Skip to main content

Cybersecurity · Applied

Applied Cybersecurity

Page 2 of 4

How systems fail and how we defend them

Core path

Your path through this level

Progress saves in this browser and syncs after you sign in

Completed
0 of 7
You will be able to
  • Apply basic threat modelling to a small system, identifying assets, actors, and likely threats.
  • Explain how authentication, authorisation, sessions, and cookies interact in common web flows.
  • Analyse simple log signals and relate them to likely misuse or attack paths.

Pick up where you left off

Threat modelling is designPolicy and enforcementInput to database flowService chain securityShip or stopDetection loopFeature security review pack
Optional
Full module map
Use this if you want the shape of the level before you start
Show
Module A1Threat modelling is design
Threat modelling is how you choose where to spend effort before the incident chooses for you.
Open
Prerequisites
  • Foundations-level vocabulary and concepts
  • Confidence with basic diagrams and section terminology
Outcomes
  1. Explain threat modelling is design in your own words and apply it to a realistic scenario.
  2. Threat modelling is how you choose where to spend effort before the incident chooses for you.
  3. Check the assumption "Scope is explicit" and explain what changes if it is false.
  4. Check the assumption "We can name abuse paths" and explain what changes if it is false.
Practice
  • Work through one scenario and justify the decision with evidence
  • Compare two options and name the trade-off clearly
Artefact and failure modes
  • A one-page decision note with assumption, evidence, and chosen action
  • Threat list without controls. A model that ends at threats is unfinished work. The output is control choices and evidence.
  • Generic threats. If everything is a threat, nothing is. Tie threats to assets and entry points.
Module A2Policy and enforcement
Access control works when policy is clear and enforcement is consistent at every entry point.
Open
Prerequisites
  • Foundations-level vocabulary and concepts
  • Confidence with basic diagrams and section terminology
Outcomes
  1. Explain policy and enforcement in your own words and apply it to a realistic scenario.
  2. Access control works when policy is clear and enforcement is consistent at every entry point.
  3. Check the assumption "Least privilege is maintained" and explain what changes if it is false.
  4. Check the assumption "Admin is separated" and explain what changes if it is false.
Practice
  • Work through one scenario and justify the decision with evidence
  • Compare two options and name the trade-off clearly
Artefact and failure modes
  • A one-page decision note with assumption, evidence, and chosen action
  • Shadow access. Access granted through forgotten paths and legacy endpoints becomes the breach route.
  • Policy drift. If policy lives in three places, it will disagree. Centralise and test it.
Module A3Input to database flow
Most web vulnerabilities are untrusted input reaching a sensitive operation.
Open
Prerequisites
  • Foundations-level vocabulary and concepts
  • Confidence with basic diagrams and section terminology
Outcomes
  1. Explain input to database flow in your own words and apply it to a realistic scenario.
  2. Most web vulnerabilities are untrusted input reaching a sensitive operation.
  3. Check the assumption "Inputs are untrusted" and explain what changes if it is false.
  4. Check the assumption "Sensitive operations are gated" and explain what changes if it is false.
Practice
  • Work through one scenario and justify the decision with evidence
  • Compare two options and name the trade-off clearly
Artefact and failure modes
  • A one-page decision note with assumption, evidence, and chosen action
  • Validation gaps. One unchecked field is enough. Attackers look for the single weak edge.
  • Missing rate limits. Without rate limits, brute force and abuse become cheap.
Module A4Service chain security
Distributed systems fail when trust is assumed between services.
Open
Prerequisites
  • Foundations-level vocabulary and concepts
  • Confidence with basic diagrams and section terminology
Outcomes
  1. Explain service chain security in your own words and apply it to a realistic scenario.
  2. Distributed systems fail when trust is assumed between services.
  3. Check the assumption "Service identity exists" and explain what changes if it is false.
  4. Check the assumption "Authz is consistent" and explain what changes if it is false.
Practice
  • Work through one scenario and justify the decision with evidence
  • Compare two options and name the trade-off clearly
Artefact and failure modes
  • A one-page decision note with assumption, evidence, and chosen action
  • Broken authorisation. Most serious incidents are access control failures, not crypto failures.
  • Replay and reuse. If tokens can be replayed, attackers turn one mistake into a habit.
Module A5Ship or stop
Release gates are decision logic: what must be true before we expose users.
Open
Prerequisites
  • Foundations-level vocabulary and concepts
  • Confidence with basic diagrams and section terminology
Outcomes
  1. Explain ship or stop in your own words and apply it to a realistic scenario.
  2. Release gates are decision logic: what must be true before we expose users.
  3. Check the assumption "Tests reflect reality" and explain what changes if it is false.
  4. Check the assumption "Failures are actionable" and explain what changes if it is false.
Practice
  • Work through one scenario and justify the decision with evidence
  • Compare two options and name the trade-off clearly
Artefact and failure modes
  • A one-page decision note with assumption, evidence, and chosen action
  • Green build, unsafe release. If you test the wrong things, you ship the wrong confidence.
  • Gates that block delivery. Over-strict gates create shadow releases. The goal is safety with flow.
Module A6Detection loop
Detection is a loop: collect signals, decide, act, and learn from outcomes.
Open
Prerequisites
  • Foundations-level vocabulary and concepts
  • Confidence with basic diagrams and section terminology
Outcomes
  1. Explain detection loop in your own words and apply it to a realistic scenario.
  2. Detection is a loop: collect signals, decide, act, and learn from outcomes.
  3. Check the assumption "Signals map to behaviour" and explain what changes if it is false.
  4. Check the assumption "A runbook exists" and explain what changes if it is false.
Practice
  • Work through one scenario and justify the decision with evidence
  • Compare two options and name the trade-off clearly
Artefact and failure modes
  • A one-page decision note with assumption, evidence, and chosen action
  • Noisy alerts. Noise teaches people to ignore alarms. Tune until alerts mean something.
  • No evidence captured. If you do not capture evidence before changes, you lose the story of what happened.
Module A7Feature security review pack
The goal is a small pack you can defend: risks, controls, tests, and evidence.
Open
Prerequisites
  • Foundations-level vocabulary and concepts
  • Confidence with basic diagrams and section terminology
Outcomes
  1. Explain feature security review pack in your own words and apply it to a realistic scenario.
  2. The goal is a small pack you can defend: risks, controls, tests, and evidence.
  3. Check the assumption "Evidence is part of the deliverable" and explain what changes if it is false.
  4. Check the assumption "Trade-offs are written down" and explain what changes if it is false.
Practice
  • Work through one scenario and justify the decision with evidence
  • Compare two options and name the trade-off clearly
Artefact and failure modes
  • A one-page decision note with assumption, evidence, and chosen action
  • Docs without verification. A document that nobody can test becomes a comfort blanket.
  • Controls without owners. If ownership is unclear, controls decay and the pack becomes outdated.
Optional
Planning and evidence
Objectives, timing, and CPD tracking
Show

If you want to start learning now, leave this closed. Come back when you want to plan your practice or keep evidence for CPD. This is guidance and it is not endorsed by awarding bodies. Standards mapping lives on the course overview page.

Learning objectives

What you will be able to do

  1. 1. Apply basic threat modelling to a small system, identifying assets, actors, and likely threats.
    Threat modelling turns fear into structured choices you can defend.
  2. 2. Explain how authentication, authorisation, sessions, and cookies interact in common web flows.
    Auth flows are where most real attacks aim, so you must understand them.
  3. 3. Analyse simple log signals and relate them to likely misuse or attack paths.
    Logs are evidence, and evidence drives response under pressure.
  4. 4. Evaluate trade offs between controls when constraints (cost, usability, risk) conflict.
    Trade offs are real, so you need to justify control choices clearly.
What comes next
Next we step into governance and response because that is where organisations succeed or fail.
Continue to Practice and strategy

What changes at this level

Level expectations

Each level is independent but clearly deeper than the last. This panel makes the jump explicit.

Assessment intent
Applied

Scenario based judgement, common failure modes, and trade-offs between controls.

Style
scenario
18 questions
30 min timed
Pass standard
80%
Not externally certified
Evidence you can save (CPD friendly)
  • A one page threat model for a small product: abuse cases, controls, and what you would log.
  • An attack surface inventory: what is exposed, what can be removed, what must be protected, and why.
  • A short risk trade-off write-up: two controls, one constraint, and a defensible choice.

CPD timing

Applied time breakdown

Defensible timing based on page content: reading, labs, checkpoints, and reflection.

Reading
32m
4,766 words × 1.3
Practice
120m
8 × 15m
Checkpoints
35m
7 × 5m
Reflection
56m
7 × 8m
Estimated total
4h 3m
Based on page content
Claimed hours
8h
Includes reattempts + capstone
Claimed hours exceed on-page estimate by ~4h. Gap will be filled with guided practice and assessment-grade work.

CPD tracking

Fixed hours for this level are 8. Timed assessment time is included once on pass.

View in My CPD
Sign in to sync progress and unlock assessments
Progress minutes
0.0 hours

Learning objectives

What you will be able to do

  1. 1. Apply basic threat modelling to a small system, identifying assets, actors, and likely threats.
    Threat modelling turns fear into structured choices you can defend.
  2. 2. Explain how authentication, authorisation, sessions, and cookies interact in common web flows.
    Auth flows are where most real attacks aim, so you must understand them.
  3. 3. Analyse simple log signals and relate them to likely misuse or attack paths.
    Logs are evidence, and evidence drives response under pressure.
  4. 4. Evaluate trade offs between controls when constraints (cost, usability, risk) conflict.
    Trade offs are real, so you need to justify control choices clearly.
What comes next
Next we step into governance and response because that is where organisations succeed or fail.
Continue to Practice and strategy

What changes at this level

Level expectations

Each level is independent but clearly deeper than the last. This panel makes the jump explicit.

Assessment intent
Applied

Scenario based judgement, common failure modes, and trade-offs between controls.

Style
scenario
18 questions
30 min timed
Pass standard
80%
Not externally certified
Evidence you can save (CPD friendly)
  • A one page threat model for a small product: abuse cases, controls, and what you would log.
  • An attack surface inventory: what is exposed, what can be removed, what must be protected, and why.
  • A short risk trade-off write-up: two controls, one constraint, and a defensible choice.

Learning contract

Applied outcomes

About 8 hours

Read the explanation first, then use the tools to test the idea. Skip any tool that is not useful for your goal.

  1. Apply basic threat modelling to a small system, identifying assets, actors, and likely threats.
  2. Explain how authentication, authorisation, sessions, and cookies interact in common web flows.
  3. Analyse simple log signals and relate them to likely misuse or attack paths.
  4. Evaluate trade offs between controls when constraints (cost, usability, risk) conflict.
Loading content...

Next step

Practise this level, then take the timed assessment

I recommend you start with the practice assessment for Applied. It is not timed and it helps you write a clear CPD reflection before the full assessment.

18

Questions

30

Minutes

80%

Pass mark

Practice assessment

Start the practice assessment for Applied

It is designed for confidence and evidence, and you can retry as often as you need.

Start practice assessment

Full assessment

Cybersecurity Applied assessment

This assessment is timed. It is free to take and you can retry as often as you need.

  • Detailed feedback on every question
  • Pass evidence recorded in your account on pass
  • Personalised recommendations on weak areas
Sign in to start the full assessment

Sign in to save progress and keep your pass record

You can complete the course while signed out, and your progress saves in this browser. Sign in before assessments so your pass record is attached to your account.

Sign in for trackingContinue to Practice and strategy

Courses and assessments are free. There is no paywall for the learning path, practice questions, or formal assessments.

During timed assessments, copy and the context menu are restricted to reduce casual cheating. Passed assessments are recorded in your account as evidence.