Preface

Preface#

About This Textbook#

This textbook is a free, open-source resource for university-level cybersecurity education. It covers the full spectrum of the discipline, from foundational cryptography and networking through offensive techniques, defensive architecture, digital forensics, privacy law, and industrial control system security.

Who This Book Is For#

This book is written for students in undergraduate and graduate cybersecurity programs, as well as practitioners who want a structured reference grounded in both theory and practice. No prior security experience is assumed, but familiarity with basic networking and programming concepts will accelerate progress through the more technical chapters.

How This Book Is Organized#

The book is divided into six parts:

  • Part I: Foundations of Cybersecurity (Chapters 1-3) covers the conceptual and technical prerequisites: the CIA triad, cryptography, and networking.

  • Part II: Threats and the Human Element (Chapters 4-5) covers social engineering and risk management.

  • Part III: Offensive Security (Chapters 6-10) covers the offensive methodology: penetration testing, reconnaissance, scanning, exploitation, and web application security.

  • Part IV: Defensive Security (Chapters 11-14) covers the defensive architecture: network hardening, intrusion detection and prevention, digital forensics, and incident response.

  • Part V: Advanced and Emerging Topics (Chapters 15-17) covers malware analysis, capture-the-flag competitions, and emerging threats.

  • Part VI: Cybersecurity, Society, and Critical Infrastructure (Chapters 18-20) covers the organizational and societal context: privacy law, security governance and culture, and industrial control system security.

  • Appendices provide quick-reference material: a command reference, a glossary, and a framework and standard summary.

Ethical Commitment#

Every offensive technique in this book is presented for defensive understanding. The purpose is not to enable harm but to equip defenders with an accurate mental model of how attacks work, so that they can design controls, detect intrusions, and respond effectively. Every student of this material accepts the obligation to apply it only to systems they own or have explicit written authorization to test.

Using This Book in a Course#

Each chapter opens with learning objectives and closes with ten multiple-choice review questions and a multi-part lab assignment. The chapter mapping table in the introduction suggests chapter groupings for standard university courses. The book is executable: most code cells run in a standard Python 3 environment using only the standard library and matplotlib, and a few examples additionally use widely available packages, namely numpy, the cryptography library, and IPython. All of these install in one step with pip install matplotlib numpy cryptography ipython.

A Note on Currency#

Cybersecurity is a rapidly evolving field. The foundational principles of cryptography, risk management, and adversary psychology are stable; specific tools, exploits, and regulations change constantly. This textbook prioritizes principles that remain valid across tool generations and highlights the most current standards and frameworks as of its last revision.

Devharsh Trivedi, Ph.D., CISSP