We Will Train You To Become A Cybersecurity Analyst In Six Months - Zero Previous Experience Required.Apply Now
The core curriculum of The Prelude Institute's cybersecurity analyst program is designed to provide students with a broad set of technical and professional skills to be effective members of a security operations or incident response team. Areas of concentration include:
Spreadsheets are very useful tools for quickly analyzing data by sorting, grouping, and summarizing it. While there are other methods and tools for working with very large datasets, or with unstructured data, learning how to effectively use spreadsheets will allow an analyst to quickly solve many problems and answer questions related to a dataset.
Foundational Concepts (Computing History, Key Terminology, Computing Architecture and Network Fundamentals, Key Security Concepts):
Students at The Prelude Institute come from a broad set of backgrounds, and may not have a strong foundation in information technology. In order to ensure that all students can work from a common set of vocabulary and conceptual understanding, we will spend some time setting a baseline upon which the rest of the course will build a strong understanding of technical security knowledge and skills.
Linux Operating System (Shells, Configuration, Administration):
Linux is a rich operating system that provides unmatched flexibility and toolsets for security professionals. Linux is also widely used within enterprises and cloud environments. Security practitioners need to be comfortable working within Linux and and with Linux-based security tools.
Governance, Compliance, Risk (Standards, Regulations, Managing Risk, Threat Modeling):
Cybersecurity is a technical field, but is important to understand how the technical processes and practice of security apply to an organization. Security exists in support of larger goals for a company or organization, and understanding how to manage risk within this greater context improves the effectiveness and value of the security team.
Databases and Web Technology (Relational Databases, SQL, HTTP):
The information that is targeted by attackers and that must be protected by defenders most commonly resides in a database. In the modern organization, the most common mechanism for accessing that data is through a web application. It is important for defenders to have a robust understanding of how these foundational technologies work, and how they are targeted and attacked by criminals and other malicious actors.
Scripting and Data Handling (bash scripts, Regular Expressions, grep, sed, awk):
Security professionals often need to deal with large amounts of unstructured data, and to automate repetitive tasks or interact with multiple systems and tools. Learning how to address problems and tasks with an algorithmic approach will allow students to learn additional programming languages much more easily.
Networking (OSI model, TCP/IP, Addressing, Subnets/Supernets, Switching, Routing, Common Protocols, Packet Capture):
Modern computing infrastructures rely on complex networks to carry communication between systems. Attacks are also carried out across networks. Therefore, it is critical that cybersecurity practitioners have a solid understanding of the underlying protocols and technologies that allow data to reliably flow between systems, and how to use tools such as tcpdump and Wireshark to help detect network activity that indicates attack or compromise.
Phishing and Malware (Methods, Trends, Defenses):
The weakest link in a system of security measures is the human element. Phishing and malware campaigns target the people at an organization, attempting to fool employees into performing actions that will help the attackers to gain information or access to systems. These types of attacks are the most common tactics employed, and defenders must understand how they are carried out, and how to protect an organization against them.
Application Security (Web and Native):
Software applications are the gateway to directly access valuable data. The complexity of modern software means that applications commonly have vulnerabilities present, and these are targeted by attackers in order to compromise systems. Cybersecurity professionals need to understand the technical basis for application attacks, how to detect vulnerabilities and exploitation attempts, and how to advise software developers on techniques and approaches to reduce risk.
Cryptography (Symmetric, Asymmetric, Signatures, TLS, VPNs):
Encryption technology is one of the most common methods of protecting data. Cybersecurity professionals must understand the way cryptographic algorithms are combined and applied to provide confidentiality, integrity, and non-repudiation to data and online transactions.
Operating System Architectures (Linux and Windows kernel design and operation, Memory layout and management):
The operating system of a computer is the platform that applications rely on to segregate data and processes in memory, providing a secure run-time environment. Defenders need to understand how attackers will attempt to subvert core operating system functions to help them take over systems.
Virtualization and Cloud (VMs, Containers, AWS, Azure):
Modern enterprises rely on virtualized infrastructures and hybrid architectures that combine on-premise and cloud-based systems. Defenders must understand the differences in defense, detection, and response approaches for these deployment and operating models.
Incident Response Processes and Tools (Incident Response Phases, Approaches, Evidence Collection and Handling, Analysis, Tools):
Preparing for and effectively responding to security incidents requires an understanding of how to identify indicators of attack or compromise, how to use automated tools to perform efficient investigation of large amounts of data, processes for handling evidence and reporting that support litigation or prosecution, and processes for recovering from attacks and hardening systems against future compromise.