You will:
- Understand the incident response process and how it is implemented in a cybersecurity operational context
- Demonstrate proficiency with the privacy and controls required in best practice cybersecurity operations, as detailed in NIST 800-53
- Prove capability with common security principles and best practice, such as Defense in Depth (DiD) and Least Privileges
- Possess a detailed knowledge and understanding of the MITRE ATT&CK Framework
- Identify how MITRE ATT&CK is used within a cybersecurity operational context and the benefits to the organization
- Recognize the cyber kill chain model, how it is used, and how it benefits security operations
- Explain the OWASP Top 10 and the typical vulnerabilities within each category
- Possess a fundamental knowledge and working understanding of networks and network security
- Display a fundamental knowledge and working understanding of Windows OS and Windows Security
- Demonstrate a fundamental knowledge and working understanding of Linux CLI and be able to use terminal to perform a variety of basic cybersecurity-related tasks and actions
- Perform basic log analysis using Linux CLI; Basic SIEM analysis using Splunk; Basic packet analysis using Wireshark; Basic incident response and investigations post-incident, such as validating SIEM, parsing and investigating Exfiltration