CSX - Certified Cybersecurity Practitioner Level 2 - Detection
Course Length: |
5 days |
Number of Exams: |
1 |
The second course in the CSX Practitioner series goes deeper into skills focused in the Detect domain.
Students will learn the basic concepts, methods and tools used to leverage cybersecurity controls in order to identify system events and non-event level incidents. By completing multiple lab-reinforced modules, students will gain the skills necessary to detect potential network events and incidents. Topics range from incident packet analysis to Incident Response (IR) report drafting and generation.
Students will gain the following skills in the Detect domain:
- Analyzing and monitoring network output
- Detecting malware
- Detecting incidents
- Notifying proper channels
- Analyzing attacks
- Escalating incidents
- Performing change monitoring
Course Learning Objectives
Provide students with an environment to discuss and practice methods implemented by cybersecurity professionals in the Detect domain. Ensure students develop into complimentary team members for enterprises who are workforce ready.
Target Audience
Individuals in the field of cybersecurity who are interested in learning hands-on technical skills.
Classroom-Based Instruction Topics
- IDS Traffic Analysis vs Packet Analysis
- Behavioral Designation
- Compromise Identifiers / False Positive Differentiation
- Compromise Escalation
- Malicious Code Differentiation
- Antivirus Deployments
- Antivirus Monitoring / Malicious Code Identification
- Malicious Code Remediation
- Incident Identification
- Initial Incident identifiers
- Incident Event Collection
- Identifying Established baselines
- Event Characteristic Capture
- Attack Intent Assessment
- System Exposure Analysis / Change identification
- Attack Timeline Construction
- Attack Documentation
- Event Escalation
- Support Role Designation / Action
- Incident Response Report Generation
Lab Requirements:
- Networking Traffic and Log Comparison
- Log Qualification
- Event Comparison
- Threat Identification
- Antivirus Deployment
- Antivirus Utilization
- Containment / Eradication
- Traffic Analysis Threat Identification
- Threat / Incident Component Evaluation
- Traffic and Log Assessment and Analysis
- Baseline Output Comparison
- Packet Character Observation
- Compromise Indicators
- Traffic Analysis
- Timeline Creation
- Incident Report Generation
- Incident Management Register Comparison
- Incident Escalation Report Generation
Course Outline
DAY 1
LESSON
- IDS Traffic Analysis vs Packet Analysis
- Behavior Designation
- Compromise Identifiers / False Positive Differentiation
- Compromise Escalation
LAB
- Traffic and Log Comparison
- Log Qualification
- Event Comparison
- Threat Identification
ASSOCIATED TOPICS
- Traffic Flow Analysis
- IR Resources
DAY 2
LESSON
- Malicious Code Differentiation
- Antivirus Deployments
- Antivirus Monitoring / Malicious Code Identification
- Malicious Code Remediationt
LAB
- Antivirus Deployment
- Antivirus Utilization
- Containment / Eradication
ASSOCIATED TOPICS
- Attack Types
- Attack Methods
- Network Access Control
- Virus Types
- Worm Variants
DAY 3
LESSON
- Incident Identification
- Initial Incident Identifiers
- Incident Event Collection
- Identifying Established Baselines
- Event Characteristic Capture
LAB
- Traffic Analysis Threat Identification
- Threat / Incident Component Evaluation
- Traffic and Log Assessment and Analysis
- Baseline Output Comparison
- Packet Character Observation
ASSOCIATED TOPICS
- Incident Identification Methodologies
- IP Reputation Databases
- Port Scanning
- Host Analysis
- Network Traffic Behavior
DAY 4
LESSON
- Attack Intent Assessment
- System Exposure Analysis / Change Identification
- Attack Timeline Construction
- Attack Documentation
LAB
- Compromise Indicators
- Traffic Analysis
- Timeline Creation
- Incident Report Generation
ASSOCIATED TOPICS
- Malware Functionality
- Spyware
- Trojans
- Rootkits
- Viruses
- Backdoors
DAY 5
LESSON
- Event Escalation
- Support Role Designation / Action
- Incident Response Report Generation
LAB
- Incident Management Register Comparison
- Incident Escalation Report Generation
ASSOCIATED TOPICS
- NIST Roles
- ISO Designations
- CERT Designation
- CSIRT Roles
Alabama Computer Solutions is your best choice for CSX Level 2,
CSX Level 2 training,
CSX Level 2 certification,
CSX Level 2 certification boot camp,
CSX Level 2 boot camp,
CSX Level 2 certification training,
CSX Level 2 boot camp training,
CSX Level 2 boot camp certification,
CSX Level 2 certification course,
CSX Level 2 course,
training CSX Level 2,
certification CSX Level 2,
boot camp CSX Level 2,
certification CSX Level 2 boot camp,
certification CSX Level 2 training,
boot camp CSX Level 2 training,
certification CSX Level 2 course.
|