CÔNG TY TNHH TRAINOCATE VIỆT NAM
CT-CYSA+ - CompTIA® Cybersecurity Analyst

CT-CYSA+ - CompTIA® Cybersecurity Analyst

CT-CYSA+ - CompTIA® Cybersecurity Analyst

Overview

Duration: 5.0 days

This course covers the duties of cybersecurity analysts who are responsible for monitoring and detecting security incidents in information systems and networks, and for executing a proper response to such incidents. Depending on the size of the organization, this individual may act alone or may be a member of a cybersecurity incident response team (CSIRT). The course introduces tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organization's security, collect and analyze cybersecurity intelligence, and handle incidents as they occur. Ultimately, the course promotes a comprehensive approach to security aimed toward those on the front lines of defense. In addition, this course can help students who are looking to fulfill DoD directive 8570.01 for information assurance (IA) training. This program is designed for personnel performing IA functions, establishing IA policies, and implementing security measures and procedures for the Department of Defense and affiliated information systems and networks.

Objectives

In this course, you will assess and respond to security threats and operate a systems and network security analysis platform.

You will:

  • Assess information security risk in computing and network environments.
  • Analyze reconnaissance threats to computing and network environments.
  • Analyze attacks on computing and network environments.
  • Analyze post-attack techniques on computing and network environments.
  • Implement a vulnerability management program.
  • Collect cybersecurity intelligence.
  • Analyze data collected from security and event logs.
  • Perform active analysis on assets and networks.
  • Respond to cybersecurity incidents.
  • Investigate cybersecurity incidents.
  • Address security issues with the organization's technology architecture.

Content

Module 1: Assessing Information Security Risk

  • Identify the Importance of Risk Management
  • Assess Risk
  • Mitigate Risk
  • Integrate Documentation into Risk Management

Module 2: Analyzing Reconnaissance Threats to Computing and Network Environments

  • Assess the Impact of Reconnaissance Incidents
  • Assess the Impact of Social Engineering

Module 3: Analyzing Attacks on Computing and Network Environments

  • Assess the Impact of System Hacking Attacks
  • Assess the Impact of Web-Based Attacks
  • Assess the Impact of Malware
  • Assess the Impact of Hijacking and Impersonation Attacks
  • Assess the Impact of DoS Incidents
  • Assess the Impact of Threats to Mobile Security
  • Assess the Impact of Threats to Cloud Security

Module 4: Analyzing Post-Attack Techniques

  • Assess Command and Control Techniques
  • Assess Persistence Techniques
  • Assess Lateral Movement and Pivoting Techniques
  • Assess Data Exfiltration Techniques
  • Assess Anti-Forensics Techniques

Module 5: Managing Vulnerabilities in the Organization

  • Implement a Vulnerability Management Plan
  • Assess Common Vulnerabilities
  • Conduct Vulnerability Scans
  • Conduct Penetration Tests on Network Assets

Module 6: Collecting Cybersecurity Intelligence

  • Deploy a Security Intelligence Collection and Analysis Platform
  • Collect Data from Network-Based Intelligence Sources
  • Collect Data from Host-Based Intelligence Sources

Module 7: Analyzing Log Data

  • Use Common Tools to Analyze Logs
  • Use SIEM Tools for Analysis

Module 8: Performing Active Asset and Network Analysis

  • Analyze Incidents with Windows-Based Tools
  • Analyze Incidents with Linux-Based Tools
  • Analyze Malware
  • Analyze Indicators of Compromise

Module 9: Responding to Cybersecurity Incidents

  • Deploy an Incident Handling and Response Architecture
  • Mitigate Incidents
  • Prepare for Forensic Investigation as a CSIRT

Module 10: Investigating Cybersecurity Incidents

  • Apply a Forensic Investigation Plan
  • Securely Collect and Analyze Electronic Evidence
  • Follow Up on the Results of an Investigation

Module 11: Addressing Security Architecture Issues

  • Remediate Identity and Access Management Issues
  • Implement Security During the SDLC

Audience

This course is designed primarily for cybersecurity practitioners who perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. This course focuses on the knowledge, ability, and skills necessary to provide for the defense of those information systems in a cybersecurity context, including protection, detection, analysis, investigation, and response processes. In addition, the course ensures that all members of an IT team— everyone from help desk staff to the Chief Information Officer—understand their role in these security processes.

Prerequisites

To ensure your success in this course, you should meet the following requirements:

  • At least two years (recommended) of experience in computer network security technology or a related field.
  • The ability to recognize information security vulnerabilities and threats in the context of risk management.
  • Foundation-level operational skills with some of the common operating systems for computing environments.
  • Foundation knowledge of the concepts and operational framework of common assurance safeguards in computing environments. Safeguards include, but are not limited to, basic authentication and authorization, resource permissions, and anti-malware mechanisms.
  • Foundation-level understanding of some of the common concepts for network environments, such as routing and switching.
  • Foundational knowledge of major TCP/IP networking protocols, including, but not limited to, TCP, IP, UDP, DNS, HTTP, ARP, ICMP, and DHCP.
  • Foundational knowledge of the concepts and operational framework of common assurance safeguards in network environments. Safeguards include, but are not limited to, firewalls, intrusion prevention systems, and VPNs.

Certification

This course is designed to assist students in preparing for the CompTIA® Cybersecurity Analyst (CySA+®) (Exam CS0-002) certification examination. What you learn and practice in this course can be a significant part of your preparation.

Lịch khai giảng

Form đăng ký

Bằng cách nhấn nút "ĐĂNG KÝ", tôi hoàn toàn đồng ý với Chính sách bảo mật

Các khóa đào tạo CompTIA khác

ITF+ - CompTIA IT Fundamentals

In this course, students will identify PC components, work with files and folders, and conduct basic software installations. This course will provide students with the fundamental skills and concepts required to maintain, support, and work efficiently with personal computers. In addition, it covers the essential skills and information needed to set up, configure, maintain, troubleshoot, and perform preventative maintenance of the hardware and software components of a basic personal computer workstation and basic wireless devices. Students will also implement basic security measures and implement basic computer and user support practices.
3.0 ngày

CT-SERVER+ - CompTIA Server+

The CompTIA Server+® (Exam SK0-004) course builds on your existing professional experience with personal computer hardware support to present the next tier of skills and concepts that you will use on the job when administering any type of network server. If your job duties include server troubleshooting, installation, or maintenance, or if you are preparing for any type of network server-related career, it provides the primary knowledge and skills you will require to be successful.
5.0 ngày

CT-CLOUDESSENTIAL - CompTIA Cloud Essentials+

The dynamic business environment today may increase IT demands tremendously. And, you need to meet the demands to ensure the survival of your organization in the market. Needless to say, you must make plans to meet the demands within limited resources of finance, people, and technology. This is exactly what cloud computing can provide to your business. In this course, you will weigh the pros and cons of cloud computing to make effective decisions in meeting the IT challenges. With IT woven into the effective functioning of every business, there is a greater dependency on the ready availability and deployability of IT infrastructure. Cloud computing offers solutions that enable businesses optimize their IT usage. Therefore, it is critical that every IT and business specialist gains insight into the advantages and disadvantages offered by this business computing model.
2.0 ngày

CT-LINUX+ - CompTIA® Linux+

The Official CompTIA® Linux+® Powered by LPI (Exams LX0-103 and LX0-104) course builds on your existing user-level knowledge and experience with the Linux operating system to present fundamental skills and concepts that you will use on the job in any type of Linux career.
5.0 ngày

CT-CLOUD+ - CompTIA Cloud+

While IT professionals today are expected to understand some basic cloud terminology and concepts, and have likely worked with public cloud or Software-as-a-Service solutions, the ability to analyze, evaluate, design, and test cloud computing solutions are hard skills to find, and are in high demand. In this course, you will apply the skills required to evaluate and implement standard deployments. You will implement, maintain, and deliver cloud technologies including network, storage, and virtualization technologies to create cloud solutions. You will manage workload migrations, manage cloud vendors to control costs, use automation and orchestration to bring business value from cloud solutions, and ensure security of cloud implementations through the use of cybersecurity best practices. In addition, this course prepares you to pass the CompTIA® Cloud+® exam and earn the corresponding certification.
5.0 ngày

CT-PENTEST+ - CompTIA® PenTest+

Security remains one of the hottest topics in IT and other industries. It seems that each week brings news of some new breach of privacy or security. As organizations scramble to protect themselves and their customers, the ability to conduct penetration testing is an emerging skill set that is becoming ever more valuable to the organizations seeking protection, and ever more lucrative for those who possess these skills. In this course, you will be introduced to some general concepts and methodologies related to pen testing, and you will work your way through a simulated pen test for a fictitious company. 
5.0 ngày

CT-CASP+ - CompTIA® Advanced Security Practitioner

Information security is a crucial field in the world of business. You have experience in this field, and now you're ready to take that experience to the next level. In this course, you will expand on your knowledge of information security to apply more advanced principles that will keep your organization safe from the many ways it can be threatened. You'll apply critical thinking and judgment across a broad spectrum of security disciplines to propose and implement sustainable security solutions that map to organizational strategies; translate business needs into security requirements; support IT governance and risk management; architect security for hosts, networks, and software; respond to security incidents; and more. Today's IT climate demands individuals with demonstrable skills, and the information and activities in this course can help you develop the skill set you need to confidently perform your duties as an advanced security practitioner.
5.0 ngày

CT-NETWORK+ - CompTIA® Network+

The Official CompTIA® Network+® (Exam N10-007) course builds on your existing user-level knowledge and experience with personal computer operating systems and networks to present the fundamental skills and concepts that you will need to use on the job in any type of networking career. It also addresses the content described in the exam objectives for the CompTIA Network+ certification. If you are pursuing a CompTIA technical certification path, obtaining the CompTIA® A+® certification is an excellent first step to take before preparing for the CompTIA Network+ examination.
5.0 ngày

CT-A+ - CompTIA A+

CompTIA A+ certified professionals are proven problem solvers. They support today's core technologies from security to cloud to data management and more. CompTIA A+ is the industry standard for launching IT careers into today's digital world. It is the only industry recognized credential with performance-based items to prove pros can think on their feet to perform critical IT support tasks in the moment. It is trusted by employers around the world to identify the go-to person in end point management and technical support roles. CompTIA A+ is regularly re-invented by IT experts to ensure that it validates core skills and abilities demanded in the workplace.
5.0 ngày

CT-SECURITY+ - CompTIA® Security+

The Official CompTIA® Security+® (Exam SY0-501) course is the primary curriculum you will need to take if your job responsibilities include securing network services, devices, and traffic in your organization. You can also take this course to prepare for the CompTIA Security+ certification examination. In this course, you will build on your knowledge of and professional experience with security fundamentals, networks, and organizational security as you acquire the specific skills required to implement basic security services on any type of computer network.
5.0 ngày

Bản quyền thuộc về Trainocate Việt Nam

back to top