Here is what @Munin, Keeper of Lore said:

Here's what I consider to be foundational concepts that you ought to at least be aware of before going into infosec:

• What a computer is, and what common operating systems are.
• What a software update is.
• What an application is.
• Where updates for applications come from vs. those for the OS.
• What it means when an OS or application is EOL
• What a network is
• What an IP address is
• What a netmask is
• What a gateway is
• What a route is
• What DHCP is
• What DNS is
• What a port is - and the difference between well-known ports and the others.
• How a TCP connection is set up
• How a UDP connection differs from a TCP connection
• What ARP is, and why you need it
• What a MAC address is, and how to change it
• Why a MAC address is not a unique identifier
• How to set up a network enclave
• What NAT is
• What a firewall is
• How a connection gets from point A to point B on the internet
• What nmap is and when you'd use it
• What a file hash is
• Why it is not encryption
• What happens when a file is written in the OS
• What happens when a file is deleted in the OS
• What file formats are and how they're detected
• Basic understanding of HTTP and how it differs from HTTPS
• What happens when you send an email

Once you know about these things, we can talk about stuff like the principle of least privilege and all that jazz, and talk about how to work on securing your assets and networks.

To this, @elomatreb@mastodon.social replied:

• I'd add "why encryption without authentication isn't good enough"
• ... "a basic understanding of encryption and cipher modes"

• what fragmentation is ...
  • There are or have apparently been known attacks involving taking advantage of what different OSs do with overlapping fragments. If you send what appears to be the same packet fragmented different ways, but actually gluing the various bits together you find that the overlaps are different, you may be able to get away with stuff.

• Is it worth mentioning IP options, IPv6 extension headers etc. ?

• What switches do when they don't know where destination mac address is.
  • You can make a switch forget a mac address it once knew. For example, send it stuff from lots of made up macs so it has to throw away ones it knows to make room for them.

• Should be know stuff like understanding how a computer boots and how bad'uns can interfere there? Master boot records, and similar.

Quotation from Tim Berners-Lee