ISACA CSX Practitioner II: Detection Training

ISACA CSX Practitioner II: Detection Training


ISACA CSX Practitioner II: Detection Training with labs - Use cybersecurity controls to detect network events and incidents.

In this second ISACA CSX Practitioner II: Detection Training course in the CSX Practitioner series, you will go deeper into skills focused in the Detect domain. With ISACA CSX Practitioner II: Detection Training, you will learn the basic concepts, methods, and tools used to leverage cybersecurity controls in order to identify system events and non-event level incidents. Completing multiple lab-reinforced modules, you will gain the skills necessary to detect potential network events and incidents. You will learn about topics ranging from incident packet analysis to drafting and generating incident response reports.

Customize It:

With onsite Training, courses can be scheduled on a date that is convenient for you, and because they can be scheduled at your location, you don’t incur travel costs and students won’t be away from home. Onsite classes can also be tailored to meet your needs. You might shorten a 5-day class into a 3-day class, or combine portions of several related courses into a single course, or have the instructor vary the emphasis of topics depending on your staff’s and site’s requirements.

Audience/Target Group

• Individuals in the field of cybersecurity who are interested in gaining hands-on technical skills

ISACA CSX Practitioner II: Detection Training Related Courses:

Duration: 5 days

Skilled Gained:

• Analyze and monitor network output
• Detect malware
• Detect incidents
• Notify proper channels
• Analyze attacks
• Escalate incidents
• Perform change monitoring

Course Content:

1. IDS Traffic Analysis vs. Packet Analysis
2. Behavior Designation
3. Compromise Identifiers and False Positive Differentiation
4. Compromise Escalation
5. Malicious Code Differentiation
6. Anti-Virus Deployments
7. Anti-Virus Monitoring and Malicious Code Identification
8. Malicious Code Remediation
9. Incident Identification
10. Initial Incident Identifiers
11. Incident Event Collection
12. Identifying Established Baselines
13. Event Characteristic Capture
14. Attack Intent Assessment
15. System Exposure Analysis and Change Identification
16. Attack Timeline Construction
17. Attack Documentation
18. Event Escalation
19. Support Role Designation and Action
20. Incident Response Report Generation


Lab 1: Network Traffic and Log Comparison
Lab 2: Log Qualification
Lab 3: Event Comparison
Lab 4: Threat Identification
Lab 5: Anti-Virus Deployment
Lab 6: Anti-Virus Utilization
Lab 7: Containment and Eradication
Lab 8: Traffic Analysis Threat Identification
Lab 9: Threat and Incident Component Evaluation
Lab 10: Traffic and Log Assessment and Analysis
Lab 11: Baseline Output Comparison
Lab 12: Packet Character Observation
Lab 13: Compromise Indicators
Lab 14: Traffic Analysis
Lab 15: Timeline Creation
Lab 16: Incident Report Generation
Lab 17: Incident Management Register Comparison
Lab 18: Incident Escalation Report Generation

Request More Information

Time Frame: 0-3 Months4-12 Months

No Comments Yet.

Leave a comment