CompTIA

CYB-400 Cybersecurity Operations Incident Response & Digital Forensics

(AIUS-CYB-400-V2.AE2)
Lessons
Lab
TestPrep
AI Tutor (Add-on)
Get A Free Trial

Skills You’ll Get

Download Course Outline

1

Security Operations 

  • Cybersecurity Objectives
  • Privacy vs. Security
  • Evaluating Security Risks
  • Building a Secure Network
  • Secure Endpoint Management
  • Penetration Testing
  • Reverse Engineering
  • Efficiency and Process Improvement
  • The Future of Cybersecurity Analytics
  • Infrastructure Concepts and Design
  • Operating System Concepts
  • Logging, Logs, and Log Ingestion
  • Network Architecture
  • Identity and Access Management
  • Federation
  • Encryption and Sensitive Data Protection
  • Analyzing Network Events
  • Investigating Host-Related Issues
  • Investigating Service- and Application-Related Issues
  • Determining Malicious Activity Using Tools and Techniques
2

Threat Intelligence, Reconnaissance and Intelligence Gathering

  • Threat Data and Intelligence
  • Threat Classification
  • Applying Threat Intelligence Organizationwide
  • Mapping, Enumeration, and Asset Discovery
  • Passive Discovery
3

Vulnerability Scans Management

  • Identifying Vulnerability Management Requirements
  • Configuring and Executing Vulnerability Scans
  • Developing a Remediation Workflow
  • Overcoming Risks of Vulnerability Scanning
  • Vulnerability Assessment Tools
  • Reviewing and Interpreting Scan Reports
  • Validating Scan Results
  • Common Vulnerabilities
4

Incident Response and Management

  • Analyzing Risk
  • Managing Risk
  • Implementing Security Controls
  • Threat Classification
  • Managing the Computing Environment
  • Software Assurance Best Practices
  • Designing and Coding for Security
  • Software Security Testing
  • Policies, Governance, and Service Level Objectives
  • Security Incidents
  • Phases of Incident Response
  • Building the Foundation for Incident Response
  • Creating an Incident Response Team
  • Classifying Incidents
  • Attack Frameworks
  • Indicators of Compromise
  • Investigating IoCs
  • Evidence Acquisition and Preservation
5

Reporting and Communication

  • Containing the Damage
  • Incident Eradication and Recovery
  • Validating Data Integrity
  • Wrapping Up the Response
  • Vulnerability Management Reporting and Communication
  • Incident Response Reporting and Communication
  • Building a Forensics Capability
  • Understanding Forensic Software
  • Conducting Endpoint Forensics
  • Network Forensics
  • Cloud, Virtual, and Container Forensics
  • Post-Incident Activity and Evidence Acquisition
  • Forensic Investigation: An Example

1

Security Operations 

  • Creating a Firewall Rule
  • Setting Up a Honeypot on Kali Linux
  • Enforcing Password Policies
  • Installing Docker
  • Exporting the Windows File Registry
  • Installing the AD FS Role
  • Examining PKI Certificates
  • Performing a DoS Attack with the SYN Flood
  • Confirming the Spoofing Attack in Wireshark
  • Using Performance Monitor
  • Performing a Memory-Based Attack
  • Using Social Engineering Techniques to Plan an Attack
  • Capturing a Packet Using Wireshark
  • Examining Audited Events
  • Enabling Logging for Audited Objects
  • Using TCPdump to Capture Packets
  • Analyzing Malware Using Virustotal
  • Using Command-line Tools
2

Threat Intelligence, Reconnaissance and Intelligence Gathering

  • Using the hping Program
  • Scanning the Local Network
  • Performing an Intense Scan in Zenmap
  • Using Shodan to Find Webcams
  • Using Recon-ng to Gather Information
  • Identifying Search Options in Metasploit
  • Performing Reconnaissance on a Network
  • Footprinting a Website
  • Using the whois Program
  • Using nslookup for Passive Reconnaissance
  • Making Syslog Entries Readable
  • Using the netstat Command
  • Performing Zone Transfer Using dig
3

Vulnerability Scans Management

  • Using OWASP ZAP
  • Consulting a Vulnerability Database
  • Conducting Vulnerability Scanning Using Nessus
  • Using Nikto
  • Performing Vulnerability Scanning Using OpenVAS
  • Performing Session Hijacking Using Burp Suite
  • Detecting Rootkits
  • Exploiting LFI and RFI Vulnerabilities
  • Exploiting a Website Using SQL Injection
  • Conducting CSRF Attacks
  • Defending Against a Buffer Overflow Attack
  • Understanding Local Privilege Escalation
  • Performing a MITM Attack
  • Attacking a Website Using XSS Injection
4

Incident Response and Management

  • Examining MITRE ATT&CK
  • Creating a Forensic Image with FTK Imager
5

Reporting and Communication

  • Using EnCase Imager
  • Observing an MD5-Generated Hash Value
  • Observing a SHA256-Generated Hash Value
  • Analyzing Forensics with Autopsy
  • Cracking Passwords Using Cain and Abel
  • Finding Hard Drives on the System
  • Completing the Chain of Custody

Any questions?
Check out the FAQs

Still have unanswered questions and need to get in touch?

Contact Us Now

Related Courses

All Courses
We use cookies for improving site experience and analytics. Learn More