C)CSA: Certified Cybersecurity Analyst
Target group
- Security Professionals
- Incident Handling Professionals
- Anyone in a Security Operations Center
- Forensics Experts
- Cybersecurity Analysts
Description
This course helps you prepare an organization to create a complete end to end solution for monitoring, preventing, detecting, and mitigating threats as they arise in
real time. Do not fool yourself, this course is far more advanced than you may expect. It is fast paced and thorough, so you can enjoy a well-rounded experience. Be ready to dig deep into the details of security analysis for today’s needs. You will be able to set up and deploy state of the art open source and commercial analysis tools, intrusion detection tools, syslog servers, and SIEMs. You will also be able to integrate them for an entire organization
Program
- Duration : 4 days
Chapter 1: Blue Team Principles
- Network Architecture and how it lays the groundwork
- Defensive Network
- Security Data Locations and how they tie together
- Security Operations Center
- The People, Processes, and Technology
- Triage and Analysis
- Digital Forensics
- Incident Handling
- Vulnerability Management
- Automation, Improvement, and Tuning ® Chapter 1 Labs: Blue Team Principles
- Analyze Initial Compromise Vector
- Network Forensics
- System Forensics
Chapter 2: Digital Forensics
- Investigative Theory and Processes
- Digital Acquisition
- Evidence Protocols
- Evidence Presentation
- Computer Forensics Laboratory
- Protocols
- Processing Techniques
- Specialized Artifacts
- Advanced Forensics for Today’s Exploitations
Chapter 2 Labs: Digital Forensics
- Analysis of Captured Network Activity
- Analysis of Captured Zip File
Chapter 3: Malware Analysis
- Creating the Safe Environment
- Static Analysis
- Dynamic Analysis
- Behavior Based Analysis
- What is different about Ransomware?
- Manual Code Reversing
Chapter 3 Labs: Malware Analysis
- Analysis of an MSFVenom Executable
- Analysis of Locky Ransomware
- Creating YARA Rules based on Analysis Results
Chapter 4: Traffic Analysis
- Manual Analysis Principles
- Automated Analysis Principles
- Signatures compared to Behaviors
- Application Protocols Analysis Principles
- Networking Forensics
Chapter 4 Labs: Traffic Analysis
- Traffic Analysis of a Website Defacement Attack
- Traffic Analysis Based on IDS Alerts
- Traffic Analysis of a ZLoader Delivery Attempt
Chapter 5: Assessing the Current State of Defense with the Organization
- Network Architecture and Monitoring
- Endpoint Architecture and Monitoring
- Automation, Improvement, and continuous monitoring
Chapter 5 Labs: Assessing the Current State of Defense within the Organization
- Configuring a Firewall
- Configuring SIEM
- Configuring IPDS
- Upgrading Detection/Protection Capabilities
Chapter 6: Leveraging SIEM for Advanced Analytics
- Architectural Benefits
- Profiling and Baselining
- Advanced Analytics
Chapter 6 Labs: Leveraging SIEM for Advanced Analytics
- Deploying Agent
- Implementing User Behavior Analytics through Machine Learning
- Simulate an Attack and Analyze Alerts
Chapter 7: Defeating the Red Team with Purple Team tactics
- Penetration Testing with full knowledge
- Reconnaissance b. Scanning
- Enumeration
- Exploitation
- Lateral Movement
Chapter 7 Labs: Defeating the Red Team with Purple Team Tactics
- Configuring Defensive Systems
- Purple Team Testing
- Mitigation
- Bypass Anti-Virus and LSASS Patch through edited Mimikat
Goal
Upon completion, the Certified Cybersecurity Analyst candidate will be able to competently take the C)CSA Exam. They will also be ready to prepare an organization
for proactive defense against today’s hackers.
Prerequisites
- Certified Security Principles
- Certified Digital Forensics Examiner
- Certified Incident Handling Engineer
- Certified Professional Ethical Hacker
- Langue : Anglais
- Niveau : Level 400
- Organisme de certification : Mile2
- Certification : Oui
- Accesibilité : Oui
- Durée : 4 Jours
