CSX Practitioner 2: Detection

Overview

Duration: 5 Days
CPE Credits: 35
Course Number: SEC-328
CSX Practitioner (CSXP) LOGO in .svg format by ISACA

CSX Practitioner 2: Detection is a five day, 35 CPE course offered to you by Intrinsec Security – an official training partner of ISACA.

NOTE: This training program is the second of three courses in the CSX Practitioner Series. To view all three courses, please click here.

Course Introduction

ISACA’s Cybersecurity Nexus (CSX) certification program supports cybersecurity professionals throughout their career by assessing a candidate’s abilities and skills at three progressive technical skill levels. Levels are differentiated by skills, not by years of experience. Each technical skill level is assessed utilizing a vendor-neutral set of performance-based exams measuring a candidate’s technical skills, abilities and performance in the following areas: Identify, Protect, Detect, Respond, and Recover.

This official CSX Practitioner 2 course reviews the “Detect” domain. Students will learn the basic concepts, methods and tools used to leverage cyber security controls to identify system events and non-event level incidents. In layman’s terms, CSX Practitioner 2 will help students develop the ability to serve as a first responder, following established procedures, defined processes and working mostly with known problems on a single system.

This course, along with CSX Practitioner 1 and 3, was developed using existing global cybersecurity frameworks as well as input from hundreds of subject matter experts. Whether a student is planning to write the exam or learn more about Cyber Security, this course is packed with study tips and practical exercises.

GROUP TRAINING

Certifications Training

AVAILABLE OPTIONS

OnSite Training
50-Day Training Bundle

What Comes With Registration?

  • Five Days of ISACA Training from an Authorized CSX Practitioner Instructor
  • Official ISACA Courseware for CSX Practitioner 2: Detection
  • Official ISACA Study Guide for CSX Practitioner 2: Detection
  • Six Month Subscription to ISACA’s Official OnDemand Labs for CSX Practitioner 2: Detection

*CSX Practitioner Exam Voucher Available for Additional Cost ($540 USD)*

CSX Practitioner 2: Prerequisites

This official ISACA training seminar has no prerequisites and the scheduled dates below are open for registration.

NOTE: While this training program does not have any prerequisites, we recommend for all prospective students to have professional experience in the field of cyber security along with an interest in gaining hands-on technical skills.

Course Outline

Day 1 of 5 (ex. Monday)

The first day of this official CSX Practitioner 2 course reviews several topics while also providing labs for students to gain practical experience. The lessons and labs found below are associated with the following topics: Traffic Flow Analysis and IR Resources.

Lessons:
  • Analyzing Network Traffic Using Monitors
  • Monitoring Network Traffic
  • Monitoring Schedule
  • Searching for Indicators of Compromise
  • Monitoring for False Positives
Labs:
  • Using Snort and Wireshark to Analyze Traffic
  • Monitoring Network Traffic

Day 2 of 5 (ex. Tuesday)

Day 2 of this official course analyzes several topics while providing labs for students to gain practical experience. The lessons and labs found below are associated with the following topics: Attack Types, Attack Methods, Network Access Control, Virus Types, and Worm Variants.

Lessons:
  • Escalate Potential Compromises
  • Network Packet Analysis
  • Malicious Activity and Anti-Virus
  • Malicious Code and Activity Types
  • Remediation Steps
Labs
  • Searching for Indicators of Compromise
  • Monitoring for False Positives

Day 3 of 5 (ex. Wednesday)

The third day of this training seminar focuses on several topics while also providing labs for students to gain practical experience. The lessons and labs found below are associated with the following topics: Incident Identification Methodologies, IP Reputation Databases, Port Scanning, Host Analysis, and Network Traffic Behavior.

Lessons:
  • Assessing Available Event Information
  • Performing Initial Analysis
  • Identifying Potential Collection Sources
  • Deploy the Data Collection Utility
  • Using Event Correlation
Labs
  • Performing an Initial Attack Analysis
  • Detect the Introduction and Execution of Malicious Activity
  • Analyze and Classify Malware

Day 4 of 5 (ex. Thursday)

Just like the first three days of training, day 4 reviews several topics while also providing labs for students to gain practical experience. The lessons and labs found below are associated with the following topics: Malware Functionality, Spyware, Trojans, Rootkits, Viruses, and Backdoors.

Lessons:
  • Using Established Baselines to Detect Anomalies
  • Documenting Your Steps
  • Initial Attack Analysis
  • Determine the Initial Scope
  • Identify if High-Risk Systems Were Affected
Labs:
  • Event Log Collection
  • Windows Event Log Manipulation
  • Host Integrity Baselining

Day 5 of 5 (ex. Friday)

On the final day of training for this official CSX Practitioner 2 course, students review several topics while also participating in various labs to gain practical experience. The lessons and labs found below are associated with the following topics: NIST Roles, ISO Designations, Cert Designation, and CSIRT Roles.

Lessons:
  • Monitoring Controls
  • Updating Cyber Security Controls
  • Patch Management
  • Verifying Identities and Credentials
  • Cybersecurity Standards and Procedures
Labs:
  • IDS Setup
  • Personal Security Products
  • Verifying Hotfixes
  • Linux Users and Groups
  • Core Impact Vulnerability Scan
ISACA logo - IntrinsecSecurity.com

ISACA® is a trademark of the Information Systems Audit and Control Association, Inc. (ISACA), registered in the United States and other countries. www.isaca.org ISACA®, the CSX Cybersecurity Nexus™ Mark, and ISACA’s CSX Cybersecurity Nexus™ products, certifications, and services are not affiliated with CSX Corporation or its subsidiaries, including CSX Transportation, Inc.

Schedule

No public dates are currently scheduled. Request Group Training!

 

Request Group Training