Month 2 – Offensive & Web Security (Weeks 5–8)
Weeks & Topics | Daily Work (4-5 hrs) | Assignments | Milestones |
|---|---|---|---|
week 5 : Information gathering & scanning | Nmap scans (TCP, UDP, service, OS), host discovery, Shodan basics, recon methodology. | 1) Scan a lab network; 2) Fingerprint services. | Scan report (open ports, services). |
week 6 : Vulnerability assessment | Identify outdated services, misconfigurations, common vulnerabilities, basic risk rating | 1) Vulnerability list for a lab VM; 2) CVSSstyle severity tagging. | Vulnlist with remediation hints |
week 7 : Web application security basics | OWASP Top 10 intro (SQLi, XSS, CSRF, file upload, insecure auth), Burp Suite | 1) Test a vulnerable app (e.g., OWASP Juice Shop); 2) Capture XSS/SQLi. | Lab report (screenshots + remediation). |
week 8 : Introduction to ethical hacking & pentesting | Metasploit basics, payload types, exploitation basics, reporting, Monthly Test 2 (network + web security). | 1) Exploit a simple VM (e.g., Metasploitable); 2) Clean up evidence | Project 2: “Mini Penetration Test Report”– Full engagement on a lab VM (recon → vuln assessment → exploitation → cleanup + written report). |
Month 3 – Security, Optimization & Capstone (Weeks 9–12)
Weeks & topics | Daily works (4-5 hrs) | Assignments | Milestones |
|---|---|---|---|
week 09 : Network defense & logging | IDS/IPS basics, SIEM concepts, firewall rules, log analysis, security event correlation | 1) Analyze sample logs for suspicious activity; 2) Write a simple detection rule. | Incident detection worksheet. |
week 10 : Incident response basics | Detection, containment, eradication, recovery, postmortem; IR playbooks, forensics concepts | 1) Simulate a ransomwarelike incident; 2) Create a stepbystep playbook. | IR playbook template |
week 11 : Security automation & scripting | Python scripts for log parsing, basic enumeration, automation of scans/reports. | 1) Script to parse logs and flag suspicious IPs; 2) Autoscan snapshot. | Python scripts + documentation |
week 12 : Capstone & certification prep | Endtoend scenario: detection → investigation → response → reporting; light Security+ / CEHstyle prep; Final Test – mixed MCQ + practical. | 1) Join a mini CTF or lab attack scenario; 2) Write a full incident report. | Project 3: “Security Operations Simulation” – Play attacker and defender roles in a scenario (e.g., phishing → breach → detection → response) and produce: timeline, evidence, and remediation plan |
Cyber
Security
12 week Course Curriculum
Here’s a 3month Cyber Security curriculum designed from basics to advanced, with weekly topics, monthly tests, assignments, and projects, aligned to current industry standards (Networking, Linux, web security, ethical hacking, incident response, and basic defense).
Assumptions :
4–5 hours per day, 5 day weeks → 12 weeks ≈ 3 months.
Tools :
Linux (Kali/Ubuntu), Wireshark, Nmap, Metasploit, Burp Suite Community, Vagrant/VirtualBox, basic Python scripting.
Outcome :
Junior Cybersecurity Analyst / SOC Associate / Ethical Hacker (beginnerintermediate).
Overall Assessment Plan Weekly assignments :
Weekly assignments: 2–3 handson labs (e.g., VMs, CTFstyle tasks, writeups). Monthly tests: 1hour MCQ + practical (e.g., “find the vulnerability in this packet capture”).
Monthly projects: Realistic security scenarios (CTF, pentest report, incident simulation).
Month 1 – Foundations & Core Concepts (Weeks 1–4)
Weeks & Topics | Daily Work (4-5) hours | Assignments | Milestones |
|---|---|---|---|
week 1 : Intro to Cybersecurity | CIA triad, threats vs risks, attacker types, basic security policies, common terms (vulnerability, exploit, zeroday). | 1) Identify CIA violations in 5 realworld scenarios; 2) Create a threat map. | Short quiz on core concepts. |
week 2 : Networking basics for security | IP/subnetting, TCP/UDP, DNS, HTTP/HTTPS, ports, firewalls, OSI/HTTP layers. | 1) Network diagram exercise; 2) Packet capture with Wireshark (filter HTTP). | Networkmap + Wireshark notes. |
week 3 : Operating systems & Linux security | Linux basics (CLI, file system, users, permissions), Windows security concepts, hardening basics | 1) User/permission lab on Linux; 2) Process/service enumeration. | Linux lab report. |
week 4 : System hardening & basics of defense | Patching, logs, basic firewall rules, SSH security, Monthly Test 1 (core concepts + networking). | 1) Secure a simple Linux server (SSH, users, firewall); 2) Log analysis exercise. | Project 1: ��“Secure Server Lab” – Harden a Linux VM (disable root SSH, set up firewall, basic audit) and document changes |
