Advanced Cyber Security Analytics (ACSA)

Course Information

  • Duration: 5 Day / 40 Hours
  • Certification: Participants will receive a Certificate of Competency upon successfully completing the course and passing the examination
  • Who Should Attend: CTO, CSO, CISO, CIO, Security Head, System Analyst, Technologist, System Engineer, IT Professionals and Anyone seeking to acquire advanced knowledge on Cyber Security Analytics

Course Objective

Advanced Cyber Security Analytics (ACSA) is designed for anyone interested in acquiring the advanced knowledge and skills required to analyse the cyber security health of an organization

Pre-Requisite

It is preferred that participants have some prior experience in Cyber Security or successfully completed and received a Certificate of Competency in Cyber Security Essentials (CSE).

Examination

Participants are required to attempt an examination upon completion of course. This exam tests a candidate’s knowledge and skills related to Cyber Security based on the syllabus covered

Module 1 Risk Identification and Management

  • Importance of Risk Management
  • Changing Business Models
  • Learn to Calculate Risk
  • Assess and Avoiding Risk
  • Report Writing of Risk Assessment

  • Module 2 Governance and Managing IT Infrastructure

  • Corporate IT Governance and Strategy
  • IT Monitoring and Assurance Practices for Board and Senior Management
  • IT Governance Best Practice & Framework
  • Maturity and Process Improvement Models
  • Information Systems Acquisition, Development and Implementation

  • Module 3 Threat Landscape and Threat Modeling

  • Classify Threats and Threat Profiles
  • Implement Threat Modeling
  • Risks of Reconnaissance and Social Engineering

  • Module 4 Impact of Attacks of IT Infrastructure

  • Malware Attacks
  • System and Network Attacks
  • Remote and Web-Based Attacks
  • DoS / DDoS Attacks
  • Attacks on Mobile Security, Cloud Security and Vitalization Security

  • Module 5 Assess Command and Control Techniques

  • Handling Network Probes and Attacks
  • Assess Command and Control Techniques
  • Investigating Host Issues
  • Investigating Service and Application Issues

  • Module 6 Identity and Access Management

  • Threats to Identity and Access
  • Responsible Use of Assets
  • Physical and Logical Access Controls
  • Understanding Single Sign-On
  • Manage and Monitor User Life Cycle

  • Module 7 Network and System Auditing

  • Types of Audits
  • IT Audit Standards, Guidelines
  • IT Audit Techniques and Code of Ethics
  • Business Processes and Control Objectives
  • Audit Planning and Management

  • Module 8 Security Audits and Procedures

  • Security And Privacy Policies
  • Understanding Policy Documents
  • Complying with Laws and Regulations
  • Adopting a Standard Framework
  • Security Control Verification and Quality Control

  • Module 9 Identify and Mitigating through VAPT

  • Implement a Vulnerability Management Plan
  • Assess Common Vulnerabilities
  • Conduct VAPT Scans
  • Types and Phases VAPT
  • Analyzing VAPT Results and Report Writing

  • Module 10 Intelligence Data Collection and Analysis

  • Deploy a Security Intelligence Collection and Analysis Platform
  • Collect Data from Network-Based Intelligence Sources
  • Collect Data from Host-Based Intelligence Sources

  • Module 11 Deep Diving into Log Data

  • Common Tools to Analyze Logs
  • SIEM Tools for Analysis
  • Parse Log Files with Regular Expressions

  • Module 12 Performing Active Asset and Network Analysis

  • Incidents Analysis with Linux and Windows Based Tools
  • Malware Analysis
  • Identify Indicators of Compromise
  • End User Computing Security
  • Crisis Management Handling
  • Application Security Issues
  • Web Application Security

  • Module 13 DRP and BCP Practices

  • Business Impact of DRP
  • DR Plan, Maintenance and Testing
  • Understand to Handle Disaster Recovery
  • BCP Process, Components and Testing
  • Business Impact Analysis

  • Module 14 Incidents Investigation and Response Process

  • Deploy an Incident Handling and Response Architecture
  • Creating an Incident Response Team
  • Prepare and Apply a Forensic Investigation Plan
  • Securely Collect and Analyze Electronic Evidence
  • Analyzing Symptoms for Incident Response
  • Recovery and Post-Incident Response
  • Incident Eradication and Recovery

  • Module 15 Secure Software Development Lifecycle

  • Identity and Access Management Issues
  • Implement Security During the SDLC
  • OWASP Guidelines and Top 10

  • Module 16 Implementing Defence in Depth Security Architecture

  • Importance of Defence-in-Depth
  • Planing and Implementing Defence-in-Depth
  • Maintenance of Defence-in-Depth