CSX Practitioner 2: Detection

Overview

Duration: 5 Days
CPE Credits: 35
Course Number: SEC-328
CSX Practitioner (CSXP) LOGO in .svg format by ISACA

CSX Practitioner 2: Detection is a five day, 35 CPE course offered to you by Intrinsec Security – an official training partner of ISACA.

NOTE: This training program is the second of three courses in the CSX Practitioner Series. To view all three courses, please click here.

CSX Practitioner 2 Training Information

ISACA’s Cybersecurity Nexus (CSX) certification program supports cybersecurity professionals throughout their career by assessing a candidate’s abilities and skills at three progressive technical skill levels. Levels are differentiated by skills, not by years of experience. Each technical skill level is assessed utilizing a vendor-neutral set of performance-based exams measuring a candidate’s technical skills, abilities and performance in the following areas: Identify, Protect, Detect, Respond, and Recover.

This official CSX Practitioner 2 course reviews the “Detect” domain. Students will learn the basic concepts, methods and tools used to leverage cyber security controls to identify system events and non-event level incidents. In layman’s terms, CSX Practitioner 2 will help students develop the ability to serve as a first responder, following established procedures, defined processes and working mostly with known problems on a single system.

This course, along with CSX Practitioner 1 and 3, was developed using existing global cybersecurity frameworks as well as input from hundreds of subject matter experts. Whether a student is planning to write the exam or learn more about Cyber Security, this course is packed with study tips and practical exercises.

Your Registration Includes
  • Five Days of ISACA Training from an Authorized CSX Practitioner Instructor
  • Official ISACA Courseware for CSX Practitioner 2: Detection
  • Official ISACA Study Guide for CSX Practitioner 2: Detection
  • Six Month Subscription to ISACA’s Official OnDemand Labs for CSX Practitioner 2: Detection

*CSX Practitioner Exam Voucher Available for Additional Cost ($540 USD)*

What You Will Learn
Day 1

The first day of this official CSX Practitioner 2 course reviews several topics while also providing labs for students to gain practical experience. The lessons and labs found below are associated with the following topics: Traffic Flow Analysis and IR Resources.

Lessons:

  • Analyzing Network Traffic Using Monitors
  • Monitoring Network Traffic
  • Monitoring Schedule
  • Searching for Indicators of Compromise
  • Monitoring for False Positives

Labs:

  • Using Snort and Wireshark to Analyze Traffic
  • Monitoring Network Traffic

Day 2

Day 2 of this official course analyzes several topics while providing labs for students to gain practical experience. The lessons and labs found below are associated with the following topics: Attack Types, Attack Methods, Network Access Control, Virus Types, and Worm Variants.

Lessons:

  • Escalate Potential Compromises
  • Network Packet Analysis
  • Malicious Activity and Anti-Virus
  • Malicious Code and Activity Types
  • Remediation Steps

Labs:

  • Searching for Indicators of Compromise
  • Monitoring for False Positives

Day 3

The third day of this training seminar focuses on several topics while also providing labs for students to gain practical experience. The lessons and labs found below are associated with the following topics: Incident Identification Methodologies, IP Reputation Databases, Port Scanning, Host Analysis, and Network Traffic Behavior.

Lessons:

  • Assessing Available Event Information
  • Performing Initial Analysis
  • Identifying Potential Collection Sources
  • Deploy the Data Collection Utility
  • Using Event Correlation

Labs:

  • Performing an Initial Attack Analysis
  • Detect the Introduction and Execution of Malicious Activity
  • Analyze and Classify Malware

Day 4

Just like the first three days of training, day 4 reviews several topics while also providing labs for students to gain practical experience. The lessons and labs found below are associated with the following topics: Malware Functionality, Spyware, Trojans, Rootkits, Viruses, and Backdoors.

Lessons:

  • Using Established Baselines to Detect Anomalies
  • Documenting Your Steps
  • Initial Attack Analysis
  • Determine the Initial Scope
  • Identify if High-Risk Systems Were Affected

Labs:

  • Event Log Collection
  • Windows Event Log Manipulation
  • Host Integrity Baselining

Day 5

On the final day of training for this official CSX Practitioner 2 course, students review several topics while also participating in various labs to gain practical experience. The lessons and labs found below are associated with the following topics: NIST Roles, ISO Designations, Cert Designation, and CSIRT Roles.

Lessons:

  • Monitoring Controls
  • Updating Cyber Security Controls
  • Patch Management
  • Verifying Identities and Credentials
  • Cybersecurity Standards and Procedures

Labs:

  • IDS Setup
  • Personal Security Products
  • Verifying Hotfixes
  • Linux Users and Groups
  • Core Impact Vulnerability Scan
Audience

The CSX Practitioner course is intended for professionals with roles focusing on cyber security – with a minimum of one to five years of experience. Students who register for this course should be proficient in the following areas:


  • Network Scanning
  • Specialized Port Scans
  • Network Topologies
  • Network Log Analysis
  • Centralized Monitoring
  • Hotfix Distribution
  • Vulnerability Scanning
  • Traffic Monitoring
  • Compromise Indicators
  • False Positive Identification
  • Packet Analysis
  • Used Account Controls
Questions

Any questions?

Read our Frequently Asked Questions page or simply send your questions to us directly via our Contact Us page or our Live Chat.

BECOME A V.I.P.

Sign up and get exclusive VIP offers, discounts, and early bird registration opportunities for our Cloud Security classes!
 

ISACA® is a trademark of the Information Systems Audit and Control Association, Inc. (ISACA), registered in the United States and other countries. www.isaca.org ISACA®, the CSX Cybersecurity Nexus™ Mark, and ISACA’s CSX Cybersecurity Nexus™ products, certifications, and services are not affiliated with CSX Corporation or its subsidiaries, including CSX Transportation, Inc.

Schedule

No public dates are currently scheduled. Request Group Training!

 

Request Group Training