CompTIA CySA+

Seminarinformationen

Seminar - Ziel

As attackers have learned to evade traditional signature-based solutions such as firewalls and antivirus software , an analytics-based approach to IT security is becoming increasingly important to enterprises. CompTIA CySA + applies behavioral analytics to networks to improve overall security posture by identifying and combating malware and advanced persistent threats (APTs). This results in improved threat visibility across a broad attack surface.

Teilnehmer - Zielgruppe

• IT Security Officer

Kurs - Voraussetzungen

• CompTIA Network+, CompTIA Security+ or similar knowledge.
• Minimum of 4 years of practical information security experience or similar.
  
  

Seminardauer

• 5 Tage
• 09:00 Uhr bis 17:00 Uhr

Schulungsunterlagen

• nach Absprache

Seminar-Inhalt / Agenda

Information security risk assessment

• Recognize the importance of risk management
• Assess risk
• Mitigate risk
• Incorporate documentation into risk management

Intelligence threat analysis for computing and networking environments

• Assessing the impact of reconnaissance incidents
• Assessing the Impact of Social Engineering

Analysis of attacks on computer and network environments

• Assessing the impact of system hacking attacks
• Assessing the impact of web-based attacks
• Assess the impact of malware
• Assess the impact of hijacking and impersonation attacks
• Assessing the impact of DoS incidents
• Assessing the impact of mobile security threats
• Assessing the impact of cloud security threats

Post-attack Analysis of Techniques

• Assessing command and control techniques
• Assessing Persistence Techniques
• Assess lateral movement and pivoting techniques
• Evaluate data exfiltration techniques
• Evaluate anti-forensics techniques

Management of vulnerabilities in the organization

• Implementation of a vulnerability management plan
• Assessing common vulnerabilities
• Conducting vulnerability scans
• Perform penetration testing of network resources

Gathering Cybersecurity Intelligence

• Establish a platform for collecting and analyzing security intelligence
• Collecting data from network-based intelligence sources
• Collecting data from host-based intelligence sources

Analyze log data

• Using general log analysis tools
• Using SIEM tools for analysis

Perform active inventory and network analysis

• Analyzing incidents with Windows-based tools
• Analyzing incidents with Linux-based tools
• Analyzing malware
• Analyzing signs of compromise

Cybersecurity incident response

• Establish an architecture to handle and respond to incidents
• Mitigate incidents
• Prepare for forensic investigations as a CSIRT

Investigation of cybersecurity incidents

• Applying a forensic investigation plan
• Securely gather and analyze electronic evidence
• Follow-up on investigation results

Handling security architecture issues

• Addressing identity and access management issues
• Implementing Security During the SDLC

Weitere Schulungen zu Thema CompTIA