Although I have already completed TryHackMe’s Pre-Security Course, I still feel that there is plenty of more high-level knowledge missing.

Below are my learnings from LinkedIn Learning’s **Cybersecurity Foundations:**

• Cybersecurity is built on Standards & Frameworks—the main ones being NIST and ISACA (making a mental note to add the latter to my study list)
• The cybersecurity landscape has evolved from bored teenagers in bedrooms to large-scale, sophisticated botnets
• The Cyber Kill Chain - Reconaissance, Weaponization, Delivery, Exploitation, Installation, Command and Control, Action
• Cybercrime has eclipsed illicit drugs as an industry 💡

Difference between Malware and Social Engineering

Malware is malicious software that exploits technical vulnerabilities, whereas social engineering is a tactic that exploits human psychology to manipulate people into compromising their own security.

Understanding this reinforces my desire to go intro Governance, Risk & Compliance (GRC) as the role has direct impact into people, processes and technology.

Malware, Phishing, Encryption

Malware has evolved from floppy disks to internet downloads and from USB drives to botnets. Zeus, the most famous botnet, primarily exists to steal online credentials.

Day one has taught me that while I'm becoming more comfortable with network design concepts, I need to strengthen my network security fundamentals. This is especially important for understanding real-life cyber attack descriptions, which frequently reference concepts like packets, port scanning, and payloads.

Further Reading & Revision📚

The Cyber Kill Chain, Lockheed Martin (2009)

ISACA Framework

Network Security