fbpx

CSX Specialist: Respond

CSX Specialist: Respond

Course ID: CSXSRE 5 Days Singapore
   

CSX Specialist: Respond

Overview

This week-long course will help students gain an intermediate-level understanding of the concepts, skills and tools required to maintain, enact and develop organizationally unique incident response plans. They will learn response techniques, such as malware removal, account deletion, and access revocation. In addition, they will understand how to utilize specialized malware identification and removal tools.

The Respond domain teaches students how to properly communicate events and incidents, along with their consequences, as well as proper implementation of Incident Response Plans.

Description

Audience

  • CSX Specialist courses are for individuals who are established in the field of cybersecurity and would like to take their skills to the next level by pursuing in-depth, hands-on understanding of the domains and techniques that are part of their everyday work-life.

Certification

Exam

Exam

Investment

Instructor-led / Virtual Instructor-led

India: Upon Request

PREREQUISITES

OBJECTIVES

  • Provide students with an environment to discuss and practice methods implemented by cyber security professionals in the Identify and Protect domain. Ensure students develop into complimentary team members for enterprises who are workforce ready

COURSE CONTENT

Day 1:

Root Cause Determination 

LAB: DOS Determination

Exploitation Identification

LAB: Vulnerability Identification

Log Correlation

LAB: Firewall Log Comparison

Data Analysis

LAB: Host/Server Log Evaluation

Associated Topics:

  • Firewall Logs
  • Host Logs
  • Router Logs
  • Vulnerability Scanning

Day 2: 

Scope Evaluation

LAB: System Scanning

Impact Analysis

LAB: Log Analysis

BIA Address

LAB: Policy Assessment

Incident Elevation

LAB: Elevation Indicators

Associated Topics:

  • Risk Assessment Process
  • Operating System Attacks
  • Misconfiguration Attacks
  • Host Logs
  • Network Logs

Day 3:

Response Plan Execution and Coordination 

LAB: Response Plan Implementation

Incident Isolation

LAB: Incident Containment

Replication Containment

LAB: Replication Reversal

ACL Evaluation

LAB: ACL Development

Associated Topics:

  • Authentication Techniques
  • IRP Development
  • Spread Containment
  • Event Elevation

Day 4:

Evidence Integrity Assurance

LAB: Evidence Protection

Evidence Preservation

LAB: Hash Creation

Evidence Source Evaluation

LAB: Memory Dump Assessment

Forensic Copying

LAB: Disk Imaging

Associated Topics:

  • Chain of Custody
  • Hashing
  • Data Collection
  • Forensic Copying

Day 5:

Attack Documentation

LAB: Documenting an incident

Incident Response Documentation

LAB: Incident Report Creation

Third Party Report Generation

LAB: Third Party Report Creation

Data Breach Notification

LAB: Breach Informing

Associated Topics

  • Breach Articulation
  • Legal Responsibilities
  • Proper Documentation
  • Examples of Failure

What’s Next

Subscribe to our mailing list for special offers and promotions.

Processing...
Thank you! Your subscription has been confirmed. You'll hear from us soon.
ErrorHere