CSX Practitioner 3: Respond and Recover

Overview

Duration: 5 Days
CPE Credits: 35
Course Number: SEC-329
CSX Practitioner (CSXP) LOGO in .svg format by ISACA

CSX Practitioner 3: Respond and Recover is a five day, 35 CPE course offered to you by Intrinsec Security – an official training partner of ISACA.

NOTE: This training program is the third and final course in the CSX Practitioner Series. To view all three courses, please click here.

CSX Practitioner 3 Training Introduction

ISACA’s Cybersecurity Nexus (CSX) certification program supports cybersecurity professionals throughout their career by assessing a candidate’s abilities and skills at three progressive technical skill levels. Levels are differentiated by skills, not by years of experience. Each technical skill level is assessed utilizing a vendor-neutral set of performance-based exams measuring a candidate’s technical skills, abilities and performance in the following areas: Identify, Protect, Detect, Respond, and Recover.

CSX Practitioner 3 training from Intrinsec reviews both the “Respond” and “Recover” domains. With course lecture reinforced with lab sequences, students will learn how to apply a professional methodology to respond and recover from network incidents or disasters. Not only that, but students will discover how to contain an event and protect assets and infrastructure, and learn the components and procedures required for a comprehensive incident response plan.

This course, along with CSX Practitioner 1 and 2, was developed using existing global cybersecurity frameworks as well as input from hundreds of subject matter experts. Whether a student is planning to write the exam or learn more about Cyber Security, this course is packed with study tips and practical exercises.

Your Registration Includes
  • Five Days of ISACA Training from an Authorized CSX Practitioner 3 Instructor
  • Official ISACA Courseware for CSXP 3: Respond and Recover
  • Official ISACA Study Guide for CSXP 3: Respond and Recover
  • Six Month Subscription to ISACA’s Official OnDemand Labs for CSXP 3: Respond and Recover

*CSX Practitioner Exam Voucher Available for Additional Cost ($540 USD)*

What You Will Learn
Day 1

On the first day of training for this official CSX Practitioner 3 course, students will learn about several topics while also participating in various labs to gain practical experience. The lessons and labs for this day of training relate to the following subjects: IR Reputation Databases, IR Procedure, and Real Time Blacklists.

Lessons:

  • Defined Response Plan Execution
  • Incident Response Escalation Procedures
  • System Adverse Effects to Incident Response
  • Network Isolation
  • Disable User Accounts

Labs:

  • Remove Trojan
  • Open and Close Ports on Windows 7
  • Disable User Accounts on Windows 7
  • Block Incoming Traffic on Known Ports

Day 2

The second day of training for this course takes a look at a number of different topics while also providing labs for students to gain practical experience. The lessons and labs for this day of training relate to the following subjects: IR Procedure, IR Drafting, and IR Frameworks.

Lessons:

  • Blocking Traffic
  • Assess and Unplug
  • System Configuration Changes and Supplemental Monitoring
  • IR Documentation and Preservation
  • Incident Report

Labs:

  • Implement Single System Changes
  • Conduct Supplemental Monitoring
  • Create Custom Snort Rules
  • Install EMET and Edit Host Files
  • Comprehensive Assessment

Day 3

Day 3 of this course focuses on teaching students about a number of different topics while also providing them with labs for practical experience. The lessons and labs for day 3 of training relate to the following subjects: Business Unit Integration, Third Party Connection Mechanisms, Warm Site / Cold Site Configurations, and Data Preservation.

Lessons:

  • Industry Best Practices
  • Disaster Recovery and Business Continuity
  • Cyber System Restoration
  • Data Backup and Restoration Key Concepts

Labs:

  • Patches and Updates

Day 4

On the fourth day of training for this official CSX Practitioner 3 course students will learn about several topics while also participate in labs to gain practical experience on the material covered. The lessons and labs for this day of training listed below relate to the following subjects: Network Access Control, Data Loss Prevention, Network Backup Procedures, and Encryption Controls.

Lessons:

  • Backup Site Preparation and Utilization
  • Data Management
  • Actualizing Data Backups and Recovery
  • Implementing Patches and Updates

Labs:

  • Data Backup and Recovery

Day 5

On the final day of Intrinsec’s CSX Practitioner 3: Respond and Recover course, students review several topics while also participating in labs to reinforce the material covered. The lessons and labs that are listed below for this day of training relate to the following subjects: NIST Procedures, ISO Procedures, Team Input, and AAR Generation.

Lessons:

  • Ensuring Data Integrity
  • Deficiency and Error Reporting
  • Post-Incident Review
  • Reset and Prep for Future Events
  • Temporary Control and Fix Review and Implementation

Labs:

  • Recovering Data and Data Integrity Checks
Audience

The CSX Practitioner course is intended for professionals with roles focusing on cyber security – with a minimum of one to five years of experience. Students who register for this course should be proficient in the following areas:


  • Network Scanning
  • Specialized Port Scans
  • Network Topologies
  • Network Log Analysis
  • Centralized Monitoring
  • Hotfix Distribution
  • Vulnerability Scanning
  • Traffic Monitoring
  • Compromise Indicators
  • False Positive Identification
  • Packet Analysis
  • Used Account Controls
Questions

Any questions?

Read our Frequently Asked Questions page or simply send your questions to us directly via our Contact Us page or our Live Chat.

BECOME A V.I.P.

Sign up and get exclusive VIP offers, discounts, and early bird registration opportunities for our Cloud Security classes!
 
  • This field is for validation purposes and should be left unchanged.

ISACA® is a trademark of the Information Systems Audit and Control Association, Inc. (ISACA), registered in the United States and other countries. www.isaca.org ISACA®, the CSX Cybersecurity Nexus™ Mark, and ISACA’s CSX Cybersecurity Nexus™ products, certifications, and services are not affiliated with CSX Corporation or its subsidiaries, including CSX Transportation, Inc.

Schedule

No public dates are currently scheduled. Request Group Training!

 

Request Group Training

  • This field is for validation purposes and should be left unchanged.