Aspire Journeys

Security Threat Intelligence

  • 22 Courses | 25h 27m 27s
  • 1 Lab | 8h
Likes 36 Likes 36
Welcome to the Security Threat Intelligence Journey, where you will discover how to protect an organization from both external and internal threats using processes and tools to gather and analyze information.

Track 1: Security Threat Intelligence

In this Skillsoft Aspire track of the Security threat Intelligence journey, the focus will be on security programming, malware removal, network survey & extractions, defensive CyberOps, network & host analysis, forensic analysis, and threat intelligence & attribution best practices.

  • 22 Courses | 25h 27m 27s
  • 1 Lab | 8h

COURSES INCLUDED

Introduction to Cyber Operations
Cyber operations is evolving with the trend now focused on performing defensive and offensive security tasks to help assess the security posture of many government agencies and help prevent attacks. In this course, you'll explore the difference between Defensive Cyber Operations (DCO) and Offensive Cyber Operations (OCO), as well as the tasks performed by each. You'll also learn about the Cyber Operations Cycle and its phases, and the responsibilities of each role member of the offensive and defensive teams.
12 videos | 58m
has Assessment available Badge
Security Programming: Command Line Essentials
This 14-video course explores how to navigate a Linux command-line environment by showing learners how to use its most common tools, including text editing and processing, file monitoring and comparison, and package management. You will examine the common properties of the command line environment, including the bash shell, its properties, and the features of the PowerShell environment. This course next demonstrates how to perform text editing using commands such as nano; how to use the Linux EI library, Linux ED text editor; and text processing using commands such as sed awk, and cut. You will learn how to perform repeat actions, and the bash shell history, and perform process control tasks such as PS and kill. Then learn how to use the command line to schedule jobs, perform file and command monitoring, and perform file comparison using the diff command. Finally, this course demonstrates how to redirect the inputs and outputs of commands and files, and perform package management tasks by using the apt command.
14 videos | 1h
has Assessment available Badge
Security Programming: Code Identification
Learners can explore code recognition of various programming languages used in security applications, and security exploits, including Python, C, C++, and SQL, in this 14-video course. You will examine common programming paradigms, and learn how to classify them based on their features. Then you will learn how to identify Bash and Python scripts. Next, learners will examine the similarities and differences of C# compared to the C and C++ languages, and regular expressions in typical regex engines. You will learn how to identify PowerShell scripts based on their features, and how to identify the elements of a SQL statement, and how to use SQLite, a tool to manage local databases in file form without servers. This course continues by examining common security vulnerabilities in code that can lead to exploits. You will learn how to identify the structure of common executable formats based on their binary signatures. Finally, this course demonstrates how to verify the integrity of a downloaded file based on its hash value.
14 videos | 1h
has Assessment available Badge
Security Programming: Scripting Essentials
This 14-video course explores the basic elements of Bash and Python scripting by examining differences between the elements of a scripting language and a full-fledged computer program. In this course, learners examine how to use and set variables, to use conditional statements in both Bash scripts and a Bash shell, and to use important built-in variables in Bash. You will learn how to use the for, while, and until loops in a bash script, and create custom functions in Bash scripts. Next, learners will examine Python scripting language. This course then demonstrates how to work with variables, and conditional statements in Python scripts. You will watch demonstrations of how to use the for and while loops statements in a Python script, and how to create custom functions in a Python script. You will learn how to import external modules, and how to read and write in a Python script. Finally, you will learn how to perform file operations and make URL requests in Python scripts.
14 videos | 1h
has Assessment available Badge
Security Programming: System Essentials
In this 14-video course, learners will explore how Linux-based systems operate, communicate, and manage the underlying information they contain. Begin by examining management and monitoring tools available in Unix and Linux environments. Then learn to work with user accounts and domain names, and learn how to monitor user and system activity. You will learn how to securely connect to remote servers by using secure shell (SSH), and how to work with user accounts. This course examines elements of both an Internet Protocol routing table and a network interface, and demonstrates how to perform Domain Name System lookups. Learners will examine log files for monitoring critical events on a Linux system and use the PS command to retrieve process information. You will learn how to retrieve disk usage, partition information, and directory contents of a Linux system, and how to monitor both user and system activity on a Linux system. Finally, this course demonstrates how to configure time and date services and explore system configurations in the /etc folder of a Unix system.
14 videos | 1h
has Assessment available Badge
Malware Removal: Identifying Malware Types & Classification Approaches
Knowing how to respond to malware incidents is a critical skill for security professionals, and the first step to achieving malware response skills is understanding the types of malware you will face in the field. In this course, you'll explore different types of malware such as worms, Trojan viruses, botnets, ransomware, and rootkits. You'll then round out your knowledge by identifying the different methods used to classify a virus and determine its potential impact.
8 videos | 29m
has Assessment available Badge
Malware Removal: Analyzing an Infected System
Familiarization with the different types of malware analysis and the tools used to analyze malware is a critical skill for IT security professionals. In this course, you'll explore the characteristics of malware and the impact the malware has on the infected system. You'll learn how to identify different malware analysis techniques, such as static and dynamic malware analysis, to discover activities performed by malware. You'll also examine some of the tools used to perform both static and dynamic malware analysis and how to use a disassembler to view malware code.
13 videos | 1h
has Assessment available Badge
Malware Removal: Remediating an Infected System
Understanding what tools to use to recover a system after it is infected with malware is a critical skill. In this course, you'll explore the symptoms of virus infected systems and best practices for malware removal. You'll learn about different remediation approaches for different types of malware. You'll also look at some of the tools used to remove and recover systems after they have been infected such as the Windows Malicious Software Removal Tool, the Windows repair options, and how to restore a system image backup.
12 videos | 54m
has Assessment available Badge
Malware Removal: Reporting Findings & Preventing Future Infections
Knowing how to respond to a malware incident and who to report the malware incident to is critical to a timely response. In this course, you'll learn key steps for responding to malware incidents, as well as how to identify key persons to report the malware incident to and steps to take to help prevent future malware incidents.
7 videos | 32m
has Assessment available Badge
Network Survey & Extraction: Network Analysis
Knowing what devices and services are running on a network is an essential part of computer security. Being able to effectively scan a network is the first step in securing it. In this course, you'll learn how to discover and analyze networks through scanning. First, you'll explore common network scanning tools, how to identify network vulnerabilities, and how to perform reverse IP lookup. You'll then move on to learn how to identify services and operating systems, and about scanning techniques such as UDP, stealth, connect, zombie, and ARP scanning.
14 videos | 1h
has Assessment available Badge
Network Survey & Extraction: Network Monitoring
Developing techniques to scan and monitor networks is a process of discovery. Being able to continuously monitor or schedule regular tests for vulnerabilities is part of the ongoing battle of network security. In this course, you'll learn to test and take inventory of network hosts so you can monitor more effectively. First, you'll examine methods for actively monitoring and collecting data, as well as strategies for reporting and sharing results. You'll then move on to tools to catalog, compare, filter, and test services, so that any anomaly can be picked up in your scanning activities.
14 videos | 57m
has Assessment available Badge
Network & Host Analysis: Protocol Analysis
Wireshark is the de facto tool for network protocol analysis. The ability to live capture, deeply inspect, filter, decrypt, and export network data comprises Wireshark's feature-rich capabilities. In this course, you'll examine the vital elements of network protocol analysis and learn how to reap the benefits of Wireshark's features. You'll start by exploring some common network analysis patterns. You'll then outline the Open Systems Interconnection (OSI) reference model. Next, you'll differentiate between passive and active network scanning. Moving on, you'll use Wireshark to capture and filter network traffic and customize packet capturing. Finally, you'll use Wireshark to save and then export packet captures, apply highlighting rules, extract files, configure profiles, apply display filters, and implement advanced capture and display filtering.
14 videos | 1h
has Assessment available Badge
Network & Host Analysis: Network Protocols
The ability to filter based on the protocols in use over a network gives a window into how it is used. Knowing what good and bad traffic looks like and identifying unencrypted traffic and potential avenues for security compromise is essential. In this course, you'll apply various filters to network traffic using Wireshark and explore factors to look out for based on the protocol being examined. You'll learn to filter DHCP and DNS traffic. You'll differentiate between TCP, UDP, ICMP, and ARP traffic. You'll watch insecure protocols like POP, IMAP, Telnet, and FTP. You'll examine what can be discovered by looking at secure traffic over SSH and HTTPS and secure POP and IMAP variants. Finally, you'll examine IPv6 packets.
14 videos | 1h
has Assessment available Badge