ISACA CSX Practitioner II: Detection Training

ISACA CSX Practitioner II: Detection Training: ISACA’s Cybersecurity Nexus (CSX) certification program supports cybersecurity professionals throughout their career by assessing a candidate’s abilities and skills at three progressive technical skill levels. Levels are differentiated by skills, not by years of experience. Each technical skill level is assessed utilizing a vendor-neutral set of performance-based exams measuring a candidate’s technical skills, abilities and performance in the following areas: Identify, Protect, Detect, Respond, and Recover.

This official ISACA CSX Practitioner II: Detection Training course reviews the “Detect” domain. Students will learn the basic concepts, methods and tools used to leverage cyber security controls to identify system events and non-event level incidents. In layman’s terms, CSX Practitioner 2 will help students develop the ability to serve as a first responder, following established procedures, defined processes and working mostly with known problems on a single system.

This ISACA CSX Practitioner II: Detection course, along with CSX Practitioner 1 and 3, was developed using existing global cybersecurity frameworks as well as input from hundreds of subject matter experts. Whether a student is planning to write the exam or learn more about Cyber Security, this course is packed with study tips and practical exercises.

ISACA CSX Practitioner II: Detection TrainingDuration: 5 days

RESOURCES
RELATED COURSES
CUSTOMIZE It
  • We can adapt this ISACA CSX Practitioner II: Detection course to your group’s background and work requirements at little to no added cost.
  • If you are familiar with some aspects of this ISACA CSX Practitioner II: Detection course, we can omit or shorten their discussion.
  • We can adjust the emphasis placed on the various topics or build the ISACA CSX Practitioner II: Detection Course around the mix of technologies of interest to you (including technologies other than those included in this outline).
  • If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the ISACA CSX Practitioner II: Detection course in manner understandable to lay audiences.
AUDIENCE/TARGET GROUP

The target audience for this ISACA CSX Practitioner II: Detection Training course:

The ISACA CSX Practitioner II: Detection course is intended for professionals with roles focusing on cyber security – with a minimum of one to five years of experience. Students who register for this course should be proficient in the following areas:

  • Network Scanning
  • Specialized Port Scans
  • Network Topologies
  • Network Log Analysis
  • Centralized Monitoring
  • Hotfix Distribution
  • Vulnerability Scanning
  • Traffic Monitoring
  • Compromise Indicators
  • False Positive Identification
  • Packet Analysis
  • Used Account Controls
CLASS PREREQUISITES

The knowledge and skills that a learner must have before attending this ISACA CSX Practitioner II: Detection course are:

  • N/A
ISACA CSX Practitioner II: Detection Training - OBJECTIVES

Upon completing this ISACA CSX Practitioner II: Detection course, learners will be able to meet these objectives:

  • Analyze and monitor network output
  • Detect malware
  • Detect incidents
  • Notify proper channels
  • Analyze attacks
  • Escalate incidents
  • Perform change monitoring
ISACA CSX Practitioner II: Detection Training - COURSE SYLLABUS
DAY 1

The first day of this official CSX Practitioner 2 course reviews several topics while also providing labs for students to gain practical experience. The lessons and labs found below are associated with the following topics: Traffic Flow Analysis and IR Resources.

Lessons:

  • Analyzing Network Traffic Using Monitors
  • Monitoring Network Traffic
  • Monitoring Schedule
  • Searching for Indicators of Compromise
  • Monitoring for False Positives

Labs:

  • Using Snort and Wireshark to Analyze Traffic
  • Monitoring Network Traffic
DAY 2

Day 2 of this official course analyzes several topics while providing labs for students to gain practical experience. The lessons and labs found below are associated with the following topics: Attack Types, Attack Methods, Network Access Control, Virus Types, and Worm Variants.

Lessons:

  • Escalate Potential Compromises
  • Network Packet Analysis
  • Malicious Activity and Anti-Virus
  • Malicious Code and Activity Types
  • Remediation Steps

Labs:

  • Searching for Indicators of Compromise
  • Monitoring for False Positives
DAY 3

The third day of this training seminar focuses on several topics while also providing labs for students to gain practical experience. The lessons and labs found below are associated with the following topics: Incident Identification Methodologies, IP Reputation Databases, Port Scanning, Host Analysis, and Network Traffic Behavior.

Lessons:

  • Assessing Available Event Information
  • Performing Initial Analysis
  • Identifying Potential Collection Sources
  • Deploy the Data Collection Utility
  • Using Event Correlation

Labs:

  • Performing an Initial Attack Analysis
  • Detect the Introduction and Execution of Malicious Activity
  • Analyze and Classify Malware
DAY 4

Just like the first three days of training, day 4 reviews several topics while also providing labs for students to gain practical experience. The lessons and labs found below are associated with the following topics: Malware Functionality, Spyware, Trojans, Rootkits, Viruses, and Backdoors.

Lessons:

  • Using Established Baselines to Detect Anomalies
  • Documenting Your Steps
  • Initial Attack Analysis
  • Determine the Initial Scope
  • Identify if High-Risk Systems Were Affected

Labs:

  • Event Log Collection
  • Windows Event Log Manipulation
  • Host Integrity Baselining
DAY 5

On the final day of training for this official CSX Practitioner 2 course, students review several topics while also participating in various labs to gain practical experience. The lessons and labs found below are associated with the following topics: NIST Roles, ISO Designations, Cert Designation, and CSIRT Roles.

Lessons:

  • Monitoring Controls
  • Updating Cyber Security Controls
  • Patch Management
  • Verifying Identities and Credentials
  • Cybersecurity Standards and Procedures

Labs:

  • IDS Setup
  • Personal Security Products
  • Verifying Hotfixes
  • Linux Users and Groups
  • Core Impact Vulnerability Scan
ISACA CSX Practitioner II: Detection Training Course Wrap-Up

Whether you are looking for general information or have a specific question, we want to help.
Request More Information

    Time frame: