Cyber Security Fundamentals

Course details

Overview
To help address the global cyber security skills crisis head on ISACA has created Cybersecurity Nexus™ (CSX) a certification path for the cyber security professional.

The Cybersecurity (CSX) certification path starts with the knowledge-based Cybersecurity Fundamentals (CSX) Certificate for those who are new to the profession or are considering to change careers and centres the performance-based certification as the CSX Practitioner CSX Specialist and CSX Expert level. Cybersecurity Fundamentals (CSX) offers a knowledge-based Certificate in the concepts that frame and define the standards guidelines and practices of the industry.

Cyber security is a growing and rapidly changing field and it is crucial that the central concepts that frame and define this increasingly pervasive field are understood by professionals who are involved and concerned with the security implications of ;

In addition this practical cyber security knowledge training will prepare you for the ISACA Cybersecurity Fundamentals (CSX) exam. *CSX is a registered trademark of ISACA. The Cybersecurity Fundamentals (CSX) exam is an online closed book remotely proctored ;

The number of questions in each domain depends on the weight assigned. The exam takes 2 hours and the passing score is 65%. This 4-day training reviews a total of 5 exam domains:

• Domain 1 - Cyber security concepts
• Domain 2 - Cyber security architecture principles
• Domain 3 - Security of networks systems applications and data
• Domain 4 - Incident response
• Domain 5 - Security implications and adoption of evolving technology

Objective
In this 4-day training you will learn to:

• understand basic cyber security concepts and definitions
• understand basic security architecture principles
• understand security of networkssystemsapplications and data
• define types of incidents and identify elements of an incident response plan
• explain the core Information Assurance (IA) principles
• identify the key components of cyber security network architecture
• apply cyber security architecture principles
• describe risk management processes and practices
• identify security tools and hardening techniques
• distinguish system and application security threats and vulnerabilities
• describe different classes of attacks
• define types of incidents including categoriesresponses and timelines for response
• describe new and emerging IT and Information Security (IS) technologies
• analyze threats and risks within the context of the cyber security architecture
• appraise cyber security incidents to apply appropriate response
• evaluate decision making outcomes of cyber security solutions
• access additional external responses to supplement knowledge of cyber security

In addition you will be prepared to take the ISACA Cybersecurity Fundamentals (CSX) Certificate exam.

Who Should Attend
This training is ideal for staff that are new to cyber security, or are looking to move into a cyber security role from a related IT ;

Course Outlines
DAY 1
Domain 1

• Cyber security concepts
• Cyber security principles used to manage risks related to the use processing storage and transmission of information or data
• Security management
• Risk management processes including steps and methods for assessing risk
• Threat actors
• Cyber security roles
• Common Adversary Tactics Techniques and Procedures (TTPs)  Relevant laws policies procedures and governance requirements 
• Cyber security controls

Domain 2

• Cyber security architecture principles
• Network design processes to include understanding of security objectives operational objectives and trade-offs
• Security system design methods tools and techniques
• Network access Identity and Access Management (IAM)
• IT security principles and methods
• Network security architecture concepts including technology protocols components and principles
• Malware analysis concepts and methodology
• Intrusion detection methodologies and techniques for detecting host and network-based intrusions via intrusion detection technologies
• Defense in depth principles and network security architecture
• Encryption algorithms
• Cryptography
• Encryption methodologies
• The process of traffic flows across the network ( transmission and encapsulation)
• Network protocols dynamic host configuration protocol and directory services

DAY 2

Domain 3

• Security of networks systems applications and data
• Vulnerability assessment tools and their capabilities
• Basic system administration network and operating system hardening techniques
• Risk associated with virtualizations
• Penetration testing
• Network systems management principles modules methods and tools
• Remote access technology
• Unix command line
• System and application security threats and vulnerabilities
• System life cycle management principles including software security and usability
• Local specialized system requirements for safety performance and reliability
• System and application security threats and vulnerabilities u Social dynamics of computer attackers in a global context u Secure configuration management techniques
• Capabilities and applications of network equipment including hubs routers switches bridges servers transmission media an related hardware
• Communication methods principles and concepts that support the network infrastructure
• Common networking protocols and services and how they interact to provide network communications
• Different types of network communication
• Virutalisation technologies and virtual machine development and maintenance
• Application security
• Risk threat assessment

DAY 3

Domain 4

• Incident response
• Incident categories and response
• Business continuity/disaster recovery
• Incident response and handling methodologies
• Security event correlation tools
• Processes for seizing and preserving digital evidence
• Types of digital forensics data
• Basic concepts and practices of processing digital evidence
• Anti-forensics tactics techniques and procedures (TTPS)
• Common forensic tool configuration and support applications
• Network traffic analysis methods
• Which system files contain relevant information and where to find those system files

Domain 5

• Security implications and adoption of evolving technology
• Emerging technology and associated security issues risks and vulnerabilities
• Risk associated with mobile computing
• Cloud concepts around data and collaboration
• Risk of moving applications and infrastructure to the cloud
• Risk associated with outsourcing
• Supply chain risk management processes and practices

Day 4
Exam Prep Updated on 08 August, 2024