication Protocol (PEAP)
EAP-FAST
EAP-TLS
EAP-TTLS
IEEE 802.1X
Remote Authentication Dial-in User Service (RADIUS) Federation Methods
Pre-shared key (PSK) vs Enterprise vs Open
WiFi Protected Setup (WPS)
Captive portals
Installation Considerations
Site surveys
Heat maps
WiFi analyzers
Channel overlaps
Wireless access point (WAP) placement
Controller and access point security
Implement Secure Mobile Solutions Connection Methods and Receivers
Cellular
WiFi
Bluetooth
NFC
Infrared
USB
Point-to-point
Point-to-multipoint
Global Positioning System (GPS)
RFID
Mobile Device Management (MDM)
Application management
Content management
Remote wipe
Geofencing
Geolocation
Screen locks
Push notifications
Passwords and PINs
Biometrics
Context-aware authentication
Containerization
Storage segmentation
Full device encryption
Mobile Devices
MicroSD hardware security module (HSM)
MDM/Unified Endpoint Management (UEM)
Mobile application management (MAM)
SEAndroid
Enforcement and Monitoring of
Third-party application stores
Rooting/jailbreaking
Sideloading
Custom firmware
Carrier unlocking
Deployment Models
Bring your own device (BYOD)
Corporate-owned personally enabled (COPE)
Choose your own device (CYOD)
Corporate-owned
Virtual desktop infrastructure (VDI)
Cloud Security Controls
High availability across zones
Resource policies
Secrets management
Integration and auditing
Storage permissions
Encryption
Replication
Network virtual networks
Public and private subnets
Segmentation
API inspection and integration
Compute security groups
Dynamic resource allocation
Instance awareness
Virtual private cloud (VPC) endpoint
Container security
Solutions
CASB (Cloud Access Security Broker)
Application security
Next-generation secure web gateway (SWG)
Firewall considerations in a cloud environment
Cost considerations
Need for segmentation
Open Systems Interconnection (OSI) layers
Identity
Identity provider (IdP)
Attributes
Certificates
Tokens
SSH keys
Smart cards
Account Types
User account
Shared and generic accounts/credentials
Guest accounts
Service accounts
Account Policies
Password complexity
Password history
Password reuse
Network location
Geofencing
Geotagging
Geolocation
Time-based logins
Access policies
Account permissions
Account audits
Impossible travel time/risky login
Lockout
Disablement
Authentication Management
Password Keys
Password Vaults
TPM (Trusted Platform Module)
HSM (Hardware Security Module)
Knowledge-Based Authentication
Authentication/Authorization
EAP (Extensible Authentication Protocol)
Challenge-Handshake Authentication Protocol (CHAP)
Password Authentication Protocol (PAP)
802.1X
RADIUS
Single Sign-On (SSO)
Security Assertion Markup Language (SAML)
Terminal Access Controller Access Control System Plus (TACACS+)
OAuth
OpenID
Kerberos
Access Control Schemes
Attribute-Based Access Control (ABAC)
Role-Based Access Control (RBAC)
Rule-Based Access Control
Network Reconnaissance and Discovery
tracert/traceroute
nslookup/dig
ipconfig/ifconfig
nmap
ping/pathping
hping
netstat
netcat
IP scanners
arp
route
curl
theHarvester
sn1per
scanless
dnsenum
Nessus
Cuckoo
File Manipulation
head
tail
cat
grep
chmod
logger
Shell and Script Environments
SSH
PowerShell
Python
OpenSSL
Packet Capture and Replay
Tcpreplay
Tcpdump
Wireshark
Forensics
dd
Memdump
WinHex
FTK Imager
Autopsy
Exploitation Frameworks
Introduction to Exploitation Frameworks
Password Crackers
Introduction to Password Crackers
Data Sanitization
Introduction to Data Sanitization
Incident Response Plans and Process
Preparation
Identification
Containment
Eradication
Recovery
Lessons Learned
Exercises
Tabletop
Walkthroughs
Simulations
Attack Frameworks
MITRE ATT&CK
The Diamond Model of Intrusion Analysis
Cyber Kill Chain
Stakeholder Management
Communication Plan
Disaster Recovery Plan
Business Continuity Plan
Continuity of Operations Planning (COOP)
Incident Response Team
Retention Policies
Data Sources to Support an Investigation
Vulnerability Scan Output
SIEM Dashboards
Sensor
Sensitivity
Trends
Alerts
Correlation
Log Files
Network
System
Application
Security
Web
DNS
Authentication
Dump Files
VoIP and Call Managers
Session Initiation Protocol (SIP) Traffic
syslog/rsyslog/syslog-ng
journalctl
NXLog
Bandwidth Monitors
Metadata
Configuration Changes
Firewall Rules
MDM
DLP
Content Filter/URL Filter
Update or Revoke Certificates
Isolation
Containment
Segmentation
Mitigation Techniques
Reconfigure Endpoint Security Solutions
Application Approved List
Application Blocklist/Deny List
Quarantine
Configuration Changes
Firewall Rules
MDM
DLP
Content Filter/URL Filter
Update or Revoke Certificates
Isolation
Containment
Segmentation
Documentation/Evidence
Legal Hold
Video
Admissibility
Chain of Custody
Timelines of Sequence of Events
Time Stamps
Time Offset
Tags
Reports
Event Logs
Interviews
Acquisition
Order of Volatility
Disk
Random-Access Memory (RAM)
Swap/Pagefile
OS
Device
Firmware
Snapshot
Cache
Network
Artifacts
On-Premises vs. Cloud
Right-to-Audit Clauses
Regulatory/Jurisdiction
Data Breach Notification Laws
Integrity
Hashing
Checksums
Provenance
Preservation
Preservation Techniques
E-Discovery
E-Discovery Process
Data Recovery
Data Recovery Methods
Non-Repudiation
Ensuring Non-Repudiation
Strategic Intelligence/Counterintelligence
Strategic Intelligence Techniques
Counterintelligence Measures
Category
Managerial
Operational
Technical
Control Type
Preventive
Detective
Corrective
Deterrent
Compensating
Physical
Regulations, Standards, and Legislation
General Data Protection Regulation (GDPR)
National, Territory, or State Laws
Payment Card Industry Data Security Standard (PCI DSS)
Key Frameworks
Center for Internet Security (CIS)
National Institute of Standards and Technology (NIST) Risk Management Framework (RMF)/ Cybersecurity Framework (CSF)
International Organization for Standardization (ISO) 27001/27002/27701/31000
SSAE SOC 2 Type I/II
Cloud Security Alliance
Cloud Control Matrix
Reference Architecture
Benchmarks/Secure Configuration Guides
Platform/Vendor-Specific Guides
Web Server
Operating System (OS)
Application Server
Network Infrastructure Devices
Personnel
Acceptable Use Policy
Job Rotation
Mandatory Vacation
Separation of Duties
Least Privilege
Clean Desk Space
Background Checks
Non-Disclosure Agreement (NDA)
Social Media Analysis
Onboarding
Offboarding
User Training
Gamification
Capture the Flag
Phishing Campaigns
Phishing Simulations
Computer-Based Training (CBT)
Role-Based Training
Diversity of Training Techniques
Importance of Diverse Training Techniques
Examples and Implementation
Third-Party Risk Management
Vendors
Supply Chain
Business Partners
Service Level Agreement (SLA)
Memorandum of Understanding (MOU)
Measurement Systems Analysis (MSA)
Business Partnership Agreement (BPA)
End of Life (EOL)
End of Service Life (EOSL)
Non-Disclosure Agreement (NDA)
Data
Classification
Governance
Retention
Credential Policies
Personnel
Third-party
Devices
Service Accounts
Administrator/Root Accounts
Organizational Policies
Change Management
Change Control
Asset Management
Risk Types
External
Internal
Legacy Systems
Multiparty
IP Theft
Software Compliance/Licensing
Risk Management Strategies
Acceptance
Avoidance
Transference
Cybersecurity Insurance
Mitigation
Risk Analysis
Risk Register
Risk Matrix/Heat Map
Risk Control Assessment
Risk Control Self-Assessment
Risk Awareness
Inherent Risk
Residual Risk
Control Risk
Risk Appetite
Regulations that Affect Risk Posture
Risk Analysis
Risk Assessment Types
Qualitative
Quantitative
Likelihood of Occurrence
Impact
Asset Value
Single-Loss Expectancy (SLE)
Annualized Loss Expectancy (ALE)
Annualized Rate of Occurrence (ARO)
Disasters
Environmental
Person-Made
Internal vs. External
Business Impact Analysis
Recovery Time Objective (RTO)
Recovery Point Objective (RPO)
Mean Time to Repair (MTTR)
Mean Time Between Failures (MTBF)
Functional Recovery Plans
Single Point of Failure
Disaster Recovery Plan (DRP)
Mission Essential Functions
Identification of Critical Systems
Site Risk Assessment
Privacy Enhancing Technologies
Data Minimization
Data Masking
Tokenization
Anonymization
Pseudo-Anonymization
Roles and Responsibilities
Data Owners
Data Controller
Data Processor
Data Custodian/Steward
Data Protection Officer (DPO)
Information Life Cycle
Overview of Information Life Cycle
Impact Assessment
Conducting an Impact Assessment
Terms of Agreement
Understanding Terms of Agreement
Privacy Notice
Creating and Implementing Privacy Notices
Learn to identify and analyze a wide range of cybersecurity threats, including malware, phishing, and social engineering attacks.
Understand and implement best practices for secure network design, including VPNs and wireless security protocols to protect your infrastructure.
Gain mastery over encryption methods, cryptographic algorithms, and public key infrastructure (PKI) to maintain data confidentiality and integrity.
Learn how to assess and manage cybersecurity risks through vulnerability assessments and apply effective mitigation strategies.
Build practical skills in detecting, responding to, and recovering from security incidents using realistic simulations and exercises.
Familiarize yourself with important regulations and standards such as GDPR, HIPAA, and PCI-DSS, and learn how to align your security practices accordingly.
June 13, 2025In today’s fast-paced digital world, the demand for skilled software professionals is higher than ever. Whether you’re a student aiming…
Expert in Oracle PL SQL Training Course By Elevate Academy Team DB Management Course World Class Instructor 1:1 with Industry…
Master in Oracle DBA Training Crash Course By Elevate Academy Team DB Management Course World Class Instructor 1:1 with Industry…
Core MSSQL Training Crash Course By Elevate Academy Team DB Management Course World Class Instructor 1:1 with Industry Expert 400+…
Refer your friends or colleagues to Elevate and earn gift vouchers worth up to ₹1000 for each successful enrollment.
Help others upskill while you enjoy exclusive rewards—it’s a win-win!
