ISACA CSX Practitioner II: Detection Training

Print Friendly, PDF & Email
Introduction

ISACA CSX Practitioner II: Detection Training Course Description

Use cybersecurity controls to detect network events and incidents with this ISACA CSX Practitioner II: Detection Training.

ISACA’s Cybersecurity Nexus (CSX) certification program supports cybersecurity professionals throughout their career by assessing a candidate’s abilities and skills at three progressive technical skill levels. Levels are differentiated by skills, not by years of experience. Each technical skill level is assessed utilizing a vendor-neutral set of performance-based exams measuring a candidate’s technical skills, abilities and performance in the following areas: Identify, Protect, Detect, Respond, and Recover.

This ISACA CSX Practitioner II: Detection Training course reviews the “Detect” domain. Students will learn the basic concepts, methods and tools used to leverage cyber security controls to identify system events and non-event level incidents. In layman’s terms, CSX Practitioner 2 will help students develop the ability to serve as a first responder, following established procedures, defined processes and working mostly with known problems on a single system.

This ISACA CSX Practitioner II: Detection Training course, along with CSX Practitioner 1 and 3, was developed using existing global cybersecurity frameworks as well as input from hundreds of subject matter experts. Whether a student is planning to write the exam or learn more about Cyber Security, this ISACA CSX Practitioner II: Detection Training course is packed with study tips and practical exercises.

Duration: 5 days

ISACA CSX Practitioner II: Detection Training Related Courses

 
Customize It!

• We can adapt this ISACA CSX Practitioner II: Detection Training course to your group’s background and work requirements at little to no added cost.
• If you are familiar with some aspects of this ISACA CSX Practitioner II: Detection Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the ISACA CSX Practitioner II: Detection Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the ISACA CSX Practitioner II: Detection Training course in manner understandable to lay audiences.

Audience / Target Group

• Individuals in the field of cybersecurity who are interested in gaining hands-on technical skills

ISACA CSX Practitioner II: Detection Training - Prerequisites:

• While this training program does not have any prerequisites, we recommend for all prospective students to have professional experience in the field of cyber security along with an interest in gaining hands-on technical skills.

ISACA CSX Practitioner II: Detection Training - Objectives:

After completing this ISACA CSX Practitioner II: Detection Training course, attendees will be able to:

• Analyze and monitor network output
• Detect malware
• Detect incidents
• Notify proper channels
• Analyze attacks
• Escalate incidents
• Perform change monitoring

ISACA CSX Practitioner II: Detection Training - Course Content:

Day 1

The first day of this official ISACA CSX Practitioner II: Detection Training course reviews several topics while also providing labs for students to gain practical experience. The lessons and labs found below are associated with the following topics: Traffic Flow Analysis and IR Resources.

Lessons:

• Analyzing Network Traffic Using Monitors
• Monitoring Network Traffic
• Monitoring Schedule
• Searching for Indicators of Compromise
• Monitoring for False Positives

Labs:

• Using Snort and Wireshark to Analyze Traffic
• Monitoring Network Traffic

Day 2

Day 2 of this official ISACA CSX Practitioner II: Detection Training course analyzes several topics while providing labs for students to gain practical experience. The lessons and labs found below are associated with the following topics: Attack Types, Attack Methods, Network Access Control, Virus Types, and Worm Variants.

Lessons:

• Escalate Potential Compromises
• Network Packet Analysis
• Malicious Activity and Anti-Virus
• Malicious Code and Activity Types
• Remediation Steps

Labs

• Searching for Indicators of Compromise
• Monitoring for False Positives

Day 3

The third day of this ISACA CSX Practitioner II: Detection Training seminar focuses on several topics while also providing labs for students to gain practical experience. The lessons and labs found below are associated with the following topics: Incident Identification Methodologies, IP Reputation Databases, Port Scanning, Host Analysis, and Network Traffic Behavior.

Lessons:

• Assessing Available Event Information
• Performing Initial Analysis
• Identifying Potential Collection Sources
• Deploy the Data Collection Utility
• Using Event Correlation

Labs

• Performing an Initial Attack Analysis
• Detect the Introduction and Execution of Malicious Activity
• Analyze and Classify Malware

Day 4

Just like the first three days of ISACA CSX Practitioner II: Detection Training, day 4 reviews several topics while also providing labs for students to gain practical experience. The lessons and labs found below are associated with the following topics: Malware Functionality, Spyware, Trojans, Rootkits, Viruses, and Backdoors.

Lessons:

• Using Established Baselines to Detect Anomalies
• Documenting Your Steps
• Initial Attack Analysis
• Determine the Initial Scope
• Identify if High-Risk Systems Were Affected

Labs:

• Event Log Collection
• Windows Event Log Manipulation
• Host Integrity Baselining

Day 5

On the final day of training for this official CSX Practitioner 2 course, students review several topics while also participating in various labs to gain practical experience. The lessons and labs found below are associated with the following topics: NIST Roles, ISO Designations, Cert Designation, and CSIRT Roles.

Lessons:

• Monitoring Controls
• Updating Cyber Security Controls
• Patch Management
• Verifying Identities and Credentials
• Cybersecurity Standards and Procedures

Labs:

• IDS Setup
• Personal Security Products
• Verifying Hotfixes
• Linux Users and Groups
• Core Impact Vulnerability Scan

Request More Information

Time Frame: 0-3 Months4-12 Months

No Comments Yet.

Leave a comment

0