What Will Be Taught For This Cyber Security Course?
This course covers the duties of those who are responsible for monitoring and detecting security incidents in information systems and networks, and for executing a proper response to such incidents.
Depending on the size of the organization, this individual may act alone or may be a member of a cybersecurity incident response team (CSIRT). The course introduces tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organization's security, collect and analyze cybersecurity intelligence, and handle incidents as they occur.
Ultimately, the course promotes a comprehensive approach to security aimed toward those on the front lines of defense.
- Define Cybersecurity Risks & Threats
- Identify Cybersecurity Challenges in Organizations
- Analyze the Functions and Benefits of Security Devices and Tools
- Analyze the Security Intelligence Architecture
- Assess emerging security and risk management trends, issues and threat intelligence
- Analyze Organization’s Information System & Network Environment
- Conduct a Vulnerability Scan to Discover Assets Vulnerabilities
- Correlate Events
- Discuss Common Attack Vectors and Strategies to Contain Them
- Triage security events that come from various sources
- Determine Appropriate Incident Response Based on the Types of Attack and Goals
- Implement Log Collection Process for Different Assets
- Prepare final incident report detailing the events of the incident
- Analyze security event data to identify suspicious and malicious activities
- Describe the Security Analysis Process
- Conduct Network Forensics Investigation
- Schedule security checks in accordance with organization’s reporting schedule
- Creating Policies or Directives to Alarm on Critical Events in the Future and Transform Them into Organization’s Asset
This course is designed primarily for cybersecurity practitioners who perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation.
This course focuses on the knowledge, ability, and skills necessary to provide for the defense of those information systems in a cybersecurity context, including protection, detection, analysis, investigation, and response processes. In addition, the course ensures that all members of an IT team—everyone from help desk staff to the Chief Information Officer—understand their role in these security processes.
To ensure your success in this course, you should meet the following requirements:
- At least two years (recommended) of experience in computer network security technology or a related field.
- The ability to recognize information security vulnerabilities and threats in the context of risk management.
- Foundation-level operational skills with some of the common operating systems for computing environments.
- Foundational knowledge of the concepts and operational framework of common assurance safeguards in computing environments. Safeguards include, but are not limited to, basic authentication and authorization, resource permissions, and anti-malware mechanisms.
- Foundation-level understanding of some of the common concepts for network environments, such as routing and switching.
- Foundational knowledge of major TCP/IP networking protocols, including, but not limited to, TCP, IP, UDP, DNS, HTTP, ARP, ICMP, and DHCP.
- Foundational knowledge of the concepts and operational framework of common assurance safeguards in network environments. Safeguards include, but are not limited to, firewalls, intrusion prevention systems, and VPNs.
You can obtain this level of skills and knowledge by taking the following courses or by passing the relevant exams: Cisco CCNA and CompTIA Security+