Course Outline
Lesson 1: Assessment of Information Security Risks
- Topic A: The Importance of Risk Management
- Topic B: Assess Risk
- Topic C: Mitigate Risk
- Topic D: Integrating Documentation into Risk Management
Lesson 2: Analyzing the Threat Landscape
- Topic A: Classify Threats and Threat Profiles
- Topic B: Perform Ongoing Threat Research
Lesson 3: Computing and Network Environments: Analyzing Reconnaissance Threats
- Topic A: Implementation of Threat Modeling
- Topic B: Reconnaissance: Assessing the Impact
- Topic C: Social Engineering: Assessing the Impact
Lesson 4: Analyzing Attacks on Computing and Network Environments
- Topic A: System Hacking Attacks: Assessing the Impact
- Topic B: Web-Based Attacks: Assessing the Impact
- Topic C: Malware: Assessing the Impact
- Topic D: Hijacking and Impersonation Attacks: Assessing the Impact
- Topic E: DoS Incidents: Assessing the Impact
- Topic F: Threats to Mobile Security: Assessing the Impact
- Topic G: Threats to Cloud Security: Assessing the Impact
Lesson 5: Examining Post-Attack Techniques
- Topic A: Examine Command and Control Techniques
- Topic B: Examine Persistence Techniques
- Topic C: Examine Lateral Movement and Pivoting Techniques
- Topic D: Examine Data Exfiltration Techniques
- Topic E: Examine Anti-Forensics Techniques
- Lesson 6: Manage Vulnerabilities in the Organization
- Topic A: Implement a Vulnerability Management Plan
- Topic B: Examine Common Vulnerabilities
- Topic C: Conduct Vulnerability Scans
Lesson 7: Evaluate Security by Implementing Penetration Testing
- TopicA: Conduct Penetration Tests on Network Assets
- Topic B: Follow Up on Penetration Testing
Lesson 8: Collecting Cybersecurity Intelligence
- Topic A: Deployment of a Security Intelligence Collection and Analysis Platform
- Topic B: Data Collection from Network-Based Intelligence Sources
- Topic C: Data Collection from Host-Based Intelligence Sources
Lesson 9: Analyze Log Data
- Topic A: Common Tools to Analyze Logs
- Topic B: SIEM Tools for Analysis
Lesson 10: Performing Active Asset and Network Analysis
- Topic A: Analyze Incidents using Windows-Based Tools
- Topic B: Analyze Incidents using Linux-Based Tools
- Topic C: Analyze Malware
- Topic D: Analyze Indicators of Compromise
Lesson 11: Response to Cybersecurity Incidents
- Topic A: Deployment of Incident Handling and Response Architecture
- Topic B: Containment and Mitigation of Incidents
- Topic C: Preparation for Forensic Investigation as a CSIRT
Lesson 12: Investigating Cybersecurity Incidents
- Topic A: Use a Forensic Investigation Plan
- Topic B: Securely Collect and Analyze Electronic Evidence
- Topic C: Follow Up on the Results of an Investigation
Requirements
To ensure your success in this course, you should meet the following requirements:
• At least two years (recommended) of experience or education in computer network security technology, or a related field.
• The ability or curiosity to recognize information security vulnerabilities and threats in the context of risk management.
• Foundational knowledge of the concepts and operational framework of common assurance safeguards in network environments. Safeguards include, but are not limited to, firewalls, intrusion prevention systems, and VPNs.
• General knowledge of the concepts and operational framework of common assurance safeguards in computing environments. Safeguards include, but are not limited to, basic authentication and authorization, resource permissions, and anti-malware mechanisms.
• Foundation-level skills with some of the common operating systems for computing environments. Entry-level understanding of some of the common concepts for network environments, such as routing and switching.
• General or practical knowledge of major TCP/IP networking protocols, including, but not limited to, TCP, IP, UDP, DNS, HTTP, ARP, ICMP, and DHCP