Bundle: CSX Cybersecurity Practitioner (CSX-P) Certification Suite

In-depth training on CSX-P concepts and applications that prepares you for the CSX-P exam (included).

Difficulty: Multilevel CSF Domain: All domains

$1,850.00

Price represents the non member rate.

Buy Now
or pay later by invoice

The CSX Cybersecurity Practitioner (CSX-P) Certification Suite allows individuals to purchase the training and exam at the same time at a reduced rate! Through purchasing the bundle, individuals will gain access to the full prep course and receive a voucher for the exam!


Training Description

The CSX Cybersecurity Practitioner Certification Prep Course provides students with 6 months of access to informative lessons and in-depth, skills-based labs to hone their technical cybersecurity skills and prepare for the [CSX Cybersecurity Practitioner Certification Exam]. Upon completion of each lab, students are provided a detailed analytic report, identifying student strengths and weaknesses. Additionally, as students complete the course, they are awarded continuing professional education (CPE) credits which are applicable to the maintenance of their professional certifications.

Continuing Professional Education (CPE) Credit Count: 48

Content

Lesson Network Infrastructure and Digital Assets

  • Network infrastructure analysis
  • Digital asset analysis

Lab/Instructional Asset Identification

Understanding how to perform basic asset identification is an important skill for any cybersecurity practitioner. Leveraging Nmap, students will learn how to scan a network and ascertain the identity of computers for which they are responsible.

Lesson Network Topology and Data Flow Analysis

  • Network topology construction
  • Network topology diagrams
  • Data flow identification and mapping
  • Tools used to construc a network topology diagram
  • Tools used to identify data flow

Lab/Instructional Data Flow Identification

In order to capture and analyze data flow, it is important to understand how to use Wireshark and Tshark, two critical tools in the packet analysis field. This lab uses these tools to map endpoints on the network.

Lesson Security Reviews and Gap Identifications

  • Importance of security reviews
  • Gap analysis and its usage

Lab/Instructional Enterprise Asset Identification

In addition to small networks, it is also just as important to practice working with large networks. Using nmap and zenmap, students will identify assets on an enterprise network in order to build a topology.

Lesson Security Policy and Procedure Development

  • Security policies and procedures
  • NDevelopment processes for policies and procedures

Lab/Instructional Data Flow Analysis

In this lab, students will be identifying packets with Wireshark. Due to the fact that data loss is a prevalent aspect of technology, we will need to recover the packet identification data using the tool Foremost.

Lab/Instructional Enterprise Data Flow Analysis

Since Wireshark cannot handle large amounts of data, students will be using SiLK for this lab. SiLK is a command line network protocol analyzer to help students map out endpoints within a network.

Lesson Regulation and Legal Impact

  • Information sharing
  • Importance of understanding legal and regulatory requirements

Lesson Threat Modeling

  • Information sharing
  • Elements of threat modeling

Lab/Challenge Identify Challenge

In this lab students will utilize their skills learned during the Identify module to map their network and identify an attack on a local machine.

Lesson Vulnerability Testing

  • Vulnerability scanning
  • Vulnerability scanning personnel
  • Vulnerability scanning tools

Lesson Security Tools and Systems

  • Configuring monitoring systems and alert criteria
  • Implementing, configuring, and monitoring security tools and systems
  • Developing use cases for security monitoring

Lab/Instructional Firewall Setup

In this lab, students will create firewall rules for a pfSense firewall based on their networks layout.

Lesson Incident Response Plans

  • Incident response plan development
  • Incident response plan testing

Lesson Security and Business Functions

  • Incorporation of security considerations into business functions
  • Monitoring user access, privileges, and permissions
  • Monitoring compliance with security procedures and requirements
  • Development of security training

Lab/Instructional Backup

In this lab, students will create a Windows restore point and backup Linux servers from a baseline functioning.

Lesson Security Configuration Evaluation

  • Evaluating security configurations against established configuration standards and baselines

Lab/Instructional File System Protections

In this lab, students will learn how to set file permissions on a Windows Server as well as an Ubuntu machine.

Lab/Instructional OS Baseline

In this lab, students will get more practice with MBSA, as well as be introduced to the Linux Tiger IDS.

Lab/Challenge Protect Challenge

In this lab, students will utilize skills learned during the Protect module to complete a challenge.

Lesson Event and Incident Identification

  • Assessing threat level and potential impact of anomalous behavior and security events
  • Researching, analyzing, and correlating system activity and security events
  • Monitoring and analyzing outputs from security tools, systems, and logs

Lab/Instructional SecOnion Setup and Testing

In this lab, students will set up a standalone Security Onion Server and explore and test its functionality.

Lab/Instructional Snort Rules

In this lab, students will learn to construct simple SNORT rules and use Kibana to conduct post-attack analysis.

Lab/Instructional Event Detection

An investigation is needed for an intrusion detection system alert. It is up to you to find out what is occurring in the network.

Lesson Malicious Activity Analysis

  • Analyzing malicious activity to determine weaknesses and exploitation methods

Lab/Instructional Data and Network Analysis

In this lab, students will use WireShark to conduct a live packet capture while they are under attack. Using WireShark, students will identify the attackers IP, type of attack, and isolate anomalous packets related to the attack,

Lab/Instructional Vulnerability Analysis

This lab focuses on the security of the local area network. Vulnerability scans are key when maintaining strong security within a network. In this lab, vulnerability assessments will be conducted.

Lab/Challenge Detect Challenge

In this lab, students will utilize skills learned during the Detect module to complete a challenge.

Lesson Incident Notification and Containment

  • Notifying appropriate incident response teams according to established protocols
  • Identifying and implementing appropriate containment measures, countermeasures, and corrective actions

Lab/Instructional Incident Correlation

SecOnion has reported a possible threat to the network. Investigate the tripped SNORT rule and the system logs of the possible affected systems via Kibana.

Lesson Evidence Collection and Technical Analysis

  • Collecting and preserving digital evidence according to relevant regulations and laws
  • Conducting post-incident analysis
  • Communicating and documenting notifications and outcomes of incident response

Lab/Instructional Network Forensics

After snort reported a network issue, conduct network forensics on the compromised system to identify and isolate the possible malware.

Lab/Instructional Malware Investigation and Evaluation

This lab utilizes various tools (ClamAV, strings, PDF Parser, and PDF Toolkit), to not only investigate, but also evaluate, possible malware that has been attached to emails in the form of PDFs.

Lab/Instructional Notification Escalation

Properly document and preserve evidence of an attack, and notify the appropriate personnel in accordance with the Incident Response Plan.

Lab/Challenge Respond Challenge

Using Security Onion, SGUIL, Snort, SSH, and ClamAV, students will put their Respond domain skills to the test.

Lesson System Validation

  • Validating whether restored systems meet security requirements

Lab/Instructional Re-Imaging

In this lab, students will restore a Linux server from an image. Students will use Clonezilla in order to restore the Linux system to its baseline.

Lesson Post Incident Security Plan and Procedure Update

  • Updating security plans and procedures following incident response

Lab/Instructional Restore Points

In this labs, students will restore a Windows Server using the restore point created in Lab 2.2 "Restore and Backup".

Exam Description

The CSX Practitioner Certification (CSX-P) Exam has been updated to reflect the job tasks of today's cybersecurity practitioner.

Be recognized among the world’s most-qualified cybersecurity professionals with ISACA®’s award-winning CSX® Cybersecurity Practitioner Certification (CSX-P).

CSX-P remains the first and only comprehensive performance certification testing one’s ability to perform globally validated cybersecurity skills spanning five security functions – Identify, Protect, Detect, Respond, and Recover – derived from the NIST Cybersecurity Framework. CSX-P requires that candidates demonstrate critical cybersecurity skills in a live, proctored, virtual environment that assesses their analytical ability to identify assets and resolve network and host cybersecurity issues, by applying the foundational cybersecurity knowledge and skills required of an evolving cyber first responder.

Candidates are strongly encouraged to review the CSX-P Exam Content Outline prior to purchase.

Continuing Professional Education (CPE) Credit Count: 8 (2 CPEs per examination hour) when a passing score is achieved.

Exam Information