• You get to prepare for the CSX Practitioner Exam
• You get to learn how to assess and evaluate different threats and vulnerabilities to assets.
• You learn to protect your assets by implementing different cybersecurity controls and techniques.
• You also learn how to identify system and network incidents so that there is no compromise to the security.
• You learn to strategize that can help you keep all the cybersecurity threats away.
• You also understand how to recover from the disasters well, and the impact of the same is low.

---

Course Content:

Module 1: Identify

Lab:

•  Asset Identification
•  Data Flow Identification
•  Enterprise Asset Identification
•  Data Flow Analysis
•  Enterprise Data Flow Analysis
•  Identify Challenge

Associated Topics:

•  Network infrastructure analysis
•  Digital asset analysis
•  Network topology construction
•  Network topology diagrams
•  Data flow identification and mapping
•  Tools used to construct a network topology diagram
•  Tools used to identify data flow
•  Importance of security review
•  Gap analysis and its usage
•  Security policies and procedures
•  Development process for policies and procedures
•  Information Sharing
•  Importance of understanding legal and regulatory requirements
•  Threat modeling

---

Module 2: Protect
Lab:

•  Firewall Setup
•  Backup and Restore Points
•  File System Protections
•  OS Baseline
•  Protect Challenge

Associated Topics:

•  Vulnerability scanning
•  Vulnerability scanning personnel
•  Vulnerability scanning tools
•  Configuring monitoring systems and alert criteria
•  Implementing, configuring, and monitoring security tools and systems
•  Developing use cases for security monitoring
•  Incident response plan development
•  Incident response plan testing
•  Incorporation of security considerations into business functions
•  Monitoring user access, privileges, and permissions
•  Monitoring compliance with security procedures and requirements
•  Development of security training
•  Evaluating security configurations against established configuration standards and baselines

---

Module 3: Detect

Lab:

•  Sec Onion Setup and Testing
•  Snort Rules
•  Event Detection
•  Data and Network Analysis
•  Vulnerability Analysis
•  Detect Challenge

Associated Topics:

•  Assessing threat level and potential impact of anomalous behavior and security events
•  Researching, analyzing, and correlating system activity and security events
•  Monitoring and analyzing outputs from security tools, systems, and logs
•  Analyzing malicious activity to determine weaknesses and exploitation methods

---

Module 4: Respond

Lab:

•  Incident Correlation
•  Network Forensics
•  Malware Investigation and Evaluation
•  Response Challenge

Associated Topics:

•  Notifying appropriate incident response teams according to established protocols
•  Identifying and implementing appropriate containment measures, countermeasures, and corrective actions
•  Collecting and preserving digital evidence according to relevant regulations and laws
•  Conducting post-incident analysis
•  Communicating and documenting notifications and outcomes of incident response

---

Module 5: Recover

Lab:

•  Re-Imaging
•  Restore Points

Associated Topics:

•  Validating whether restored systems meet security requirements
•  Updating security plans and procedures following incident response

---