CIA Triad: confidentiality, integrity, and availability in practice · Security concepts: authentication, authorisation, non-repudiation, least privilege · Threat actors: nation-states, organised crime, hacktivists, and insiders · Attack taxonomy: cyber kill chain, MITRE ATT&CK framework, and diamond model · Malware types: viruses, worms, trojans, ransomware, spyware, rootkits, botnets · Phishing attacks: spear-phishing, vishing, smishing, and business email compromise · Security frameworks: NIST CSF 2.0, ISO 27001, CIS Controls v8, and COBIT 2019 · Legal and ethical landscape: CFAA, GDPR, CCPA, and Nigeria Cybercrime Act 2015

TCP/IP model: protocols, attack surfaces, and packet analysis with Wireshark · Network devices: NGFWs, IDS/IPS, proxies, load balancers, and honeypots · VPNs: site-to-site, remote access, SSL VPN, WireGuard, and IPsec · TLS/SSL: handshake, certificate validation, cipher suites, and TLS 1.3 · Wireless security: WPA3, EAP methods, and wireless attack detection · Network scanning: Nmap host discovery, port scanning, and OS fingerprinting · Network hardening: VLAN segmentation, DMZ design, and NAC · Hands-on lab: capture and analyse a network attack using Wireshark

OS hardening: CIS benchmarks for Windows Server and Ubuntu Linux · Patch management: vulnerability lifecycle and automated patching strategies · Vulnerability scanning: Nessus and OpenVAS — interpreting CVSS scores · EDR concepts: CrowdStrike, SentinelOne, and Microsoft Defender for Endpoint · Malware analysis — static: PE headers, YARA rules, and VirusTotal · Malware analysis — dynamic: sandbox analysis with Cuckoo and Any.Run · Log analysis: Windows Event Logs, Linux syslog, and auditd · SIEM fundamentals: Splunk and Microsoft Sentinel — ingestion and alerting · Hands-on lab: vulnerability scan on a lab VM and write a remediation report

Penetration testing methodology: recon, scanning, exploitation, reporting · Legal authorisation: Rules of Engagement and written permission requirements · OSINT: Shodan, Maltego, theHarvester, and Google dorking techniques · Exploitation with Metasploit: modules, payloads, encoders, post-exploitation · Password attacks: Hashcat, John the Ripper, and credential stuffing · Privilege escalation on Linux: SUID, sudo misconfigurations, cron jobs · Privilege escalation on Windows: token impersonation, AlwaysInstallElevated · Professional penetration test report writing with CVSS-scored findings · Hands-on lab: full black-box penetration test on a dedicated lab environment

OWASP Top 10 (2021): all ten vulnerabilities — exploitation and remediation · SQL injection: manual testing, error-based, blind, time-based, and SQLmap · Cross-site scripting (XSS): reflected, stored, and DOM-based · CSRF, IDOR, and broken access control: testing and exploitation · Burp Suite: intercepting proxy, scanner, intruder, repeater, decoder · API security testing: REST and GraphQL authentication bypass · Secure code review: vulnerabilities in Python, JavaScript, and PHP · DevSecOps: integrating SAST (Semgrep, SonarQube) and DAST into CI/CD · Hands-on lab: exploit full OWASP Top 10 on a deliberately vulnerable web app

Cryptographic foundations: AES, RSA, ECC, SHA-2, and bcrypt · PKI and X.509 certificates: CAs, chains, CSR, OCSP, and pinning · TLS deep dive: handshake, cipher suite negotiation, and TLS 1.3 · MFA: TOTP (RFC 6238), FIDO2/WebAuthn, push-based, and hardware keys · IAM: SSO, SAML 2.0, OAuth 2.0, OpenID Connect, and LDAP · Zero-trust architecture: BeyondCorp model and microsegmentation · Secrets management: HashiCorp Vault and AWS Secrets Manager · Hands-on lab: implement end-to-end encryption and configure OAuth 2.0 SSO

SOC structure: tiers, roles, tools, daily operations, and shift handover · SIEM advanced: correlation rules, use case development, threat hunting · NIST SP 800-61 incident response lifecycle: all six phases in depth · Threat hunting: hypothesis-driven investigation and SIGMA rules · Digital forensics: chain of custody, memory forensics (Volatility), disk forensics (Autopsy) · Business continuity: RTO, RPO, backup strategies, and failover testing · Threat intelligence: IOC/TTP analysis, MISP, OpenCTI, and STIX/TAXII · Capstone: full penetration test with professional report — executive summary, CVSS findings, remediation roadmap

Identify, exploit (ethically), and remediate vulnerabilities across networks, systems, and web apps · Conduct professional penetration tests and write client-ready reports with CVSS scores · Operate in a Security Operations Centre and respond to real cyber incidents · Implement cryptographic controls, PKI, and zero-trust architecture · Achieve a credential benchmarked against CompTIA Security+, CEH v12, and ISC2 CC

Complete all 7 modules, pass a 75-question proctored examination (minimum 75%), submit a professional penetration test report with CVSS-scored findings, and complete an incident response simulation.

Cybersecurity Analyst, Penetration Tester (Junior), SOC Analyst (L1/L2), Security Engineer, Incident Responder, Vulnerability Analyst, Bug Bounty Hunter. Average starting salary: $70,000–$100,000 USD.