Module Learning Objectives
Chapter 1. Cybersecurity and the Security Operations Center
Explain the role of the Cybersecurity Operations Analyst in the enterprise.
Explain why networks and data are attacked.
Explain how to prepare for a career in Cybersecurity operations.
Chapter 2. Windows Operating System
Explain the Windows Operating System features and characteristics needed to support cybersecurity analyses.
Explain the operation of the Windows Operating System.
Explain how to secure Windows endpoints.
Chapter 3. Linux Operating System
Explain the features and characteristics of the Linux Operating System.
Perform basic operations in the Linux shell.
Perform basic Linux administration tasks.
Chapter 4. Network Protocols and Services
Analyze the operation of network protocols and services. Explain how the Ethernet and IP protocols support network communications and operations
Explain how network services enable network functionality.
Chapter 5. Network Infrastructure
Explain network topologies and the operation of the network infrastructure.
Explain how network devices enable wired and wireless network communication.
Explain how devices and services are used to enhance network security.
Chapter 6. Principles of Network Security
Classify the various types of network attacks.
Explain how networks are attacked.
Explain the various types of threats and attacks.
Chapter 7. Network Attacks: A Deeper Look
Use network monitoring tools to identify attacks against network protocols and services.
Explain network traffic monitoring.
Explain how TCP/IP vulnerabilities enable network attacks.
Explain how common network applications and services are vulnerable to attack.
Chapter 8. Protecting the Network
Use various methods to prevent malicious access to computer networks, hosts, and data.
Explain approaches to network security defense.
Use various intelligence sources to locate current security threats.
Chapter 9. Cryptography and the Public Key Infrastructure
Explain the impacts of cryptography on network security monitoring.
Use tools to encrypt and decrypt data.
Explain how the public key infrastructure (PKI) supports network security.
Chapter 10. Endpoint Security and Analysis
Explain endpoint vulnerabilities and attacks investigation process.
Use tools to generate a malware analysis report.
Classify endpoint vulnerability assessment information.
Chapter 11. Security Monitoring
Evaluate network security alerts.
Explain how security technologies affect security monitoring.
Explain the types of log files used in security monitoring.
Chapter 12. Intrusion Data Analysis
Analyze network intrusion data to identify compromised hosts and vulnerabilities
Explain how security-related data is collected.
Analyze intrusion data to determine the source of an attack.
Chapter 13. Incident Response and Handling
Explain how network security incidents are handled by CSIRTs.
Apply incident response models, such as NIST 800-61r2 to a security incident.
Use a set of logs to isolate threat actors and recommend an incident response plan.