Course Description
This certification covers the skills and knowledge that are associated with Firewall Technology, Critical examination of Cybersecurity based analytics (for example, reviewing log files from servers), the ability to conduct various kinds of data analysis to positively confirm any security weaknesses, threats, or vulnerabilities that are posed to a business or a corporation, the ability to configure and deploy various kinds of network-based, threat detection tools, and the know-how in securing software-based applications in the entity.
This course will help prepare students for the CySA+ Certification examination.
Sept. 12, 2020
Program Requirements
Delivery | Online |
Length | 2-4 weeks |
VA Approved | GI Bill & VET-TEC |
Certification | CySA+ |
Objectives
- Apply environmental reconnaissance techniques using appropriate tools and processes
- Analyze the results of a network reconnaissance
- Implement or recommend appropriate response and countermeasures
- Explain the purpose of practices used to secure a corporate environment
- Implement information security vulnerability management processes
- Analyze the output resulting from a vulnerability scan
- Compare and contrast common vulnerabilities found within an organization
- Analyze threat data or behavior to determine the impact of an incident
- Prepare a toolkit and use appropriate forensics tools during an investigation
- Explain the importance of communication during the incident response process
- Analyze common symptoms to select the best course of action to support incident response
- Summarize the incident recovery and post-incident response processes
- Explain the relationship between frameworks, common policies, controls, and procedures
- Use data to recommend remediation of security issues related to identity and access management
- Review security architecture and make recommendations to implement compensating controls
- Use application security best practices while participating in the software development life cycle
- Compare and contrast the general purpose and reasons for using various security tools and technologies
Prerequisite
It is recommended that CySA+ candidates must have a minimum of 3-4 years of hands-on information/cybersecurity or related experience.
Course Content
Enterprise Security: Policies, Practices, and Procedures
1. Security Data Analytics: What’s Going On?
2. Defense in Depth: This Is Where It Begins
3. Defense in Depth: What Tools Can You Use?
4. Defense in Depth: Drill, Test, Rinse, Repeat5. The Fundamentals of Frameworks, Policies, Controls, & Procedures
Computer Fundamentals: Networking A. What Is Networking?
- What Is Networking?
- Networking Hardware, Services, and Configuration Concepts
- Wireless and Internet Connection Types and Their Features
- IoT Devices and the Smart Home
- Install and Configure a Basic Home and Small Business Network
The Issues of Identity and Access Management (IAM)
1. It’s All About Control
2. Managing Your Secret Identity
3. Other Authentication Methods
4. Identity Repositories
5. Building the Lab
6. Looking at the Exploits
Secure Software Development
1. What’s the Software Development Life Cycle (SDLC)?
2. Software Development Phases
3. Software Development Models
4. Software Vulnerabilities
5. Coding Best Practices
6. Code Reviews
7. Security Testing in Action
Performing and Analyzing Network Reconnaissance
1. The Two Steps
2. Initially, What Do You Look For?
3. The More You Look, the More You Find
4. Other Reconnaissance Techniques
5. Reconnaissance via Google Hacking
6. Let’s Not Forget PowerShell
7. Overview of Scanning
8. Understanding the 3-way Handshake
9. Checking for ‘Live’ Systems and Their Open Ports
10. Types of Scanning
11. Banner Grabbing and OS Fingerprinting
12. More Tools for the Utility-belt
13. Threats from Wireless
Implementing and Performing Vulnerability Management
1. What Do You Need to Start?
2. Shaping and Implementing Your Vulnerability Scans
3. The Scanners
4. Analyzing Vulnerability Scans
5. Remediation and Change Control
6. Remediating Host Vulnerabilities
7. Remediating Network Vulnerabilities
8. Remediating Virtual Environments Vulnerabilities