Course Outline

Lesson 1: Assessment of Information Security Risks

  • Topic A: The Importance of Risk Management
  • Topic B: Assess Risk
  • Topic C: Mitigate Risk
  • Topic D: Integrating Documentation into Risk Management

Lesson 2: Analyzing the Threat Landscape

  • Topic A: Classify Threats and Threat Profiles
  • Topic B: Perform Ongoing Threat Research

Lesson 3: Computing and Network Environments: Analyzing Reconnaissance Threats

  • Topic A: Implementation of Threat Modeling
  • Topic B: Reconnaissance: Assessing the Impact
  • Topic C: Social Engineering: Assessing the Impact

Lesson 4: Analyzing Attacks on Computing and Network Environments

  • Topic A: System Hacking Attacks: Assessing the Impact
  • Topic B: Web-Based Attacks: Assessing the Impact
  • Topic C: Malware: Assessing the Impact
  • Topic D: Hijacking and Impersonation Attacks: Assessing the Impact
  • Topic E: DoS Incidents: Assessing the Impact
  • Topic F: Threats to Mobile Security: Assessing the Impact
  • Topic G: Threats to Cloud Security: Assessing the Impact

Lesson 5: Examining Post-Attack Techniques

  • Topic A: Examine Command and Control Techniques
  • Topic B: Examine Persistence Techniques
  • Topic C: Examine Lateral Movement and Pivoting Techniques
  • Topic D: Examine Data Exfiltration Techniques
  • Topic E: Examine Anti-Forensics Techniques
  • Lesson 6: Manage Vulnerabilities in the Organization
  • Topic A: Implement a Vulnerability Management Plan
  • Topic B: Examine Common Vulnerabilities
  • Topic C: Conduct Vulnerability Scans

Lesson 7: Evaluate Security by Implementing Penetration Testing

  • TopicA: Conduct Penetration Tests on Network Assets
  • Topic B: Follow Up on Penetration Testing

Lesson 8: Collecting Cybersecurity Intelligence

  • Topic A: Deployment of a Security Intelligence Collection and Analysis Platform
  • Topic B: Data Collection from Network-Based Intelligence Sources
  • Topic C: Data Collection from Host-Based Intelligence Sources

Lesson 9: Analyze Log Data

  • Topic A: Common Tools to Analyze Logs
  • Topic B: SIEM Tools for Analysis

Lesson 10: Performing Active Asset and Network Analysis

  • Topic A: Analyze Incidents using Windows-Based Tools
  • Topic B: Analyze Incidents using Linux-Based Tools
  • Topic C: Analyze Malware
  • Topic D: Analyze Indicators of Compromise

Lesson 11: Response to Cybersecurity Incidents

  • Topic A: Deployment of Incident Handling and Response Architecture
  • Topic B: Containment and Mitigation of Incidents
  • Topic C: Preparation for Forensic Investigation as a CSIRT

Lesson 12: Investigating Cybersecurity Incidents

  • Topic A: Use a Forensic Investigation Plan
  • Topic B: Securely Collect and Analyze Electronic Evidence
  • Topic C: Follow Up on the Results of an Investigation

Requirements

To ensure your success in this course, you should meet the following requirements:

• At least two years (recommended) of experience or education in computer network security technology, or a related field.

• The ability or curiosity to recognize information security vulnerabilities and threats in the context of risk management.

• Foundational knowledge of the concepts and operational framework of common assurance safeguards in network environments. Safeguards include, but are not limited to, firewalls, intrusion prevention systems, and VPNs.

• General knowledge of the concepts and operational framework of common assurance safeguards in computing environments. Safeguards include, but are not limited to, basic authentication and authorization, resource permissions, and anti-malware mechanisms.

• Foundation-level skills with some of the common operating systems for computing environments. Entry-level understanding of some of the common concepts for network environments, such as routing and switching.

• General or practical knowledge of major TCP/IP networking protocols, including, but not limited to, TCP, IP, UDP, DNS, HTTP, ARP, ICMP, and DHCP

 35 Hours