Overview
This intensive and practitioner-focused training is designed to help you gain the knowledge, skills, abilities, and confidence required to protect and defend organizational information systems against cyber adversaries.
Course description
A cyber defense analyst uses data collected from a variety of cyber defense tools (e.g. web application firewall (WAF), file integrity monitor (FIM), IDS, network firewalls, vulnerability scanner, etc.) and information systems to analyze events that occur within his/her environment for the purposes of thwarting cyber adversaries.
Prerequisite
Basic knowledge of how computers and the Internet work
Who can take this course?
- Cyber Enthusiasts
- IT Professionals
- Students & Graduates
- Cybersecurity Internship Seekers
This course includes
- Self-paced; over 13 hours of on-demand video
- Over 18 hours of lab exercises
- Anytime access (from computer, tablet or mobile phone)
- Labs and Project
- End of Training Workshop
Key Learning Objectives
At the end of this course, learners will be able to
- Master all learning objectives from the cyber defense associate course
- Discuss cloud security and the shared responsibility matrix
- Explain how a cloud access security solution works and recall the major vendors in this market space
- Discuss the importance of a cloud security posture management solution
- Demonstrate an understanding of key risk management terms and definitions
- Align cyber risk management efforts with an enterprise risk management program
- Discuss the risk assessment process
- Describe the process of risk analysis and the expected outcome of the exercise
- Demonstrate an understanding of risk appetite and risk tolerance
- Recall key considerations related to the crafting of a risk assessment report
- List and explain each of the four common risk response actions
- Outline the importance of risk monitoring and demonstrate an understanding of the process
- Recall elements of cyber security governance
- List and discuss motivations for cyber defense
- Demonstrate basic understanding of the functions of a cyber security steering committee
- Explain the role of the compliance function in cyber defense
- Demonstrate good understanding of the role of Internal Audit in cyber defense
Course Curriculum
SECTION 1 - THE NICE FRAMEWORK AND CYBER SECURITY ESSENTIALS
Available in
days
days
after you enroll
- Lecture 1: Introduction (2:32)
- Lecture 2: Overview of NICE Workforce Framework (5:42)
- Lecture 3: Important NICE Framework Elements (2:32)
- Lecture 4: What is Cyber Security? (8:17)
- Lecture 5: Professional Certifications (14:15)
- Lecture 6: Knowledge Acceleration Channels (4:03)
- Lecture 7: Why Does it Even Matter? (3:35)
- Lecture 8: Financial Services: JP Morgan Chase (2:56)
- Lecture 9: Healthcare: John Hopkins Medicine (2:03)
- Lecture 10: News & Media: The BBC (2:09)
- Lecture 11: Oil and Gas: Exxon Mobil (2:28)
- Lecture 12: Retail: Tesco (1:17)
- Lecture 13: Technology: Facebook (2:11)
- Lecture 15: Overview (2:08)
- Lecture 16: People, Process and Technology (2:49)
- Lecture 17: Governance Structure (1:30)
- Lecture 18: Overarching Security Policy (2:55)
- Lecture 19: Business Aligned Issue-Specific Policies (1:59)
- Lecture 20: Security Standards (2:14)
- Lecture 21: Fundamentals of Networking (5:46)
- Lecture 22; Common Networking Services and Protocols (8:50)
- Lecture 23: Overview of the OSI Model (5:20)
- Lecture 24: IP Addressing Basics (3:30)
- Lecture 25: IP Subnetting Basics (10:47)
- Lecture 26: TCP 3-Way Handshake Process (10:13)
- Lecture 27: Network Traffic and Packet Analysis - Wireshark Demo (11:23)
- Lecture 28: Key Elements of an Enterprise Network (3:07)
- Lecture 29: Understanding Cisco Three-Layer Hierarchical Model (4:40)
- Lecture 30: Introduction to the Defense-In-Depth Model (5:38)
- Lecture 31: Summary (4:03)
- Module 1 - Practice Questions
SECTION 2 - CYBER THREATS, VULNERABILITIES AND ATTACKS
Available in
days
days
after you enroll
- Lecture 32: Cyber Threat Essentials (3:01)
- Lecture 33: Overview of Cyber Threats (8:44)
- Lecture 34: Global Cyber Threat landscape (3:05)
- Lecture 35: Types of Threat Actors (2:24)
- Lecture 36: Cybercriminals (3:17)
- Lecture 37: Non-Adversarial Employee (3:51)
- Lecture 38: Nation State Actors (3:50)
- Lecture 39: Hacktivists (2:19)
- Lecture 40: Adversarial Employee (2:14)
- Lecture 41: Threat Modelling Fundamentals (5:25)
- Lecture 42: Threat Modelling - STRIDE (5:17)
- Lecture 43: Overview of Vulnerabilities (8:27)
- Lecture 44: Vulnerability Naming Standard (4:59)
- Lecture 45: Vulnerability Scoring System (8:52)
- Lecture 46: Role of Vulnerability in the Attack Triangle (4:34)
- Lecture 47: Common Types of Vulnerabilities – Part 1 (7:45)
- Lecture 48: Common Types of Vulnerabilities – Part 2 (6:24)
- Lecture 49: Sources of Vulnerability Intelligence (4:58)
- Lecture 50: The Vulnerability Management Lifecycle (5:33)
- Lecture 51: Practical Demonstration of Vulnerability Discovery and Analysis (6:05)
- Lecture 52: Cyber Attack Tactics, Techniques and Procedures (2:37)
- Lecture 53: Cyber Kill Chain (6:51)
- Lecture 54: Mandiant Attack Lifecycle (2:58)
- Lecture 55: MITRE ATT&CK Framework (6:39)
- Lecture 56: The Hacking Team (12:56)
- Lecture 57: Capital One (6:12)
- Lecture 58: Ashley Madison (5:14)
- Lecture 59: British Airways (4:10)
- Lecture 60: American Medical Collection Agency (AMCA) (3:43)
- Lecture 61: Equifax (5:47)
- Lecture 62: Section 2 Summary (3:51)
- Module 2 - Practice Questions
SECTION 3 – PROTECTIVE CYBER SECURITY TECHNOLOGIES
Available in
days
days
after you enroll
- Lecture 63: Section 3 Overview (3:47)
- Lecture 64: The NIST Cybersecurity Framework (6:45)
- Lecture 65: Identify (3:47)
- Lecture 66: Protect (3:52)
- Lecture 67: Detect (1:47)
- Lecture 68: Respond (1:47)
- Lecture 69: Recover (2:16)
- Lecture 70: The "Protect" Categories and Technologies (2:46)
- Lecture 71: Application Security Overview (12:25)
- Lecture 72: Web Application Firewall (12:25)
- Lecture 73: Application Security Testing Techniques and Products (13:09)
- Lecture 74: Data Security Overview (6:08)
- Lecture 75: Data Encryption and Key Management (7:20)
- Lecture 76: Data Masking and Tokenization (7:34)
- Lecture 77: Data Leakage Prevention (DLP) (10:09)
- Lecture 78: Digital Rights Management (3:47)
- Lecture 79: Endpoint Protection Platform lock (16:34)
- Lecture 80: Application Whitelisting (4:19)
- Lecture 81: File Integrity Monitor (3:54)
- Lecture 82: Full Disk Encryption (2:30)
- Lecture 83: Network Security Overview (10:44)
- Lecture 84: Intrusion Protection Systems (IPS) (5:51)
- Lecture 85: Network Access Control (NAC) (3:06)
- Lecture 86: Secure Web Gateway (8:56)
- Lecture 87: Secure Email Gateway (5:43)
- Lecture 88: Cloud Security Overview (9:30)
- Lecture 89: Cloud Access Security Broker (CASB) (7:20)
- Lecture 90: Cloud Security Posture Management (5:33)
- Lecture 91: Section 3 Summary (4:25)
- Module 3 - Practice Questions
SECTION 4 - ELEMENTS OF A SECURITY OPERATIONS CENTER (SOC)
Available in
days
days
after you enroll
- Lecture 92: Overview of the SOC (7:59)
- Lecture 93: Log Sources and Events Collection (10:27)
- Lecture 94: Security Information and Events Management (SIEM) (7:20)
- Lecture 95: Career Progression Path in a SOC (5:18)
- Lecture 96: SOAR (6:26)
- Lecture 97: Maintaining Situational Awareness (5:19)
- Lecture 98: Security Alerts (3:04)
- Lecture 99: Alerts Use Cases: Privileged account (2:48)
- Lecture 100: Alerts Use Cases: Data Leakage Prevention (1:50)
- Lecture 101: Alerts Use Cases: Lateral Movement (2:28)
- Lecture 102: Alerts Use Cases: C2 (2:32)
- Lecture 103: Actionable Reports (10:39)
- Lecture 104: A Day in the Life of a SOC Analyst (6:09)
- Lecture 105: Overview of Incident Response (4:31)
- Lecture 106: Incident Response: Prepare (4:28)
- Lecture 107: Incident Response: Detect & Analyze (3:21)
- Lecture 108: Incident Response: Containment, Eradication, Recovery (3:01)
- Lecture 109: Incident Response: Post Incident (1:38)
- Lecture 110: Incident Response Jump Kit (3:33)
- Lecture 111: Incident Categorization and Process Workflow (5:36)
- Lecture 112: Using a SIEM - Practical Demonstration
- Lecture 113: Incident Response Scenarios
- Lecture 114: Managed Security Services Provider (MSSP (7:10)
- Lecture 115: Managed Detection and Response (MDR) Service (4:12)
- Lecture 116: Incident Response Retainer Service (5:02)
- Lecture 117: Cyber Threat Intelligence Service (3:13)
- Lecture 118: Section 4 Summary (6:15)
- Module 4 - Practice Questions
SECTION 5 – CYBER RISK MANAGEMENT, LAWS, AND GOVERNANCE
Available in
days
days
after you enroll
- Lecture 119: Key Terms and Definitions (4:23)
- Lecture 120: Cyber Risk in Enterprise Risk Management (5:10)
- Lecture 121: Conducting Risk Assessment (6:02)
- Lecture 122: Risk Analysis - Overview (9:07)
- Lecture 123: Risk Analysis – Rating Matrix (7:06)
- Lecture 124: Understanding Risk Tolerance and Appetite (11:30)
- Lecture 125: Risk Response Actions (6:30)
- Lecture 126: Risk Assessment Reports (RARs) (3:46)
- Lecture 127: Risk Monitoring (5:12)
- Lecture 128: Intellectual Property and Introduction to Cyber Laws (11:16)
- Lecture 129: Cybersecurity Enhancement Act (2014) (5:59)
- Lecture 130: National Cybersecurity Protection Act (2014) (1:49)
- Lecture 131: Sarbanes Oxley (SOX) Act (6:03)
- Lecture 132: Federal Information Systems Modernization Act (2014) (4:54)
- Lecture 133: Health Information Portability and Accountability Act (HIPAA) of 1996 (7:43)
- Lecture 134: General Data Protection Regulation (GDPR) (7:38)
- Lecture 135: Cybercrime Act of 2015 (12:15)
- Lecture 136: NDPR (7:37)
- Lecture 137: Elements of Cyber Security Governance (7:55)
- Lecture 138: Cyber Security Business Drivers (6:30)
- Lecture 139: Security Steering Committee (4:46)
- Lecture 140: Compliance (3:07)
- Lecture 141: Cyber Security – Internal Audit (7:45)
- Lecture 142: Section 4 Summary (4:06)
- Module 5 - Practice Questions
SECTION 6 - INCIDENT RESPONSE SCENARIOS
Available in
days
days
after you enroll
- Scenario 1 - External Attack Against A Webserver
- Scenario 2 - Unauthorized Changes
- Scenario 3 - Suspected Unauthorized Access to Web Server
- Scenario 4 - Suspected Unauthorized Access to Web Server
- Scenario 5 - DDOS SYN Flood Attack
- Scenario 6 - Webshell Attack Detection and Analysis
- Scenario 7 - Client Side Attack - Drive by Download
- Scenario 8 - Suspicious Email Received From an Unknown Party
- Scenario 9 - Detection and Analysis of Reverse Shell Traffic
- Scenario 10 - Data Breach Notification
- Scenario 11 - Malicious Command Execution
- Scenario 12 - Internal Reconnaissance Activities Observed
- Scenario 13 - Detect & Analyze Suspected Data Exfiltration
- Scenario 14 - Anomaly Detection and Investigation
- Scenario 15 - Lost or Stolen Laptop
- Scenario 17 - Investigating Usage of Hacking Tools
- Scenario 16 - Suspicious URL Access by External IP
- Scenario 18 - Detecting and Responding to a Ransomware Attack
- Scenario 19 - Malware Detection and Response
- Scenario 20 - Researching Suspicious Historical Events
Wrap up
Available in
days
days
after you enroll
Cyber Defense Lab
Our lab environment closely mirrors the real-world business environment where students get to play the role of a cyber security professional.
20 Unique Cyber Security Challenges!
Solve real world cyber security challenges by following structured incident response steps
Featured Courses
EXAMPLE
