Final Exam: Security Threat Intelligence

IT Security
  • 1 Video | 30m 32s
  • Includes Assessment
  • Earns a Badge
Final Exam: Security Threat Intelligence will test your knowledge and application of the topics presented throughout the Security Threat Intelligence track of the Skillsoft Aspire Security Threat Intelligence Journey.

WHAT YOU WILL LEARN

  • apply DNS filters and examine DNS queries in Wireshark
    capture and examine HTTP traffic using Wireshark
    change file and folder permissions from a Bash script
    compare and use conditionals in C and C++
    connect to a remote server securely using ssh
    create custom functions in a Python script
    create loops in PowerShell
    create, modify, and delete user accounts in a Linux system
    define what is involved in risk analysis and risk modeling as they relate to threat intelligence and outline the FAIR risk model and framework
    demonstrate how to create a password policy on a Windows workstation to prevent dictionary attacks
    demonstrate how to implement an account lockout policy to stop brute force attacks
    demonstrate how to implement full disk encryption with BitLocker
    demonstrate techniques to harden Windows DNS Servers
    demonstrate the use of packet capturing to gain intelligence from an attack
    describe and compare the different types of DCO missions
    describe common security vulnerabilities in code that can lead to exploits
    describe how machine learning can improve threat intelligence
    describe how SIEMs are used to detect threat activity
    describe how to gather digital evidence, including identification, collection, acquisition, and preservation
    describe malware cyber threats and how reverse engineering malware can lead to attribution
    describe symptoms of an infected system
    describe the command processing capabilities and environment of the Bash shell
    describe the common features and properties of command line environments
    describe the function and characteristics of the NetFlow and IPFIX network flow protocols
    describe the Open Systems Interconnection (OSI) model for network communications
    describe the operations of DCO in terms of missions, actions, and forces
    describe when and how to use threat intelligence, including before, during, and after an attack
    differentiation between attribution types such as machine, human, adversary
    discuss common BIOS/UEFI settings that are used to help secure the system
    discuss common techniques to secure the file system
  • identify bash scripts based on their features
    identify different types of malware attacks
    identify different types of PowerShell cmdlets and objects
    identify key steps when responding to malware incidents
    identify network endpoints from captured network traffic using Wireshark
    identify the phases of the Cyber Operations Cycle
    identify the roles and responsibilities of OCO team members and how they interact within the cyber operations cycle
    implement the for and while loops in a Python script
    inspect the static properties of malware
    install ELK stack in preparation for it to serve as a SIEM for Suricata
    navigate ELK Stack's Kibana dashboards for SIEM use when connected to Suricata
    outline how to gather digital evidence, including identification, collection, acquisition, and preservation
    outline the Open Systems Interconnection (OSI) model for network communications
    perform ARP scans to find hidden hosts on a network
    perform DNS host discovery
    perform requests with netcat and other tools to pull banner information from services
    provide an overview of malware cyber threats and how reverse engineering malware can lead to attribution
    recognize best practices for removing malware
    recognize common malware characteristics at the Windows API level (registry manipulation, keylogging, HTTP communications, droppers)
    recognize different tools used for network scanning
    recognize the importance of audit logs for security
    recognize the importance of identifying and preserving forensic artifacts and list common errors when dealing with digital evidence
    recognize the use of various baselines for network management
    recognize why intrusion detection is the heart of threat intelligence and outline the kill chain and diamond models of analysis
    set variables in a Bash script
    use and set variables in a Bash script
    use loops in C and C++
    use the for and while loops in a Python script
    use the for, while, and until loops in a Bash script
    use the for, while, and until loops in a Bash script

IN THIS COURSE

  • Playable
    1. 
    Security Threat Intelligence
    33s
    UP NEXT

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE