Office Executive Course

Module 2: Cyber security Theory 

Overview

Course Title: Office Executive Course

Module Number: 2 - Cyber security Theory

Duration:  8-9 weeks (2 hours Class per week (Only Wednesday))

Level: Beginner to Intermediate

Prerequisites: Basic computer literacy; familiarity with operating systems and networks recommended.

Instructor: Shashi Kr Shaw

Start Date: (September 24, 2025)

Description: This module delves into the theoretical foundations of cybersecurity, focusing on protective strategies against common digital threats. Drawing from the core elements of applying security measures, data backups, and Wi-Fi network security, learners will explore how to safeguard systems, data, and networks from viruses, spyware, malicious code, and unauthorized access. 

By the end of this module, participants will understand layered defenses (defense-in-depth) and best practices for threat mitigation.

Rationale: In 2025, with cyber threats costing over trillion dollars in two digit figure globally, foundational knowledge in malware protection, firewalls, backups, and Wi-Fi security is essential. 

Learning Objectives

Upon completion of this module, learners will be able to:

1. Identify and classify common threats such as viruses, spyware, and malicious code, and apply appropriate security measures including firewalls.

2. Explain the importance of data backups and implement strategies for creating and managing secure copies of critical information.

3. Demonstrate practices for securing Wi-Fi networks, including password management, encryption protocols, and additional protective steps.

4. Analyze the interplay between these elements in a holistic cybersecurity approach, including risk assessment and recovery planning.

5. Evaluate emerging 2025 trends in threats (e.g., AI-driven malware) and adapt theoretical knowledge to practical scenarios.

Module Structure and Topics

The module is divided into three main units , each unit includes theoretical discussions, examples, and ties to broader cybersecurity concepts.

Unit 1: Applying Security Measures Against Viruses, Spyware, and Malicious Code (4 Weeks)

Overview: This unit covers the identification of threats and defensive tools, with a focus on firewalls for network protection. 

Subtopics:

• Introduction to Malware and Threats:

  • Definitions: Malware as an umbrella term; viruses (self-replicating, host-dependent); spyware (stealth monitoring); malicious code (e.g., trojans, ransomware).

  • Types and Evolution: 15 common malware variants (e.g., worms, botnets, keyloggers) with real-world examples like WannaCry (2017) and AcidPour (2024).

  • Differences: Malware vs. Virus; how threats exploit vulnerabilities in 2025 (e.g., AI-enhanced phishing).

• Protection Strategies:

  • Antivirus and Anti-Malware Tools: Installation, real-time scanning, behavioral detection (e.g., using Malwarebytes or Windows Defender).

  • Safe Practices: Email vigilance, software updates, avoiding suspicious downloads.

  • Layered Defenses: Combining tools for defense-in-depth.

• Firewall Protection:

  • Definition and Types: Hardware (router-based), software (OS-integrated), next-gen firewalls (NGFW with AI).

  • Applications: For internet/network systems; blocking unauthorized traffic, preventing data leaks.

  • Best Practices: Rule configuration (e.g., allow only ports 80/443), regular updates, logging and monitoring.

  • Integration: How firewalls tie into broader network security against threats like DDoS or MitM attacks.

Unit 2: Making Backup Copies of Important Files, Data, and Information (2  Weeks)

Overview: Focusing on resilience, this unit addresses data loss prevention and recovery.

Subtopics:

• Importance of Backups:

  • Risks: Hardware failure, ransomware , accidental deletion.

  • Benefits: Ensures data availability and integrity; compliance with regulations like GDPR.

• Backup Strategies:

  • 3-2-1 Rule: Three copies, two media types, one offsite.

  • Tools and Methods: External drives, cloud services (e.g., Google Drive), automated software.

  • Frequency and Prioritization: Daily for critical data; encryption (AES-256) for security.

• Advanced Concepts:

  • Immutable Backups: Preventing tampering (e.g., WORM storage).

  • Testing and Recovery: Periodic restore drills; versioning for ransomware rollback.

  • Integration with Threats: How backups counter wipers or cryptojackers.

Unit 3: Practicing on Securing Wi-Fi Networks Using Passwords (2 Weeks)

Overview: This unit emphasizes wireless security.

Subtopics:

• Wi-Fi Security Fundamentals:

  • Risks: Eavesdropping, unauthorized access (e.g., 40% of 2024 breaches per Verizon DBIR).

  • Authentication Basics: Role of passwords in preventing intrusions.

• Encryption Protocols:

  • Comparison: WEP (obsolete), WPA2 (vulnerable), WPA3 (recommended for 2025 with SAE).

  • Implementation: Router configuration for optimal security.

• Password Best Practices:

  • Length and Complexity: 12-16+ characters with mixes; avoid defaults.

  • Management: Using passphrases, password managers (e.g., Bitwarden).

• Additional Protective Steps:

  • MAC Address Filtering: Whitelisting devices.

  • SSID Hiding: Reducing visibility.

  • Guest Networks: Isolation for visitors; VPN integration.

  • Monitoring: Tools for detecting rogue devices (e.g., Fing app).

Conclusion (1 Week)

Overview: Synthesize units into a comprehensive framework.

• Holistic Cybersecurity: How firewalls, backups, and Wi-Fi security form layered protections.

• Emerging Trends: AI in threats/defenses; quantum-resistant encryption.

• Ethical Considerations: Responsible disclosure, privacy implications.