The Cybersecurity Nexus (CSX) Technical Foundations Series brings together three hands-on introductory courses and their associated certificate exams. Students will learn how to interpret and use packets in daily work, leverage Linux commands to understand their systems and networks, and secure networks they build and maintain. Additionally, students will have the opportunity to take the three affiliated certificate exams which apply to each course of study.
Once all three exams have been completed successfully, students automatically earn the CSX Technical Foundations Certificate.
Continuing Professional Education (CPE) Credit Count: Up to 80
Lesson What is Packet Analysis?
- Gain familiarization with the OSI model
- Understand the role of packets in online communications
- Identify when the application of packets is appropriate
- Understand the basic composition of a packet
Lesson Tools of the Trade
- Understand the basics of tapping the network
- Understand the options available for packet analysis software
- Demonstrate a basic understanding of Wireshark and its capabilities
Lesson Common Protocols
- Understand the definition of protocol
- Understand the definition of port
- Understand specific protocols which help conduct packet analysis
- Identify which protocols are helpful for device characterization
- Identify which protocols are helpful for network mapping
Lesson Data Manipulation
- Understand where to find packets
- Understand how to capture packets in Wireshark
- Understand how to filter certain types of data
Lab/Instructional Protocol Parsing
Students will leverage Wireshark to identify basic information from a packet capture.
Lab/Instructional ARP Analysis
Students will leverage Wireshark to identify dissect and understand ARP packets.
Lab/Instructional Initial Connection
Students will leverage Wireshark to identify dissect and understand the type of network activity associated with Internet Control Messaging Protocol (ICMP) and traceroute activity.
Lesson Device Characterization
- Understand what types of devices emit packets
- What unique identifiers those devices have
- How to find those unique emitters in a packet collection
- How to characterize those devices
Lab/Instructional Interesting Searches
Students will learn how to conduct packet analysis to identify the types of searches which devices are executing on their network.
Lab/Challenge Additional Pets
Based on what students have learned, thus far, they are challenged to conduct preliminary analysis on a provided packet capture in order to ascertain information about the device and individual using it.
Lab/Instructional GET Request and Response Dissection
Understanding the user-agent affiliated with devices allow analysts to assess what kind of devices are on their network of responsibility. This course will show students how to properly evaluate a user-agent and characterize a system. Additionally, it will illustrate how to gain contextual information from GET Requests and server responses.
Lab/Challenge Nefarious Employee
Using the skills learned thus far in the course, students will characterize the traffic and device of a potentially nefarious employee, suspected of selling company secrets.
Lab/Instructional Playing Around
This lab leverages all of the Wireshark filters and methods presented in the course thus far to show a student how to characterize network traffic and an individual on the network.
Lesson Wireless Packets
- Understand the wireless medium on a basic level
- Understand how to collect wireless packets
- Understand how to analyze wireless packets
Lab/Instructional Probe Request Analysis
This lab leverages demonstrates how to analyze a probe request. Students learn what key information can be pulled out of a probe request about a device and a wireless network.
Lab/Challenge Beacon Analysis
This lab leverages requires students to leverage the skills and filters learned in the probe request lab and use them to analyze a captured beacon packet.
Lesson Network Topology
- Understand how to map networks based off packet collection
- Corroborate dataflow and protocol usage
- Create a visual network map of the collected data
Lab/Instructional Network Topology
Understanding how to create a network map from a provided packet capture is important for individuals desiring to gain a better understanding of a network, but are prohibited from disrupting the network by introducing packets into the medium.
Lab/Instructional Wireless Network Topology
Using the skills you have learned so far, create a network topology (netmap) of the 192.168.1.0 network in the provided packet capture. Successful completion of the lab will demonstrate the comprehension of all labs up to this point.
Lesson Threat Analysis
- Understand specific threats against a network
- Comprehend unique traits inherent to defined threats
- Understand how to identify specific threats via packet analysis
Lab/Instructional Blaster Worm Analysis
Understanding how systems become infected and recognizing affiliated packets is an important skill for incident responders and IT personnel. In this lab, students will analyze a Blaster worm infection's affiliated packets.
Lesson Mobile Analysis
- Identify mobile devices via packet analysis
- Identify mobile apps via packet analysis
- Understand how these systems are inherently vulnerable
- Identify methods through which they may be exploited
Lab/Challenge Rouge AP and Mobile Analysis
Students will identify and characterize the rouge access point that is connected to a network of responsibility. They will also assess the traffic on the access point to determine what type of device is using it and what that device is doing.
Lesson Bringing it All Together
- Device Characterization
- Mobile Identification
- Wireless Assessment
- Attack Recognition
Lab/Challenge Complete Netmap and Device Characterization
Students will leverage all of the skills learned in this course to provide in-depth analysis of a provided capture. Final submissions will include a complete network topology and a fully characterized device.
Lesson Introduction to Linux
- Obtain an overview of Linux
- Understand what types of Linux exist
- Learn what constitutes a Linux variant
- Understand the shell
- Learn the basics of the Linux directory structure
Lab/Instructional Installing Linux
The start of the CLAC course, students will learn how to install and start using Linux Mint, a user-friendly operating system variant.
Lesson The Shell and Navigation
- Learn detailed information about the shell
- Identify key navigation commands
- Learn how to implement basic commands
Lab/Instructional Shell and Navigation
Students are introduced to basic commands which they can leverage in the Linux command line interface (CLI).
Lab/Challenge Files, Directories, and Information
Students are provided an opportunity to demonstrate their ability to execute basic Linux terminal commands and navigate different directories.
Lesson Files and Studio
- Learn about hard and symbolic links
- Implement more advanced commands
- Manipulate files and file contents
- Redirect the Linux Standard Input / Output
Lab/Instructional Files and Standard Input/Output
Students are introduced to the standard input and output capability of the Linux terminal and learn additional commands which will help them leverage Linux effectively.
Lab/Challenge Using STDIO
Students are presented with an opportunity to demonstrate their ability to leverage STDIO appropriately in a Linux environment.
Lesson CLI Tricks, User Management and Services
- Learn about bash history
- Utilize TAB-Autocomplete functionality
- Switch between consoles for multi-tasking
- Environment variables
- Add and remove users and groups
Lab/Instructional CLI Tricks
Students learn additional Linux terminal commands which better enable understanding of bash history and environment variables.
Lab/Instructional Services and Users
Students will learn the how user and group accounts work within the Linux environment and how they impact files and file permissions.
Lesson Networking in Linux
- Setup a NIC within the CLI
- Edit networking configuration files
- View routes and networking rules
- Monitor Network Functionality
Students learn various networking commands and gain a deeper understanding of the networking capabilities within Linux.
Lab/Challenge Users and Networking
Students will demonstrate their ability to leverage key Linux commands learned thus far in the course, creating users, variables, and network connections.
Lesson Package Management, Archives and Compiling
- Explore the aptitude package management system
- Use Aptitude to find, install, and remove packages
- Conduct file management with archive utilities
- Compile an executable
Lab/Instructional Package Management, Archives, and Compiling
Students learn how package managers function and how to compress and archive files using TAR. Additionally, they will learn how to compile source code.
Lesson Introduction to Networking Concepts
- Understand the OSI and DoD TCP/IP models
- Review commonly used ports and protocols
- Understand various network types
- Review network topologies and media types
Lab/Instructional Initial Configuration
Understanding how to configure a firewall and/or gateway for a first use instance is one of the most important elements of establishing a properly functioning network. In this lab, students will set up a pFsense configuration.
Lab/Instructional Router Familiarization
Without understanding the command line interface (CLI) or the graphical user interface (GUI) of an organization's gateway and/or firewall, cybersecurity analysts find themselves lost in confusion when an incident occurs. This lab will familiarize students with the CLI and GUI of pFsense, one of the preeminently used open-source firewalls available to organizations.
Lesson IP Addressing
- Learn the Internet Protocol addressing schemes
- Learn about subnet masks and class subnetting
- Review common IP address related protocols
Lab/Instructional Setting up a LAN and a WAN
Understanding the difference between a Wide Area Network (WAN) and Local Area Network (LAN) connection is pivotal to cybersecurity analysts and network engineer's alike. Regardless if an individual is an incident responder or a help-desk technician, it is important to understand the different types of networks and how they impact an organization. In this lab, students will set up and conduct basic configuration of a WAN and LAN interface on a gateway.
Lab/Instructional Connecting Clients
Cybersecurity professionals understand that most clients do not magically connect to a network unless Dynamic Host Configuration Protocol (DHCP) is involved. Even then, the use of DHCP needs to be established at key points within a network and requires configuration. In this lab, students will work to ensure that clients are able to connect to a network properly.
Lab/Challenge Establishing a Network
Cybersecurity professionals should be able to set up and backup their router and firewall configurations in the event of an incident. Ensuring that these backups are on hand is pivotal, yet, more important is that they exist in the first place. Students will implement what they have learned thus far to ensure that a network is established and a backup of it is secured.
Lesson Network Threats and Response
- Security weaknesses of networks
- Identification of threats and vulnerabilities
- Security assessments and testing
- Common threat types
- Tools used to monitor and protect network assets
Lesson Security Mechanisms
- Learn the importance of network security mechanisms
- Identify and implement various system hardening techniques
- Determining security that meets your needs
- Identify commonly targeted entry points
Lab/Instructional Basic Configuration
Simply providing connectivity to an organization is insufficient when considering cybersecurity implications. Ensuring that a firewall is properly configured will guarantee a higher degree of safety when organizational users access to network resources. In this lab, students will learn how to navigate a firewall interface to establish appropriate protection mechanisms for organizational users.
Lab/Instructional Port Forwarding and VPN Setup
Many organizations make use of virtual private networks (VPNs) to protect data coming into and leaving the network. Many remote workers, for example, rely on VPNs to ensure that they can securely work on a corporate network from a distance. In this lab, students will set-up and perform preliminary configuration of an organizational VPN.
Lab/Instructional Exploitation Identification and Response
Identifying when an exploitation is on a network is one of the key abilities which separates a cybersecurity professional from other IT work roles. Identifying when an exploit is sending data out of a network of responsibility and stopping the data leakage ensures that organizations can safely commence disaster recovery proceedings without losing additional data. In this lab, students will learn how to identify and block an exploitation on their network of responsibility.
Lesson Backup and Recovery
- Understand the importance of network availability
- Identify common issues that must be overcome
- Review a variety of storage approaches
- Understand the importance of patch and update management
Lab/Challenge Detecting, Responding, Recovering from a Network Attack
Students have learned a myriad of networking skills throughout this course and this final challenge will require them to critically apply all of their newfound talents to an incident occurring on their network of responsibility.
Exams Exam List
Affirm your skills and prove your abilities to perform packet analysis, network configuration, and Linux application.
Take the exam after each course to obtain all three of
ISACA’s technical foundations certificates, which culminate in awarding the techncial foundations certificate:
CSX Network Application and Configuration Certificate
CSX Linux Application and Configuration Certificate
CSX Packet Analysis Course Certificate