Day 1 learning Google Cybersecurity at Coursera

This is my study notes. just for my personal notes and learn. 

Program Overview

- Core security concepts

- Security domains

- Network Security

- Computing basics

- Assets, threats, and vulnerability

- Incident detection and response

- Python

- Find and apply for jobs

By completing the eight courses in this certificate program, 

you'll prepare for entry-level jobs in cybersecurity, 

such as cybersecurity analyst, security analyst, 

and security operations center (SOC) analyst. 

No prior experience in cybersecurity is required to complete this program.

Throughout the program, you will have multiple opportunities to develop your cybersecurity knowledge and skills. You will explore concepts and scenarios to learn what an entry-level cybersecurity analyst must know and be able to do to thrive in the cybersecurity profession. 

Google Cybersecurity Certificate courses

The Google Cybersecurity Certificate has eight courses that focus and build upon core concepts and skills related to the daily work of cybersecurity professionals, including foundational cybersecurity models and frameworks that are used to mitigate risk; protecting networks and data; using programming to automate tasks; identifying and responding to security incidents; and communicating and collaborating with stakeholders. Additionally, you will apply what you’ve learned in each course by completing portfolio projects that can be used to showcase your understanding of essential cybersecurity concepts to potential employers. The courses of the program are as follows: 

1. Foundations of Cybersecurity (current course) 

2. Play It Safe: Manage Security Risks 

3. Connect and Protect: Networks and Network Security 

4. Tools of the Trade: Linux and SQL 

5. Assets, Threats, and Vulnerabilities 

6. Sound the Alarm: Detection and Response

7. Automate Cybersecurity Tasks with Python 

8. Put It to Work: Prepare for Cybersecurity Jobs

1. Foundations of Cybersecurity

In this course, you will:

• Define the field of security
• Recognize core skills and knowledge needed to become a security analyst
• Identify how security attacks impact business operations
• Identify eight security domains
• Define security frameworks and controls

Skill sets:

• Communicating effectively
• Collaborating with others
• Identifying threats, risks, and vulnerabilities
• Problem-solving

1. 2. Play It Safe: Manage Security Risks

2. In this course, you will:

   • Recognize and explain the focus of eight security domains
   • Identify the steps of risk management
   • Describe the CIA triad
   • Identify security principles
   • Define and describe the purpose of a playbook
   • Explain how entry-level security analysts use SIEM dashboards

   Skill sets:

   • Applying the CIA triad to workplace situations
   • Analyzing log data
   • Identifying the phases of an incident response playbook

   3. Connect and Protect: Networks and Network Security

3. In this course, you will:

   • Define types of networks
   • Explain how data is sent and received over a network
   • Recognize common network protocols
   • Compare and contrast local networks to cloud computing
   • Explain how to secure a network against intrusion tactics

   Skill sets:

   • Configuring a firewall
   • Recognizing components of computer networks and cloud computing
   • Analyzing threats
   • Implementing security hardening

   4. Tools of the Trade: Linux and SQL

In this course, you will:

• Describe the main functions of an operating system
• Explain the relationship between operating systems, applications, and hardware
• Compare a graphical user interface to a command line interface
• Navigate the file system using Linux commands via the Bash shell
• Use SQL to retrieve information from a database

Skill sets:

• Interacting with both a graphical user interface (GUI) and command line interface (CLI)
• Querying a database with SQL
• Filtering on a particular word with the Linux command line
• Authenticating and authorizing users with the Linux command line

5. Assets, Threats, and Vulnerabilities

In this course, you will:

• Explain security’s role in mitigating organizational risk
• Describe the defense in depth strategy
• Explain how vulnerability assessments are used to assess potential risk
• Develop an attacker mindset to recognize threats
• Discuss the role encryption and hashing play in securing assets
• Identify forms of social engineering, malware, and web-based exploits

Skill sets:

• Classifying assets
• Decrypting a message
• Searching the CVE database for vulnerable applications
• Analyzing attack surfaces
• Applying the PASTA threat modeling framework

6. Sound the Alarm: Detection and Response

In this course, you will:

• Explain the lifecycle of an incident
• Use packet sniffing tools to capture and view network communications
• Perform artifact investigations to analyze and verify security incidents
• Identify the steps to contain, eradicate, and recover from an incident
• Interpret the basic syntax and components of signatures and logs in IDS and NIDS tools

Skill sets:

• Capturing, viewing, and analyzing a packet
• Investigating a suspicious hash file
• Following a playbook
• Examining alerts, logs, and rules
• Performing queries with SIEM tools

7. Automate Cybersecurity Tasks with Python

In this course, you will:

• Explain how the Python programming language is used in security
• Write a simple algorithm
• Use regular expressions in Python to extract information from text
• Use Python to automate tasks performed by security professionals
• Use Python to parse a file

Skill sets:

• Working with strings and their index values
• Applying regular expressions (regex)
• Importing and parsing a file
• Debugging code

8. Put It to Work: Prepare for Cybersecurity Jobs

In this course, you will:

• Define stakeholders and describe their security roles
• Communicate sensitive information with care and confidentiality
• Identify reliable sources within the security community
• Determine opportunities to become engaged with the security community
• Determine ways to establish and advance a career in security, by engaging with the security community
• Find, apply for, and prepare for job interviews

Skill sets:

• Creating a dashboard
• Creating or updating a resume
• Using the STAR method for interview questions
• Drafting an elevator pitch

This course will introduce you to 

the world of security and how it's used 

to protect business operations, users, and devices, so 

you can contribute to the creation 

of a safer internet for all.

1. Module 1
2. Introduction to cybersecurity

Organizations must prepare for the storm by ensuring they 

have the tools to mitigate and 

quickly respond to outside threats. 

The objective is to minimize risk and potential damage.

definitions: 

Cybersecurity, or security, is the practice 

of ensuring confidentiality, integrity, 

and availability of information 

by protecting networks, devices, 

people, and data from 

unauthorized access or criminal exploitation

Benefits of security :

- Protects against external dan internal threats

- Meets regulatory compliance

- Maintains and improves business productivity

- Reduces expenses

- Maintans brand trust

Security analysts are responsible for 

monitoring and protecting information and systems.

Responsibilites of a security analyst :

- Protecting computer and network systems

- Installing prevention software

- Conducting periodic security audits.

 

A day in the life as a entry- level security professional? 

Um, it can change day to day, but there's two basic parts to it. 

There's the operation side, which is responding to detections and 

doing investigations. 

And then there's the project side where you're working with other teams to build 

new detections or improve the current detections.

The difference between this entry- level cybersecurity analyst and 

an entry-level cybersecurity engineer is pretty much that the analyst 

is more focused on operations and the engineer, 

while they can do operations, they also build the, the detections and 

they do more project focused work

. 

A playbook is a list of how to go through a certain detection, and 

what the analyst needs to look at in order to investigate those incidents.

cybersecurity (also known as security) is the practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation.

Key cybersecurity terms and concepts

There are many terms and concepts that are important for security professionals to know. Being familiar with them can help you better identify the threats that can harm organizations and people alike. A security analyst or cybersecurity analyst focuses on monitoring networks for breaches. They also help develop strategies to secure an organization and research information technology (IT) security trends to remain alert and informed about potential threats. Additionally, an analyst works to prevent incidents. In order for analysts to effectively do these types of tasks, they need to develop knowledge of the following key concepts. 

Compliance is the process of adhering to internal standards and external regulations and enables organizations to avoid fines and security breaches.

Security frameworks are guidelines used for building plans to help mitigate risks and threats to data and privacy.

Security controls are safeguards designed to reduce specific security risks. They are used with security frameworks to establish a strong security posture.

Security posture is an organization’s ability to manage its defense of critical assets and data and react to change. A strong security posture leads to lower risk for the organization.

A threat actor, or malicious attacker, is any person or group who presents a security risk. This risk can relate to computers, applications, networks, and data.

An internal threat can be a current or former employee, an external vendor, or a trusted partner who poses a security risk. At times, an internal threat is accidental. For example, an employee who accidentally clicks on a malicious email link would be considered an accidental threat. Other times, the internal threat actor intentionally engages in risky activities, such as unauthorized data access.

Network security is the practice of keeping an organization's network infrastructure secure from unauthorized access. This includes data, services, systems, and devices that are stored in an organization’s network.

Cloud security is the process of ensuring that assets stored in the cloud are properly configured, or set up correctly, and access to those assets is limited to authorized users. The cloud is a network made up of a collection of servers or computers that store resources and data in remote physical locations known as data centers that can be accessed via the internet. Cloud security is a growing subfield of cybersecurity that specifically focuses on the protection of data, applications, and infrastructure in the cloud.

Programming is a process that can be used to create a specific set of instructions for a computer to execute tasks. These tasks can include:

• Automation of repetitive tasks (e.g., searching a list of malicious domains)

• Reviewing web traffic 

• Alerting suspicious activity

Key takeaways

Understanding key technical terms and concepts used in the security field will help prepare you for your role as a security analyst. Knowing these terms can help you identify common threats, risks, and vulnerabilities. To explore a variety of cybersecurity terms, visit the National Institute of Standards and Technology glossary. Or use your browser to search for high-quality, reliable cybersecurity glossaries from research institutes or governmental authorities. Glossaries are available in multiple languages.

Security analyst transferable skills :

- Communication

- Collaboration

- Analysis

- Problem Solving

Security analyst technical skills :

- Programming languages

- Security information and event management (SIEM) tools

- Computer forensics