Module Learning Objectives
Chapter 1. Cybersecurity and the Security Operations Center
- Explain the role of the Cybersecurity Operations Analyst in the enterprise.
- Explain why networks and data are attacked.
- Explain how to prepare for a career in Cybersecurity operations.
Chapter 2. Windows Operating System
- Explain the Windows Operating System features and characteristics needed to support cybersecurity analyses.
- Explain the operation of the Windows Operating System.
- Explain how to secure Windows endpoints.
Chapter 3. Linux Operating System
- Explain the features and characteristics of the Linux Operating System.
- Perform basic operations in the Linux shell.
- Perform basic Linux administration tasks.
Chapter 4. Network Protocols and Services
- Analyze the operation of network protocols and services.
- Explain how the Ethernet and IP protocols support network communications and operations
- Explain how network services enable network functionality.
Chapter 5. Network Infrastructure
- Explain network topologies and the operation of the network infrastructure.
- Explain how network devices enable wired and wireless network communication.
- Explain how devices and services are used to enhance network security.
Chapter 6. Principles of Network Security
- Classify the various types of network attacks.
- Explain how networks are attacked.
- Explain the various types of threats and attacks.
Chapter 7. Network Attacks: A Deeper Look
- Use network monitoring tools to identify attacks against network protocols and services.
- Explain network traffic monitoring.
- Explain how TCP/IP vulnerabilities enable network attacks.
- Explain how common network applications and services are vulnerable to attack.
Chapter 8. Protecting the Network
- Use various methods to prevent malicious access to computer networks, hosts, and data.
- Explain approaches to network security defense.
- Use various intelligence sources to locate current security threats.
Chapter 9. Cryptography and the Public Key Infrastructure
- Explain the impacts of cryptography on network security monitoring.
- Use tools to encrypt and decrypt data.
- Explain how the public key infrastructure (PKI) supports network security.
Chapter 10. Endpoint Security and Analysis
- Explain endpoint vulnerabilities and attacks investigation process.
- Use tools to generate a malware analysis report.
- Classify endpoint vulnerability assessment information.
Chapter 11. Security Monitoring
- Evaluate network security alerts.
- Explain how security technologies affect security monitoring.
- Explain the types of log files used in security monitoring.
Chapter 12. Intrusion Data Analysis
- Analyze network intrusion data to identify compromised hosts and vulnerabilities
- Explain how security-related data is collected.
- Analyze intrusion data to determine the source of an attack.
Chapter 13. Incident Response and Handling
- Explain how network security incidents are handled by CSIRTs.
- Apply incident response models, such as NIST 800-61r2 to a security incident.
- Use a set of logs to isolate threat actors and recommend an incident response plan.