CSX Practitioner 3: Respond and Recover
CSX Practitioner 3 Training Introduction
ISACA’s Cybersecurity Nexus (CSX) certification program supports cybersecurity professionals throughout their career by assessing a candidate’s abilities and skills at three progressive technical skill levels. Levels are differentiated by skills, not by years of experience. Each technical skill level is assessed utilizing a vendor-neutral set of performance-based exams measuring a candidate’s technical skills, abilities and performance in the following areas: Identify, Protect, Detect, Respond, and Recover.
CSX Practitioner 3 training from Intrinsec reviews both the “Respond” and “Recover” domains. With course lecture reinforced with lab sequences, students will learn how to apply a professional methodology to respond and recover from network incidents or disasters. Not only that, but students will discover how to contain an event and protect assets and infrastructure, and learn the components and procedures required for a comprehensive incident response plan.
This course, along with CSX Practitioner 1 and 2, was developed using existing global cybersecurity frameworks as well as input from hundreds of subject matter experts. Whether a student is planning to write the exam or learn more about Cyber Security, this course is packed with study tips and practical exercises.
Your Registration Includes
- Five Days of ISACA Training from an Authorized CSX Practitioner 3 Instructor
- Official ISACA Courseware for CSXP 3: Respond and Recover
- Official ISACA Study Guide for CSXP 3: Respond and Recover
- Six Month Subscription to ISACA’s Official OnDemand Labs for CSXP 3: Respond and Recover
*CSX Practitioner Exam Voucher Available for Additional Cost ($540 USD)*
What You Will Learn
On the first day of training for this official CSX Practitioner 3 course, students will learn about several topics while also participating in various labs to gain practical experience. The lessons and labs for this day of training relate to the following subjects: IR Reputation Databases, IR Procedure, and Real Time Blacklists.
- Defined Response Plan Execution
- Incident Response Escalation Procedures
- System Adverse Effects to Incident Response
- Network Isolation
- Disable User Accounts
- Remove Trojan
- Open and Close Ports on Windows 7
- Disable User Accounts on Windows 7
- Block Incoming Traffic on Known Ports
The second day of training for this course takes a look at a number of different topics while also providing labs for students to gain practical experience. The lessons and labs for this day of training relate to the following subjects: IR Procedure, IR Drafting, and IR Frameworks.
- Blocking Traffic
- Assess and Unplug
- System Configuration Changes and Supplemental Monitoring
- IR Documentation and Preservation
- Incident Report
- Implement Single System Changes
- Conduct Supplemental Monitoring
- Create Custom Snort Rules
- Install EMET and Edit Host Files
- Comprehensive Assessment
Day 3 of this course focuses on teaching students about a number of different topics while also providing them with labs for practical experience. The lessons and labs for day 3 of training relate to the following subjects: Business Unit Integration, Third Party Connection Mechanisms, Warm Site / Cold Site Configurations, and Data Preservation.
- Industry Best Practices
- Disaster Recovery and Business Continuity
- Cyber System Restoration
- Data Backup and Restoration Key Concepts
- Patches and Updates
On the fourth day of training for this official CSX Practitioner 3 course students will learn about several topics while also participate in labs to gain practical experience on the material covered. The lessons and labs for this day of training listed below relate to the following subjects: Network Access Control, Data Loss Prevention, Network Backup Procedures, and Encryption Controls.
- Backup Site Preparation and Utilization
- Data Management
- Actualizing Data Backups and Recovery
- Implementing Patches and Updates
- Data Backup and Recovery
On the final day of Intrinsec’s CSX Practitioner 3: Respond and Recover course, students review several topics while also participating in labs to reinforce the material covered. The lessons and labs that are listed below for this day of training relate to the following subjects: NIST Procedures, ISO Procedures, Team Input, and AAR Generation.
- Ensuring Data Integrity
- Deficiency and Error Reporting
- Post-Incident Review
- Reset and Prep for Future Events
- Temporary Control and Fix Review and Implementation
- Recovering Data and Data Integrity Checks
The CSX Practitioner course is intended for professionals with roles focusing on cyber security – with a minimum of one to five years of experience. Students who register for this course should be proficient in the following areas:
- Network Scanning
- Specialized Port Scans
- Network Topologies
- Network Log Analysis
- Centralized Monitoring
- Hotfix Distribution
- Vulnerability Scanning
- Traffic Monitoring
- Compromise Indicators
- False Positive Identification
- Packet Analysis
- Used Account Controls
BECOME A V.I.P.
ISACA® is a trademark of the Information Systems Audit and Control Association, Inc. (ISACA), registered in the United States and other countries. www.isaca.org ISACA®, the CSX Cybersecurity Nexus™ Mark, and ISACA’s CSX Cybersecurity Nexus™ products, certifications, and services are not affiliated with CSX Corporation or its subsidiaries, including CSX Transportation, Inc.
No public dates are currently scheduled. Request Group Training!