Hacking basics
Hacking steps

Foot-printing and defending against it.

Network, host, and port scanning tools.

Information about hosts & ports
Sub-domainsand countermeasures.

Vulnerability assessment, its categories, and industry tools.

It emphasiseshow to login, increase privileges, keep access, and remove your tracks.
Hacking-related protection and attack methods.

Malware: An Overview and Critical Analysis

Defence’s, tools, and packet sniffing techniques.

Introduction to Social engineering assaults.

Denial-Of-Service
Introduction to Denial of Service
Use Cases & Related attacks
Defense Tools.

Describe the technique, goal, tools, and countermeasures.
Evading Ids, Firewalls, And Honeypots
Learn these lines defences and strategies to avoid them during an attack.

Web server assaults, methods, tools, and protection

Web application assaults and defences.

Wireless encryption& related concepts
Hacking Mobile Platforms
Mobile device management&Android and iOS vulnerabilities.

Identifying and securing IoT vulnerabilities.
introduction to ics, scada, and plc, threats

Introduction to Cloud threats& Securities.
Introduction to Containers and serverless computing.

Cryptographic assaults& Cryptoanalysis.

Define, implement, manage and maintain an information security governance program.
Integrate information security governance framework
Manage information security.
Establish an information security governance monitoring structure.
Know information security standards, processes, directives, policies, legislation, and legal problems.
Understand business information security compliance.
Assess the organization’s external laws, rules, standards, and best practises.
Familiarise yourself with standards like ISO 27 and FIPS.
Manage computer operations by understanding federal and organisation-specific publications.
Compliance-check enterprise risk factors.
Reduce regulatory risk by synchronising information security strategy, plans, regulations, and practises.
Understand regulatory information security organisations.
Know information security trends and developments.
Compliance programme controls.
Know information security compliance.
Report compliance programmes.
Understand compliance audits and certification.
Follow organizational ethics.
Management Controls and Auditing Management
Determine the company’s goals and risk tolerance.
Test information systems controls before adoption to guarantee effectiveness and efficiency.
Determine the resources needed to develop and maintain information systems controls.
Supervise the information systems control process.
Metrics and key performance indicators.
Develop and test information security mechanisms.
Develop and execute strategies to rectify flaws and assess issue management techniques.
Automate information system control using tools and techniques.
Learn IT audit standards.
Assess IT systems and applications for a risk-based IT audit approach.
Conduct the audit process according to set standards
Evaluate audit reports based on relevance, correctness, and viewpoint.
Assess inadequate or non-existent control techniques.
Document IT audits and share findings with stakeholders.
Make sure the audit findings improvements are implemented quickly.

Organizationally align information systems project scope statements.
Identify and estimate information systems programme activities, then schedule and staff them.
Estimate and control project expenditures and manage the information systems programme budget.
Find, negotiate, buy, and manage IT programme design and execution resources.
To assure performance and responsibility, assign explicit information security job duties and offer continuous training.
Supervise information security staff and coordinate information systems team efforts with other security professionals.
Address people and teamwork difficulties within schedule, cost, and quality constraints.

Review potential solutions with suppliers and stakeholders to discover incompatibilities, problems, and concerns.
Project management should satisfy company needs cost-effectively and minimise risks.
To optimise system performance, aim to regularly assess information systems project efficacy.
Communicate progress and performance to stakeholders.

Establish obligatory and discretionary access control criteria, understand implementation factors, and build an access control strategy.
Develop and administer a need-to-know-based access control scheme.
Identify different access control systems.

Study social engineering ideas and their function in insider assaults and build countermeasures.
Anti-identity theft technique.
Phishing defense.

Find physical security regulations.
Locate physical security resources.
Develop, create, and maintain a comprehensive physical security strategy to protect the company.
Align human security goals with corporate security goals.
Plan and oversee physical security audits and updates.
Assess physical security.

Understand risk minimization, treatment, and acceptable risk.
Resource needs for risk management strategy.
Develop a systematic risk assessment strategy and IT security risk management programme.
Lead risk management teams.
Link incident response to external and internal groups.
Measure risk and incident management.
IT infrastructure residual risk.
Evaluate security risks and update security measures.
Update risk management policies and processes to meet corporate goals.
Use portfolio and security data to evaluate the investment planning process’s security measures.

Plan, execute, and monitor business continuity strategies for disruptive occurrences.
Explain business continuity, business recovery, contingency planning, and disaster recovery.
Assess business continuity stakeholders’ capabilities.
Define and prioritise vital business processes.
Risk-management planning, operations, and programmes.
Design documentation for operational continuity.
Test and update the operations continuity programme.
Understanding Integrating needs into operations continuity.
Establish backup and recovery options and disaster-ready standard operating practises.

Organizational information security
Create a firewall monitoring application
Perimeter defences
Evaluate network security architecture
Learn network segmentation.
Manage dmzs, vpn and telecommunication technologies.
Identify network vulnerabilities and explore network security controls
Troubleshoot hardware and software issues.

Secure wireless networks and find weaknesses.
Identify virus, trojan, and malware origins and threats
Anti-virus systems.
Anti-virus, trojan, and malware procedure.

Secure coding standards.
Learn system-engineering methods.
Use secure programme development tools.
Install and operate IT systems
Locate online application vulnerabilities, threats, and security tools.

Detect and fortify OS vulnerabilities and assaults.
Understanding Configuration management, patch, and system logs.

Encryption&decryption,
Digital certificates,
public key infrastructure, and
Cryptography vs Steganography.
Identify cryptosystem parts.
Plan data encryption.

For corporate security, create a penetration testing programme using penetration testing methodology.
Find vulnerabilities and legalities in information systems.
Pre & Post testing procedures
Plan pen test reporting and technical vulnerability repair.
Manage risk.

Plan to detect and report security violations.
Follow security incident reporting and system termination protocols.
Assess potential security violations
Address reported ia issues.
Provide standards to assess whether a security event is a legal infraction.
Locate system data that changes.
Understand various digital media devices.
Handling corporate digital forensics&managing forensic investigators.
Design investigation processes
Learn how to collect, store, and process digital evidence.
Design Anti-forensic techniques.

Strategic Planning
Plan, construct, and manage corporate information security architecture.
Use external and internal analyses to match information security with corporate goals.
To ensure organisation goals are understood, identify and consult key stakeholders.
Develop a forward-thinking, innovative, and original information security programme strategic plan.
Establish KPIs and monitor efficacy continuously.
Evaluate and adapt investments to meet strategic goals.
Track progress and accountability.

Develop the IT department’s operating budget.
Get and manage information security strategy resources.
Information securityprogrammes
Manage information security project costs
Identify Financial measures for stakeholders.
EISA and business security goals
Understand the acquisition life cycle
Learn about information system procurement methodologies
Understand procurement terminology
Coordinate IT security purchases with stakeholders
Ensure the inclusion of risk-based it security requirements
Plan vendor selection and management policy.
Establish contract administration procedures.
Measure and report on major procurement targets
Know the basic security standards.

• Overview of CKA Exam
• Exam Domains and Format

• Overview of Dockers and Containers
• What is Container Orchestration?
• Evolution of Kubernetes
• Differences between Kubernetes and Docker Swarm
• What is Kubernetes?
• Kubernetes Use Cases

• Understand Kubernetes Architecture
• Introduction to Kubernetes Master
• Components of Kubernetes Master
• Introduction to Node Components

• Overview of Minikube installation
• Installing and Configuring Kubernetes Master and Nodes using kubeadm
• Building a Highly Available Kubernetes Cluster
• List all the nodes of the clusters
• Working with cluster using various kubectl commands

• Overview of Namespaces and creating Namespaces
• Introduction to Pods
• Pods Lifecycle
• Working with YAML files
• Working with Pods to manage multiple containers
• Deploying Pods using kubectl run command.

• Overview of Deployments
• Scale-out deployments using Replica Sets
• Rolling Updates with Deployments
• Working with Labels and Selectors
• Application Health Checks – Liveness Probes, Readiness Probes
• Working with Jobs

• Overview of kube-scheduler
• Scheduling with kube-scheduler
• Scheduler Policies
• Horizontal Pod Auto scaling
• Affinity and Anti-Affinity

• Overview of Kubernetes Volumes
• Volumes Types -emptydir, hostPath, NFS, Cloud Volume
• What are Persistent Volumes?
• Working with Persistent Volume Claims
• Persist Volume Access Modes

• Overview of Replication Controllers
• Working with DaemonSets
• Working with StatefulSets

• Overview of Kubernetes Networking
• Overview of Kubernetes CNI providers – Flannel, Calico and WeaveNet
• Need for Kubernetes Services
• Types of Services- Cluster IP, NodePort and LoadBalancer
• Configuring Services using YAML files
• Ingress Rules & Load Balancers
• Cluster DNS

• Basics of Kubernetes Security
• Cluster Authentication & Authorization
• Users, Groups and Service Accounts
• Configuring Network Policies
• Creating TLS Certificates
• Secure Images

• Overview of Logging ad Monitoring
• Monitoring the Cluster Components
• Monitoring Application Logs

• Overview of Helm Charts
• Helm Charts
• Helm Repository
• Developing Helm Templates

• Overview of Node Maintenance
• Drain vs Cordoning Node
• Cluster Upgrade Process
• Backup and Restore Methods

• Overview of Node Maintenance
• Troubleshooting Application Failure
• Troubleshooting Control Plane Failure
• Troubleshooting Worker Node Failure
• Troubleshooting Networkin
• Drain vs Cordoning Node
• Cluster Upgrade Process
• Backup and Restore Methods

• Cluster components
• Cluster Architecture
• Kubernetes API primitives
• Kubernetes Objects
• Kubernetes Objects Contd
• Labels, Selectors and Annotations
• Services and network primitives

• Secrets &ConfigMaps
• Application’s Resource Requirements
• Configuring Applications
• Authentication
• Authorization
• Pod Security (Security Contexts)

• Introduction and Sidecar Pattern
• Adaptor and Ambassador Pattern

• Self Healing Applications
• Manage cluster component and application logs
• Cluster monitoring
• Troubleshooting

• Replication Controller & Replica Sets
• Deployments
• Rolling Updates and Rollbacks
• Containers – Command/Arguments and Environment Variables
• Init Containers
• Static Pods
• Introduction to Stateful Sets
• Jobs and CronJobs

• Networking cluster nodes
• Pod Networking concepts
• Service networking
• Service networking contd
• Network Policy

• Kubernetes Persistent Storage
• Persistent Volume & Persistent Volume Claims
• Reclaim Policies & Storage Classes