Operations and Incident Response for CompTIA Security+

سرفصل های دوره

Experiencing a cyber event is not a question of if, but of when. This course will teach you the skills necessary to assess organizational security and respond to various cyber-related incidents.

1. Course Overview

1. Course Overview

02. Implementing Appropriate Tools to Assess Organizational Security

01. Module Overview

02. Traceroutetracert

03. nslookupdig

04. ipconfigifconfig

05. nmap and nmap demo

06. Ping and Pathping

07. hping and hping demo

08. Netstat

09. netcat

10. IP Scanners

11. ARP

12. Route

13. Curl and Curl Demo

14. TheHarvester and Demo

15. Sn1per and Demo

16. Scanless and Demo

17. DNSenum

18. Nessus and Cuckoo

19. File Manipulation (Head, Tail, Cat, GREP and Logger)

20. CHMOD

21. Shell and Script Environments (SSH, PowerShell, Python and O

22. Packet Capture and TCPDump Demo

23. Forensics

24. Exploitation Frameworks

25. Data Sanitization Tools

26. Module Review

03. Applying Policies, Processes and Procedures for Incident Response

01. Module Intro

02. Who Should Watch this Course

03. Team Models

04. Incident Response Process

05. Preparation

06. Detection and Analysis

07. Stopping the Spread

08. Defining Goals and Expected Outcomes

09. Test the Plan

10. Walkthrough Tests

11. Communication Tests

12. Simulation (Tabletop) Tests

13. Partial Exercise

14. Full Exercise

15. Overall Cost and Complexity of Testing

16. Plan Review and Maintenance

17. Review Process Outcomes

18. Wired Brain Coffees Testing

19. Intelligence Lifecycle

20. Threat Intelligence Lifecycle

21. Cyberthreat Intelligence Frameworks

22. Cyber Kill Chain

23. Diamond Model

24. MITRE Attack Framework

25. Key Points to Remember

26. Types of Plans

27. Disaster Recovery Plan

28. Business Continuity Plan

29. Business Resumption Plan

30. Incident Management Plan

31. Data Retention

32. Putting It All Together

33. Example Process

04. Implementing Appropriate Data Sources to Support an Investigation

01. Module Intro

02. Filtering Through the Noise

03. Vulnerability Scanner Demo

04. SIEM

05. Log Files

06. Log Management, Syslog, Rsyslog, and Syslog-ng

07. Journalctl

08. NXLOG

09. Retention (Auditing, Compliance and Investigations)

10. Bandwidth Monitors

11. Metadata

12. Netflow, sFlow, and IPFIX

13. Detecting an Amplification Attack (ICMP echo)

14. Protocol Analyzer Output

05. Implementing Mitigation Techniques to Secure an Environment

01. Module Intro

02. Application WhitelistingBlacklisting

03. Quarantine

04. Firewalls

05. Demo - Configuring Firewall Rules

06. Mobile Device Management

07. Using MDM to Locate and Secure and Lost Device

08. DLP, Content FiltersURL Filters and UpdatingRevoking Certificates

09. Segregation, Segmentation and Isolation

10. Virtualization

11. Air Gaps

12. Securing the Environment using Isolation, Containment and Segment

13. SOAR and RunbooksPlaybooks

06. Understanding the Key Aspects of Digital Forensics

01. Module Overview

02. Computer Forensics

03. Order of Volatility

04. Chain of Custody

05. Legal Hold

06. First Responder Best Practices

07. Capture a System Image

08. Network Traffic and Logs

09. Capturing Video

10. Record Time Offset

11. Taking Hashes

12. Screenshots

13. Witnesses

14. Preservation of Evidence

15. Recovery

16. Strategic Intelligence Counterintelligence Gathering

17. Data Integrity

18. Non-repudiation

19. On-prem vs. Cloud Challenges and Right to Audit

20. Regulatory Jurisdictional Issues

21. Data Breach Notification Laws

54,900 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: PluralSight