Course Code: Exam CS0-002
Course Length: 5 Days
The course introduces tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organisation's security, collect and analyse cybersecurity intelligence, and handle incidents as they occur. This course may earn a Credly Badge.
This course is designed primarily for cybersecurity practitioners who perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. This course focuses on the knowledge, ability, and skills necessary to provide for the defense of those information systems in a cybersecurity context, including protection, detection, analysis, investigation, and response processes. In addition, the course ensures that all members of an IT team, everyone from help desk staff to the Chief Information Office, understand their role in these security processes.
In this course, you will assess and respond to security threats and operate a systems and network security analysis platform you will:
- Assess information security risk in computing and network environments.
- Analyse reconnaissance threats to computing and network environments.
- Analyse attacks on computing and network environments.
- Analyse post-attack techniques on computing and network environments.
- Implement a vulnerability management program.
- Collect cybersecurity intelligence.
- Analyse data collected from security and event logs.
- Perform active analysis on assets and networks.
- Respond to cybersecurity incidents.
- Investigate cybersecurity incidents.
- Address security issues with the organisation's technology architecture.
Threat and Vulnerability Management
- Explain the importance of threat data and intelligence.
- Given a scenario, utilise threat intelligence to support organisational security.
- Given a scenario, perform vulnerability management activities
- Given a scenario, analyse the output from common vulnerability assessment tools.
- Explain the threats and vulnerabilities associated with specialised technology.
- Explain the threats and vulnerabilities associated with operating in the cloud.
- Given a scenario, implement controls to mitigate attacks and software vulnerabilities.
Software and Systems Security
- Given a scenario, apply security solutions for infrastructure management.
- Explain software assurance best practices.
- Explain hardware assurance best practices.
Security Operations and Monitoring
- Given a scenario, analyse data as part of security monitoring activities.
- Given a scenario, implement configuration changes to existing controls to improve security.
- Explain the importance of proactive threat hunting.
- Compare and contrast automation concepts and technologies.
- Explain the importance of the incident response process.
- Given a scenario, apply the appropriate incident response procedure.
- Given an incident, analyse potential indicators of compromise.
- Given a scenario, utilise basic digital forensics techniques
Compliance and Assessment
- Understand the importance of data privacy and protection.
- Given a scenario, apply security concepts in support of organisational risk mitigation.
- Explain the importance of frameworks, policies, procedures, and controls.