CSX Practitioner
Course Description
The CSX course is from ISACA, it is designed to teach not only how to deal directly with threats but also how to identify, protect, detect, respond and recover from them.
In this course, we cover all the mandatory labs and some of the optional ones. After the course, you are given SIX months of instructor supported lab access to recap the mandatory labs and go through all the optional ones to help prepare yourselves for the practical exam.
5 Days
Contact us for pricing
Prerequisites
No specific pre-requisite knowledge. The CSX Practitioner course develops the technical security skills required in job roles like Cyber Security Analyst or Cyber Security Engineer. Cyber Security Consultant, Cyber Security Architect, Cyber Security Manager, and Head of Cyber Security. One can also follow the CSX pathway, progressing onto the Specialist, then the Expert certifications.IDENTIFICATION AND PROTECTION
Focuses on concepts and skills needed to recognise, assess and remediate specific internal and external network threats, and to implement cybersecurity controls to protect a system from identified threats.Network Reconnaissance
Software / Hardware Scanning
Asset Validation / Anomaly Assessment
Network Mapping
Introduction to Vulnerability Scanning
Vulnerability Scanning Configuration
Conducting a Vulnerability Scan
Vulnerability Scan Evaluation
Cybersecurity Control Introduction and Explanation
Cybersecurity Control Evaluation and Configuration
Threat Data Collection
Threat Log Parsing and Maintenance
Control Vulnerability Scanning and Assessment
Control Monitoring and Assessment
Control Change implementation
Control Documentation Maintenance
Patch Implementation and Dissemination
DETECTION
Centred on building skills to leverage cybersecurity controls to identify system events and non-event level incidents, and to detect potential network events and incidents.IDS Traffic Analysis vs Packet Analysis
Behavioural Designation
Compromise Identifiers/False Positive Differentiation
Compromise Escalation
Malicious Code Differentiation
Antivirus Deployments
Antivirus Monitoring/Malicious Code Identification
Malicious Code Remediation
Incident Identification
Initial Incident Identifiers
Incident Event Collection
Identifying Established Baselines
Event Characteristic Capture
Attack Intent Assessment
System Exposure Analysis/Change Identification
Attack Timeline Construction
Attack Documentation
Event Escalation
Support Role Designation/Action
Incident Response Report Generation
RESPOND AND RECOVER
This course focuses on skills required to draft and execute comprehensive incident response plans, including maintaining proper isolation, incident response information and documentation.IRP Execution
System Containment Response
Asset Quarantine
IDS/IPS Response Configuration
Incident Response Documentation
Incident Response Protocol Procedure
Incident Response Drafting
Disaster Recovery Plan/Business Continuity Plan Task Identification
System Restore Processes
Site Configuration
System Backup
System Restoration
Network Backup Procedures
Data Integrity Check
Procedures/Documentation
Post-Incident Review Process
Compromised Asset Quarantine
Rapid Response IDS/IPS Configuration
Incident Response Component Identification
SecurityCSX PractitionerCyber SecurityISACACybersecurity