Aspire Journeys

Security Threat Intelligence

  • 22 Courses | 22h 51m 48s
  • 1 Lab | 8h
Welcome to the Security Threat Intelligence Journey, where you will discover how to protect an organization from both external and internal threats using processes and tools to gather and analyze information.

Track 1: Security Threat Intelligence

In this Skillsoft Aspire track of the Security threat Intelligence journey, the focus will be on security programming, malware removal, network survey & extractions, defensive CyberOps, network & host analysis, forensic analysis, and threat intelligence & attribution best practices.

  • 22 Courses | 22h 51m 48s
  • 1 Lab | 8h


Introduction to Cyber Operations
Cyber operations is evolving with the trend now focused on performing defensive and offensive security tasks to help assess the security posture of many government agencies and help prevent attacks. In this course, you'll explore the difference between Defensive Cyber Operations (DCO) and Offensive Cyber Operations (OCO), as well as the tasks performed by each. You'll also learn about the Cyber Operations Cycle and its phases, and the responsibilities of each role member of the offensive and defensive teams.
12 videos | 53m has Assessment available Badge
Security Programming: Command Line Essentials
This 14-video course explores how to navigate a Linux command-line environment by showing learners how to use its most common tools, including text editing and processing, file monitoring and comparison, and package management. You will examine the common properties of the command line environment, including the bash shell, its properties, and the features of the PowerShell environment. This course next demonstrates how to perform text editing using commands such as nano; how to use the Linux EI library, Linux ED text editor; and text processing using commands such as sed awk, and cut. You will learn how to perform repeat actions, and the bash shell history, and perform process control tasks such as PS and kill. Then learn how to use the command line to schedule jobs, perform file and command monitoring, and perform file comparison using the diff command. Finally, this course demonstrates how to redirect the inputs and outputs of commands and files, and perform package management tasks by using the apt command.
14 videos | 56m has Assessment available Badge
Security Programming: Code Identification
Learners can explore code recognition of various programming languages used in security applications, and security exploits, including Python, C, C++, and SQL, in this 14-video course. You will examine common programming paradigms, and learn how to classify them based on their features. Then you will learn how to identify Bash and Python scripts. Next, learners will examine the similarities and differences of C# compared to the C and C++ languages, and regular expressions in typical regex engines. You will learn how to identify PowerShell scripts based on their features, and how to identify the elements of a SQL statement, and how to use SQLite, a tool to manage local databases in file form without servers. This course continues by examining common security vulnerabilities in code that can lead to exploits. You will learn how to identify the structure of common executable formats based on their binary signatures. Finally, this course demonstrates how to verify the integrity of a downloaded file based on its hash value.
14 videos | 1h 8m has Assessment available Badge
Security Programming: Scripting Essentials
This 14-video course explores the basic elements of Bash and Python scripting by examining differences between the elements of a scripting language and a full-fledged computer program. In this course, learners examine how to use and set variables, to use conditional statements in both Bash scripts and a Bash shell, and to use important built-in variables in Bash. You will learn how to use the for, while, and until loops in a bash script, and create custom functions in Bash scripts. Next, learners will examine Python scripting language. This course then demonstrates how to work with variables, and conditional statements in Python scripts. You will watch demonstrations of how to use the for and while loops statements in a Python script, and how to create custom functions in a Python script. You will learn how to import external modules, and how to read and write in a Python script. Finally, you will learn how to perform file operations and make URL requests in Python scripts.
14 videos | 1h has Assessment available Badge
Security Programming: System Essentials
In this 14-video course, learners will explore how Linux-based systems operate, communicate, and manage the underlying information they contain. Begin by examining management and monitoring tools available in Unix and Linux environments. Then learn to work with user accounts and domain names, and learn how to monitor user and system activity. You will learn how to securely connect to remote servers by using secure shell (SSH), and how to work with user accounts. This course examines elements of both an Internet Protocol routing table and a network interface, and demonstrates how to perform Domain Name System lookups. Learners will examine log files for monitoring critical events on a Linux system and use the PS command to retrieve process information. You will learn how to retrieve disk usage, partition information, and directory contents of a Linux system, and how to monitor both user and system activity on a Linux system. Finally, this course demonstrates how to configure time and date services and explore system configurations in the /etc folder of a Unix system.
14 videos | 56m has Assessment available Badge
Malware Removal: Identifying Malware Types & Classification Approaches
Knowing how to respond to malware incidents is a critical skill for security professionals, and the first step to achieving malware response skills is understanding the types of malware you will face in the field. In this course, you'll explore different types of malware such as worms, Trojan viruses, botnets, ransomware, and rootkits. You'll then round out your knowledge by identifying the different methods used to classify a virus and determine its potential impact.
8 videos | 26m has Assessment available Badge
Malware Removal: Analyzing an Infected System
Familiarization with the different types of malware analysis and the tools used to analyze malware is a critical skill for IT security professionals. In this course, you'll explore the characteristics of malware and the impact the malware has on the infected system. You'll learn how to identify different malware analysis techniques, such as static and dynamic malware analysis, to discover activities performed by malware. You'll also examine some of the tools used to perform both static and dynamic malware analysis and how to use a disassembler to view malware code.
13 videos | 1h 44m has Assessment available Badge
Malware Removal: Remediating an Infected System
Understanding what tools to use to recover a system after it is infected with malware is a critical skill. In this course, you'll explore the symptoms of virus infected systems and best practices for malware removal. You'll learn about different remediation approaches for different types of malware. You'll also look at some of the tools used to remove and recover systems after they have been infected such as the Windows Malicious Software Removal Tool, the Windows repair options, and how to restore a system image backup.
12 videos | 49m has Assessment available Badge
Malware Removal: Reporting Findings & Preventing Future Infections
Knowing how to respond to a malware incident and who to report the malware incident to is critical to a timely response. In this course, you'll learn key steps for responding to malware incidents, as well as how to identify key persons to report the malware incident to and steps to take to help prevent future malware incidents.
7 videos | 30m has Assessment available Badge
Network Survey & Extraction: Network Analysis
Knowing what devices and services are running on a network is an essential part of computer security. Being able to effectively scan a network is the first step in securing it. In this course, you'll learn how to discover and analyze networks through scanning. First, you'll explore common network scanning tools, how to identify network vulnerabilities, and how to perform reverse IP lookup. You'll then move on to learn how to identify services and operating systems, and about scanning techniques such as UDP, stealth, connect, zombie, and ARP scanning.
14 videos | 57m has Assessment available Badge
Network Survey & Extraction: Network Monitoring
Developing techniques to scan and monitor networks is a process of discovery. Being able to continuously monitor or schedule regular tests for vulnerabilities is part of the ongoing battle of network security. In this course, you'll learn to test and take inventory of network hosts so you can monitor more effectively. First, you'll examine methods for actively monitoring and collecting data, as well as strategies for reporting and sharing results. You'll then move on to tools to catalog, compare, filter, and test services, so that any anomaly can be picked up in your scanning activities.
14 videos | 51m has Assessment available Badge
Network & Host Analysis: Protocol Analysis
Wireshark is the de facto tool for network protocol analysis. The ability to live capture, deeply inspect, filter, decrypt, and export network data comprises Wireshark's feature-rich capabilities. In this course, you'll examine the vital elements of network protocol analysis and learn how to reap the benefits of Wireshark's features. You'll start by exploring some common network analysis patterns. You'll then outline the Open Systems Interconnection (OSI) reference model. Next, you'll differentiate between passive and active network scanning. Moving on, you'll use Wireshark to capture and filter network traffic and customize packet capturing. Finally, you'll use Wireshark to save and then export packet captures, apply highlighting rules, extract files, configure profiles, apply display filters, and implement advanced capture and display filtering.
14 videos | 57m has Assessment available Badge
Network & Host Analysis: Network Protocols
The ability to filter based on the protocols in use over a network gives a window into how it is used. Knowing what good and bad traffic looks like and identifying unencrypted traffic and potential avenues for security compromise is essential. In this course, you'll apply various filters to network traffic using Wireshark and explore factors to look out for based on the protocol being examined. You'll learn to filter DHCP and DNS traffic. You'll differentiate between TCP, UDP, ICMP, and ARP traffic. You'll watch insecure protocols like POP, IMAP, Telnet, and FTP. You'll examine what can be discovered by looking at secure traffic over SSH and HTTPS and secure POP and IMAP variants. Finally, you'll examine IPv6 packets.
14 videos | 58m has Assessment available Badge
Network & Host Analysis: Network Observations
Knowing what goes on over a network requires a high-level picture of it. The ability to conceptualize your network's structure, capabilities, and events is essential to protecting it. In this course, you'll explore the concepts and tools required to identify and visualize your network components. You'll work mostly with the open source network protocol analyzer, Wireshark. You'll start by displaying protocol hierarchies and identifying network endpoints. You'll then describe considerations for visualizing networks and create a network diagram using Visio. Next, you'll outline network security assessment methods, recognize the use of baselines for network management, and carry out baseline activity monitoring. You'll also look at ways of capturing network data. Lastly, you'll explore how Wireshark combines with other tools such as Nmap, SSH, and firewalls.
13 videos | 59m has Assessment available Badge
Network & Host Analysis: Network Analysis Formats
A variety of formats and protocols are used to help manage networks. Knowing what you have at your disposal to integrate into your operational duties is essential in defensive CyberOps. In this course, you'll learn the format and tools required to manage, operate, and analyze your networks. You'll start by recognizing the purpose and characteristics of NetFlow and IPFIX network flow protocols. You'll then outline how NetFlow is used to baseline a network. Next, you'll identify the importance of logging, access control, and event queues. You'll examine techniques for tapping network traffic and collecting and forwarding logs. You'll explore SNMP, the PCAP format, and whitelisting. Finally, you'll set up Wireshark to detect potentially harmful events and import and export captured traffic in the PCAP format.
14 videos | 59m has Assessment available Badge
Network & Host Analysis: Network Operations
Securely operating a network requires tools to monitor, detect, and prevent breaches. Knowing what goes on and how to stop malicious traffic involves the use of Network Security Monitoring (NSM), security information and event management (SIEM), and intrusion detection and prevention systems (IDS/IPS). In this course, you'll explore these tools and implement Suricata and Kibana as NSM, IDS, IPS, and SIEM solutions. Furthermore, you'll compare and contrast network defense tools. You'll examine NSM and SIEM's purpose and characteristics and outline how to implement and benefit from these techniques. Next, you'll install Suricata and Kibana, and use their features for rule creation, alerts, logging, scripting, and integration. Finally, you'll integrate Suricata and Wireshark to leverage both tools' capabilities so that you can operate your network securely.
14 videos | 59m has Assessment available Badge
Forensic Analysis: Cybercrime Investigations
Cybercrime investigators are typically responsible for collecting, processing, analyzing, and interpreting digital evidence related to network vulnerabilities, criminal activity, and counterintelligence initiatives. In this course, you'll explore the basics of network packet capturing, a process used to intercept and log traffic occurring over a network. You'll also examine the purpose and features of some standard tools and techniques to preserve and analyze a computer system's most volatile data. You'll then learn to use some of these tools and techniques to achieve various digital forensic analysis goals. Next, you'll recognize computer forensic best practices, including locating evidence in the Windows Registry. Finally, you'll learn how to differentiate between the purpose and features of the various tools available for conducting hard disk forensic analysis.
17 videos | 1h 37m has Assessment available Badge
CyberOps Windows Hardening: Windows Server Hardening Best Practices
Windows servers are the heart of many corporate networks and may contain sensitive company data that, if leaked or stolen by an attacker, would be catastrophic. Protecting the Windows Server assets and preventing a security compromise is an important skill for IT security professionals to master. In this course, you'll learn how to help prevent security incidents by hardening the Windows Server and reducing the attack surface. You'll learn how to follow common security best practices to lock down a Windows system by hardening user accounts, passwords, services, the file system, and common network services, such as DNS and IIS.
16 videos | 1h 32m has Assessment available Badge
CyberOps Windows Hardening: Windows Workstation Hardening Best Practices
If successful in exploiting your Windows workstations, hackers could move laterally across the network to compromise other assets like your servers and databases, which contain sensitive information. In this course, you'll learn how to protect your Windows workstations by following standard operating system hardening procedures to reduce the attack surface and help prevent a security compromise. You'll learn how to secure a workstation by implementing hardening procedures related to the BIOS/UEFI. You'll carry out user account and group membership security strategies. You'll practice reducing unneeded software, patching the system, configuring user rights, and setting up auditing. Additionally, you'll work with full disk encryption, antivirus methods, firewall software, and security templates. To carry out this work, you'll utilize BitLocker, AppLocker, and Windows Defender.
15 videos | 1h 29m has Assessment available Badge
Threat Intelligence & Attribution Best Practices: Threat Intelligence Concepts
Identifying and interpreting threat intelligence is crucial to preventing and mitigating cyber attacks. In this course, you'll explore the various threat intelligence types and how they relate to an organization's threat landscape. You'll begin by examining the key characteristics and benefits of threat intelligence and how to use it before, during, and after an attack. You'll then name known cyber threat actors and common indicators of compromise. You'll characterize intelligence, data, and information, and the four categories of threat intelligence: strategic, tactical, operational, and technical. You'll outline the threat intelligence lifecycle and how machine learning and risk modeling relate to threat intelligence. Lastly, you'll recognize threat intelligence use cases and sources, and how to map the threat landscape and benefit from intrusion detection and analysis.
20 videos | 1h 38m has Assessment available Badge
Threat Intelligence & Attribution Best Practices: Attribution Analysis
Cyber attribution analysis is used to track, identify, and incriminate perpetrators of cyber attacks or exploits and is a must-know offensive security operations technique. In this course, you'll learn about the fundamental concepts and critical concerns related to attribution. You'll start by examining the different attribution types and levels before exploring attribution indicators, techniques, best practices, tools, and challenges. Moving on, you'll gain insight into how to identify and interpret forensic artifacts gathered from various sources, manage evidence, and make attribution judgments and assessments. You'll then study geopolitics, the Intelligence Community, and legal considerations as they relate to cyber threats and attribution. Lastly, you'll look into how malware cyber threat reverse engineering, code sharing analysis, and network behavior analysis lead to attribution.
20 videos | 1h 22m has Assessment available Badge
Final Exam: Security Threat Intelligence
Final Exam: Security Threat Intelligence will test your knowledge and application of the topics presented throughout the Security Threat Intelligence track of the Skillsoft Aspire Security Threat Intelligence Journey.
1 video | 32s has Assessment available Badge


Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.