OffSec SEC-100 CyberCore – Security Essentials

Overview

SEC-100 Security Essentials provides a comprehensive foundation in cybersecurity for learners at the beginning of their careers. Covering a breadth of essential topics across governance and risk frameworks, offensive, defensive, and secure-by-design disciplines. The course also integrates general technical competencies, including scripting, networking, and cloud fundamentals. With a focus on practical application, participants will engage in hands-on labs, building core skills.

Learners who successfully complete the course and pass the proctored, hands-on OSCC SEC-100 exam will earn the OffSec CyberCore Certified certification, validating their readiness to enter the cybersecurity field.

Prerequisites

There are no formal prerequisites.

Recommended:

• Basic computer literacy and familiarity with operating systems
• Willingness to learn and engage with hands-on technical content

Target audience

This course is ideal for:

• Career starters and recent graduates seeking entry into cybersecurity
• IT professionals looking to transition into security-focused roles
• Service Desk and Helpdesk teams responsible for triaging security incidents
• Organisations aiming to upskill staff in foundational cybersecurity disciplines

Objectives

By the end of this course, learners will be able to:

• Identify offensive and defensive techniques used in modern cyber operations
• Apply basic scripting in Python and PowerShell to security tasks
• Configure and manage secure systems across Windows, Linux, and cloud environments
• Recognise and respond to common security incidents and threats
• Demonstrate secure-by-design principles in software and system architecture
• Understanding the anatomy of cybersecurity and the CIA Triad, a foundational model that defines core security objectives
• Integrating industry-recognised frameworks like NIST and ISO 27001 to implement effective security practices
• Address the risks and vulnerabilities associated with cloud computing
• Examine AI's influence, both as a threat and as a tool to enhance offensive and defensive capabilities
• Exploring what a Penetration Test (Pentest) is, how they are performed, and what their objectives are

Outline

Basic cybersecurity information

• Anatomy of cybersecurity and key concepts
• Cybersecurity GRC frameworks and standards

General skills

• Windows & Linux Basics
• Data Transformation Fundamentals
• Python & PowerShell Scripting Fundamentals
• Networking Fundamentals
• Enterprise Network Fundamentals
• Introduction to Network Firewalls
• Cloud Computing Fundamentals
• Background to Contemporary AI
• Cryptography Fundamentals

Offensive security skills

• Penetration Testing Process
• Information Gathering and Enumeration
• Understanding Web Attacks
• Attacking Endpoints
• Defence Evasion
• Offensive Cloud Fundamentals

Defensive security skills

• SOC Management Processes
• Defensive Security Processes
• Vulnerability Management
• Malware Analysis
• Social Engineering and Phishing
• Ransomware, DDoS, and Availability
• Wi-Fi Security
• Security of Embedded Systems
• Industrial Control Systems and OT
• Risk Management in Cybersecurity

Build (secure-by-design)

• Software Engineering Security
• Foundational Input Validation Concepts
• Cloud Architecture Fundamentals
• Introduction to Assurance Security Testing
• Critical thinking for a Career in Cybersecurity

Exams and assessments

This course includes two attempts at the OffSec CyberCore Certified (OSCC SEC-100) certification exam.

• The proctored, hands-on exam lasts six hours
• It tests offensive, defensive, and system administration capabilities
• The assessment includes three parts: Attack, Defend, and Build
• Learners will complete practical tasks within a controlled environment to demonstrate applied knowledge

Hands-on learning

This course includes:

• 12 months access to digital course content and interactive labs
• Realistic lab scenarios for offensive, defensive, and system hardening tasks
• Simulated cybersecurity environments designed to reflect real-world systems
• Hands-on scripting, firewall configuration, and penetration testing exercises
• Practical challenges aligned to OSCC SEC-100 exam objectives