Knowledge Domains

Audit and Compliance

In almost every work area one or more compliance standards may apply to your company. Examples include PCI-DSS for accepting credit card payments, HIPAA for healthcare institutions and service providers, or GDPR when storing information about citizens of the European Union.

Within this knowledge, we learn about the various compliance standards and how to interpret them. It will boost your professional value if you understand how to apply the most important measures, and what to look for.

» View modules [4]

Cryptography

Confidentiality and integrity are just two characteristics that rely on the art of cryptography. In this domain, we will learn about the used techniques that allow us to encrypt and decrypt data.

» View module [1]

Data and Storage

One of the most precious assets to an organization is data. Data should be properly stored, accessed, and transferred, to guarantee its availability, integrity, and confidentiality.

» View modules [8]

DevOps Security

When development and operations are mixed correctly, the DevOps way of thinking can change how companies evolve. In this combination of skill sets, the importance of security becomes an important piece of the puzzle.

» View modules [3]

Digital Forensics

Digital forensics and incident response form together what we call DFIR. This area of expertise deals with handling and investigating system intrusions and data breaches.

» View modules [3]

File and Printer Sharing

This knowledge domain includes the services needed to share resources like files and printers. Most businesses heavily depend on sharing data. For that reason, it is important to know about the related protocols and measures that can be taken.

» View module [1]

Identity and Access Management

Linux systems typically need a combination of functional users (system accounts) and normal users to provide useful services. Within this knowledge domain, we look how this information is stored, used, and can be secured.

» View modules [6]

Incident Response

Dealing with incidents and intrusions by following modules from this Linux security expert domain.

Linux and System Security

The Linux kernel has a big impact on the security assurances of the system. Within this domain, we cover the measures that were taken on kernel level. This includes the steps during the build process of the kernel and the ones that can be taken during runtime.

» View modules [3]

Mail and Messaging

The technical implementation of communication methods is covered in this domain. From plaintext protocols for email, up to encrypted channels.

» View modules [3]

Malware

Malicious software or malware is a threat to most operating systems. While many think Linux is safe from this harm, this is not the case. In this knowledge domain, the basics are covered of malware on Linux. We learn the history and common types that are a threat to Linux.

» View modules [3]

Memory Management

Within this domain area, the memory management capabilities of Linux are explained. We dive into how executable binaries and libraries are created. By looking at actual memory locations, we learn how things are organized.

Networking

This knowledge domain covers the wide range of networking modules. From securing network protocols up to filtering traffic with tools like iptables.

» View modules [4]

Physical Security

This knowledge domain includes the security measures specifically for physical defenses, like direct access to the system.

Reverse Engineering

Within the domain of reverse engineering, we will learn why and how to use this technique. From basic understanding on how binaries work on Linux, up to dissecting malware samples.

» View module [1]

Security Automation

Increase quality of your security efforts by using automation. This domain covers how to save time by using scripts and tools available on Linux systems.

Security concepts

This is the first knowledge domain to start the training. It provides the foundation for many security concepts that can be applied to different operating systems.

» View module [1]

Software Development

From design to deployment, this domain will cover the life-cycle of software. It is useful to both developers and users of said components. Although many Free and Open Source Software components will be covered during the training, these principles will apply also to commercial software.

» View module [1]

Software Exploitation

Learn how to break software and find common flaws.

Operate, Maintain, Support

System Management

System management is the generic term for supporting systems during their lifecycle. It typically starts with installation, followed by supporting the system and finally decommissioning of the system.

This knowledge domain will provide you the insights that are needed to install Linux systems, do deployment, and keep systems running.

» View modules [3]

Vulnerability Discovery

This knowledge domain helps with learning the steps that are part of pentesting and vulnerability management. We learn how to discover vulnerabilities and validate them.

» View module [1]

Vulnerability Management

Most software is susceptible to errors, with some leading to serious security weaknesses. This domain deals with vulnerabilities, from detection up to management.

Web applications

Most software nowadays is in the form of a web-based application. It truly leverages the web browser to its fullest. To manage websites, you will find yourself using Content Management System (CMS) via the web browser. Or what if you need to maintain your customer contacts. The Rolodex became standalone software, which in its turn was replaced by online services.

Due to the importance of web applications, we can achieve a lot of our security defenses also in this area. This knowledge domain covers the materials to protect software by using the right standards, protocols, and apply security measures.

» View modules [3]

Web server security

Popular web server software like Apache and nginx are used to share web applications with the rest of the world. While web applications themselves are typically a target for attackers, it is also the web server itself that needs to be secured. In this knowledge domain, we learn how to set up a web server and restrict its access depending on the type of usage.

Topics: HTTP, HTTP headers, HTTPS

» View module [1]