Threat Landscape & Security Foundations
Establishes the attacker's-eye and defender's-eye baseline: the CIA triad, the AAA model, and defense-in-depth expressed as trust/untrust/DMZ zoning. Learners taxonomize attacks against the Lockheed Martin Cyber Kill Chain and MITRE ATT&CK, then reproduce and mitigate concrete Layer 2/3 attacks (ARP spoofing, MAC flooding, VLAN hopping, DHCP starvation, IP spoofing). Grounds everything in India's DPDP Act 2023 obligations.
- Learner can reconstruct an intrusion across Cyber Kill Chain phases and map adversary TTPs to MITRE ATT&CK tactics and techniques.
- Learner can apply the CIA triad, AAA, and defense-in-depth zoning to classify and place security controls.
- Learner can execute and mitigate L2/L3 attacks (ARP spoofing, MAC flooding, VLAN hopping, DHCP starvation) using DAI, DHCP snooping and port security.
- Learner can summarize the network-security-relevant obligations of India's DPDP Act 2023, including breach handling.
Kill-chain reconstruction from a captured intrusion
Given a packet capture and log bundle on the RKR range, reconstruct the attack phase-by-phase in Wireshark, map each observed step to MITRE ATT&CK, and produce a defensible incident timeline.
L2 attack reproduction and mitigation
In a mixed Juniper/Cisco topology, launch ARP spoofing and DHCP starvation with ettercap/yersinia, then remediate with DHCP snooping, Dynamic ARP Inspection and port security, and verify the attacks are blocked.