Test your skills

Complete our assessment and test your skill level!

Course Content

1.0 Threat Management

Given a scenario, apply environmental reconnaissance techniques using appropriate tools and processes.

  • Procedures/common tasks
  • Variables
  • Tools

Given a scenario, analyze the results of a network reconnaissance.

  • Point-in-time data analysis
  • Data correlation and analytics
  • Data output
  • Tools

Given a network-based threat, implement or recommend the appropriate response and countermeasure.

  • Network segmentation
  • Honeypot
  • Endpoint security
  • Group policies
  • ACLs
  • Hardening
  • Network Access Control (NAC)

Explain the purpose of practices used to secure a corporate environment.

  • Penetration testing
  • Reverse engineering
  • Training and exercises
  • Risk evaluation

2.0 Vulnerability Management

Given a scenario, implement an information security vulnerability management process.

  • Identification of requirements
  • Establish scanning frequency
  • Configure tools to perform scans according to specification
  • Execute scanning
  • Generate reports
  • Remediation
  • Ongoing scanning and continuous monitoring

Given a scenario, analyze the output resulting from a vulnerability scan.

  • Analyze reports from a vulnerability Scan
  • Validate results and correlate other data points

Compare and contrast common vulnerabilities found in the following targets within an organization.

  • Servers
  • Endpoints
  • Network infrastructure
  • Network appliances
  • Virtual infrastructure
  • Mobile devices
  • Interconnected networks
  • Virtual private networsk (VPNs)
  • Industrial Control Systems (ICSs)
  • SCADA devices

3.0 Cyber Incident Response

Given a scenario, distinguish threat data or behavior to determine the impact of an incident.

  • Threat classification
  • Factors contributing to incident severity and prioritization

Given a scenario, prepare a toolkit and use appropriate forensics tools during an investigation.

  • Forensics kit
  • Forensic investigation suite

Explain the importance of communication during the incident response process.

  • Stakeholders
  • Purpose of communication processes
  • Role-based responsibilities

Given a scenario, analyze common symptoms to select the best course of action to support incident response.

  • Common network-related symptoms
  • Common host-related symptoms
  • Common application-related symptoms

Summarize the incident recovery and post-incident response process.

  • Containment techniques
  • Eradication techniques
  • Validation
  • Corrective actions
  • Incident summary report

4.0 Security Architecture and Tool Sets

Explain the relationship between frameworks, common policies, controls, and procedures.

  • Regulatory compliance
  • Frameworks
  • Policies controls
  • Procedures
  • Verifications and quality control

Given a scenario, use data to recommend remediation of security issues related to identity and access management.

  • Security issues associated with context-based authentication
  • Security issues associated with identities
  • Security issues associated with identity repositories
  • Security issues associated with federation and single sign-on
  • Exploits

Given a scenario, review security architecture and make recommendations to implement compensating controls.

  • Security data analytics
  • Manual review
  • Defense in depth
  • Technologies
  • Other security concepts

Given a scenario, use application security best practices while participating in the Software Development Life Cycle (SDLC).

  • Best practices during software development
  • Secure coding best practices

Compare and contrast the general purpose and reasons for using various cybersecurity tools and technologies.

  • Preventative
  • Collective
  • Analytical
  • Exploit
  • Forensics
CTU Training Solutions, Updated: August 21st, 2017