CompTIA

UOP-CYB500: Advanced CyberSecurity Concepts

(UOP-CYB500.AE2)
Lessons
Lab
TestPrep
AI Tutor (Add-on)
Get A Free Trial

Skills You’ll Get

Download Course Outline

1

Cybersecurity Analyst and Threat Intelligence

  • Cybersecurity Objectives
  • Privacy vs. Security
  • Evaluating Security Risks
  • Building a Secure Network
  • Secure Endpoint Management
  • Penetration Testing
  • Reverse Engineering
  • Efficiency and Process Improvement
  • The Future of Cybersecurity Analytics
  • Threat Data and Intelligence
  • Threat Classification
  • Applying Threat Intelligence Organizationwide
2

Security and Monitoring

  • Infrastructure Concepts and Design
  • Operating System Concepts
  • Logging, Logs, and Log Ingestion
  • Network Architecture
  • Identity and Access Management
  • Federation
  • Encryption and Sensitive Data Protection
  • Analyzing Network Events
  • Investigating Host-Related Issues
  • Investigating Service- and Application-Related Issues
  • Determining Malicious Activity Using Tools and Techniques
3

Reconnaissance, Intelligence Gathering, and Vulnerability Management

  • Mapping, Enumeration, and Asset Discovery
  • Passive Discovery
  • Identifying Vulnerability Management Requirements
  • Configuring and Executing Vulnerability Scans
  • Developing a Remediation Workflow
  • Overcoming Risks of Vulnerability Scanning
  • Vulnerability Assessment Tools
4

Vulnerability Scans, Security, and Controls

  • Reviewing and Interpreting Scan Reports
  • Validating Scan Results
  • Common Vulnerabilities
  • Analyzing Risk
  • Managing Risk
  • Implementing Security Controls
  • Threat Classification
  • Managing the Computing Environment
  • Software Assurance Best Practices
  • Designing and Coding for Security
  • Software Security Testing
  • Policies, Governance, and Service Level Objectives
5

Incident Response, Analysis, and Forensics

  • Security Incidents
  • Phases of Incident Response
  • Building the Foundation for Incident Response
  • Creating an Incident Response Team
  • Classifying Incidents
  • Attack Frameworks
  • Indicators of Compromise
  • Investigating IoCs
  • Evidence Acquisition and Preservation
  • Building a Forensics Capability
  • Understanding Forensic Software
  • Conducting Endpoint Forensics
  • Network Forensics
  • Cloud, Virtual, and Container Forensics
  • Post-Incident Activity and Evidence Acquisition
  • Forensic Investigation: An Example
6

Containment, Eradication, Recovery, Reporting, and Communication

  • Containing the Damage
  • Incident Eradication and Recovery
  • Validating Data Integrity
  • Wrapping Up the Response
  • Vulnerability Management Reporting and Communication
  • Incident Response Reporting and Communication

1

Cybersecurity Analyst and Threat Intelligence

  • Creating a Firewall Rule
  • Setting Up a Honeypot on Kali Linux
  • Enforcing Password Policies
2

Security and Monitoring

  • Installing Docker
  • Exporting the Windows File Registry
  • Installing the AD FS Role
  • Examining PKI Certificates
  • Performing a DoS Attack with the SYN Flood
  • Confirming the Spoofing Attack in Wireshark
  • Using Performance Monitor
  • Performing a Memory-Based Attack
  • Using Social Engineering Techniques to Plan an Attack
  • Capturing a Packet Using Wireshark
  • Examining Audited Events
  • Enabling Logging for Audited Objects
  • Using TCPdump to Capture Packets
  • Analyzing Malware Using Virustotal
  • Using Command-line Tools
3

Reconnaissance, Intelligence Gathering, and Vulnerability Management

  • Using the hping Program
  • Scanning the Local Network
  • Performing an Intense Scan in Zenmap
  • Using Shodan to Find Webcams
  • Using Recon-ng to Gather Information
  • Identifying Search Options in Metasploit
  • Performing Reconnaissance on a Network
  • Footprinting a Website
  • Using the whois Program
  • Using nslookup for Passive Reconnaissance
  • Making Syslog Entries Readable
  • Using the netstat Command
  • Performing Zone Transfer Using dig
  • Using OWASP ZAP
  • Consulting a Vulnerability Database
  • Conducting Vulnerability Scanning Using Nessus
  • Using Nikto
  • Performing Vulnerability Scanning Using OpenVAS
  • Performing Session Hijacking Using Burp Suite
4

Vulnerability Scans, Security, and Controls

  • Detecting Rootkits
  • Exploiting LFI and RFI Vulnerabilities
  • Exploiting a Website Using SQL Injection
  • Conducting CSRF Attacks
  • Defending Against a Buffer Overflow Attack
  • Understanding Local Privilege Escalation
  • Performing a MITM Attack
  • Attacking a Website Using XSS Injection
5

Incident Response, Analysis, and Forensics

  • Examining MITRE ATT&CK
  • Creating a Forensic Image with FTK Imager
  • Using EnCase Imager
  • Observing an MD5-Generated Hash Value
  • Observing a SHA256-Generated Hash Value
  • Analyzing Forensics with Autopsy
  • Cracking Passwords Using Cain and Abel
  • Finding Hard Drives on the System
  • Completing the Chain of Custody

Any questions?
Check out the FAQs

Still have unanswered questions and need to get in touch?

Contact Us Now

Related Courses

All Courses
We use cookies for improving site experience and analytics. Learn More