Cybersecurity Architecture

Go to Course: https://www.coursera.org/learn/cybersecurity-architecture

Introduction

Describe the five foundational principles of cybersecurity and the Confidentiality, Integrity, and Availability (CIA) triad

Summarize the different areas that a cybersecurity architect must adopt to develop a secure enterprise solution

Discuss the different security domains, including IAM, endpoint security, network security, application security, and data security

Demonstrate your proficiency in recommending methods to improve network security in a given scenario

Syllabus

Cybersecurity Architecture Overview

In this module, you will be introduced to fundamental principles of cybersecurity including defense in depth, least privilege, separation of duties, security by design, Keep It Simple, Stupid (KISS). You will also be introduced to bad practice Security by Obscurity that can lead to cyberattacks. Next, you will be able to recognize the importance and key concepts related to Confidentiality, Integrity, and Availability, or the CIA Triad. Finally, you will become familiar with roles and how to manage the role security.

This module introduces Identity and access management (IAM) and endpoints. IAM is one of the security domains and is referred to as the new perimeter. You will learn about the LDAP and the 4 A’s of IAM including administration, authorization, authentication, and audits. After a brief discussion on Privileged access management (PAM), you will be introduced to the concepts of multifactor authentication (MFA) and single sign on (SSO). You will also learn about endpoints, which is another key security domain. After learning the definition of an endpoint, you will be introduced to endpoint management systems, which help control the endpoints.

In this module, you will be introduced to security in the network, application and data domains. As part of the network security domain, you will gain insight into firewall concepts, such as packet filter, stateful packet inspection, and proxy. You will also be introduced to security concepts associated with segments and VPNs, and SASE. Moving to the Application security domain, you will get familiar with the phases when security vulnerabilities creep in along with best practices for secure coding along with introduction of vulnerability testing. The concept of DevSecOps, Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) will also be introduced. This module will conclude with concepts associated with data security including governance, discovery, compliance, detection, and response.

In this module, you will learn about detecting cyberattacks and responding to them. This module will introduce you to security being the sum of prevention, detection, and response. You will be introduced to detection using the security information and event management (SIEM) system or extended detection response (XDR) system detection techniques to perform tasks such as monitoring, analyzing, reporting, and threat hunting. You will also get an overview of the SIEM process followed by the XDR process and how SIEM and XDR work together. Further, you will be introduced to federated search. This module will also cover how to respond to cyberattacks. You will become familiar with the SOAR system and also understand how automation and orchestration differ. Finally, you will be introduced to breach notifications.

In this module, you will complete a final project where you will have an opportunity to demonstrate your proficiency in designing a secure network architecture. Next, a case study will help you understand the different security tools from IBM. Finally, the final exam will test your knowledge of the course’s content including cybersecurity fundamentals and security domains.