cyber revision
cyberrev

Module objectives

Fundamentals

Before the tools and the exploits comes the vocabulary and the way of thinking that the rest of security is built on. This module gives you the concepts you will reach for in every later module and every real assessment.

By the end you will be able to:

  • Frame any incident or control against the CIA triad, and know the extensions that fill its gaps: authenticity, non-repudiation, and the AAA model.
  • Tell threat actors apart by capability, resources and intent, and read the actor off the behaviour, from script kiddies to nation-state APTs.
  • Classify a security control two ways at once, by type and by function, and explain why defence in depth needs independent failure modes.
  • Work a threat model with STRIDE, attack surfaces and the Cyber Kill Chain, and place any attacker action in the right stage.
  • Evaluate a design against the Saltzer and Schroeder principles, naming the one a flawed decision breaks.

The exam is practical: ten self-contained scenarios to classify and reason about, graded in your browser. Get seven of ten and the certificate is yours.