Welcome to the Cybersecurity Knowledge Vault — a structured, interlinked, and practical Obsidian knowledge base designed to support CompTIA Security+ certification and foundational cybersecurity mastery.

---

📚 Purpose

This vault serves as a study framework, operational reference, and portfolio showcase for security professionals and learners. Content is grounded in frameworks like NIST, ISO 27001, CIS Controls, and guided by the Dr. Messer Security+ series.

---

🧭 Core Topics

• 🔐 Security Controls — technical, administrative, physical
• 🧩 Access Control Models — RBAC, ABAC, DAC, MAC
• 🛠️ System Hardening — secure baselines, CIS Benchmarks
• 🧪 Assessment & Testing — pen testing, vulnerability scans
• 🎯 Risk Management — qualitative/quantitative, ALE, risk treatment
• 📄 Policy & Compliance — ISO 27001, NIST RMF, PCI-DSS
• 🌐 Network Security — firewall zoning, TLS, segmentation
• 📦 Software Security — SDLC, OWASP Top 10, DevSecOps
• 📊 Monitoring & Logging — SIEM, audit trails, alerting
• 🧠 Threat Intelligence — TTPs, frameworks, indicators
• 🔄 Incident Response — IR plans, forensics, chain of custody
• 🧰 Tools & Cheat Sheets — BloodHound, Metasploit, Volatility

All notes follow a consistent structure and utilize Obsidian’s link features like [[Access Control Models]].

---

🧱 Built-In Templates (23+)

Quick-start templates for operational and blue/purple/red team activities:

• 🔷 Blue Team:
  • Blue Team Lab Documentation Template
  • Incident Response Log Template
  • SIEM Alert Triage Template
  • SOC Shift Handover Template
  • SOC Metrics & KPI Tracking Template
  • SOC SOP Checklist Template
• 🟥 Red Team:
  • Red Team Engagement Log Template
  • Exploit Dev Notes Template
  • Pentesting Template
  • Bug Bounty Report Template
• 🟣 Purple Team:
  • Purple Team Exercise Templates
  • Elastic & Splunk Detection Rule Template
• 🧪 Investigation & Response:
  • IR Playbook Template
  • Malware Triage Template
  • Insider Threat Investigation Log Template
  • Threat Hunting Campaign Log Template
  • Forensics Case Template
• 📋 General Utility:
  • Quick Note Dump Template
  • Research Log Template
  • Defensive Gap Analysis Template
  • Phishing Simulation Campaign Template
  • Threat Modelling Template
  • Tech Issue Template
  • Vulnerability Report Template

---

🔍 Sample Entry: [[Security Controls]]

Covers:

• Control types: Preventive, Detective, Corrective, Compensating
• Control layers: Technical, Operational, Managerial
• Real-world mapping to NIST/CIS
• Study tags and actionable To-Dos

---

🧠 Study Workflow

1. Start with theory: [[CIA Triad]], [[Access Models]], [[Control Types]]
2. Map to frameworks: NIST SP 800-53, ISO 27001, CIS Benchmarks
3. Leverage templates: Apply knowledge in labs and exercises
4. Track learning: Use structured logs & notes across red/blue/purple disciplines
5. Iterate: Continually expand with real-world scenarios and threat data

---

🏷 Tags

#security_controls #access_control #risk_assessment #incident_response #SIEM #SOC #encryption #vulnerability_management #devsecops #compliance

---

🔗 External References

• NIST Cybersecurity Framework
• CIS Controls
• OWASP Top 10
• Professor Messer’s Security+

---

📜 License

This vault is licensed under the
Creative Commons Attribution 4.0 International (CC BY 4.0) license.
You may copy, adapt, and share the material — even commercially — with proper attribution.

🔗 https://creativecommons.org/licenses/by/4.0/

---

💬 Contributions are welcome if they align with the project’s research-driven learning structure. Forks and feedback encouraged.

---

Stay sharp. Stay secure. 💡🔒
— Built and maintained by a cybersecurity analyst in training