CSX Cybersecurity Nexus: Cybersecurity Fundamentals

Course Introduction

As the entry point to ISACA’s cyber security program, CSX Fundamentals offers a knowledge-based certificate in the introductory concepts that frame and define the standards, guidelines, and practices of the cyber security industry. Needless to say, this official CSX Fundamentals course will provide professionals with an enhanced understanding of the principles that frame and define cyber security and the integral role of cyber security professionals in protecting enterprise data.

Whether a student is planning to sit for the CSX Fundamentals certificate exam or is looking to learn more about the cyber security concepts, this course is a great resource packed with tons of study tips and practical information.

• Two Days of Official ISACA Training from an Authorized CSX Fundamentals Instructor
• Official ISACA Courseware for CSX Fundamentals
• Official ISACA Study Guide for CSX Fundamentals
• One Exam Voucher for ISACA’s CSX Fundamentals Certificate

Domain 1: Cyber Security Concepts

Cyber Security Concepts is the first domain covered in this official CSX Fundamentals training program. The various areas or topics students spend time on can be found below:

CSX Fundamentals Domain 1 Lessons

• Cyber security principles used to manage risks related to the use, processing, storage and transmission of information or data.
• Security Management
• Risk Management Processes, including steps and methods for assessing risk.
• Threat Actors
• Cyber Security Roles
• Common Adversary Tactics, Techniques, and Procedures (TTPs)
• Relevant Laws, Policies, Procedures and Governance Requirements.
• Cyber Security Controls

Domain 2: Cyber Security Architecture Principles

Domain 2 focuses on Cyber Security Architecture Principles, and students will learn about the following topics:

CSX Fundamentals Domain 2 Lessons

• Network Design Processes, to include an understanding of security objectives, operational objectives, and trade-offs.
• Security System Design Methods, Tools and Techniques.
• Network Access, Identity and Access Management
• Information Technology (IT) Security Principles and Methods
• Network Security Architecture Concepts, including topology, protocols, components, and principles
• Malware Analysis Concepts and Methodology
• Intrusion detection methodologies and techniques for detecting host and network-based intrusions via intrusion detection technologies
• Defense in Depth Principles and Network Security Architecture
• Encryption Algorithms
• Cryptography
• Encryption Methodologies
• The process of traffic flows across the network (e.g. transmission and encapsulation)
• Network Protocols, Dynamic Host Configuration Protocol, and Directory Services

Domain 3: Security of Networks, Systems, Applications and Data

This is the third domain covered in this course, and it’s called Security of Networks, Systems, Applications, and Data. Students can expect to review the following topics:

CSX Fundamentals Domain 3 Lessons

• Vulnerability Assessment Tools and their Capabilities
• Basic System Administration, Network and Operating System Hardening Techniques
• Risk Associated with Virtualizations
• Penetration Testing
• Network Systems Management Principles, Modules, Methods and Tools
• Remote Access Technology
• Unix Command Line
• System and Application Security Threats and Vulnerabilities
• System Life Cycle Management Principles, including software security and usability
• Local Specialized System Requirements for Safety, Performance, and Reliability.
• System and Application Security Threats and Vulnerabilities
• Social Dynamics of Computer Attackers in a Global Context
• Secure Configuration Management Techniques
• Capabilities and Applications of Network Equipment including Hubs, Routers, Switches, Bridges, Servers, Transmission Media and Related Hardware.
• Communication Methods, Principles, and Concepts that Support the Network Infrastructure
• Common Networking Protocols and Services and how they Interact to Provide Network Communications.
• Different Types of Network Communication
• Virtualization Technologies and Virtual Machine Development and Maintenance
• Application Security
• Risk Threat Assessment

Domain 4: Incident Response

Incident Response is the fourth domain reviewed in this course and it focuses on the following areas:

CSX Fundamentals Domain 4 Lessons

• Incident Categories and Response
• Business Continuity/Disaster Recovery
• Incident Response and Handling Methodologies
• Security Event Correlation Tools
• Processes for Seizing and Preserving Digital Evidence
• Types of Digital Forensics Data
• Basic Concepts and Practices of Processing Digital Forensics Data
• Anti-Forensics Tactics, Techniques, and Procedures (TTPS)
• Common Forensic Tool Configuration and Support Applications
• Network Traffic Analysis Methods
• Which System Files Contain Relevant Information and Where to Find Those System Files

Domain 5: Security Implications and Adoption of Evolving Technology

Security Implications and Adoption of Evolving Technology is the fifth and final domain covered in this official CSX Fundamentals training program. It’s in this domain where students can expect to learn about the following topics:

CSX Fundamentals Domain 5 Lessons

• Emerging Technology and Associated Security Issues, Risks and Vulnerabilities
• Risk Associated with Mobile Computing
• Cloud Concepts Around Data and Collaboration
• Risk of Moving Applications and Infrastructure to the Cloud
• Risk Associated with Outsourcing
• Supply Chain Risk Management Processes and Practices